From f16bf3d14c630c009534f7bf6d9092ea43aeadf5 Mon Sep 17 00:00:00 2001 From: SebClem Date: Wed, 15 Dec 2021 00:21:52 +0100 Subject: [PATCH] :hammer: Init --- .drone.yml | 43 +++++++++++++++++++++++++++++++++++++++++++ Dockerfile | 15 +++++++++++++++ README.md | 42 ++++++++++++++++++++++++++++++++++++++++++ entrypoint | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 151 insertions(+) create mode 100644 .drone.yml create mode 100644 Dockerfile create mode 100644 README.md create mode 100755 entrypoint diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..29ece66 --- /dev/null +++ b/.drone.yml @@ -0,0 +1,43 @@ +name: Build Docker +kind: pipeline +type: docker +steps: + + - name: Only build image + image: plugins/docker + settings: + username: + from_secret: docker_username + password: + from_secret: docker_password + repo: harbor.sebclem.fr/sebclem/drone-ansible-runner + registry: harbor.sebclem.fr + tags: latest + dry_run: true + when: + target: + exclude: + - production + + - name: Build and Push docker + image: plugins/docker + settings: + username: + from_secret: docker_username + password: + from_secret: docker_password + repo: harbor.sebclem.fr/sebclem/drone-ansible-runner + registry: harbor.sebclem.fr + tags: latest + when: + branch: + - main + target: + - production + +trigger: + event: + - push + - custom + - promote + - rollback \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..a07c0af --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +FROM alpine:3.15.0 + +RUN apk add --no-cache py3-pip bash gcc musl-dev python3-dev libffi-dev + +RUN pip3 install --upgrade pip + +# renovate: datasource=pypi depName=ansible +ENV ANSIBLE_VERSION=5.0.1 +RUN pip3 install --no-cache-dir ansible==${ANSIBLE_VERSION} + +RUN apk del gcc musl-dev python3-dev libffi-dev + +COPY entrypoint /bin/entrypoint + +ENTRYPOINT [ "/bin/entrypoint" ] \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..8dff66c --- /dev/null +++ b/README.md @@ -0,0 +1,42 @@ +# Drone Ansible Runner + +Config: +```yml +kind: pipeline +name: default + +steps: + - name: Check ansible syntax + image: harbor.sebclem.fr/sebclem/drone-ansible-runner + settings: + playbook: sites.yml + galaxy_file: roles/requirements.yml + check_syntax: true + vault_token: + from_secret: ansible_vault_password + private_key: + from_secret: ansible_private_key + when: + event: + - push + - custom + + - name: Run ansible playbook + image: harbor.sebclem.fr/sebclem/drone-ansible-runner + settings: + verbosity: 1 + playbook: sites.yml + galaxy_file: roles/requirements.yml + check_syntax: true + vault_token: + from_secret: ansible_vault_password + private_key: + from_secret: ansible_private_key + limit: harbor.home + when: + event: + - promote + - rollback + - custom + +``` \ No newline at end of file diff --git a/entrypoint b/entrypoint new file mode 100755 index 0000000..8179a57 --- /dev/null +++ b/entrypoint @@ -0,0 +1,51 @@ +#!/bin/bash + +check=${PLUGIN_CHECK_SYNTAX:-false} +verbosity=${PLUGIN_VERBOSITY:-0} + +if [[ -z "$PLUGIN_PLAYBOOK" ]]; then + echo -e "\e[31m'playbook' setting not defined, ABORT!\e[39m" + exit 1 +fi + +if [[ -z "$PLUGIN_PRIVATE_KEY" ]]; then + echo -e "\e[31m'private_key' setting not defined, ABORT!\e[39m" + exit 1 +fi + +echo "$PLUGIN_PRIVATE_KEY" > /root/.ssh/id_ed +chmod 400 /root/.ssh/id_ed + +if [[ -n "$PLUGIN_VAULT_TOKEN" ]]; then + echo "Adding vault token to 'credentials/vault_token'" + mkdir credentials + echo $PLUGIN_VAULT_TOKEN > credentials/vault_token + echo "" +fi + +if [[ -n "$PLUGIN_GALAXY_FILE" ]]; then + echo "Installing Galaxy dependencies ($PLUGIN_GALAXY_FILE)" + echo "\$ ansible-galaxy install -r $PLUGIN_GALAXY_FILE --force" + ansible-galaxy install -r $PLUGIN_GALAXY_FILE --force + echo "" +fi + +args="$PLUGIN_PLAYBOOK" + +if [[ $check = true ]]; then + args="$args --syntax-check" +fi + +if [[ $verbosity != "0" ]]; then + args="${args} -" + for i in `seq 1 $verbosity`; do + args="${args}v" + done +fi + +if [[ -n "$PLUGIN_LIMIT" ]]; then + args="${args} --limit \"$PLUGIN_LIMIT\"" +fi + +echo "\$ ansible-playbook $args" +ansible-playbook $args \ No newline at end of file