feat(main): ditch ansible-semaphore and use ansible directly

ublue-os · Apr 29, 2024 · 2e8cc2f · 2e8cc2f
1 parent 22a4db5
commit 2e8cc2f
Show file tree

Hide file tree

Showing 30 changed files with 940 additions and 1,440 deletions.
diff --git a/setup/ansible/.ansible-lint → ansible/.ansible-lint b/setup/ansible/.ansible-lint → ansible/.ansible-lint
diff --git a/ansible/Containerfile b/ansible/Containerfile
@@ -0,0 +1,20 @@
+# Source Image
+FROM docker.io/library/python:3.11-alpine3.19
+
+# Environment vars
+ENV PIPX_BIN_DIR="/usr/local/py-utils"
+ENV PIPX_HOME="/usr/local/pipx"
+ENV POETRY_VERSION="1.8.2"
+ENV POETRY_VIRTUALENVS_CREATE="true"
+ENV POETRY_VIRTUALENVS_IN_PROJECT="true"
+ENV PATH="${PATH}:${PIPX_BIN_DIR}:${PIPX_HOME}/venvs/poetry/bin:/ansible/.venv/bin"
+
+# Install system dependencies
+RUN apk --no-cache add pipx openssh bash
+RUN pipx install poetry==${POETRY_VERSION}
+
+# Install ansible and dependencies
+WORKDIR /ansible
+COPY . .
+RUN poetry install --no-root
+CMD poetry env use .venv/bin/python
diff --git a/setup/ansible/ansible.cfg → ansible/ansible.cfg b/setup/ansible/ansible.cfg → ansible/ansible.cfg
@@ -1,10 +1,10 @@
 [defaults]
 # Inventory location
-inventory = inventory
+inventory = inventory.yml
 # Location for roles
 roles_path = ./roles
 # Location for collections
-collections_paths = ./collections
+collection_paths = ./collections
 # Localtion for plugins & modules
 library = ./library
 # SSH

diff --git a/setup/ansible/host_vars/localhost.yml → ansible/host_vars/localhost.yml b/setup/ansible/host_vars/localhost.yml → ansible/host_vars/localhost.yml
diff --git a/ansible/inventory.yml b/ansible/inventory.yml
@@ -0,0 +1,9 @@
+---
+all:
+  hosts:
+    localhost:
+    host.ublue.local:
+      ansible_host: host.containers.internal
+      ansible_user: "{{ lookup('ansible.builtin.env', 'ANSIBLE_HOST_USER') }}"
+      ansible_become_password: "{{ lookup('ansible.builtin.env', 'ANSIBLE_HOST_BECOME_PASSWORD') }}"
+  children:
diff --git a/ansible/playbooks/configure_host.yml b/ansible/playbooks/configure_host.yml
@@ -0,0 +1,26 @@
+---
+- name: Configure host system
+  hosts: host.ublue.local
+  gather_facts: true
+  tasks:
+    - name: Add ublue.local entries to /etc/hosts
+      ansible.builtin.lineinfile:
+        path: /etc/hosts
+        search_string: 127.0.0.1 rvproxy.ublue.local registry.ublue.local forge.ublue.local
+        line: 127.0.0.1 rvproxy.ublue.local registry.ublue.local forge.ublue.local
+        state: present
+      become: true
+
+    - name: Add ublue.local TSL root certificate to trust anchors
+      ansible.builtin.copy:
+        src: /certs/tls/ublue-os_forge-root.pem
+        dest: /etc/pki/ca-trust/source/anchors/ublue-os_forge-root.pem
+        force: true
+        mode: "0644"
+      become: true
+
+    - name: Update ca-trust store
+      ansible.builtin.command:
+        cmd: update-ca-trust
+      changed_when: false
+      become: true
diff --git a/ansible/poetry.lock b/ansible/poetry.lock
diff --git a/setup/ansible/pyproject.toml → ansible/pyproject.toml b/setup/ansible/pyproject.toml → ansible/pyproject.toml
@@ -7,13 +7,12 @@ license = "../LICENSE"
 readme = "../README.md"
 
 [tool.poetry.dependencies]
-python = "^3.9"
-ansible-core = "^2.14.5"
-jmespath = "^1.0.1"
-dnspython = "^2.3.0"
+python = "^3.11"
+ansible-core = "^2.16"
+jmespath = "^1.0"
 
-[tool.poetry.dev-dependencies]
-ansible-lint = { version = "^6.14.1", markers = 'platform_system != "Windows"' }
+[tool.poetry.group.dev.dependencies]
+ansible-lint = { version = "^24.2", markers = 'platform_system != "Windows"' } # https://github.com/ansible/ansible-lint/issues/2730#issuecomment-1330406601
 
 [build-system]
 requires = ["poetry-core"]

diff --git a/setup/Containerfile b/setup/Containerfile
diff --git a/setup/ansible/group_vars/semaphore.yml b/setup/ansible/group_vars/semaphore.yml
diff --git a/setup/ansible/inventory b/setup/ansible/inventory
diff --git a/setup/ansible/main.yml b/setup/ansible/main.yml