WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-infra/collections/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml

329 lines
11 KiB
YAML
Raw Blame History

---
- name: '[setup] gather facts if not already done'
setup:
gather_subset:
- distribution
- distribution_release
- name: '[home] get user account information'
ansible.builtin.getent:
database: passwd
key: "{{ custom_base_user_account }}"
split: ":"
changed_when: false
when: getent_passwd is undefined or custom_base_user_account not in getent_passwd
- name: '[apt] install dependencies and tools'
become: true
ansible.builtin.apt:
update_cache: true
force_apt_get: true
cache_valid_time: 3600
pkg:
- apt-transport-https # docker-ce
- autoconf
- automake
- bc
- build-essential
- ca-certificates # docker-ce
- curl
- g++
- gcc
- git
- git-lfs
- gnupg2 # docker-ce
- jq
- libasound2 # draw.io
- libatspi2.0-0 # draw.io
- libcairo2
- libcairo2-dev
- libcurl4-openssl-dev
- libffi-dev
- libgtk-3-0 # draw.io
- libnotify4 # draw.io
- libnss3 # draw.io
- libsecret-1-0 # draw.io
- libssl-dev
- libtool
- libxss1 # draw.io
- libxtst6 # draw.io
- make
- mariadb-client
- pipx
- postgresql-client
- python3-dev
- python3-pip
- python3-virtualenv
- shellcheck
- sqlite3
- valgrind
- xdg-utils # draw.io
state: present
- name: '[github] install tools'
become: true
nullified.infrastructure.github_artifact:
github_token: '{{ custom_github_token }}'
asset_name: "{{ item.asset_name | default('') }}"
asset_type: "{{ item.asset_type }}"
cmds: "{{ item.cmds | default([]) }}"
creates: "{{ item.creates | default('') }}"
repository: "{{ item.repository }}"
version: "{{ item.version | default('') }}"
loop:
- asset_name: kind-linux-amd64
asset_type: release
repository: kubernetes-sigs/kind
creates: /usr/local/bin/kind
cmds:
- install --group=root --owner=root --mode=755 {asset_dirname}/{asset_filename} /usr/local/bin/kind
- rm {asset_dirname}/{asset_filename}
- asset_name: dive_{version}_linux_amd64.deb
asset_type: release
repository: wagoodman/dive
creates: /usr/bin/dive
cmds:
- dpkg -i {asset_dirname}/{asset_filename}
- asset_name: kubeconform-linux-amd64.tar.gz
asset_type: release
repository: yannh/kubeconform
creates: /usr/local/bin/kubeconform
cmds:
- tar -zxf {asset_dirname}/{asset_filename}
- install --group=root --mode=755 --owner=root kubeconform /usr/local/bin
- asset_name: git-delta_{version}_amd64.deb
asset_type: release
repository: dandavison/delta
creates: /usr/bin/delta
cmds:
- dpkg -i {asset_dirname}/{asset_filename}
- asset_name: docker-compose-linux-x86_64
asset_type: release
repository: docker/compose
creates: /usr/local/bin/docker-compose
cmds:
- install --group=root --mode=755 --owner=root {asset_dirname}/{asset_filename} /usr/local/bin/docker-compose
- test -d /usr/local/lib/docker/cli-plugins && (rm /usr/local/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins) || true
- test -d /usr/local/libexec/docker/cli-plugins && (rm /usr/local/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/libexec/docker/cli-plugins) || true
- test -d /usr/lib/docker/cli-plugins && (rm /usr/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/lib/docker/cli-plugins) || true
- test -d /usr/libexec/docker/cli-plugins && (rm /usr/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/libexec/docker/cli-plugins) || true
- asset_name: buildx-{version}.linux-amd64
asset_type: release
repository: docker/buildx
creates: /usr/local/bin/docker-buildx
cmds:
- install --group=root --mode=755 --owner=root {asset_dirname}/{asset_filename} /usr/local/bin/docker-buildx
- test -d /usr/local/lib/docker/cli-plugins && (rm /usr/local/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins) || true
- test -d /usr/local/libexec/docker/cli-plugins && (rm /usr/local/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/local/libexec/docker/cli-plugins) || true
- test -d /usr/lib/docker/cli-plugins && (rm /usr/lib/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/lib/docker/cli-plugins) || true
- test -d /usr/libexec/docker/cli-plugins && (rm /usr/libexec/docker/cli-plugins/docker-compose; ln -s /usr/local/bin/docker-compose /usr/libexec/docker/cli-plugins) || true
- asset_name: drawio-amd64-{version}.deb
asset_type: release
repository: jgraph/drawio-desktop
creates: /usr/bin/drawio
cmds:
- dpkg -i {asset_dirname}/{asset_filename}
- asset_name: OpenLens-{version}.amd64.deb
asset_type: release
repository: MuhammedKalkan/OpenLens
creates: /usr/bin/open-lens
cmds:
- dpkg -i {asset_dirname}/{asset_filename}
- asset_name: stern_{version}_linux_amd64.tar.gz
asset_type: release
repository: stern/stern
creates: /usr/local/bin/stern
cmds:
- tar -zxf {asset_dirname}/{asset_filename}
- install --group=root --mode=755 --owner=root stern /usr/local/bin
- asset_name: tofu_{version}_amd64.deb
asset_type: release
repository: opentofu/opentofu
creates: /usr/bin/tofu
cmds:
- dpkg -i {asset_dirname}/{asset_filename}
- name: '[custom] install latest kubectl'
become: true
block:
- name: '[kubectl] find latest version available'
ansible.builtin.command:
cmd: curl -L -s https://dl.k8s.io/release/stable.txt
register: latest_kube_version
changed_when: false
- name: '[kubectl] fetch binary'
ansible.builtin.get_url:
url: "https://dl.k8s.io/release/{{ latest_kube_version.stdout }}/bin/linux/amd64/kubectl"
dest: /usr/local/bin/kubectl
owner: root
group: root
mode: '0755'
- name: '[custom] install latest Helm'
become: true
block:
- name: '[helm] find latest version available'
ansible.builtin.shell: |-
curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name'
register: latest_helm_version
changed_when: false
- name: '[helm] find if binary is already installed'
ansible.builtin.file:
path: /usr/local/bin/helm
register: helm_stat
changed_when: false
failed_when: false
- name: '[helm] setup temp directory'
ansible.builtin.file:
path: /tmp/helm-unarchive
state: directory
owner: root
group: root
mode: '0700'
when: helm_stat.state is match("absent")
- name: '[helm] fetch archive'
ansible.builtin.unarchive:
remote_src: true
src: "https://get.helm.sh/helm-{{ latest_helm_version.stdout }}-linux-amd64.tar.gz"
dest: /tmp/helm-unarchive
when: helm_stat.state is match("absent")
- name: '[helm] install binary'
ansible.builtin.copy:
remote_src: true
src: /tmp/helm-unarchive/linux-amd64/helm
dest: /usr/local/bin/helm
owner: root
group: root
mode: '0755'
when: helm_stat.state is match("absent")
- name: '[helm] cleanup'
ansible.builtin.file:
path: /tmp/helm-unarchive
state: absent
when: helm_stat.state is match("absent")
- name: '[custom] install Docker CE repository'
become: true
block:
- name: '[apt key] add docker key'
ansible.builtin.get_url:
url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
dest: /etc/apt/trusted.gpg.d/docker.asc
mode: '0644'
- name: '[apt key] add source'
ansible.builtin.apt_repository:
repo: "deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.asc] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
state: present
filename: docker
update_cache: true
- name: '[apt] install Docker CE'
ansible.builtin.apt:
update_cache: true
force_apt_get: true
cache_valid_time: 3600
pkg:
- docker-ce
- docker-ce-cli
- containerd.io
state: present
- name: '[docker] update daemon configuration'
ansible.builtin.template:
src: ../templates/docker-ce/daemon.json.j2
dest: /etc/docker/daemon.json
mode: '0644'
notify:
- 'development : [docker] restart service'
- name: '[docker] add default user to docker group'
ansible.builtin.user:
name: "{{ development_docker_remap_user }}"
append: true
groups: docker
state: present
notify:
- 'development : [docker] restart service'
- name: '[python] install tools'
become: true
become_user: "{{ custom_base_user_account }}"
ansible.builtin.command:
cmd: "pipx install {{ item.cmd }}"
creates: "{{ getent_passwd[custom_base_user_account][4] }}/.local/bin/{{ item.creates }}"
loop:
- { "cmd": "black", "creates": "black" }
- { "cmd": "flake8", "creates": "flake8" }
- name: '[python] install pipx packages dependencies'
become: true
become_user: "{{ custom_base_user_account }}"
ansible.builtin.command:
cmd: "pipx inject {{ item.venv }} {{ item.extension }}"
creates:
"{{ getent_passwd[custom_base_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}"
loop:
- venv: "flake8"
extension: "flake8-annotations-complexity"
creates: "flake8_annotations_complexity"
- venv: "flake8"
extension: "flake8-bandit"
creates: "flake8_bandit.py"
- venv: "flake8"
extension: "flake8-breakpoint"
creates: "flake8_breakpoint"
- venv: "flake8"
extension: "flake8-bugbear"
creates: "bugbear.py"
- venv: "flake8"
extension: "flake8-builtins"
creates: "flake8_builtins.py"
- venv: "flake8"
extension: "flake8-comprehensions"
creates: "flake8_comprehensions"
- venv: "flake8"
extension: "flake8-docstrings"
creates: "flake8_docstrings.py"
- venv: "flake8"
extension: "flake8-eradicate"
creates: "flake8_eradicate.py"
- venv: "flake8"
extension: "flake8-expression-complexity"
creates: "flake8_expression_complexity"
- venv: "flake8"
extension: "flake8-if-expr"
creates: "flake8_if_expr"
- venv: "flake8"
extension: "flake8-isort"
creates: "flake8_isort.py"
- venv: "flake8"
extension: "flake8-logging-format"
creates: "logging_format"
- venv: "flake8"
extension: "flake8-print"
creates: "flake8_print.py"
- venv: "flake8"
extension: "flake8-pytest"
creates: "flake8_pytest.py"
- venv: "flake8"
extension: "flake8-pytest-style"
creates: "flake8_pytest_style"
- venv: "flake8"
extension: "flake8-requirements"
creates: "flake8_requirements"
- venv: "flake8"
extension: "flake8-return"
creates: "flake8_return"
- venv: "flake8"
extension: "flake8-rst-docstrings"
creates: "flake8_rst_docstrings.py"
- venv: "flake8"
extension: "pep8-naming"
creates: "pep8ext_naming.py"
Reference in a new issue View git blame Copy permalink