From 7614bd5096ecbe383bb3df588f8ef85bab5ac13a Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Tue, 16 Jan 2024 18:38:37 -0500 Subject: [PATCH 1/5] feat: add python version check Signed-off-by: Devin Buhl --- .taskfiles/Ansible/Taskfile.yaml | 60 ++++++++++++++++++--------- .taskfiles/Flux/Taskfile.yaml | 50 +++++++++++++++------- .taskfiles/K0s/Taskfile.yaml | 21 ++++++---- .taskfiles/Kubernetes/Taskfile.yaml | 4 ++ .taskfiles/Repo/Taskfile.yaml | 3 ++ .taskfiles/Sops/Taskfile.yaml | 2 + .taskfiles/Workstation/Taskfile.yaml | 6 +++ Taskfile.yaml | 25 +++++++---- bootstrap/scripts/py_version_check.py | 9 ++++ 9 files changed, 128 insertions(+), 52 deletions(-) create mode 100644 bootstrap/scripts/py_version_check.py diff --git a/.taskfiles/Ansible/Taskfile.yaml b/.taskfiles/Ansible/Taskfile.yaml index a232416e1db..ffbc800ad9c 100644 --- a/.taskfiles/Ansible/Taskfile.yaml +++ b/.taskfiles/Ansible/Taskfile.yaml @@ -2,8 +2,30 @@ # yaml-language-server: $schema=https://taskfile.dev/schema.json version: "3" +x-preconditions: &preconditions + - &ansibleInventoryFileCheck + sh: test -f {{.ANSIBLE_INVENTORY_FILE}} + msg: Missing {{.ANSIBLE_INVENTORY_FILE}} + - &ansibleLintFileCheck + sh: test -f {{.ANSIBLE_LINT_FILE}} + msg: Missing {{.ANSIBLE_LINT_FILE}} + - &ansibleRequirementsFileCheck + sh: test -f {{.ANSIBLE_REQUIREMENTS_FILE}} + msg: Missing {{.ANSIBLE_REQUIREMENTS_FILE}} + - &pipRequirementsFileCheck + sh: test -f {{.PIP_REQUIREMENTS_FILE}} + msg: Missing {{.PIP_REQUIREMENTS_FILE}} + - &pythonBinCheck + sh: command -v {{.PYTHON_BIN}} + msg: Missing {{.PYTHON_BIN}} + - &pythonVersionCheck + sh: true && {{.PYTHON_BIN}} {{.BOOTSTRAP_DIR}}/scripts/py_version_check.py + msg: Your system Python version must be 3.11.0 or greater + - &venvCheck + sh: test -d {{.ROOT_DIR}}/.venv + msg: Missing virtual environment. Run `task ansible:deps` to create it + vars: - PYTHON_BIN: python3 ANSIBLE_LINT_FILE: "{{.ANSIBLE_DIR}}/.ansible-lint" ANSIBLE_INVENTORY_FILE: "{{.ANSIBLE_DIR}}/inventory/hosts.yaml" ANSIBLE_REQUIREMENTS_FILE: "{{.ROOT_DIR}}/requirements.yaml" @@ -37,49 +59,46 @@ tasks: cmd: .venv/bin/ansible-playbook --inventory {{.ANSIBLE_INVENTORY_FILE}} {{.ANSIBLE_DIR}}/playbooks/{{.playbook}}.yaml {{.CLI_ARGS}} preconditions: - sh: test -n {{.playbook}} - - sh: test -d {{.ROOT_DIR}}/.venv - - sh: test -f {{.ANSIBLE_INVENTORY_FILE}} + msg: Missing required argument (playbook) - sh: test -f {{.ANSIBLE_DIR}}/playbooks/{{.playbook}}.yaml + msg: Missing {{.ANSIBLE_DIR}}/playbooks/{{.playbook}}.yaml + - *ansibleInventoryFileCheck + - *ansibleLintFileCheck + - *ansibleRequirementsFileCheck + - *pipRequirementsFileCheck + - *pythonBinCheck + - *pythonVersionCheck + - *venvCheck poweroff: desc: Shutdown all the k8s nodes deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} -a '/usr/bin/systemctl poweroff' --become - preconditions: - - sh: test -d {{.ROOT_DIR}}/.venv - - sh: test -f {{.ANSIBLE_INVENTORY_FILE}} + preconditions: *preconditions list: desc: List all the hosts deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} --list-hosts - preconditions: - - sh: test -d {{.ROOT_DIR}}/.venv - - sh: test -f {{.ANSIBLE_INVENTORY_FILE}} + preconditions: *preconditions ping: desc: Ping all the hosts deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} --one-line -m 'ping' - preconditions: - - sh: test -d {{.ROOT_DIR}}/.venv - - sh: test -f {{.ANSIBLE_INVENTORY_FILE}} + preconditions: *preconditions uptime: desc: Uptime of all the hosts deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} --one-line -a 'uptime' - preconditions: - - sh: test -d {{.ROOT_DIR}}/.venv - - sh: test -f {{.ANSIBLE_INVENTORY_FILE}} + preconditions: *preconditions lint: desc: Lint Ansible deps: ["deps"] cmd: ./.venv/bin/ansible-lint --config-file {{.ANSIBLE_LINT_FILE}} {{.ANSIBLE_DIR}}/**/*.yaml - preconditions: - - sh: test -d {{.ANSIBLE_DIR}} - - sh: test -f {{.ANSIBLE_LINT_FILE}} + preconditions: *preconditions .venv: internal: true @@ -94,6 +113,9 @@ tasks: generates: - "{{.ROOT_DIR}}/.venv/pyvenv.cfg" preconditions: - - sh: command -v {{.PYTHON_BIN}} + - *ansibleRequirementsFileCheck + - *pipRequirementsFileCheck + - *pythonBinCheck + - *pythonVersionCheck vars: force: '{{.force | default "true"}}' diff --git a/.taskfiles/Flux/Taskfile.yaml b/.taskfiles/Flux/Taskfile.yaml index cfdde0b8483..a414a1a9f3d 100644 --- a/.taskfiles/Flux/Taskfile.yaml +++ b/.taskfiles/Flux/Taskfile.yaml @@ -2,6 +2,26 @@ # yaml-language-server: $schema=https://taskfile.dev/schema.json version: "3" +x-preconditions: &preconditions + - &fluxBinCheck + sh: command -v flux + msg: Flux is not installed + - &fluxInstalledCheck + sh: kubectl get namespace flux-system &>/dev/null && exit 1 || exit 0 + msg: Flux is already installed + - &kubeconfigFileCheck + sh: test -f {{.KUBECONFIG_FILE}} + msg: Missing {{.KUBECONFIG_FILE}} + - &kubectlBinCheck + sh: command -v kubectl + msg: kubectl is not installed + - &sopsAgeFileCheck + sh: test -f {{.SOPS_AGE_FILE}} + msg: Missing {{.SOPS_AGE_FILE}} + - &sopsBinCheck + sh: command -v sops + msg: sops is not installed + vars: # renovate: datasource=github-releases depName=prometheus-operator/prometheus-operator PROMETHEUS_OPERATOR_VERSION: "v0.70.0" @@ -25,13 +45,7 @@ tasks: - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename {{.KUBERNETES_DIR}}/flux/vars/cluster-settings.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename {{.KUBERNETES_DIR}}/flux/vars/cluster-settings-user.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --kustomize {{.KUBERNETES_DIR}}/flux/config - preconditions: - - sh: command -v flux - - sh: command -v kubectl - - sh: command -v sops - - sh: test -f {{.SOPS_AGE_FILE}} - - sh: test -f {{.KUBECONFIG_FILE}} - - sh: kubectl get namespace flux-system &>/dev/null && exit 1 || exit 0 + preconditions: *preconditions apply: desc: Apply a Flux Kustomization resource for a cluster @@ -49,10 +63,14 @@ tasks: kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side \ --field-manager=kustomize-controller -f - preconditions: - - sh: command -v flux - - sh: command -v kubectl - - sh: test -f {{.KUBECONFIG_FILE}} - sh: test -f {{.KUBERNETES_DIR}}/apps/{{.path}}/ks.yaml + msg: Missing {{.KUBERNETES_DIR}}/apps/{{.path}}/ks.yaml + - *fluxBinCheck + - *fluxInstalledCheck + - *kubeconfigFileCheck + - *kubectlBinCheck + - *sopsAgeFileCheck + - *sopsBinCheck vars: path: '{{ or .path (fail "Argument (path) is required") }}' ns: '{{.ns | default "flux-system"}}' @@ -63,13 +81,13 @@ tasks: desc: Force update Flux to pull in changes from your Git repository cmd: flux --kubeconfig {{.KUBECONFIG_FILE}} reconcile --namespace flux-system kustomization cluster --with-source preconditions: - - sh: command -v flux - - sh: test -f {{.KUBECONFIG_FILE}} + - *fluxBinCheck + - *kubeconfigFileCheck github-deploy-key: cmd: sops --decrypt {{.KUBERNETES_DIR}}/bootstrap/github-deploy-key.sops.yaml | kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename - preconditions: - - sh: command -v kubectl - - sh: command -v sops - - sh: test -f {{.KUBECONFIG_FILE}} - - sh: kubectl get namespace flux-system &>/dev/null && exit 0 || exit 1 + - *kubectlBinCheck + - *sopsBinCheck + - *kubeconfigFileCheck + - *fluxInstalledCheck diff --git a/.taskfiles/K0s/Taskfile.yaml b/.taskfiles/K0s/Taskfile.yaml index 7d247dacf0f..ebfaa393218 100644 --- a/.taskfiles/K0s/Taskfile.yaml +++ b/.taskfiles/K0s/Taskfile.yaml @@ -5,6 +5,15 @@ env: DISABLE_TELEMETRY: "true" DISABLE_UPGRADE_CHECK: "true" +x-preconditions: &preconditions + - &k0sctlBinCheck + sh: command -v k0sctl + msg: Missing k0sctl + - &k0sconfigFileCheck + sh: test -f {{.K0S_CONFIG_FILE}} + msg: Missing {{.K0S_CONFIG_FILE}} + + tasks: apply: @@ -12,9 +21,7 @@ tasks: cmds: - k0sctl apply --config {{.K0S_CONFIG_FILE}} - task: kubeconfig - preconditions: - - sh: command -v k0sctl - - sh: test -f {{.K0S_CONFIG_FILE}} + preconditions: *preconditions reset: desc: Resets k0s cluster @@ -24,9 +31,7 @@ tasks: - task: :ansible:run vars: playbook: cluster-nuke - preconditions: - - sh: command -v k0sctl - - sh: test -f {{.K0S_CONFIG_FILE}} + preconditions: *preconditions kubeconfig: desc: Gets k0s cluster kubeconfig @@ -35,6 +40,4 @@ tasks: - "{{.K0S_CONFIG_FILE}}" generates: - "{{.KUBECONFIG_FILE}}" - preconditions: - - sh: command -v k0sctl - - sh: test -f {{.K0S_CONFIG_FILE}} + preconditions: *preconditions diff --git a/.taskfiles/Kubernetes/Taskfile.yaml b/.taskfiles/Kubernetes/Taskfile.yaml index c3453809d13..dcc53df767b 100644 --- a/.taskfiles/Kubernetes/Taskfile.yaml +++ b/.taskfiles/Kubernetes/Taskfile.yaml @@ -51,6 +51,7 @@ tasks: claim: '{{ or .claim (fail "Argument (claim) is required") }}' preconditions: - sh: kubectl -n {{.ns}} get persistentvolumeclaim {{.claim}} + msg: PVC {{.claim}} does not exist in namespace {{.ns}} resources: desc: Gather common resources in your cluster, useful when asking for support @@ -74,5 +75,8 @@ tasks: cmd: bash {{.KUBECONFORM_SCRIPT}} {{.KUBERNETES_DIR}} preconditions: - sh: command -v kubeconform + msg: kubeconform is not installed - sh: command -v kustomize + msg: kustomize is not installed - sh: test -f {{.KUBECONFORM_SCRIPT}} + msg: Missing {{.KUBECONFORM_SCRIPT}} diff --git a/.taskfiles/Repo/Taskfile.yaml b/.taskfiles/Repo/Taskfile.yaml index f5001a0c080..fbeebac9095 100644 --- a/.taskfiles/Repo/Taskfile.yaml +++ b/.taskfiles/Repo/Taskfile.yaml @@ -17,8 +17,11 @@ tasks: - sed -i {{if eq OS "darwin"}}''{{end}} 's/(..\.j2)\?(..\.j2)\?//g' {{.ROOT_DIR}}/.github/renovate.json5 preconditions: - sh: test -d {{.BOOTSTRAP_DIR}} + msg: Missing {{.BOOTSTRAP_DIR}} - sh: test -d {{.PRIVATE_DIR}} + msg: Missing {{.PRIVATE_DIR}} - sh: test -f {{.ROOT_DIR}}/.github/renovate.json5 + msg: Missing {{.ROOT_DIR}}/.github/renovate.json5 reset: desc: Reset templated configuration files diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 07b0524241a..6404ede6563 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -20,7 +20,9 @@ tasks: claim: '{{ or .file (fail "Argument (file) is required") }}' preconditions: - sh: test -f {{.SOPS_CONFIG_FILE}} + msg: Missing {{.SOPS_CONFIG_FILE}} - sh: test -f {{.SOPS_AGE_FILE}} + msg: Missing {{.SOPS_AGE_FILE}} encrypt:all: desc: Encrypt all Kubernetes SOPS secrets diff --git a/.taskfiles/Workstation/Taskfile.yaml b/.taskfiles/Workstation/Taskfile.yaml index 3e035afa5c9..653e1aa0e86 100644 --- a/.taskfiles/Workstation/Taskfile.yaml +++ b/.taskfiles/Workstation/Taskfile.yaml @@ -13,18 +13,24 @@ tasks: cmd: brew bundle --file {{.BREWFILE}} preconditions: - sh: command -v brew + msg: Missing Homebrew - sh: test -f {{.BREWFILE}} + msg: Missing {{.BREWFILE}} paru: desc: Install workstation dependencies with Paru cmd: paru -Syu --needed --noconfirm --noprogressbar $(cat {{.ARCHFILE}} | xargs) preconditions: - sh: command -v paru + msg: Missing Paru - sh: test -f {{.ARCHFILE}} + msg: Missing {{.ARCHFILE}} yay: desc: Install workstation dependencies with Yay cmd: yay -Syu --needed --noconfirm --noprogressbar $(cat {{.ARCHFILE}} | xargs) preconditions: - sh: command -v yay + msg: Missing Yay - sh: test -f {{.ARCHFILE}} + msg: Missing {{.ARCHFILE}} diff --git a/Taskfile.yaml b/Taskfile.yaml index f9da7000619..42db2e0c9c2 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -16,6 +16,8 @@ vars: MAKEJINJA_CONFIG_FILE: "{{.ROOT_DIR}}/makejinja.toml" SOPS_AGE_FILE: "{{.ROOT_DIR}}/age.key" SOPS_CONFIG_FILE: "{{.ROOT_DIR}}/.sops.yaml" + # Binaries + PYTHON_BIN: python3 includes: ansible: .taskfiles/Ansible/Taskfile.yaml @@ -57,26 +59,33 @@ tasks: - task: .pre-validate - task: .template - task: .post-validate + preconditions: + - sh: test -d {{.ROOT_DIR}}/.venv + msg: Missing virtual environment. Run `task ansible:deps` to create it + - sh: test -f {{.BOOTSTRAP_ADDONS_FILE}} + msg: Missing {{.BOOTSTRAP_ADDONS_FILE}}. Run `task init` to create it + - sh: test -f {{.BOOTSTRAP_CONFIG_FILE}} + msg: Missing {{.BOOTSTRAP_CONFIG_FILE}}. Run `task init` to create it + - sh: test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py + msg: Missing {{.BOOTSTRAP_DIR}}/scripts/loader.py + - sh: test -f {{.MAKEJINJA_CONFIG_FILE}} + msg: Missing {{.MAKEJINJA_CONFIG_FILE}} + - sh: command -v {{.PYTHON_BIN}} + msg: Missing {{.PYTHON_BIN}} + - sh: true && {{.PYTHON_BIN}} {{.BOOTSTRAP_DIR}}/scripts/py_version_check.py + msg: Your system Python version must be 3.11.0 or greater .pre-validate: internal: true cmd: ./.venv/bin/ansible-playbook {{.BOOTSTRAP_DIR}}/validate.yaml env: ANSIBLE_DISPLAY_SKIPPED_HOSTS: "false" - preconditions: - - sh: test -f {{.BOOTSTRAP_ADDONS_FILE}} - - sh: test -f {{.BOOTSTRAP_CONFIG_FILE}} .template: internal: true cmds: - ./.venv/bin/makejinja --keep-trailing-newline --force - task: sops:encrypt:all - preconditions: - - sh: test -f {{.BOOTSTRAP_ADDONS_FILE}} - - sh: test -f {{.BOOTSTRAP_CONFIG_FILE}} - - sh: test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py - - sh: test -f {{.MAKEJINJA_CONFIG_FILE}} .post-validate: internal: true diff --git a/bootstrap/scripts/py_version_check.py b/bootstrap/scripts/py_version_check.py new file mode 100644 index 00000000000..3abb2ba5557 --- /dev/null +++ b/bootstrap/scripts/py_version_check.py @@ -0,0 +1,9 @@ +import sys + +required_version = (3, 11, 0) + +if sys.version_info >= required_version: + print(f"Python version is greater than or equal to 3.11") +else: + print("Python version is below 3.11. Please upgrade.") + exit(1) From 995a76538c57d3b000b4a9137ad34e06e6e74e07 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Tue, 16 Jan 2024 18:51:00 -0500 Subject: [PATCH 2/5] chore: formatting Signed-off-by: Devin Buhl --- .taskfiles/Ansible/Taskfile.yaml | 2 +- .taskfiles/K0s/Taskfile.yaml | 1 - Taskfile.yaml | 16 ++++++++++------ 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.taskfiles/Ansible/Taskfile.yaml b/.taskfiles/Ansible/Taskfile.yaml index ffbc800ad9c..ea645f6caba 100644 --- a/.taskfiles/Ansible/Taskfile.yaml +++ b/.taskfiles/Ansible/Taskfile.yaml @@ -23,7 +23,7 @@ x-preconditions: &preconditions msg: Your system Python version must be 3.11.0 or greater - &venvCheck sh: test -d {{.ROOT_DIR}}/.venv - msg: Missing virtual environment. Run `task ansible:deps` to create it + msg: Missing virtual environment, run `task ansible:deps` to create it vars: ANSIBLE_LINT_FILE: "{{.ANSIBLE_DIR}}/.ansible-lint" diff --git a/.taskfiles/K0s/Taskfile.yaml b/.taskfiles/K0s/Taskfile.yaml index ebfaa393218..30359320922 100644 --- a/.taskfiles/K0s/Taskfile.yaml +++ b/.taskfiles/K0s/Taskfile.yaml @@ -13,7 +13,6 @@ x-preconditions: &preconditions sh: test -f {{.K0S_CONFIG_FILE}} msg: Missing {{.K0S_CONFIG_FILE}} - tasks: apply: diff --git a/Taskfile.yaml b/Taskfile.yaml index 42db2e0c9c2..fb8b1d602b0 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -14,6 +14,8 @@ vars: K0S_CONFIG_FILE: "{{.ROOT_DIR}}/k0s-config.yaml" KUBECONFIG_FILE: "{{.ROOT_DIR}}/kubeconfig" MAKEJINJA_CONFIG_FILE: "{{.ROOT_DIR}}/makejinja.toml" + MAKEJINJA_LOADER_FILE: "{{.BOOTSTRAP_DIR}}/scripts/loader.py" + PYTHON_VERSION_CHECK_FILE: "{{.BOOTSTRAP_DIR}}/scripts/py_version_check.py" SOPS_AGE_FILE: "{{.ROOT_DIR}}/age.key" SOPS_CONFIG_FILE: "{{.ROOT_DIR}}/.sops.yaml" # Binaries @@ -61,18 +63,20 @@ tasks: - task: .post-validate preconditions: - sh: test -d {{.ROOT_DIR}}/.venv - msg: Missing virtual environment. Run `task ansible:deps` to create it + msg: Missing virtual environment, run `task ansible:deps` to create it - sh: test -f {{.BOOTSTRAP_ADDONS_FILE}} - msg: Missing {{.BOOTSTRAP_ADDONS_FILE}}. Run `task init` to create it + msg: Missing {{.BOOTSTRAP_ADDONS_FILE}}, run `task init` to create it - sh: test -f {{.BOOTSTRAP_CONFIG_FILE}} - msg: Missing {{.BOOTSTRAP_CONFIG_FILE}}. Run `task init` to create it - - sh: test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py - msg: Missing {{.BOOTSTRAP_DIR}}/scripts/loader.py + msg: Missing {{.BOOTSTRAP_CONFIG_FILE}}, run `task init` to create it + - sh: test -f {{.MAKEJINJA_LOADER_FILE}} + msg: Missing {{.MAKEJINJA_LOADER_FILE}} - sh: test -f {{.MAKEJINJA_CONFIG_FILE}} msg: Missing {{.MAKEJINJA_CONFIG_FILE}} - sh: command -v {{.PYTHON_BIN}} msg: Missing {{.PYTHON_BIN}} - - sh: true && {{.PYTHON_BIN}} {{.BOOTSTRAP_DIR}}/scripts/py_version_check.py + - sh: test -f {{.PYTHON_VERSION_CHECK_FILE}} + msg: Missing {{.PYTHON_VERSION_CHECK_FILE}} + - sh: true && {{.PYTHON_BIN}} {{.PYTHON_VERSION_CHECK_FILE}} msg: Your system Python version must be 3.11.0 or greater .pre-validate: From e4735298b5fa0e1f92bad3221c44832469c04419 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Tue, 16 Jan 2024 19:14:19 -0500 Subject: [PATCH 3/5] test python 3.10 --- .github/workflows/e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index b3f12c0d323..1b44e7eee47 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -54,7 +54,7 @@ jobs: uses: actions/setup-python@v5 id: setup-python with: - python-version: "3.12" + python-version: "3.10" - name: Cache homebrew packages if: ${{ github.event_name == 'pull_request' }} From 7f4534119e6d08aa0448a039d48138d1f0d2e800 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Tue, 16 Jan 2024 20:52:48 -0500 Subject: [PATCH 4/5] chore: taskfile formating Signed-off-by: Devin Buhl --- .github/workflows/e2e.yaml | 4 +- .taskfiles/Ansible/Taskfile.yaml | 77 +++++++------------ .taskfiles/Flux/Taskfile.yaml | 63 +++++---------- .taskfiles/K0s/Taskfile.yaml | 29 +++---- .taskfiles/Kubernetes/Taskfile.yaml | 61 ++------------- .taskfiles/{Repo => Repository}/Taskfile.yaml | 17 ++-- .taskfiles/Sops/Taskfile.yaml | 13 +++- .taskfiles/Workstation/Taskfile.yaml | 18 ++--- Taskfile.yaml | 42 +++++----- 9 files changed, 113 insertions(+), 211 deletions(-) rename .taskfiles/{Repo => Repository}/Taskfile.yaml (71%) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 1b44e7eee47..af690ee3157 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -125,5 +125,5 @@ jobs: - name: Run repo clean and reset shell: bash run: | - task repo:clean - task repo:reset --yes + task repository:clean + task repository:reset --yes diff --git a/.taskfiles/Ansible/Taskfile.yaml b/.taskfiles/Ansible/Taskfile.yaml index ea645f6caba..0e24c969270 100644 --- a/.taskfiles/Ansible/Taskfile.yaml +++ b/.taskfiles/Ansible/Taskfile.yaml @@ -2,35 +2,6 @@ # yaml-language-server: $schema=https://taskfile.dev/schema.json version: "3" -x-preconditions: &preconditions - - &ansibleInventoryFileCheck - sh: test -f {{.ANSIBLE_INVENTORY_FILE}} - msg: Missing {{.ANSIBLE_INVENTORY_FILE}} - - &ansibleLintFileCheck - sh: test -f {{.ANSIBLE_LINT_FILE}} - msg: Missing {{.ANSIBLE_LINT_FILE}} - - &ansibleRequirementsFileCheck - sh: test -f {{.ANSIBLE_REQUIREMENTS_FILE}} - msg: Missing {{.ANSIBLE_REQUIREMENTS_FILE}} - - &pipRequirementsFileCheck - sh: test -f {{.PIP_REQUIREMENTS_FILE}} - msg: Missing {{.PIP_REQUIREMENTS_FILE}} - - &pythonBinCheck - sh: command -v {{.PYTHON_BIN}} - msg: Missing {{.PYTHON_BIN}} - - &pythonVersionCheck - sh: true && {{.PYTHON_BIN}} {{.BOOTSTRAP_DIR}}/scripts/py_version_check.py - msg: Your system Python version must be 3.11.0 or greater - - &venvCheck - sh: test -d {{.ROOT_DIR}}/.venv - msg: Missing virtual environment, run `task ansible:deps` to create it - -vars: - ANSIBLE_LINT_FILE: "{{.ANSIBLE_DIR}}/.ansible-lint" - ANSIBLE_INVENTORY_FILE: "{{.ANSIBLE_DIR}}/inventory/hosts.yaml" - ANSIBLE_REQUIREMENTS_FILE: "{{.ROOT_DIR}}/requirements.yaml" - PIP_REQUIREMENTS_FILE: "{{.ROOT_DIR}}/requirements.txt" - env: PATH: "{{.ROOT_DIR}}/.venv/bin:$PATH" VIRTUAL_ENV: "{{.ROOT_DIR}}/.venv" @@ -40,12 +11,18 @@ env: ANSIBLE_LOCALHOST_WARNING: "False" ANSIBLE_INVENTORY_UNPARSED_WARNING: "False" +vars: + ANSIBLE_LINT_FILE: "{{.ANSIBLE_DIR}}/.ansible-lint" + ANSIBLE_INVENTORY_FILE: "{{.ANSIBLE_DIR}}/inventory/hosts.yaml" + ANSIBLE_REQUIREMENTS_FILE: "{{.ROOT_DIR}}/requirements.yaml" + PIP_REQUIREMENTS_FILE: "{{.ROOT_DIR}}/requirements.txt" + tasks: deps: desc: Set up Ansible dependencies for the environment cmds: - - task: .venv + - task: .setup-virtual-env vars: force: '{{.force | default "true"}}' @@ -58,49 +35,45 @@ tasks: deps: ["deps"] cmd: .venv/bin/ansible-playbook --inventory {{.ANSIBLE_INVENTORY_FILE}} {{.ANSIBLE_DIR}}/playbooks/{{.playbook}}.yaml {{.CLI_ARGS}} preconditions: - - sh: test -n {{.playbook}} - msg: Missing required argument (playbook) - - sh: test -f {{.ANSIBLE_DIR}}/playbooks/{{.playbook}}.yaml - msg: Missing {{.ANSIBLE_DIR}}/playbooks/{{.playbook}}.yaml - - *ansibleInventoryFileCheck - - *ansibleLintFileCheck - - *ansibleRequirementsFileCheck - - *pipRequirementsFileCheck - - *pythonBinCheck - - *pythonVersionCheck - - *venvCheck + - { msg: "Missing playbook arg", sh: "test -n {{.playbook}}" } + - { msg: "Missing Ansible inventory file", sh: "test -f {{.ANSIBLE_INVENTORY_FILE}}" } poweroff: desc: Shutdown all the k8s nodes deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} -a '/usr/bin/systemctl poweroff' --become - preconditions: *preconditions + preconditions: + - { msg: "Missing Ansible inventory file", sh: "test -f {{.ANSIBLE_INVENTORY_FILE}}" } list: desc: List all the hosts deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} --list-hosts - preconditions: *preconditions + preconditions: + - { msg: "Missing Ansible inventory file", sh: "test -f {{.ANSIBLE_INVENTORY_FILE}}" } ping: desc: Ping all the hosts deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} --one-line -m 'ping' - preconditions: *preconditions + preconditions: + - { msg: "Missing Ansible inventory file", sh: "test -f {{.ANSIBLE_INVENTORY_FILE}}" } uptime: desc: Uptime of all the hosts deps: ["deps"] cmd: .venv/bin/ansible kubernetes --inventory {{.ANSIBLE_INVENTORY_FILE}} --one-line -a 'uptime' - preconditions: *preconditions + preconditions: + - { msg: "Missing Ansible inventory file", sh: "test -f {{.ANSIBLE_INVENTORY_FILE}}" } lint: desc: Lint Ansible deps: ["deps"] cmd: ./.venv/bin/ansible-lint --config-file {{.ANSIBLE_LINT_FILE}} {{.ANSIBLE_DIR}}/**/*.yaml - preconditions: *preconditions + preconditions: + - { msg: "Missing Ansible lint file", sh: "test -f {{.ANSIBLE_LINT_FILE}}" } - .venv: + .setup-virtual-env: internal: true cmds: - "{{.PYTHON_BIN}} -m venv {{.ROOT_DIR}}/.venv" @@ -113,9 +86,11 @@ tasks: generates: - "{{.ROOT_DIR}}/.venv/pyvenv.cfg" preconditions: - - *ansibleRequirementsFileCheck - - *pipRequirementsFileCheck - - *pythonBinCheck - - *pythonVersionCheck + - { msg: "Missing Ansible requirements file", sh: "test -f {{.ANSIBLE_REQUIREMENTS_FILE}}" } + - { msg: "Missing Pip requirements file", sh: "test -f {{.PIP_REQUIREMENTS_FILE}}" } vars: force: '{{.force | default "true"}}' + + .reset: + internal: true + cmd: rm -rf {{.ANSIBLE_DIR}} diff --git a/.taskfiles/Flux/Taskfile.yaml b/.taskfiles/Flux/Taskfile.yaml index a414a1a9f3d..d2267970b06 100644 --- a/.taskfiles/Flux/Taskfile.yaml +++ b/.taskfiles/Flux/Taskfile.yaml @@ -2,50 +2,34 @@ # yaml-language-server: $schema=https://taskfile.dev/schema.json version: "3" -x-preconditions: &preconditions - - &fluxBinCheck - sh: command -v flux - msg: Flux is not installed - - &fluxInstalledCheck - sh: kubectl get namespace flux-system &>/dev/null && exit 1 || exit 0 - msg: Flux is already installed - - &kubeconfigFileCheck - sh: test -f {{.KUBECONFIG_FILE}} - msg: Missing {{.KUBECONFIG_FILE}} - - &kubectlBinCheck - sh: command -v kubectl - msg: kubectl is not installed - - &sopsAgeFileCheck - sh: test -f {{.SOPS_AGE_FILE}} - msg: Missing {{.SOPS_AGE_FILE}} - - &sopsBinCheck - sh: command -v sops - msg: sops is not installed - vars: # renovate: datasource=github-releases depName=prometheus-operator/prometheus-operator PROMETHEUS_OPERATOR_VERSION: "v0.70.0" + CLUSTER_SECRET_SOPS_FILE: "{{.KUBERNETES_DIR}}/flux/vars/cluster-secrets.sops.yaml" + CLUSTER_SECRET_USER_SOPS_FILE: "{{.KUBERNETES_DIR}}/flux/vars/cluster-secrets-user.sops.yaml" + CLUSTER_SETTINGS_FILE: "{{.KUBERNETES_DIR}}/flux/vars/cluster-settings.yaml" + CLUSTER_SETTINGS_USER_FILE: "{{.KUBERNETES_DIR}}/flux/vars/cluster-settings-user.yaml" tasks: bootstrap: desc: Bootstrap Flux into a Kubernetes cluster cmds: - # Install essential Prometheus Operator CRDs - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/{{.PROMETHEUS_OPERATOR_VERSION}}/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/{{.PROMETHEUS_OPERATOR_VERSION}}/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/{{.PROMETHEUS_OPERATOR_VERSION}}/example/prometheus-operator-crd/monitoring.coreos.com_scrapeconfigs.yaml - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/{{.PROMETHEUS_OPERATOR_VERSION}}/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml - # Install Flux - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --kustomize {{.KUBERNETES_DIR}}/bootstrap - # Install Secrets and Kustomizations - cat {{.SOPS_AGE_FILE}} | kubectl -n flux-system create secret generic sops-age --from-file=age.agekey=/dev/stdin - - sops --decrypt {{.KUBERNETES_DIR}}/flux/vars/cluster-secrets.sops.yaml | kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename - - - sops --decrypt {{.KUBERNETES_DIR}}/flux/vars/cluster-secrets-user.sops.yaml | kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename - - - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename {{.KUBERNETES_DIR}}/flux/vars/cluster-settings.yaml - - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename {{.KUBERNETES_DIR}}/flux/vars/cluster-settings-user.yaml + - sops --decrypt {{.CLUSTER_SECRET_SOPS_FILE}} | kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename - + - sops --decrypt {{.CLUSTER_SECRET_USER_SOPS_FILE}} | kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename - + - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename {{.CLUSTER_SETTINGS_FILE}} + - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename {{.CLUSTER_SETTINGS_USER_FILE}} - kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --kustomize {{.KUBERNETES_DIR}}/flux/config - preconditions: *preconditions + preconditions: + - { msg: "Flux already installed", sh: "kubectl get namespace flux-system &>/dev/null && exit 1 || exit 0" } + - { msg: "Missing kubeconfig", sh: "test -f {{.KUBECONFIG_FILE}}" } + - { msg: "Missing Sops Age key file", sh: "test -f {{.SOPS_AGE_FILE}}" } apply: desc: Apply a Flux Kustomization resource for a cluster @@ -62,32 +46,25 @@ tasks: | \ kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side \ --field-manager=kustomize-controller -f - - preconditions: - - sh: test -f {{.KUBERNETES_DIR}}/apps/{{.path}}/ks.yaml - msg: Missing {{.KUBERNETES_DIR}}/apps/{{.path}}/ks.yaml - - *fluxBinCheck - - *fluxInstalledCheck - - *kubeconfigFileCheck - - *kubectlBinCheck - - *sopsAgeFileCheck - - *sopsBinCheck vars: path: '{{ or .path (fail "Argument (path) is required") }}' ns: '{{.ns | default "flux-system"}}' ks: sh: flux --kubeconfig {{.KUBECONFIG_FILE}} --namespace {{.ns}} get kustomizations $(basename {{.path}}) 2>&1 + preconditions: + - { msg: "Flux already installed", sh: "kubectl get namespace flux-system &>/dev/null && exit 1 || exit 0" } + - { msg: "Missing Flux Kustomization", sh: "test -f {{.KUBERNETES_DIR}}/apps/{{.path}}/ks.yaml" } + - { msg: "Missing kubeconfig", sh: "test -f {{.KUBECONFIG_FILE}}" } reconcile: desc: Force update Flux to pull in changes from your Git repository cmd: flux --kubeconfig {{.KUBECONFIG_FILE}} reconcile --namespace flux-system kustomization cluster --with-source preconditions: - - *fluxBinCheck - - *kubeconfigFileCheck + - { msg: "Flux not installed", sh: "kubectl get namespace flux-system" } + - { msg: "Missing kubeconfig", sh: "test -f {{.KUBECONFIG_FILE}}" } github-deploy-key: cmd: sops --decrypt {{.KUBERNETES_DIR}}/bootstrap/github-deploy-key.sops.yaml | kubectl apply --kubeconfig {{.KUBECONFIG_FILE}} --server-side --filename - preconditions: - - *kubectlBinCheck - - *sopsBinCheck - - *kubeconfigFileCheck - - *fluxInstalledCheck + - { msg: "Flux already installed", sh: "kubectl get namespace flux-system &>/dev/null && exit 1 || exit 0" } + - { msg: "Missing kubeconfig", sh: "test -f {{.KUBECONFIG_FILE}}" } diff --git a/.taskfiles/K0s/Taskfile.yaml b/.taskfiles/K0s/Taskfile.yaml index 30359320922..94ec0923e67 100644 --- a/.taskfiles/K0s/Taskfile.yaml +++ b/.taskfiles/K0s/Taskfile.yaml @@ -5,13 +5,8 @@ env: DISABLE_TELEMETRY: "true" DISABLE_UPGRADE_CHECK: "true" -x-preconditions: &preconditions - - &k0sctlBinCheck - sh: command -v k0sctl - msg: Missing k0sctl - - &k0sconfigFileCheck - sh: test -f {{.K0S_CONFIG_FILE}} - msg: Missing {{.K0S_CONFIG_FILE}} +vars: + K0S_CONFIG_FILE: "{{.ROOT_DIR}}/k0s-config.yaml" tasks: @@ -20,23 +15,31 @@ tasks: cmds: - k0sctl apply --config {{.K0S_CONFIG_FILE}} - task: kubeconfig - preconditions: *preconditions + preconditions: + - { msg: "Missing K0s config file", sh: "test -f {{.K0S_CONFIG_FILE}}" } - reset: - desc: Resets k0s cluster + nuke: + desc: Nuke the k0s cluster deps: [":ansible:deps"] cmds: - k0sctl reset --config {{.K0S_CONFIG_FILE}} - task: :ansible:run vars: playbook: cluster-nuke - preconditions: *preconditions + preconditions: + - { msg: "Missing K0s config file", sh: "test -f {{.K0S_CONFIG_FILE}}" } kubeconfig: desc: Gets k0s cluster kubeconfig - cmd: k0sctl kubeconfig --config {{.K0S_CONFIG_FILE}} > {{.KUBECONFIG_FILE}} + cmds: + - k0sctl kubeconfig --config {{.K0S_CONFIG_FILE}} > {{.KUBECONFIG_FILE}} sources: - "{{.K0S_CONFIG_FILE}}" generates: - "{{.KUBECONFIG_FILE}}" - preconditions: *preconditions + preconditions: + - { msg: "Missing K0s config file", sh: "test -f {{.K0S_CONFIG_FILE}}" } + + .reset: + internal: true + cmd: rm -rf {{.K0S_CONFIG_FILE}} diff --git a/.taskfiles/Kubernetes/Taskfile.yaml b/.taskfiles/Kubernetes/Taskfile.yaml index dcc53df767b..8e69a61445d 100644 --- a/.taskfiles/Kubernetes/Taskfile.yaml +++ b/.taskfiles/Kubernetes/Taskfile.yaml @@ -7,59 +7,13 @@ vars: tasks: - mount: - desc: Mount a PersistentVolumeClaim to a temporary pod for a cluster - summary: | - Args: - ns: Namespace the PVC is in (default: default) - claim: PVC to mount (required) - interactive: true - cmd: | - kubectl run -n {{.ns}} debug-{{.claim}} -i --tty --rm --image=null --privileged --overrides=' - { - "apiVersion": "v1", - "spec": { - "containers": [ - { - "name": "debug", - "image": "ghcr.io/onedr0p/alpine:rolling", - "command": ["/bin/bash"], - "stdin": true, - "stdinOnce": true, - "tty": true, - "volumeMounts": [ - { - "name": "config", - "mountPath": "/config" - } - ] - } - ], - "volumes": [ - { - "name": "config", - "persistentVolumeClaim": { - "claimName": "{{.claim}}" - } - } - ], - "restartPolicy": "Never" - } - }' - vars: - ns: '{{.ns | default "default"}}' - claim: '{{ or .claim (fail "Argument (claim) is required") }}' - preconditions: - - sh: kubectl -n {{.ns}} get persistentvolumeclaim {{.claim}} - msg: PVC {{.claim}} does not exist in namespace {{.ns}} - resources: desc: Gather common resources in your cluster, useful when asking for support cmds: - - for: { var: RESOURCES } + - for: { var: resource } cmd: kubectl get {{.ITEM}} {{.CLI_ARGS | default "-A"}} vars: - RESOURCES: >- + resource: >- nodes gitrepositories kustomizations @@ -74,9 +28,8 @@ tasks: desc: Validate Kubernetes manifests with kubeconform cmd: bash {{.KUBECONFORM_SCRIPT}} {{.KUBERNETES_DIR}} preconditions: - - sh: command -v kubeconform - msg: kubeconform is not installed - - sh: command -v kustomize - msg: kustomize is not installed - - sh: test -f {{.KUBECONFORM_SCRIPT}} - msg: Missing {{.KUBECONFORM_SCRIPT}} + - { msg: "Missing kubeconform script", sh: "test -f {{.KUBECONFORM_SCRIPT}}" } + + .reset: + internal: true + cmd: rm -rf {{.KUBERNETES_DIR}} diff --git a/.taskfiles/Repo/Taskfile.yaml b/.taskfiles/Repository/Taskfile.yaml similarity index 71% rename from .taskfiles/Repo/Taskfile.yaml rename to .taskfiles/Repository/Taskfile.yaml index fbeebac9095..dade642fa9f 100644 --- a/.taskfiles/Repo/Taskfile.yaml +++ b/.taskfiles/Repository/Taskfile.yaml @@ -16,21 +16,18 @@ tasks: # Update renovate.json5 - sed -i {{if eq OS "darwin"}}''{{end}} 's/(..\.j2)\?(..\.j2)\?//g' {{.ROOT_DIR}}/.github/renovate.json5 preconditions: - - sh: test -d {{.BOOTSTRAP_DIR}} - msg: Missing {{.BOOTSTRAP_DIR}} - - sh: test -d {{.PRIVATE_DIR}} - msg: Missing {{.PRIVATE_DIR}} - - sh: test -f {{.ROOT_DIR}}/.github/renovate.json5 - msg: Missing {{.ROOT_DIR}}/.github/renovate.json5 + - { msg: "Missing bootstrap directory", sh: "test -d {{.BOOTSTRAP_DIR}}" } + - { msg: "Missing private directory", sh: "test -d {{.PRIVATE_DIR}}" } + - { msg: "Missing Renovate config file", sh: "test -f {{.ROOT_DIR}}/.github/renovate.json5" } reset: desc: Reset templated configuration files prompt: Reset templated configuration files... continue? cmds: - - rm -rf {{.SOPS_CONFIG_FILE}} - - rm -rf {{.ANSIBLE_DIR}} - - rm -rf {{.KUBERNETES_DIR}} - - rm -rf {{.K0S_CONFIG_FILE}} + - task: :ansible:.reset + - task: :k0s:.reset + - task: :kubernetes:.reset + - task: :sops:.reset force-reset: desc: Reset repo back to HEAD diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 6404ede6563..8a149240f06 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -2,6 +2,9 @@ # yaml-language-server: $schema=https://taskfile.dev/schema.json version: "3" +vars: + SOPS_CONFIG_FILE: "{{.ROOT_DIR}}/.sops.yaml" + tasks: age-keygen: @@ -19,10 +22,8 @@ tasks: vars: claim: '{{ or .file (fail "Argument (file) is required") }}' preconditions: - - sh: test -f {{.SOPS_CONFIG_FILE}} - msg: Missing {{.SOPS_CONFIG_FILE}} - - sh: test -f {{.SOPS_AGE_FILE}} - msg: Missing {{.SOPS_AGE_FILE}} + - { msg: "Missing Sops config file", sh: "test -f {{.SOPS_CONFIG_FILE}}" } + - { msg: "Missing Sops Age key file", sh: "test -f {{.SOPS_AGE_FILE}}" } encrypt:all: desc: Encrypt all Kubernetes SOPS secrets @@ -34,3 +35,7 @@ tasks: vars: file: sh: find {{.KUBERNETES_DIR}} -type f -name "*.sops.*" + + .reset: + internal: true + cmd: rm -rf {{.SOPS_CONFIG_FILE}} diff --git a/.taskfiles/Workstation/Taskfile.yaml b/.taskfiles/Workstation/Taskfile.yaml index 653e1aa0e86..5e2b7f3ab27 100644 --- a/.taskfiles/Workstation/Taskfile.yaml +++ b/.taskfiles/Workstation/Taskfile.yaml @@ -12,25 +12,19 @@ tasks: desc: Install workstation dependencies with Brew cmd: brew bundle --file {{.BREWFILE}} preconditions: - - sh: command -v brew - msg: Missing Homebrew - - sh: test -f {{.BREWFILE}} - msg: Missing {{.BREWFILE}} + - { msg: "Missing Homebrew", sh: "command -v brew" } + - { msg: "Missing Brewfile", sh: "test -f {{.BREWFILE}}" } paru: desc: Install workstation dependencies with Paru cmd: paru -Syu --needed --noconfirm --noprogressbar $(cat {{.ARCHFILE}} | xargs) preconditions: - - sh: command -v paru - msg: Missing Paru - - sh: test -f {{.ARCHFILE}} - msg: Missing {{.ARCHFILE}} + - { msg: "Missing Paru", sh: "command -v paru" } + - { msg: "Missing Archfile", sh: "test -f {{.ARCHFILE}}" } yay: desc: Install workstation dependencies with Yay cmd: yay -Syu --needed --noconfirm --noprogressbar $(cat {{.ARCHFILE}} | xargs) preconditions: - - sh: command -v yay - msg: Missing Yay - - sh: test -f {{.ARCHFILE}} - msg: Missing {{.ARCHFILE}} + - { msg: "Missing Yay", sh: "command -v yay" } + - { msg: "Missing Archfile", sh: "test -f {{.ARCHFILE}}" } diff --git a/Taskfile.yaml b/Taskfile.yaml index fb8b1d602b0..b27829fa248 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -11,13 +11,10 @@ vars: # Files BOOTSTRAP_ADDONS_FILE: "{{.BOOTSTRAP_DIR}}/vars/addons.yaml" BOOTSTRAP_CONFIG_FILE: "{{.BOOTSTRAP_DIR}}/vars/config.yaml" - K0S_CONFIG_FILE: "{{.ROOT_DIR}}/k0s-config.yaml" KUBECONFIG_FILE: "{{.ROOT_DIR}}/kubeconfig" MAKEJINJA_CONFIG_FILE: "{{.ROOT_DIR}}/makejinja.toml" - MAKEJINJA_LOADER_FILE: "{{.BOOTSTRAP_DIR}}/scripts/loader.py" PYTHON_VERSION_CHECK_FILE: "{{.BOOTSTRAP_DIR}}/scripts/py_version_check.py" SOPS_AGE_FILE: "{{.ROOT_DIR}}/age.key" - SOPS_CONFIG_FILE: "{{.ROOT_DIR}}/.sops.yaml" # Binaries PYTHON_BIN: python3 @@ -28,7 +25,9 @@ includes: taskfile: .taskfiles/Kubernetes/Taskfile.yaml flux: .taskfiles/Flux/Taskfile.yaml k0s: .taskfiles/K0s/Taskfile.yaml - repo: .taskfiles/Repo/Taskfile.yaml + repository: + aliases: ["repo"] + taskfile: .taskfiles/Repository/Taskfile.yaml sops: .taskfiles/Sops/Taskfile.yaml workstation: .taskfiles/Workstation/Taskfile.yaml @@ -37,7 +36,7 @@ tasks: default: task -l init: - desc: Initialize template files and directories + desc: Initialize files and directories cmds: - mkdir -p {{.PRIVATE_DIR}} - cp -n {{.BOOTSTRAP_ADDONS_FILE | replace ".yaml" ".sample.yaml"}} {{.BOOTSTRAP_ADDONS_FILE}} @@ -61,35 +60,34 @@ tasks: - task: .pre-validate - task: .template - task: .post-validate - preconditions: - - sh: test -d {{.ROOT_DIR}}/.venv - msg: Missing virtual environment, run `task ansible:deps` to create it - - sh: test -f {{.BOOTSTRAP_ADDONS_FILE}} - msg: Missing {{.BOOTSTRAP_ADDONS_FILE}}, run `task init` to create it - - sh: test -f {{.BOOTSTRAP_CONFIG_FILE}} - msg: Missing {{.BOOTSTRAP_CONFIG_FILE}}, run `task init` to create it - - sh: test -f {{.MAKEJINJA_LOADER_FILE}} - msg: Missing {{.MAKEJINJA_LOADER_FILE}} - - sh: test -f {{.MAKEJINJA_CONFIG_FILE}} - msg: Missing {{.MAKEJINJA_CONFIG_FILE}} - - sh: command -v {{.PYTHON_BIN}} - msg: Missing {{.PYTHON_BIN}} - - sh: test -f {{.PYTHON_VERSION_CHECK_FILE}} - msg: Missing {{.PYTHON_VERSION_CHECK_FILE}} - - sh: true && {{.PYTHON_BIN}} {{.PYTHON_VERSION_CHECK_FILE}} - msg: Your system Python version must be 3.11.0 or greater + # preconditions: + # - sh: command -v {{.PYTHON_BIN}} + # msg: Missing {{.PYTHON_BIN}} + # - sh: test -f {{.PYTHON_VERSION_CHECK_FILE}} + # msg: Missing {{.PYTHON_VERSION_CHECK_FILE}} + # - sh: true && {{.PYTHON_BIN}} {{.PYTHON_VERSION_CHECK_FILE}} + # msg: Your system Python version must be 3.11.0 or greater .pre-validate: internal: true cmd: ./.venv/bin/ansible-playbook {{.BOOTSTRAP_DIR}}/validate.yaml env: ANSIBLE_DISPLAY_SKIPPED_HOSTS: "false" + preconditions: + - { msg: "Missing virtual environment", sh: "test -d {{.ROOT_DIR}}/.venv" } + - { msg: "Missing bootstrap addons file", sh: "test -f {{.BOOTSTRAP_ADDONS_FILE}}" } + - { msg: "Missing bootstrap config file", sh: "test -f {{.BOOTSTRAP_CONFIG_FILE}}" } .template: internal: true cmds: - ./.venv/bin/makejinja --keep-trailing-newline --force - task: sops:encrypt:all + vars: + makejinja_loader_file: + preconditions: + - { msg: "Missing Makejinja config file", sh: "test -f {{.MAKEJINJA_CONFIG_FILE}}" } + - { msg: "Missing Makejinja loader file", sh: "test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py" } .post-validate: internal: true From ad880c13529db5e01368c2620c252e93d0da5987 Mon Sep 17 00:00:00 2001 From: Devin Buhl Date: Tue, 16 Jan 2024 21:10:53 -0500 Subject: [PATCH 5/5] chore: python 3.11 is minimum Signed-off-by: Devin Buhl --- .github/workflows/e2e.yaml | 2 +- .taskfiles/Sops/Taskfile.yaml | 21 ++++++++------------- Taskfile.yaml | 14 ++++---------- 3 files changed, 13 insertions(+), 24 deletions(-) diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index af690ee3157..5297ee0024d 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -54,7 +54,7 @@ jobs: uses: actions/setup-python@v5 id: setup-python with: - python-version: "3.10" + python-version: "3.11" # minimum supported version - name: Cache homebrew packages if: ${{ github.event_name == 'pull_request' }} diff --git a/.taskfiles/Sops/Taskfile.yaml b/.taskfiles/Sops/Taskfile.yaml index 8a149240f06..ba5ae71c86c 100644 --- a/.taskfiles/Sops/Taskfile.yaml +++ b/.taskfiles/Sops/Taskfile.yaml @@ -14,28 +14,23 @@ tasks: - test -f "{{.SOPS_AGE_FILE}}" encrypt: - desc: Encrypt a secret - summary: | - Args: - file: Path to file to encrypt (required) - cmd: sops --encrypt --in-place {{.file}} - vars: - claim: '{{ or .file (fail "Argument (file) is required") }}' - preconditions: - - { msg: "Missing Sops config file", sh: "test -f {{.SOPS_CONFIG_FILE}}" } - - { msg: "Missing Sops Age key file", sh: "test -f {{.SOPS_AGE_FILE}}" } - - encrypt:all: desc: Encrypt all Kubernetes SOPS secrets cmds: - for: { var: file } - task: encrypt + task: .encrypt-file vars: file: "{{.ITEM}}" vars: file: sh: find {{.KUBERNETES_DIR}} -type f -name "*.sops.*" + .encrypt-file: + internal: true + cmd: sops --encrypt --in-place {{.file}} + preconditions: + - { msg: "Missing Sops config file", sh: "test -f {{.SOPS_CONFIG_FILE}}" } + - { msg: "Missing Sops Age key file", sh: "test -f {{.SOPS_AGE_FILE}}" } + .reset: internal: true cmd: rm -rf {{.SOPS_CONFIG_FILE}} diff --git a/Taskfile.yaml b/Taskfile.yaml index b27829fa248..8491e2b1a24 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -60,13 +60,9 @@ tasks: - task: .pre-validate - task: .template - task: .post-validate - # preconditions: - # - sh: command -v {{.PYTHON_BIN}} - # msg: Missing {{.PYTHON_BIN}} - # - sh: test -f {{.PYTHON_VERSION_CHECK_FILE}} - # msg: Missing {{.PYTHON_VERSION_CHECK_FILE}} - # - sh: true && {{.PYTHON_BIN}} {{.PYTHON_VERSION_CHECK_FILE}} - # msg: Your system Python version must be 3.11.0 or greater + preconditions: + - { msg: "Missing Python version check script", sh: "test -f {{.PYTHON_VERSION_CHECK_FILE}}" } + - { msg: "Python version must be 3.11 or greater", sh: "{{.PYTHON_BIN}} {{.PYTHON_VERSION_CHECK_FILE}}" } .pre-validate: internal: true @@ -82,9 +78,7 @@ tasks: internal: true cmds: - ./.venv/bin/makejinja --keep-trailing-newline --force - - task: sops:encrypt:all - vars: - makejinja_loader_file: + - task: sops:encrypt preconditions: - { msg: "Missing Makejinja config file", sh: "test -f {{.MAKEJINJA_CONFIG_FILE}}" } - { msg: "Missing Makejinja loader file", sh: "test -f {{.BOOTSTRAP_DIR}}/scripts/loader.py" }