Ethan Paul
0a7b67b6c5
provision playbooks now establish platform-related components of the macro system configure playbooks now configure/update/establish specific subcomponents of systems deploy playbooks will eventually deploy specific applications onto the platform
129 lines
4.2 KiB
YAML
129 lines
4.2 KiB
YAML
---
|
|
- name: Bootstrap remote ansible environment
|
|
hosts: all
|
|
|
|
tags:
|
|
- always
|
|
vars:
|
|
# Set this fact to allow the bootstrap play to run using the native system python
|
|
# interpreter. A variable defined here is only in scope while this specific play
|
|
# is being run; once this play is done this value is dropped and the default value
|
|
# (which is actually set in the inventory file to the interpreter created by this
|
|
# play) will be used.
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
tasks:
|
|
- name: Determine runtime settings
|
|
set_fact:
|
|
_runtime_clean: "{{ true if (clean | bool) else false }}"
|
|
_runtime_update: "{{ true if (update | bool) else false }}"
|
|
_runtime_update_state: "{{ 'latest' if (update | bool) else 'present' }}"
|
|
|
|
- name: Clean bootstrap virtualenv
|
|
when: _runtime_clean
|
|
become: true
|
|
file:
|
|
path: "{{ omni_ansible_venv }}"
|
|
state: absent
|
|
|
|
- name: Create bootstrap virtualenv directory
|
|
become: true
|
|
file:
|
|
path: "{{ omni_ansible_venv }}"
|
|
state: directory
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ ansible_user }}"
|
|
mode: 0755
|
|
|
|
- name: Create bootstrap virtualenv
|
|
command:
|
|
cmd: "{{ ansible_python_interpreter }} -m venv {{ omni_ansible_venv }} --system-site-packages"
|
|
creates: "{{ omni_ansible_venv }}/bin/python"
|
|
|
|
# - name: Assign ownership of the virtualenv to ansible
|
|
# become: true
|
|
# file:
|
|
# path: "{{ omni_ansible_venv }}"
|
|
# state: directory
|
|
# owner: "{{ ansible_user }}"
|
|
# group: "{{ ansible_user }}"
|
|
# mode: 0755
|
|
# follow: false
|
|
|
|
- name: Generate remote requirements file locally
|
|
delegate_to: 127.0.0.1
|
|
command:
|
|
cmd: poetry export --format requirements.txt
|
|
changed_when: false
|
|
register: _poetry_requirements
|
|
|
|
- name: Copy remote requirements file
|
|
blockinfile:
|
|
path: "{{ omni_ansible_venv }}/req.txt"
|
|
create: true
|
|
block: "{{ _poetry_requirements.stdout_lines | join('\n') }}"
|
|
mode: 0644
|
|
|
|
- name: Install remote requirements
|
|
pip:
|
|
executable: "{{ omni_ansible_venv }}/bin/pip"
|
|
requirements: "{{ omni_ansible_venv }}/req.txt"
|
|
state: present
|
|
|
|
- name: Install CentOS 8 python bindings
|
|
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "8"
|
|
become: true
|
|
dnf:
|
|
state: "{{ _runtime_update_state }}"
|
|
name:
|
|
- python3-libselinux
|
|
- python3-policycoreutils
|
|
- python3-firewall
|
|
|
|
- name: Install CentOS 7 python bindings
|
|
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
|
|
become: true
|
|
yum:
|
|
state: "{{ _runtime_update_state }}"
|
|
name:
|
|
- libselinux-python
|
|
- policycoreutils-python
|
|
- python-firewall
|
|
|
|
- name: Install Fedora python bindings
|
|
when: ansible_distribution == "Fedora"
|
|
become: true
|
|
dnf:
|
|
state: "{{ _runtime_update_state }}"
|
|
name:
|
|
- libselinux-python
|
|
- policycoreutils-python
|
|
- python3-firewall
|
|
|
|
|
|
- name: Check meta environment
|
|
hosts: all
|
|
tags:
|
|
- always
|
|
tasks:
|
|
- name: Check required operating system
|
|
when: omni_os is defined
|
|
assert:
|
|
that:
|
|
- omni_os.name == ansible_distribution | lower
|
|
- omni_os.version_major == ansible_distribution_major_version
|
|
fail_msg: >-
|
|
Remote is running OS '{{ ansible_distribution }} {{ ansible_distribution_major_version }}',
|
|
expected '{{ omni_os.name }} {{ omni_os.version_major }}'
|
|
success_msg: >-
|
|
Remote is running expected OS '{{ ansible_distribution }}
|
|
{{ ansible_distribution_major_version }}'
|
|
|
|
- name: Check required interpreter settings
|
|
assert:
|
|
that:
|
|
- ansible_python_interpreter.startswith(omni_ansible_venv) is true
|
|
fail_msg: >-
|
|
Interpreter '{{ ansible_python_interpreter }}'
|
|
is not in the expected venv '{{ omni_ansible_venv }}'
|
|
success_msg: Interpreter '{{ ansible_python_interpreter }}' is in the expected venv"
|