Update repository meta data

Update dependencies
Add precommit config
Add readme notes

.pre-commit-config.yaml

@@ -0,0 +1,28 @@
+---
+# All of the pre-commit hooks here actually use the `pytyhon` pre-commit language
+# setting. However, for the python language setting, pre-commit will create and manage
+# a cached virtual environment for each hook ID and do a bare `pip install <repo>` into
+# the venv to setup the hook. This can result in conflicting dependency versions between
+# the version installed to the pre-commit venv and the version installed to the Poetry
+# venv specified in the lockfile.
+#
+# The solution is to specify `language: system` for all hooks and then install the
+# required dependencies to the Poetry venv. The `system` language skips the isolated
+# venv creation and looks for the entrypoint specified by the hook in the global
+# environment which, if running in the Poetry venv, will find the entrypoint provided
+# by the Poetry-managed dependency.
+#
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v3.3.0
+    hooks:
+      - id: end-of-file-fixer
+        language: system
+      - id: fix-encoding-pragma
+        args:
+          - "--remove"
+        language: system
+      - id: trailing-whitespace
+        language: system
+      - id: check-merge-conflict
+        language: system

README.md

@@ -3,6 +3,39 @@
 Network Ansible configurations
 
 * The `omni_*` prefix is used for custom variables defined and used internally to
-  distinguish them from `ansible_*` or other variables
-* Roles: things machines do. Tasks: how those things are done. Platform compatibility
-  should be handled in tasks. Config logic should be handled in roles.
+  distinguish them from `ansible_*` or other variables. The `_runtime_` prefix should
+  be used for runtime variables
+* Passing `clean=true` should force cleaning any and all cached stuff
+* Passing `update=true` should update any unpinned _things_ to their latest version
+
+Organizational notes:
+
+* Playbooks should be platform/device agnostic. Any playbook should be runnable against
+  any device. If the config a playbook deploys isn't applicable to that device then the
+  playbook should be laid out so that it skips any inapplicable hosts.
+* Building from that, platform-conditionals should go in task files: `when` conditions
+  in playbooks should be limited to runtime conditions.
+
+Target notes:
+
+* The `'mgmt'` target grants remote management access. This usually means SSH + local
+  login access, but can also mean web interface (cockpit, erx, etc)
+
+General workflow:
+
+1. Run `provision.yml` - this gets the entire environment into a ready-to-go state but
+   does not deploy any actual applications or perform any target tasks
+2. Run one or more `deploy-*.yml` - this deploys the application noted to the system
+3. Run one or more `do-*.yml` - this performs one off tasks
+
+## local env creation
+
+Requires Poetry-1.1+
+
+```bash
+git clone https://vcs.enp.one/omni/omni-ansible.git
+
+cd omni-ansible/
+
+poetry install
+```

pyproject.toml

@@ -2,22 +2,22 @@
 name = "omni-ansible"
 version = "0.0.0"
 description = "Network deployment procedures and configuration state"
-authors = ["Ethan Paul <e@enp.one>"]
+authors = ["Ethan Paul <me@enp.one>"]
 license = "MIT"
 
 [tool.poetry.dependencies]
 python = "^3.7"
 ansible = "^2.9.4"
-paramiko = "^2.7.1"
-jinja2 = "^2.11.1"
 docker = "^4.2.0"
 docker-compose = "^1.25.4"
+paramiko = "^2.7.1"
 
 [tool.poetry.dev-dependencies]
 ansible-lint = "^4.2.0"
-yamllint = "^1.20.0"
 ansible-toolbox = "^0.3"
-
-[build-system]
-requires = ["poetry>=1.0.0"]
-build-backend = "poetry.masonry.api"
+pre-commit = "^2.9.2"
+pre-commit-hooks = "^3.3.0"
+safety = "^1.9.0"
+tox = "^3.20.1"
+tox-poetry-installer = "^0.5.2"
+yamllint = "^1.20.0"