--- - name: '[setup] gather facts if not already done' setup: gather_subset: - distribution - distribution_release - name: '[home] get user account information' ansible.builtin.getent: database: passwd key: "{{ custom_base_user_account }}" split: ":" changed_when: false when: getent_passwd is undefined or custom_base_user_account not in getent_passwd - name: '[apt] install dependencies and tools' become: true ansible.builtin.apt: update_cache: true force_apt_get: true cache_valid_time: 3600 pkg: - apt-transport-https # docker-ce - autoconf - automake - bc - build-essential - ca-certificates # docker-ce - curl - g++ - gcc - git - git-lfs - gnupg2 # docker-ce - jq - libasound2 # draw.io - libatspi2.0-0 # draw.io - libcairo2 - libcairo2-dev - libcurl4-openssl-dev - libffi-dev - libgtk-3-0 # draw.io - libnotify4 # draw.io - libnss3 # draw.io - libsecret-1-0 # draw.io - libssl-dev - libtool - libxss1 # draw.io - libxtst6 # draw.io - make - mariadb-client - pipx - postgresql-client - python3-dev - python3-pip - python3-virtualenv - shellcheck - sqlite3 - valgrind - xdg-utils # draw.io state: present - name: '[github] install tools' become: true nullified.infrastructure.github_artifact: github_token: '{{ custom_github_token }}' asset_name: "{{ item.asset_name | default('') }}" asset_type: "{{ item.asset_type }}" cmds: "{{ item.cmds | default([]) }}" creates: "{{ item.creates | default('') }}" repository: "{{ item.repository }}" version: "{{ item.version | default('') }}" loop: - asset_name: kind-linux-amd64 asset_type: release repository: kubernetes-sigs/kind creates: /usr/local/bin/kind cmds: - install --group=root --owner=root --mode=755 {asset_dirname}/{asset_filename} /usr/local/bin/kind - rm {asset_dirname}/{asset_filename} - asset_name: dive_{version}_linux_amd64.deb asset_type: release repository: wagoodman/dive creates: /usr/bin/dive cmds: - dpkg -i {asset_dirname}/{asset_filename} - asset_name: kubeconform-linux-amd64.tar.gz asset_type: release repository: yannh/kubeconform creates: /usr/local/bin/kubeconform cmds: - tar -zxf {asset_dirname}/{asset_filename} - install --group=root --mode=755 --owner=root kubeconform /usr/local/bin - asset_name: git-delta_{version}_amd64.deb asset_type: release repository: dandavison/delta creates: /usr/bin/delta cmds: - dpkg -i {asset_dirname}/{asset_filename} - asset_name: docker-compose-linux-x86_64 asset_type: release repository: docker/compose creates: /usr/local/bin/docker-compose cmds: - install --group=root --mode=755 --owner=root {asset_dirname}/{asset_filename} /usr/local/bin/docker-compose - test -d /usr/local/lib/docker/cli-plugins && (rm /usr/local/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins) || true - test -d /usr/local/libexec/docker/cli-plugins && (rm /usr/local/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/libexec/docker/cli-plugins) || true - test -d /usr/lib/docker/cli-plugins && (rm /usr/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/lib/docker/cli-plugins) || true - test -d /usr/libexec/docker/cli-plugins && (rm /usr/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/libexec/docker/cli-plugins) || true - asset_name: buildx-{version}.linux-amd64 asset_type: release repository: docker/buildx creates: /usr/local/bin/docker-buildx cmds: - install --group=root --mode=755 --owner=root {asset_dirname}/{asset_filename} /usr/local/bin/docker-buildx - test -d /usr/local/lib/docker/cli-plugins && (rm /usr/local/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins) || true - test -d /usr/local/libexec/docker/cli-plugins && (rm /usr/local/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/libexec/docker/cli-plugins) || true - test -d /usr/lib/docker/cli-plugins && (rm /usr/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/lib/docker/cli-plugins) || true - test -d /usr/libexec/docker/cli-plugins && (rm /usr/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/libexec/docker/cli-plugins) || true - asset_name: drawio-amd64-{version}.deb asset_type: release repository: jgraph/drawio-desktop creates: /usr/bin/drawio cmds: - dpkg -i {asset_dirname}/{asset_filename} - asset_name: OpenLens-{version}.amd64.deb asset_type: release repository: MuhammedKalkan/OpenLens creates: /usr/bin/open-lens cmds: - dpkg -i {asset_dirname}/{asset_filename} - asset_name: stern_{version}_linux_amd64.tar.gz asset_type: release repository: stern/stern creates: /usr/local/bin/stern cmds: - tar -zxf {asset_dirname}/{asset_filename} - install --group=root --mode=755 --owner=root stern /usr/local/bin - asset_name: tofu_{version}_amd64.deb asset_type: release repository: opentofu/opentofu creates: /usr/bin/tofu cmds: - dpkg -i {asset_dirname}/{asset_filename} - name: '[custom] install latest kubectl' become: true block: - name: '[kubectl] find latest version available' ansible.builtin.command: cmd: curl -L -s https://dl.k8s.io/release/stable.txt register: latest_kube_version changed_when: false - name: '[kubectl] fetch binary' ansible.builtin.get_url: url: "https://dl.k8s.io/release/{{ latest_kube_version.stdout }}/bin/linux/amd64/kubectl" dest: /usr/local/bin/kubectl owner: root group: root mode: '0755' - name: '[custom] install latest Helm' become: true block: - name: '[helm] find latest version available' ansible.builtin.shell: |- curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name' register: latest_helm_version changed_when: false - name: '[helm] find if binary is already installed' ansible.builtin.file: path: /usr/local/bin/helm register: helm_stat changed_when: false failed_when: false - name: '[helm] setup temp directory' ansible.builtin.file: path: /tmp/helm-unarchive state: directory owner: root group: root mode: '0700' when: helm_stat.state is match("absent") - name: '[helm] fetch archive' ansible.builtin.unarchive: remote_src: true src: "https://get.helm.sh/helm-{{ latest_helm_version.stdout }}-linux-amd64.tar.gz" dest: /tmp/helm-unarchive when: helm_stat.state is match("absent") - name: '[helm] install binary' ansible.builtin.copy: remote_src: true src: /tmp/helm-unarchive/linux-amd64/helm dest: /usr/local/bin/helm owner: root group: root mode: '0755' when: helm_stat.state is match("absent") - name: '[helm] cleanup' ansible.builtin.file: path: /tmp/helm-unarchive state: absent when: helm_stat.state is match("absent") - name: '[custom] install Docker CE repository' become: true block: - name: '[apt key] add docker key' ansible.builtin.get_url: url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg" dest: /etc/apt/trusted.gpg.d/docker.asc mode: '0644' - name: '[apt key] add source' ansible.builtin.apt_repository: repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.asc] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" state: present filename: docker update_cache: true - name: '[apt] install Docker CE' ansible.builtin.apt: update_cache: true force_apt_get: true cache_valid_time: 3600 pkg: - docker-ce - docker-ce-cli - containerd.io state: present - name: '[docker] update daemon configuration' ansible.builtin.template: src: ../templates/docker-ce/daemon.json.j2 dest: /etc/docker/daemon.json mode: '0644' notify: - 'development : [docker] restart service' - name: '[docker] add default user to docker group' ansible.builtin.user: name: "{{ development_docker_remap_user }}" append: true groups: docker state: present notify: - 'development : [docker] restart service' - name: '[python] install tools' become: true become_user: "{{ custom_base_user_account }}" ansible.builtin.command: cmd: "pipx install {{ item.cmd }}" creates: "{{ getent_passwd[custom_base_user_account][4] }}/.local/bin/{{ item.creates }}" loop: - { "cmd": "black", "creates": "black" } - { "cmd": "flake8", "creates": "flake8" } - name: '[python] install pipx packages dependencies' become: true become_user: "{{ custom_base_user_account }}" ansible.builtin.command: cmd: "pipx inject {{ item.venv }} {{ item.extension }}" creates: "{{ getent_passwd[custom_base_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}" loop: - venv: "flake8" extension: "flake8-annotations-complexity" creates: "flake8_annotations_complexity" - venv: "flake8" extension: "flake8-bandit" creates: "flake8_bandit.py" - venv: "flake8" extension: "flake8-breakpoint" creates: "flake8_breakpoint" - venv: "flake8" extension: "flake8-bugbear" creates: "bugbear.py" - venv: "flake8" extension: "flake8-builtins" creates: "flake8_builtins.py" - venv: "flake8" extension: "flake8-comprehensions" creates: "flake8_comprehensions" - venv: "flake8" extension: "flake8-docstrings" creates: "flake8_docstrings.py" - venv: "flake8" extension: "flake8-eradicate" creates: "flake8_eradicate.py" - venv: "flake8" extension: "flake8-expression-complexity" creates: "flake8_expression_complexity" - venv: "flake8" extension: "flake8-if-expr" creates: "flake8_if_expr" - venv: "flake8" extension: "flake8-isort" creates: "flake8_isort.py" - venv: "flake8" extension: "flake8-logging-format" creates: "logging_format" - venv: "flake8" extension: "flake8-print" creates: "flake8_print.py" - venv: "flake8" extension: "flake8-pytest" creates: "flake8_pytest.py" - venv: "flake8" extension: "flake8-pytest-style" creates: "flake8_pytest_style" - venv: "flake8" extension: "flake8-requirements" creates: "flake8_requirements" - venv: "flake8" extension: "flake8-return" creates: "flake8_return" - venv: "flake8" extension: "flake8-rst-docstrings" creates: "flake8_rst_docstrings.py" - venv: "flake8" extension: "pep8-naming" creates: "pep8ext_naming.py"