From eaceeb3e32f8560371cb089470824710194a486f Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Tue, 26 Jan 2021 12:09:39 +0100 Subject: [PATCH] move plugin to cmd --- docker/manifest.tmpl | 8 +- main.go | 243 --------------------------- plugin.go | 389 ------------------------------------------- 3 files changed, 4 insertions(+), 636 deletions(-) delete mode 100644 main.go delete mode 100644 plugin.go diff --git a/docker/manifest.tmpl b/docker/manifest.tmpl index 107c16d..965272d 100644 --- a/docker/manifest.tmpl +++ b/docker/manifest.tmpl @@ -1,4 +1,4 @@ -image: plugins/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} +image: owncloudci/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} {{#if build.tags}} tags: {{#each build.tags}} @@ -6,16 +6,16 @@ tags: {{/each}} {{/if}} manifests: - - image: plugins/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 + - image: owncloudci/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 platform: architecture: amd64 os: linux - - image: plugins/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64 + - image: owncloudci/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64 platform: architecture: arm64 os: linux variant: v8 - - image: plugins/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm + - image: owncloudci/ansible:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm platform: architecture: arm os: linux diff --git a/main.go b/main.go deleted file mode 100644 index 520b9a7..0000000 --- a/main.go +++ /dev/null @@ -1,243 +0,0 @@ -package main - -import ( - "log" - "os" - - "github.com/pkg/errors" - "github.com/urfave/cli" -) - -var ( - version = "unknown" -) - -func main() { - app := cli.NewApp() - app.Name = "ansible plugin" - app.Usage = "ansible plugin" - app.Action = run - app.Version = version - app.Flags = []cli.Flag{ - cli.StringFlag{ - Name: "requirements", - Usage: "path to python requirements", - EnvVar: "PLUGIN_REQUIREMENTS", - }, - cli.StringFlag{ - Name: "galaxy", - Usage: "path to galaxy requirements", - EnvVar: "PLUGIN_GALAXY", - }, - cli.StringSliceFlag{ - Name: "inventory", - Usage: "specify inventory host path", - EnvVar: "PLUGIN_INVENTORY,PLUGIN_INVENTORIES", - }, - cli.StringSliceFlag{ - Name: "playbook", - Usage: "list of playbooks to apply", - EnvVar: "PLUGIN_PLAYBOOK,PLUGIN_PLAYBOOKS", - }, - cli.StringFlag{ - Name: "limit", - Usage: "further limit selected hosts to an additional pattern", - EnvVar: "PLUGIN_LIMIT", - }, - cli.StringFlag{ - Name: "skip-tags", - Usage: "only run plays and tasks whose tags do not match", - EnvVar: "PLUGIN_SKIP_TAGS", - }, - cli.StringFlag{ - Name: "start-at-task", - Usage: "start the playbook at the task matching this name", - EnvVar: "PLUGIN_START_AT_TASK", - }, - cli.StringFlag{ - Name: "tags", - Usage: "only run plays and tasks tagged with these values", - EnvVar: "PLUGIN_TAGS", - }, - cli.StringSliceFlag{ - Name: "extra-vars", - Usage: "set additional variables as key=value", - EnvVar: "PLUGIN_EXTRA_VARS,ANSIBLE_EXTRA_VARS", - }, - cli.StringSliceFlag{ - Name: "module-path", - Usage: "prepend paths to module library", - EnvVar: "PLUGIN_MODULE_PATH", - }, - cli.BoolFlag{ - Name: "check", - Usage: "run a check, do not apply any changes", - EnvVar: "PLUGIN_CHECK", - }, - cli.BoolFlag{ - Name: "diff", - Usage: "show the differences, may print secrets", - EnvVar: "PLUGIN_DIFF", - }, - cli.BoolFlag{ - Name: "flush-cache", - Usage: "clear the fact cache for every host in inventory", - EnvVar: "PLUGIN_FLUSH_CACHE", - }, - cli.BoolFlag{ - Name: "force-handlers", - Usage: "run handlers even if a task fails", - EnvVar: "PLUGIN_FORCE_HANDLERS", - }, - cli.BoolFlag{ - Name: "list-hosts", - Usage: "outputs a list of matching hosts", - EnvVar: "PLUGIN_LIST_HOSTS", - }, - cli.BoolFlag{ - Name: "list-tags", - Usage: "list all available tags", - EnvVar: "PLUGIN_LIST_TAGS", - }, - cli.BoolFlag{ - Name: "list-tasks", - Usage: "list all tasks that would be executed", - EnvVar: "PLUGIN_LIST_TASKS", - }, - cli.BoolFlag{ - Name: "syntax-check", - Usage: "perform a syntax check on the playbook", - EnvVar: "PLUGIN_SYNTAX_CHECK", - }, - cli.IntFlag{ - Name: "forks", - Usage: "specify number of parallel processes to use", - EnvVar: "PLUGIN_FORKS", - Value: 5, - }, - cli.StringFlag{ - Name: "vault-id", - Usage: "the vault identity to use", - EnvVar: "PLUGIN_VAULT_ID,ANSIBLE_VAULT_ID", - }, - cli.StringFlag{ - Name: "vault-password", - Usage: "the vault password to use", - EnvVar: "PLUGIN_VAULT_PASSWORD,ANSIBLE_VAULT_PASSWORD", - }, - cli.IntFlag{ - Name: "verbose", - Usage: "level of verbosity, 0 up to 4", - EnvVar: "PLUGIN_VERBOSE", - }, - cli.StringFlag{ - Name: "private-key", - Usage: "use this key to authenticate the connection", - EnvVar: "PLUGIN_PRIVATE_KEY,ANSIBLE_PRIVATE_KEY", - }, - cli.StringFlag{ - Name: "user", - Usage: "connect as this user", - EnvVar: "PLUGIN_USER,ANSIBLE_USER", - }, - cli.StringFlag{ - Name: "connection", - Usage: "connection type to use", - EnvVar: "PLUGIN_CONNECTION", - }, - cli.IntFlag{ - Name: "timeout", - Usage: "override the connection timeout in seconds", - EnvVar: "PLUGIN_TIMEOUT", - }, - cli.StringFlag{ - Name: "ssh-common-args", - Usage: "specify common arguments to pass to sftp/scp/ssh", - EnvVar: "PLUGIN_SSH_COMMON_ARGS", - }, - cli.StringFlag{ - Name: "sftp-extra-args", - Usage: "specify extra arguments to pass to sftp only", - EnvVar: "PLUGIN_SFTP_EXTRA_ARGS", - }, - cli.StringFlag{ - Name: "scp-extra-args", - Usage: "specify extra arguments to pass to scp only", - EnvVar: "PLUGIN_SCP_EXTRA_ARGS", - }, - cli.StringFlag{ - Name: "ssh-extra-args", - Usage: "specify extra arguments to pass to ssh only", - EnvVar: "PLUGIN_SSH_EXTRA_ARGS", - }, - cli.BoolFlag{ - Name: "become", - Usage: "run operations with become", - EnvVar: "PLUGIN_BECOME", - }, - cli.StringFlag{ - Name: "become-method", - Usage: "privilege escalation method to use", - EnvVar: "PLUGIN_BECOME_METHOD,ANSIBLE_BECOME_METHOD", - }, - cli.StringFlag{ - Name: "become-user", - Usage: "run operations as this user", - EnvVar: "PLUGIN_BECOME_USER,ANSIBLE_BECOME_USER", - }, - } - - if err := app.Run(os.Args); err != nil { - log.Fatal(err) - } -} - -func run(c *cli.Context) error { - plugin := Plugin{ - Config: Config{ - Requirements: c.String("requirements"), - Galaxy: c.String("galaxy"), - Inventories: c.StringSlice("inventory"), - Playbooks: c.StringSlice("playbook"), - Limit: c.String("limit"), - SkipTags: c.String("skip-tags"), - StartAtTask: c.String("start-at-task"), - Tags: c.String("tags"), - ExtraVars: c.StringSlice("extra-vars"), - ModulePath: c.StringSlice("module-path"), - Check: c.Bool("check"), - Diff: c.Bool("diff"), - FlushCache: c.Bool("flush-cache"), - ForceHandlers: c.Bool("force-handlers"), - ListHosts: c.Bool("list-hosts"), - ListTags: c.Bool("list-tags"), - ListTasks: c.Bool("list-tasks"), - SyntaxCheck: c.Bool("syntax-check"), - Forks: c.Int("forks"), - VaultID: c.String("vailt-id"), - VaultPassword: c.String("vault-password"), - Verbose: c.Int("verbose"), - PrivateKey: c.String("private-key"), - User: c.String("user"), - Connection: c.String("connection"), - Timeout: c.Int("timeout"), - SSHCommonArgs: c.String("ssh-common-args"), - SFTPExtraArgs: c.String("sftp-extra-args"), - SCPExtraArgs: c.String("scp-extra-args"), - SSHExtraArgs: c.String("ssh-extra-args"), - Become: c.Bool("become"), - BecomeMethod: c.String("become-method"), - BecomeUser: c.String("become-user"), - }, - } - - if len(plugin.Config.Playbooks) == 0 { - return errors.New("you must provide a playbook") - } - - if len(plugin.Config.Inventories) == 0 { - return errors.New("you must provide an inventory") - } - - return plugin.Exec() -} diff --git a/plugin.go b/plugin.go deleted file mode 100644 index eb6e2b3..0000000 --- a/plugin.go +++ /dev/null @@ -1,389 +0,0 @@ -package main - -import ( - "fmt" - "io/ioutil" - "os" - "os/exec" - "path/filepath" - "strconv" - "strings" - - "github.com/pkg/errors" -) - -var ansibleFolder = "/etc/ansible" -var ansibleConfig = "/etc/ansible/ansible.cfg" - -var ansibleContent = ` -[defaults] -host_key_checking = False -` - -type ( - // Config for the plugin. - Config struct { - Requirements string - Galaxy string - Inventories []string - Playbooks []string - Limit string - SkipTags string - StartAtTask string - Tags string - ExtraVars []string - ModulePath []string - Check bool - Diff bool - FlushCache bool - ForceHandlers bool - ListHosts bool - ListTags bool - ListTasks bool - SyntaxCheck bool - Forks int - VaultID string - VaultPassword string - VaultPasswordFile string - Verbose int - PrivateKey string - PrivateKeyFile string - User string - Connection string - Timeout int - SSHCommonArgs string - SFTPExtraArgs string - SCPExtraArgs string - SSHExtraArgs string - Become bool - BecomeMethod string - BecomeUser string - } - - // Plugin definition. - Plugin struct { - Config Config - } -) - -// Exec provides the implementation of the plugin. -func (p *Plugin) Exec() error { - if err := p.playbooks(); err != nil { - return err - } - - if err := p.ansibleConfig(); err != nil { - return err - } - - if p.Config.PrivateKey != "" { - if err := p.privateKey(); err != nil { - return err - } - - defer os.Remove(p.Config.PrivateKeyFile) - } - - if p.Config.VaultPassword != "" { - if err := p.vaultPass(); err != nil { - return err - } - - defer os.Remove(p.Config.VaultPasswordFile) - } - - commands := []*exec.Cmd{ - p.versionCommand(), - } - - if p.Config.Requirements != "" { - commands = append(commands, p.requirementsCommand()) - } - - if p.Config.Galaxy != "" { - commands = append(commands, p.galaxyCommand()) - } - - for _, inventory := range p.Config.Inventories { - commands = append(commands, p.ansibleCommand(inventory)) - } - - for _, cmd := range commands { - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - - cmd.Env = os.Environ() - cmd.Env = append(cmd.Env, "ANSIBLE_FORCE_COLOR=1") - - trace(cmd) - - if err := cmd.Run(); err != nil { - return err - } - } - - return nil -} - -func (p *Plugin) ansibleConfig() error { - if err := os.MkdirAll(ansibleFolder, os.ModePerm); err != nil { - return errors.Wrap(err, "failed to create ansible directory") - } - - if err := ioutil.WriteFile(ansibleConfig, []byte(ansibleContent), 0600); err != nil { - return errors.Wrap(err, "failed to create ansible config") - } - - return nil -} - -func (p *Plugin) privateKey() error { - tmpfile, err := ioutil.TempFile("", "privateKey") - - if err != nil { - return errors.Wrap(err, "failed to create private key file") - } - - if _, err := tmpfile.Write([]byte(p.Config.PrivateKey)); err != nil { - return errors.Wrap(err, "failed to write private key file") - } - - if err := tmpfile.Close(); err != nil { - return errors.Wrap(err, "failed to close private key file") - } - - p.Config.PrivateKeyFile = tmpfile.Name() - return nil -} - -func (p *Plugin) vaultPass() error { - tmpfile, err := ioutil.TempFile("", "vaultPass") - - if err != nil { - return errors.Wrap(err, "failed to create vault password file") - } - - if _, err := tmpfile.Write([]byte(p.Config.VaultPassword)); err != nil { - return errors.Wrap(err, "failed to write vault password file") - } - - if err := tmpfile.Close(); err != nil { - return errors.Wrap(err, "failed to close vault password file") - } - - p.Config.VaultPasswordFile = tmpfile.Name() - return nil -} - -func (p *Plugin) playbooks() error { - var ( - playbooks []string - ) - - for _, p := range p.Config.Playbooks { - files, err := filepath.Glob(p) - - if err != nil { - playbooks = append(playbooks, p) - continue - } - - playbooks = append(playbooks, files...) - } - - if len(playbooks) == 0 { - return errors.New("failed to find playbook files") - } - - p.Config.Playbooks = playbooks - return nil -} - -func (p *Plugin) versionCommand() *exec.Cmd { - args := []string{ - "--version", - } - - return exec.Command( - "ansible", - args..., - ) -} - -func (p *Plugin) requirementsCommand() *exec.Cmd { - args := []string{ - "install", - "--upgrade", - "--requirement", - p.Config.Requirements, - } - - return exec.Command( - "pip", - args..., - ) -} - -func (p *Plugin) galaxyCommand() *exec.Cmd { - args := []string{ - "install", - "--force", - "--role-file", - p.Config.Galaxy, - } - - if p.Config.Verbose > 0 { - args = append(args, fmt.Sprintf("-%s", strings.Repeat("v", p.Config.Verbose))) - } - - return exec.Command( - "ansible-galaxy", - args..., - ) -} - -func (p *Plugin) ansibleCommand(inventory string) *exec.Cmd { - args := []string{ - "--inventory", - inventory, - } - - if len(p.Config.ModulePath) > 0 { - args = append(args, "--module-path", strings.Join(p.Config.ModulePath, ":")) - } - - if p.Config.VaultID != "" { - args = append(args, "--vault-id", p.Config.VaultID) - } - - if p.Config.VaultPasswordFile != "" { - args = append(args, "--vault-password-file", p.Config.VaultPasswordFile) - } - - for _, v := range p.Config.ExtraVars { - args = append(args, "--extra-vars", v) - } - - if p.Config.ListHosts { - args = append(args, "--list-hosts") - args = append(args, p.Config.Playbooks...) - - return exec.Command( - "ansible-playbook", - args..., - ) - } - - if p.Config.SyntaxCheck { - args = append(args, "--syntax-check") - args = append(args, p.Config.Playbooks...) - - return exec.Command( - "ansible-playbook", - args..., - ) - } - - if p.Config.Check { - args = append(args, "--check") - } - - if p.Config.Diff { - args = append(args, "--diff") - } - - if p.Config.FlushCache { - args = append(args, "--flush-cache") - } - - if p.Config.ForceHandlers { - args = append(args, "--force-handlers") - } - - if p.Config.Forks != 5 { - args = append(args, "--forks", strconv.Itoa(p.Config.Forks)) - } - - if p.Config.Limit != "" { - args = append(args, "--limit", p.Config.Limit) - } - - if p.Config.ListTags { - args = append(args, "--list-tags") - } - - if p.Config.ListTasks { - args = append(args, "--list-tasks") - } - - if p.Config.SkipTags != "" { - args = append(args, "--skip-tags", p.Config.SkipTags) - } - - if p.Config.StartAtTask != "" { - args = append(args, "--start-at-task", p.Config.StartAtTask) - } - - if p.Config.Tags != "" { - args = append(args, "--tags", p.Config.Tags) - } - - if p.Config.PrivateKeyFile != "" { - args = append(args, "--private-key", p.Config.PrivateKeyFile) - } - - if p.Config.User != "" { - args = append(args, "--user", p.Config.User) - } - - if p.Config.Connection != "" { - args = append(args, "--connection", p.Config.Connection) - } - - if p.Config.Timeout != 0 { - args = append(args, "--timeout", strconv.Itoa(p.Config.Timeout)) - } - - if p.Config.SSHCommonArgs != "" { - args = append(args, "--ssh-common-args", p.Config.SSHCommonArgs) - } - - if p.Config.SFTPExtraArgs != "" { - args = append(args, "--sftp-extra-args", p.Config.SFTPExtraArgs) - } - - if p.Config.SCPExtraArgs != "" { - args = append(args, "--scp-extra-args", p.Config.SCPExtraArgs) - } - - if p.Config.SSHExtraArgs != "" { - args = append(args, "--ssh-extra-args", p.Config.SSHExtraArgs) - } - - if p.Config.Become { - args = append(args, "--become") - } - - if p.Config.BecomeMethod != "" { - args = append(args, "--become-method", p.Config.BecomeMethod) - } - - if p.Config.BecomeUser != "" { - args = append(args, "--become-user", p.Config.BecomeUser) - } - - if p.Config.Verbose > 0 { - args = append(args, fmt.Sprintf("-%s", strings.Repeat("v", p.Config.Verbose))) - } - - args = append(args, p.Config.Playbooks...) - - return exec.Command( - "ansible-playbook", - args..., - ) -} - -func trace(cmd *exec.Cmd) { - fmt.Println("$", strings.Join(cmd.Args, " ")) -}