Initial
This commit is contained in:
commit
2a0babee43
11 changed files with 166 additions and 0 deletions
33
.pre-commit-config.yaml
Normal file
33
.pre-commit-config.yaml
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
repos:
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v3.4.0
|
||||||
|
hooks:
|
||||||
|
- id: trailing-whitespace
|
||||||
|
- id: end-of-file-fixer
|
||||||
|
- id: check-added-large-files
|
||||||
|
- id: check-case-conflict
|
||||||
|
- id: check-executables-have-shebangs
|
||||||
|
- id: check-json
|
||||||
|
- id: pretty-format-json
|
||||||
|
- id: detect-private-key
|
||||||
|
|
||||||
|
- repo: local
|
||||||
|
hooks:
|
||||||
|
- id: ansible-lint
|
||||||
|
name: Ansible-lint
|
||||||
|
description: This hook runs ansible-lint.
|
||||||
|
entry: ansible-lint --force-color
|
||||||
|
language: python
|
||||||
|
# do not pass files to ansible-lint, see:
|
||||||
|
# https://github.com/ansible/ansible-lint/issues/611
|
||||||
|
pass_filenames: false
|
||||||
|
always_run: true
|
||||||
|
|
||||||
|
- repo: https://github.com/adrienverge/yamllint.git
|
||||||
|
rev: v1.26.0
|
||||||
|
hooks:
|
||||||
|
- id: yamllint
|
||||||
|
files: \.(yaml|yml)$
|
||||||
|
types: [file, yaml]
|
||||||
|
entry: yamllint
|
112
README.md
Normal file
112
README.md
Normal file
|
@ -0,0 +1,112 @@
|
||||||
|
# Ansible AWX Template: Template
|
||||||
|
|
||||||
|
Ansible AWX is the method used for the Rocky Linux infrastructure, as a replacement for using the CLI. This template should be copied, as to manage playbooks and tasks into reproducible, repeatable, and organized manner.
|
||||||
|
|
||||||
|
## Provides / Information
|
||||||
|
|
||||||
|
This repository is for AWX templates.
|
||||||
|
|
||||||
|
```
|
||||||
|
.
|
||||||
|
├── README.md
|
||||||
|
├── defaults
|
||||||
|
│ └── main.yml
|
||||||
|
├── files
|
||||||
|
│ └── README.md
|
||||||
|
├── handlers
|
||||||
|
│ └── main.yml
|
||||||
|
├── tasks
|
||||||
|
│ └── main.yml
|
||||||
|
├── templates
|
||||||
|
│ └── README.md
|
||||||
|
├── tests
|
||||||
|
│ ├── README.md
|
||||||
|
│ ├── inventory
|
||||||
|
│ └── test.yml
|
||||||
|
└── vars
|
||||||
|
└── main.yml
|
||||||
|
```
|
||||||
|
|
||||||
|
## Guidelines
|
||||||
|
|
||||||
|
These are the general guidelines for creating and maintaining these repositories. Please read carefully to ensure that you are meeting the criteria.
|
||||||
|
|
||||||
|
1. Copy this template into a new repository with the format `ansible-type-usage`. For example, if this is for ipa management, you could use a name like `ansible-ipa-management`.
|
||||||
|
2. Change the top of the `README.md` from "Template" to an appropriate name for your repo.
|
||||||
|
3. Modify the `README.md` file at the Provides/Information section of what these tasks do. Please be descriptive and list all of the playbooks and accompanying tasks (see the example). Hint: Use the `tree` command.
|
||||||
|
4. List any requirements to run the playbooks, such as vars, mandatory or optional in playbooks. Optionally, you may list them in the `README.md` here.
|
||||||
|
5. Run `pre-commit install` - There is already a provided `.pre-commit-config.yaml` with some default settings.
|
||||||
|
6. (Optional) Remove everything starting at "Guidelines" in this README to reduce clutter.
|
||||||
|
|
||||||
|
## Designing Playbooks
|
||||||
|
|
||||||
|
Generally, your playbooks should be doing the following:
|
||||||
|
|
||||||
|
1. Checking if ansible can be ran on a specific host
|
||||||
|
2. Asserting if variables are filled and are correctly formed
|
||||||
|
3. Importing tasks from the `./tasks` directory
|
||||||
|
4. Importing roles, if necessary
|
||||||
|
5. Post tasks, if necessary
|
||||||
|
|
||||||
|
**Note**: At no point should you be using `./tasks/main.yml`
|
||||||
|
|
||||||
|
### Pre-flight and Post-flight tasks
|
||||||
|
|
||||||
|
```
|
||||||
|
pre_tasks:
|
||||||
|
- name: Check if ansible cannot be run here
|
||||||
|
stat:
|
||||||
|
path: /etc/no-ansible
|
||||||
|
register: no_ansible
|
||||||
|
|
||||||
|
- name: Verify if we can run ansible
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- "not no_ansible.stat.exists"
|
||||||
|
success_msg: "We are able to run on this node"
|
||||||
|
fail_msg: "/etc/no-ansible exists - skipping run on this node"
|
||||||
|
|
||||||
|
# Assertions and other checks here
|
||||||
|
|
||||||
|
# Import roles/tasks here
|
||||||
|
|
||||||
|
post_tasks:
|
||||||
|
- name: Touching run file that ansible has ran here
|
||||||
|
file:
|
||||||
|
path: /var/log/ansible.run
|
||||||
|
state: touch
|
||||||
|
mode: '0644'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
```
|
||||||
|
|
||||||
|
### Comments
|
||||||
|
|
||||||
|
Each playbook should have comments or a name descriptor that explains what the playbook does or how it is used. If not available, README-... files can be used in place, especially in the case of adhoc playbooks that take input. Documentation for each playbook/role does not have to be on this wiki. Comments or README's should be sufficient.
|
||||||
|
|
||||||
|
### Tags
|
||||||
|
|
||||||
|
Ensure that you use relevant tags where necessary for your tasks.
|
||||||
|
|
||||||
|
### Playbook naming
|
||||||
|
|
||||||
|
```
|
||||||
|
init-* -> Starting infrastructure playbooks that run solo or import other
|
||||||
|
playbooks that start with import-
|
||||||
|
adhoc -> These playbooks are one-off playbooks that can be used on the CLI or
|
||||||
|
in AWX. These are typically for basic tasks.
|
||||||
|
import -> Playbooks that should be imported from the top level playbooks
|
||||||
|
role-* -> These playbooks call roles specifically for infrastructure tasks.
|
||||||
|
Playbooks that do not call a role should be named init or adhoc based
|
||||||
|
on their usage.
|
||||||
|
```
|
||||||
|
|
||||||
|
### Pre-commits / linting
|
||||||
|
|
||||||
|
When pushing to your own forked version of this repository, pre-commit must run to verify your changes. They must be passing to be pushed up. This is an absolute requirement, even for roles.
|
||||||
|
|
||||||
|
When the linter passes, the push will complete and you will be able to open a PR.
|
||||||
|
|
||||||
|
## How are these repositories used?
|
||||||
|
|
||||||
|
These repositories are generally cloned/pulled into AWX for the latest version, so they can be called within AWX either by hand or at a scheduled time.
|
2
defaults/main.yml
Normal file
2
defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
# Defaults
|
1
files/README.md
Normal file
1
files/README.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Files come here
|
2
handlers/main.yml
Normal file
2
handlers/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
# Handlers
|
4
tasks/main.yml
Normal file
4
tasks/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
# No tasks
|
||||||
|
- debug: msg="No tasks are provided here. Please import the task as needed in your playbook."
|
||||||
|
...
|
1
templates/README.md
Normal file
1
templates/README.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Templates go here
|
3
tests/README.md
Normal file
3
tests/README.md
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
# Tests
|
||||||
|
|
||||||
|
Basic tests for the playbooks and tasks come here. Generally you need a `test.yml` and `inventory` file with at least `localhost`
|
1
tests/inventory
Normal file
1
tests/inventory
Normal file
|
@ -0,0 +1 @@
|
||||||
|
localhost
|
5
tests/test.yml
Normal file
5
tests/test.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- hosts: localhost
|
||||||
|
remote_user: root
|
||||||
|
tasks:
|
||||||
|
- import_tasks: example.yml
|
2
vars/main.yml
Normal file
2
vars/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
# Vars that should not be overridden
|
Loading…
Reference in a new issue