-
Notifications
You must be signed in to change notification settings - Fork 2
/
run-build-template-vm.sh
executable file
·143 lines (108 loc) · 4.35 KB
/
run-build-template-vm.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
#!/usr/bin/env bash
#!/usr/bin/env bash
#set -eux
#source virtualenv.sh
# Requirements have to be installed prior to running ansible-playbook
# because plugins and requirements are loaded before the task runs
#pip install -r requirements.txt
echo "PWD=${PWD}"
#echo "==> ENV"
#echo "$(export -p | sed 's/declare -x //')"
PLAYBOOK_DEFAULT="bootstrap_vm_template.yml"
PROJECT_DIR="/var/tmp/packer-provisioner-ansible-local"
ANSIBLE_TEMPLATE_INVENTORY="${PROJECT_DIR}/inventory/xenv_groups.yml"
ANSIBLE_COLLECTION_REQUIREMENTS="${PROJECT_DIR}/collections/requirements.yml"
#ANSIBLE_COLLECTION_REQUIREMENTS="${PROJECT_DIR}/collections/requirements.test.yml"
VAULTPASS_FILEPATH="~/.vault_pass"
if [[ -f "${PROJECT_DIR}/.vault_pass" ]]; then
VAULTPASS_FILEPATH="${PROJECT_DIR}/.vault_pass"
fi
#VAULT_FILEPATH="integration_config.vault.yml"
VAULT_FILEPATH="./vars/vault.yml"
INSTALL_LATEST_GALAXY_COLLECTIONS=1
USE_SOURCE_COLLECTIONS=0
SOURCE_COLLECTIONS_PATH="${BASE_DIR}/requirements_collections"
SCRIPT_DIR="$( cd "$( dirname "$0" )" && pwd )"
SCRIPT_FILE=$(basename $0)
#PLAYBOOK="${SCRIPT_FILE%.*}.yml"
echo "SCRIPT_DIR=[${SCRIPT_DIR}]"
echo "SCRIPT_FILE=[${SCRIPT_FILE}]"
#echo "PLAYBOOK=[${PLAYBOOK}]"
echo "PROJECT_DIR=${PROJECT_DIR}"
echo "VAULT_FILEPATH=${VAULT_FILEPATH}"
echo "VAULT_ID=${VAULT_ID}"
export LOCAL_COLLECTIONS_PATH=${HOME}/.ansible
#export ANSIBLE_ROLES_PATH=./
#export ANSIBLE_COLLECTIONS_PATH="${HOME}/.ansible:${PROJECT_DIR}/collections:${BASE_DIR}/requirements_collections"
#export ANSIBLE_COLLECTIONS_PATH="${PROJECT_DIR}/collections:${BASE_DIR}/requirements_collections"
#export ANSIBLE_COLLECTIONS_PATH="${BASE_DIR}/requirements_collections"
#export ANSIBLE_COLLECTIONS_PATH="${PROJECT_DIR}/collections"
#export ANSIBLE_COLLECTIONS_PATH="${PROJECT_DIR}/collections:${LOCAL_COLLECTIONS_PATH}"
export ANSIBLE_COLLECTIONS_PATH="${PROJECT_DIR}/collections:${LOCAL_COLLECTIONS_PATH}"
if [[ "${USE_SOURCE_COLLECTIONS}" -eq 1 ]]; then
export ANSIBLE_COLLECTIONS_PATH=${ANSIBLE_COLLECTIONS_PATH}:${SOURCE_COLLECTIONS_PATH}
fi
#export ANSIBLE_DEBUG=1
export ANSIBLE_KEEP_REMOTE_FILES=1
export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES
## ref: https://github.com/ansible/ansible/issues/79557#issuecomment-1344168449
#export ANSIBLE_GALAXY_IGNORE=true
#export GALAXY_IGNORE_CERTS=true
function pull_latest_galaxy_collections() {
echo "==> ansible-galaxy --version"
ansible-galaxy --version
## ref: https://github.com/ansible/ansible/issues/79557#issuecomment-1344168449
echo "==> Install Galaxy collection requirements"
# GALAXY_INSTALL_CMD=("env ANSIBLE_GALAXY_IGNORE=true env GALAXY_IGNORE_CERTS=true")
# GALAXY_INSTALL_CMD+=("ansible-galaxy collection install")
# GALAXY_INSTALL_CMD+=("--ignore-certs")
# GALAXY_INSTALL_CMD+=("--force")
GALAXY_INSTALL_CMD=("ansible-galaxy collection install")
GALAXY_INSTALL_CMD+=("--upgrade")
GALAXY_INSTALL_CMD+=("-r ${ANSIBLE_COLLECTION_REQUIREMENTS}")
GALAXY_INSTALL_CMD+=("-p ${LOCAL_COLLECTIONS_PATH}")
echo "==> ${GALAXY_INSTALL_CMD[@]}"
eval "${GALAXY_INSTALL_CMD[@]}"
}
function main() {
PLAYBOOK_ARGS="$@"
if [ $# -gt 0 ]; then
PLAYBOOK_ARGS=("$@")
else
PLAYBOOK_ARGS=("${PLAYBOOK_DEFAULT}")
fi
echo "==> PLAYBOOK_ARGS[*]=${PLAYBOOK_ARGS[*]}"
rm -f ./ansible.log
## ref: https://stackoverflow.com/questions/40684543/how-to-make-python-use-ca-certificates-from-mac-os-truststore
CERT_PATH=$(python -m certifi)
export SSL_CERT_FILE=${CERT_PATH}
export REQUESTS_CA_BUNDLE=${CERT_PATH}
if [[ "${INSTALL_LATEST_GALAXY_COLLECTIONS}" -eq 1 ]]; then
pull_latest_galaxy_collections
fi
echo "==> ansible-galaxy collection list"
ansible-galaxy collection list
echo "==> ansible --version"
ansible --version
PLAYBOOK_CMD=("ansible-playbook")
# PLAYBOOK_CMD+=("-e @${TEST_VARS_FILE}")
PLAYBOOK_CMD+=("-e @${VAULT_FILEPATH}")
PLAYBOOK_CMD+=("--vault-id ${VAULT_ID}@${VAULTPASS_FILEPATH}")
PLAYBOOK_CMD+=("${PLAYBOOK_PATH}")
PLAYBOOK_CMD+=("${PLAYBOOK_ARGS[*]}")
PLAYBOOK_CMD+=("-i ${ANSIBLE_TEMPLATE_INVENTORY}")
echo "==> ${PLAYBOOK_CMD[*]}"
eval "${PLAYBOOK_CMD[@]}"
}
export PATH=$PATH:~/.venv/ansible/bin
main "$@"
#export PATH=$PATH:~/.venv/ansible/bin
#
#cd /var/tmp/packer-provisioner-ansible-local
#
#ansible-playbook bootstrap_vm_template.yml \
# --tag vm-template \
# --vault-password-file=~/.vault_pass \
# -e @./vars/vault.yml \
# -c local \
# -i xenv_groups.yml