diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..73a203f --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,7 @@ +--- +exclude_paths: + - .cache/ + - .github/ + - secrets/ + - vars/ + - playbooks/ diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 07f17ef..cd895a7 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -11,10 +11,25 @@ permissions: pull-requests: write jobs: + lint: + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v4 + + - name: setup python + uses: actions/setup-python@v5 + with: + python-version: '3.13' + + - name: pre-commit + uses: pre-commit/action@v3.0.1 + check: runs-on: ubuntu-latest container: image: ghcr.io/makeitworkcloud/runner:latest + needs: [lint] env: SOPS_AGE_KEY: ${{ secrets.SOPS_AGE_KEY }} ANSIBLE_VAULT_PASSWORD_FILE: ./scripts/vault.bash @@ -27,9 +42,6 @@ jobs: - name: dependencies run: ansible-galaxy collection install -r requirements.yml - - name: lint - run: pre-commit run --all-files - - name: check id: check continue-on-error: true diff --git a/.gitignore b/.gitignore index d17f39f..0a47f07 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ **/*.ansible **/*.swp **/*.log -**/1 \ No newline at end of file +**/1 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 24b95ae..c60e3c3 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,4 +1,9 @@ repos: + - repo: https://github.com/compilerla/conventional-pre-commit + rev: v4.0.0 + hooks: + - id: conventional-pre-commit + stages: [commit-msg] - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: @@ -8,12 +13,12 @@ repos: - id: check-vcs-permalinks - id: destroyed-symlinks - id: detect-private-key + - id: end-of-file-fixer - id: mixed-line-ending + - id: trailing-whitespace - repo: https://github.com/ansible/ansible-lint rev: v25.12.1 hooks: - id: ansible-lint - language_version: python3 additional_dependencies: - ansible - args: [--exclude=secrets/, --exclude=vars/] diff --git a/.setup_project.yml b/.setup_project.yml index d49c4e1..e4ff7ab 100644 --- a/.setup_project.yml +++ b/.setup_project.yml @@ -1,7 +1,7 @@ #!/usr/bin/env ansible-playbook # File: .setup_project.yml # GitHub: https://github.com/makeitworkcloud/ansible-project-libvirt -# Description: Creates the libvirt project in Ansible Automation Platform (AAP). +# Description: Creates the libvirt project in AWX. # Author: # _| # _| _| _|_|_| _|_| _|_|_|_| _|_| @@ -17,14 +17,12 @@ community.sops.load_vars: file: secrets/secrets.yaml -- name: Deploy AAP content +- name: Deploy AWX content hosts: localhost gather_facts: false - environment: - CONTROLLER_OPTIONAL_API_URLPATTERN_PREFIX: /api/controller/ vars: - aap_project_name: libvirt - aap_organization: Default + awx_project_name: libvirt + awx_organization: Default module_defaults: group/awx.awx.controller: controller_host: "{{ controller_host }}" @@ -34,9 +32,9 @@ tasks: - name: Create project awx.awx.project: - name: "{{ aap_project_name }}" + name: "{{ awx_project_name }}" description: "Managed by ansible-project-libvirt" - organization: "{{ aap_organization }}" + organization: "{{ awx_organization }}" scm_type: git scm_url: https://github.com/makeitworkcloud/ansible-project-libvirt.git scm_update_on_launch: false @@ -44,31 +42,31 @@ - name: Sync project awx.awx.project_update: - name: "{{ aap_project_name }}" + name: "{{ awx_project_name }}" wait: true timeout: 300 when: not ansible_check_mode - name: Create inventory awx.awx.inventory: - name: "{{ aap_project_name }}" + name: "{{ awx_project_name }}" description: "Managed by ansible-project-libvirt" - organization: "{{ aap_organization }}" + organization: "{{ awx_organization }}" state: present - name: Add libvirt host to inventory awx.awx.host: name: "{{ libvirt_host }}" - inventory: "{{ aap_project_name }}" + inventory: "{{ awx_project_name }}" variables: ansible_host: "{{ libvirt_fqdn }}" state: present - name: Create SSH credential awx.awx.credential: - name: "{{ aap_project_name }} SSH" + name: "{{ awx_project_name }} SSH" description: "SSH key for libvirt host" - organization: "{{ aap_organization }}" + organization: "{{ awx_organization }}" credential_type: Machine inputs: username: "{{ libvirt_ssh_user }}" @@ -77,9 +75,9 @@ - name: Create Vault credential awx.awx.credential: - name: "{{ aap_project_name }} Vault" + name: "{{ awx_project_name }} Vault" description: "Ansible Vault password" - organization: "{{ aap_organization }}" + organization: "{{ awx_organization }}" credential_type: Vault inputs: vault_password: "{{ vault_password }}" @@ -97,14 +95,14 @@ awx.awx.job_template: name: "{{ item.path | basename | regex_replace('\\.ya?ml$', '') }}" description: "Job template for {{ item.path | basename }}" - organization: "{{ aap_organization }}" - project: "{{ aap_project_name }}" - inventory: "{{ aap_project_name }}" + organization: "{{ awx_organization }}" + project: "{{ awx_project_name }}" + inventory: "{{ awx_project_name }}" playbook: "playbooks/{{ item.path | basename }}" job_type: run credentials: - - "{{ aap_project_name }} SSH" - - "{{ aap_project_name }} Vault" + - "{{ awx_project_name }} SSH" + - "{{ awx_project_name }} Vault" state: present loop: "{{ found_playbooks.files }}" loop_control: diff --git a/Makefile b/Makefile index d16bc03..917259c 100644 --- a/Makefile +++ b/Makefile @@ -13,4 +13,4 @@ apply: @ANSIBLE_VAULT_PASSWORD_FILE=$(ANSIBLE_VAULT_PASSWORD_FILE) ANSIBLE_LOCALHOST_WARNING=$(ANSIBLE_LOCALHOST_WARNING) ANSIBLE_INVENTORY_UNPARSED_WARNING=$(ANSIBLE_INVENTORY_UNPARSED_WARNING) ansible-playbook .setup_project.yml commit: - @ANSIBLE_VAULT_PASSWORD_FILE=$(ANSIBLE_VAULT_PASSWORD_FILE) git commit \ No newline at end of file + @ANSIBLE_VAULT_PASSWORD_FILE=$(ANSIBLE_VAULT_PASSWORD_FILE) git commit