From b45be7e3cc672b068cb26e0b0e2fa259eb3caca9 Mon Sep 17 00:00:00 2001 From: Moshe Atlow Date: Wed, 27 Sep 2023 03:07:22 +0300 Subject: [PATCH] ansible: install aws cli on release builders --- .../deekayen.awscli2/.github/FUNDING.yml | 6 +++ .../deekayen.awscli2/.github/workflows/ci.yml | 42 ++++++++++++++++++ .../.github/workflows/release.yml | 38 ++++++++++++++++ ansible/roles/deekayen.awscli2/.gitignore | 3 ++ ansible/roles/deekayen.awscli2/.yamllint | 6 +++ ansible/roles/deekayen.awscli2/LICENSE | 29 ++++++++++++ ansible/roles/deekayen.awscli2/README.md | 44 +++++++++++++++++++ .../roles/deekayen.awscli2/defaults/main.yml | 3 ++ .../meta/.galaxy_install_info | 2 + ansible/roles/deekayen.awscli2/meta/main.yml | 30 +++++++++++++ .../molecule/default/converge.yml | 13 ++++++ .../molecule/default/molecule.yml | 24 ++++++++++ .../molecule/default/prepare.yml | 16 +++++++ .../molecule/default/tests/test_default.py | 13 ++++++ .../roles/deekayen.awscli2/requirements.txt | 8 ++++ ansible/roles/deekayen.awscli2/tasks/main.yml | 23 ++++++++++ ansible/roles/release-builder/meta/main.yml | 1 + 17 files changed, 301 insertions(+) create mode 100644 ansible/roles/deekayen.awscli2/.github/FUNDING.yml create mode 100644 ansible/roles/deekayen.awscli2/.github/workflows/ci.yml create mode 100644 ansible/roles/deekayen.awscli2/.github/workflows/release.yml create mode 100644 ansible/roles/deekayen.awscli2/.gitignore create mode 100644 ansible/roles/deekayen.awscli2/.yamllint create mode 100644 ansible/roles/deekayen.awscli2/LICENSE create mode 100644 ansible/roles/deekayen.awscli2/README.md create mode 100644 ansible/roles/deekayen.awscli2/defaults/main.yml create mode 100644 ansible/roles/deekayen.awscli2/meta/.galaxy_install_info create mode 100644 ansible/roles/deekayen.awscli2/meta/main.yml create mode 100644 ansible/roles/deekayen.awscli2/molecule/default/converge.yml create mode 100644 ansible/roles/deekayen.awscli2/molecule/default/molecule.yml create mode 100644 ansible/roles/deekayen.awscli2/molecule/default/prepare.yml create mode 100644 ansible/roles/deekayen.awscli2/molecule/default/tests/test_default.py create mode 100644 ansible/roles/deekayen.awscli2/requirements.txt create mode 100644 ansible/roles/deekayen.awscli2/tasks/main.yml diff --git a/ansible/roles/deekayen.awscli2/.github/FUNDING.yml b/ansible/roles/deekayen.awscli2/.github/FUNDING.yml new file mode 100644 index 000000000..ee8eaf878 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/.github/FUNDING.yml @@ -0,0 +1,6 @@ +--- + +github: deekayen +ko_fi: deekayen +liberapay: deekayen +custom: ["paypal.me/deekayen", "venmo.com/drdnorman", "buymeacoff.ee/deekayen"] diff --git a/ansible/roles/deekayen.awscli2/.github/workflows/ci.yml b/ansible/roles/deekayen.awscli2/.github/workflows/ci.yml new file mode 100644 index 000000000..bd0ac8fb5 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/.github/workflows/ci.yml @@ -0,0 +1,42 @@ +--- +name: CI +'on': + pull_request: + push: + branches: + - main + +jobs: + + test: + name: Molecule + runs-on: ubuntu-latest + strategy: + matrix: + distro: + - centos7 + - centos8 + - debian9 + - debian10 + + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip install --upgrade --upgrade-strategy eager -r requirements.txt + + - name: Link repo folder to a proper galaxy alias. + run: cd ../ && ln -s ansible-role-awscli2 deekayen.awscli2 && cd ansible-role-awscli2 + + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/ansible/roles/deekayen.awscli2/.github/workflows/release.yml b/ansible/roles/deekayen.awscli2/.github/workflows/release.yml new file mode 100644 index 000000000..e671254a5 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/.github/workflows/release.yml @@ -0,0 +1,38 @@ +--- +# This workflow requires a GALAXY_API_KEY secret present in the GitHub +# repository or organization. +# +# See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy +# See: https://github.com/ansible/galaxy/issues/46 + +name: Release +'on': + push: + tags: + - '*' + +defaults: + run: + working-directory: 'deekayen.awscli2' + +jobs: + + release: + name: Release + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'deekayen.awscli2' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install Ansible. + run: pip3 install ansible-base + + - name: Trigger a new import on Galaxy. + run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) diff --git a/ansible/roles/deekayen.awscli2/.gitignore b/ansible/roles/deekayen.awscli2/.gitignore new file mode 100644 index 000000000..f56f5b578 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/.gitignore @@ -0,0 +1,3 @@ +*.retry +*/__pycache__ +*.pyc diff --git a/ansible/roles/deekayen.awscli2/.yamllint b/ansible/roles/deekayen.awscli2/.yamllint new file mode 100644 index 000000000..c9aab08bf --- /dev/null +++ b/ansible/roles/deekayen.awscli2/.yamllint @@ -0,0 +1,6 @@ +--- +extends: default +rules: + line-length: + max: 150 + level: warning diff --git a/ansible/roles/deekayen.awscli2/LICENSE b/ansible/roles/deekayen.awscli2/LICENSE new file mode 100644 index 000000000..22012f701 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/LICENSE @@ -0,0 +1,29 @@ +BSD 3-Clause License + +Copyright (c) 2020, David Norman +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/ansible/roles/deekayen.awscli2/README.md b/ansible/roles/deekayen.awscli2/README.md new file mode 100644 index 000000000..ff0824a2d --- /dev/null +++ b/ansible/roles/deekayen.awscli2/README.md @@ -0,0 +1,44 @@ +AWS CLI v2 +========= + +[![CI](https://github.com/deekayen/ansible-role-awscli2/workflows/CI/badge.svg?branch=main)](https://github.com/deekayen/ansible-role-awscli2/actions?query=workflow%3ACI) [![Project Status: Inactive – The project has reached a stable, usable state but is no longer being actively developed; support/maintenance will be provided as time allows.](https://www.repostatus.org/badges/latest/inactive.svg)](https://www.repostatus.org/#inactive) ![BSD 3-Clause license](https://img.shields.io/badge/license-BSD%203--Clause-blue) ![Linux platform](https://img.shields.io/badge/platform-linux-lightgrey) + +Install AWS CLI v2 using the official install binary instead of using `pip`. + +Requirements +------------ +1. Outbound internet connection. +2. unzip + +Role Variables +-------------- + +| variable | hints | +| --- | --- | +| executable_temp_dir | download location for the installer, must be executable, don't use /tmp on hardened OSes| + +Dependencies +------------ + +None. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables +passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - deekayen.awscli2 + +License +------- + +BSD + +Author Information +------------------ + +David Norman +https://github.com/sponsors/deekayen diff --git a/ansible/roles/deekayen.awscli2/defaults/main.yml b/ansible/roles/deekayen.awscli2/defaults/main.yml new file mode 100644 index 000000000..b81982760 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +executable_temp_dir: /tmp diff --git a/ansible/roles/deekayen.awscli2/meta/.galaxy_install_info b/ansible/roles/deekayen.awscli2/meta/.galaxy_install_info new file mode 100644 index 000000000..cc44b6b1a --- /dev/null +++ b/ansible/roles/deekayen.awscli2/meta/.galaxy_install_info @@ -0,0 +1,2 @@ +install_date: Tue Sep 26 23:57:28 2023 +version: 1.1.0 diff --git a/ansible/roles/deekayen.awscli2/meta/main.yml b/ansible/roles/deekayen.awscli2/meta/main.yml new file mode 100644 index 000000000..d07a8864c --- /dev/null +++ b/ansible/roles/deekayen.awscli2/meta/main.yml @@ -0,0 +1,30 @@ +--- +galaxy_info: + namespace: deekayen + role_name: awscli2 + author: David Norman + description: Install AWS CLI v2 using the official installer instead of pip. + + github_branch: main + issue_tracker_url: https://github.com/deekayen/ansible-role-awscli2/issues + + license: BSD + + min_ansible_version: 1.2 + + platforms: + - name: EL + versions: + - 7 + - 8 + - name: Debian + versions: + - buster + - stretch + + galaxy_tags: + - aws + - awscli + - awscli2 + +dependencies: [] diff --git a/ansible/roles/deekayen.awscli2/molecule/default/converge.yml b/ansible/roles/deekayen.awscli2/molecule/default/converge.yml new file mode 100644 index 000000000..4e0117b3b --- /dev/null +++ b/ansible/roles/deekayen.awscli2/molecule/default/converge.yml @@ -0,0 +1,13 @@ +--- +- name: Converge + hosts: all + become: true + + pre_tasks: + - name: Install unzip. + package: + name: unzip + changed_when: false + + roles: + - role: deekayen.awscli2 diff --git a/ansible/roles/deekayen.awscli2/molecule/default/molecule.yml b/ansible/roles/deekayen.awscli2/molecule/default/molecule.yml new file mode 100644 index 000000000..0898cc222 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/molecule/default/molecule.yml @@ -0,0 +1,24 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: | + set -e + yamllint . && + ansible-lint && + flake8 +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true +provisioner: + name: ansible + playbooks: + converge: ${MOLECULE_PLAYBOOK:-converge.yml} +verifier: + name: testinfra diff --git a/ansible/roles/deekayen.awscli2/molecule/default/prepare.yml b/ansible/roles/deekayen.awscli2/molecule/default/prepare.yml new file mode 100644 index 000000000..da1e36be4 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/molecule/default/prepare.yml @@ -0,0 +1,16 @@ +--- +- name: Prepare + hosts: all + become: true + + tasks: + - name: Update apt cache. + apt: + update_cache: true + cache_valid_time: 8640 + when: ansible_distribution == 'Debian' + + - name: Install unzip. + package: + name: unzip + changed_when: false diff --git a/ansible/roles/deekayen.awscli2/molecule/default/tests/test_default.py b/ansible/roles/deekayen.awscli2/molecule/default/tests/test_default.py new file mode 100644 index 000000000..bebd95ee5 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/molecule/default/tests/test_default.py @@ -0,0 +1,13 @@ +import os +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def test_awscli2_bin(host): + assert host.file("/usr/local/bin").is_directory + assert host.file("/usr/local/aws-cli").is_directory + assert host.file("/usr/local/bin/aws").is_symlink + assert host.file("/usr/local/bin/aws_completer").is_symlink + assert host.file("/usr/local/aws-cli/v2/current/bin/aws").is_file diff --git a/ansible/roles/deekayen.awscli2/requirements.txt b/ansible/roles/deekayen.awscli2/requirements.txt new file mode 100644 index 000000000..d8aeeec03 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/requirements.txt @@ -0,0 +1,8 @@ +molecule[docker] +ansible +ansible-lint +flake8 +yamllint +pytest-testinfra +docker +jmespath diff --git a/ansible/roles/deekayen.awscli2/tasks/main.yml b/ansible/roles/deekayen.awscli2/tasks/main.yml new file mode 100644 index 000000000..96d837138 --- /dev/null +++ b/ansible/roles/deekayen.awscli2/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +# https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html +- name: Download awscliv2 installer. + unarchive: + src: "https://awscli.amazonaws.com/awscli-exe-linux-{{ ansible_architecture }}.zip" + dest: "{{ executable_temp_dir }}" + remote_src: true + creates: '{{ executable_temp_dir }}/aws' + mode: 0755 + +- name: Run the installer. + command: + args: + cmd: "{{ executable_temp_dir }}/aws/install" + creates: /usr/local/bin/aws + become: true + register: aws_install + +- name: "Show installer output." + debug: + var: aws_install + verbosity: 2 diff --git a/ansible/roles/release-builder/meta/main.yml b/ansible/roles/release-builder/meta/main.yml index fa2591a2a..949e17300 100644 --- a/ansible/roles/release-builder/meta/main.yml +++ b/ansible/roles/release-builder/meta/main.yml @@ -3,3 +3,4 @@ dependencies: - role: read-secrets - role: user-create + - role: deekayen.awscli2