Switch from Makefile to Taskfile.yml (using go-task)
Also use consul, nomad, vagrant and asciidoctor inside container.
This commit is contained in:
parent
e9d702563b
commit
59ee8750b3
11
Makefile
11
Makefile
|
@ -1,11 +0,0 @@
|
|||
.DEFAULT_GOAL := jsonnet
|
||||
|
||||
# Requires the Go implementation of Jsonnet
|
||||
.PHONY: jsonnet
|
||||
jsonnet:
|
||||
@find . -name "*.jsonnet" -o -name "*.libsonnet" -type f | xargs -I{} sh -c 'jsonnet-lint {} && jsonnetfmt -i {}'
|
||||
@find . -name "*.jsonnet" -type f | xargs -I{} sh ./scripts/jsonnet2yaml.sh {}
|
||||
|
||||
.PHONY: lint
|
||||
lint:
|
||||
@ansible-lint ./playbooks/
|
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
version: '3'
|
||||
|
||||
silent: true
|
||||
|
||||
tasks:
|
||||
ansible-lint:
|
||||
cmd: ansible-lint ./playbooks/
|
||||
desc: Lint Ansible playbooks
|
||||
|
||||
jsonnet-lint:
|
||||
cmd: |-
|
||||
find . \
|
||||
-name "*.jsonnet" \
|
||||
-o -name "*.libsonnet" \
|
||||
-type f \
|
||||
| xargs -I{} sh -c 'jsonnet-lint {} && jsonnetfmt -i {}'
|
||||
desc: Lint and format Jsonnet files
|
||||
|
||||
lint:
|
||||
deps:
|
||||
- ansible-lint
|
||||
- jsonnet-lint
|
||||
desc: Run various linting tasks
|
||||
|
||||
jsonnet:
|
||||
aliases:
|
||||
- default
|
||||
deps:
|
||||
- jsonnet-lint
|
||||
cmd: |-
|
||||
find . \
|
||||
-name "*.jsonnet" \
|
||||
-type f \
|
||||
| xargs -I{} sh ./scripts/jsonnet2yaml.sh {}
|
||||
desc: Generate YAML Ansible tasks from Jsonnet sources
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
collections:
|
||||
- name: community.general
|
||||
- name: containers.podman
|
||||
|
|
|
@ -66,6 +66,11 @@ local docker_images =
|
|||
image: 'gcr.io/bazel-public/bazel',
|
||||
tag: '6.4.0',
|
||||
},
|
||||
{
|
||||
name: 'asciidoctor',
|
||||
image: 'docker.io/asciidoctor/docker-asciidoctor',
|
||||
tag: '1.58.0',
|
||||
},
|
||||
{
|
||||
name: 'terraform',
|
||||
image: 'docker.io/hashicorp/terraform',
|
||||
|
@ -78,6 +83,16 @@ local docker_images =
|
|||
tag: '1.15.1',
|
||||
args: hashicorp_args,
|
||||
},
|
||||
{
|
||||
name: 'consul',
|
||||
image: 'docker.io/hashicorp/consul',
|
||||
tag: '1.16.2',
|
||||
},
|
||||
{
|
||||
name: 'nomad',
|
||||
image: 'docker.io/hashicorp/nomad',
|
||||
tag: '1.6.2',
|
||||
},
|
||||
];
|
||||
|
||||
std.manifestYamlDoc([docker_to_apptainer(x) for x in docker_images])
|
||||
|
|
|
@ -25,6 +25,28 @@
|
|||
name: apptainer | Create bazel-apptainer launch script
|
||||
name: apptainer | Create bazel environment
|
||||
tags: bazel-apptainer
|
||||
- block:
|
||||
- command:
|
||||
cmd: rm -rf ~/.local/libexec/asciidoctor.sif
|
||||
removes: ~/.local/libexec/asciidoctor.sif
|
||||
name: apptainer | Clean old asciidoctor.sif file
|
||||
- command:
|
||||
cmd: /usr/bin/apptainer pull ~/.local/libexec/asciidoctor.sif docker://docker.io/asciidoctor/docker-asciidoctor:1.58.0
|
||||
creates: ~/.local/libexec/asciidoctor.sif
|
||||
removes: /usr/bin/apptainer
|
||||
name: apptainer | Pull and build asciidoctor.sif file
|
||||
- copy:
|
||||
content: |
|
||||
#!/bin/sh
|
||||
TERM=xterm-256color \
|
||||
exec apptainer --silent --quiet exec \
|
||||
--ipc --no-eval --no-privs --unsquash --userns --uts --pid --cleanenv \
|
||||
~/.local/libexec/asciidoctor.sif asciidoctor "$@"
|
||||
dest: ~/.local/bin/asciidoctor
|
||||
mode: "755"
|
||||
name: apptainer | Create asciidoctor-apptainer launch script
|
||||
name: apptainer | Create asciidoctor environment
|
||||
tags: asciidoctor-apptainer
|
||||
- block:
|
||||
- command:
|
||||
cmd: rm -rf ~/.local/libexec/terraform.sif
|
||||
|
@ -69,3 +91,47 @@
|
|||
name: apptainer | Create vault-apptainer launch script
|
||||
name: apptainer | Create vault environment
|
||||
tags: vault-apptainer
|
||||
- block:
|
||||
- command:
|
||||
cmd: rm -rf ~/.local/libexec/consul.sif
|
||||
removes: ~/.local/libexec/consul.sif
|
||||
name: apptainer | Clean old consul.sif file
|
||||
- command:
|
||||
cmd: /usr/bin/apptainer pull ~/.local/libexec/consul.sif docker://docker.io/hashicorp/consul:1.16.2
|
||||
creates: ~/.local/libexec/consul.sif
|
||||
removes: /usr/bin/apptainer
|
||||
name: apptainer | Pull and build consul.sif file
|
||||
- copy:
|
||||
content: |
|
||||
#!/bin/sh
|
||||
TERM=xterm-256color \
|
||||
exec apptainer --silent --quiet exec \
|
||||
--ipc --no-eval --no-privs --unsquash --userns --uts --pid --cleanenv \
|
||||
~/.local/libexec/consul.sif consul "$@"
|
||||
dest: ~/.local/bin/consul
|
||||
mode: "755"
|
||||
name: apptainer | Create consul-apptainer launch script
|
||||
name: apptainer | Create consul environment
|
||||
tags: consul-apptainer
|
||||
- block:
|
||||
- command:
|
||||
cmd: rm -rf ~/.local/libexec/nomad.sif
|
||||
removes: ~/.local/libexec/nomad.sif
|
||||
name: apptainer | Clean old nomad.sif file
|
||||
- command:
|
||||
cmd: /usr/bin/apptainer pull ~/.local/libexec/nomad.sif docker://docker.io/hashicorp/nomad:1.6.2
|
||||
creates: ~/.local/libexec/nomad.sif
|
||||
removes: /usr/bin/apptainer
|
||||
name: apptainer | Pull and build nomad.sif file
|
||||
- copy:
|
||||
content: |
|
||||
#!/bin/sh
|
||||
TERM=xterm-256color \
|
||||
exec apptainer --silent --quiet exec \
|
||||
--ipc --no-eval --no-privs --unsquash --userns --uts --pid --cleanenv \
|
||||
~/.local/libexec/nomad.sif nomad "$@"
|
||||
dest: ~/.local/bin/nomad
|
||||
mode: "755"
|
||||
name: apptainer | Create nomad-apptainer launch script
|
||||
name: apptainer | Create nomad environment
|
||||
tags: nomad-apptainer
|
||||
|
|
|
@ -1,37 +1,10 @@
|
|||
local images = ['ltex-ls', 'translate-shell', 'marksman'];
|
||||
|
||||
// Special container images
|
||||
local aports_dev = {
|
||||
local name = 'aports-dev',
|
||||
local normalized_name = 'aports_dev',
|
||||
|
||||
name: 'podman | Create aports development environment',
|
||||
tags: name,
|
||||
block: [
|
||||
{
|
||||
name: 'podman | Get current date as ' + name + "'s image tag",
|
||||
command: '/bin/date -u "+%Y-%m-%d"',
|
||||
changed_when: false,
|
||||
register: normalized_name + '_version',
|
||||
},
|
||||
{
|
||||
name: 'podman | Build ' + name + ' container image',
|
||||
'containers.podman.podman_image': {
|
||||
name: name,
|
||||
path: '{{ role_path }}/build_dirs/' + name,
|
||||
tag: '{{ ' + normalized_name + '_version.stdout }}',
|
||||
state: 'present',
|
||||
},
|
||||
},
|
||||
{
|
||||
name: 'podman | Install ' + name + ' wrapper script',
|
||||
template: {
|
||||
src: name + '.j2',
|
||||
dest: '~/.local/bin/' + name,
|
||||
mode: '755',
|
||||
},
|
||||
},
|
||||
],
|
||||
local copy_script(name) = {
|
||||
name: 'podman | Install ' + name + ' wrapper script',
|
||||
template: {
|
||||
src: name + '.j2',
|
||||
dest: '~/.local/bin/' + name,
|
||||
mode: '755',
|
||||
},
|
||||
};
|
||||
|
||||
local podman(name) = std.prune(
|
||||
|
@ -52,16 +25,62 @@ local podman(name) = std.prune(
|
|||
state: 'present',
|
||||
},
|
||||
},
|
||||
{
|
||||
name: 'podman | Install ' + name + ' wrapper script',
|
||||
template: {
|
||||
src: name + '.j2',
|
||||
dest: '~/.local/bin/' + name,
|
||||
mode: '755',
|
||||
},
|
||||
},
|
||||
copy_script(name),
|
||||
],
|
||||
}
|
||||
);
|
||||
|
||||
std.manifestYamlDoc([podman(x) for x in images] + [aports_dev])
|
||||
// Special container images
|
||||
local special_containers = [
|
||||
{
|
||||
local name = 'aports-dev',
|
||||
local normalized_name = 'aports_dev',
|
||||
|
||||
name: 'podman | Create aports development environment',
|
||||
tags: name,
|
||||
block: [
|
||||
{
|
||||
name: 'podman | Get current date as ' + name + "'s image tag",
|
||||
command: '/bin/date -u "+%Y-%m-%d"',
|
||||
changed_when: false,
|
||||
register: normalized_name + '_version',
|
||||
},
|
||||
{
|
||||
name: 'podman | Build ' + name + ' container image',
|
||||
'containers.podman.podman_image': {
|
||||
name: name,
|
||||
path: '{{ role_path }}/build_dirs/' + name,
|
||||
tag: '{{ ' + normalized_name + '_version.stdout }}',
|
||||
state: 'present',
|
||||
},
|
||||
},
|
||||
copy_script(name),
|
||||
],
|
||||
},
|
||||
{
|
||||
local name = 'vagrant',
|
||||
|
||||
name: 'podman | Create ' + name + 'shim',
|
||||
tags: name,
|
||||
vars: {
|
||||
vagrant_image_repository: 'docker.io/vagrantlibvirt/vagrant-libvirt',
|
||||
vagrant_image_tag: 'latest-slim',
|
||||
},
|
||||
block: [
|
||||
{
|
||||
name: 'podman | Keep vagrant Docker image up-to-date',
|
||||
'containers.podman.podman_image': {
|
||||
name: '{{ vagrant_image_repository }}',
|
||||
tag: '{{ vagrant_image_tag }}',
|
||||
force: true,
|
||||
},
|
||||
},
|
||||
copy_script(name),
|
||||
],
|
||||
},
|
||||
];
|
||||
|
||||
// Images to be built in a uniform way
|
||||
local images = ['ltex-ls', 'translate-shell', 'marksman'];
|
||||
|
||||
std.manifestYamlDoc([podman(x) for x in images] + special_containers)
|
||||
|
|
|
@ -69,3 +69,19 @@
|
|||
src: aports-dev.j2
|
||||
name: podman | Create aports development environment
|
||||
tags: aports-dev
|
||||
- block:
|
||||
- containers.podman.podman_image:
|
||||
force: true
|
||||
name: '{{ vagrant_image_repository }}'
|
||||
tag: '{{ vagrant_image_tag }}'
|
||||
name: podman | Keep vagrant Docker image up-to-date
|
||||
- name: podman | Install vagrant wrapper script
|
||||
template:
|
||||
dest: ~/.local/bin/vagrant
|
||||
mode: "755"
|
||||
src: vagrant.j2
|
||||
name: podman | Create vagrantshim
|
||||
tags: vagrant
|
||||
vars:
|
||||
vagrant_image_repository: docker.io/vagrantlibvirt/vagrant-libvirt
|
||||
vagrant_image_tag: latest-slim
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
podman run \
|
||||
exec podman run \
|
||||
--cap-drop ALL \
|
||||
--security-opt no-new-privileges \
|
||||
--read-only-tmpfs \
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
podman run \
|
||||
exec podman run \
|
||||
--cap-drop ALL \
|
||||
--security-opt no-new-privileges \
|
||||
--read-only-tmpfs \
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/sh
|
||||
|
||||
podman run \
|
||||
exec podman run \
|
||||
--cap-drop ALL \
|
||||
--cap-add NET_RAW \
|
||||
--security-opt no-new-privileges \
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Source: https://vagrant-libvirt.github.io/vagrant-libvirt/installation.html
|
||||
|
||||
exec podman run \
|
||||
--rm -it \
|
||||
-e LIBVIRT_DEFAULT_URI \
|
||||
-e CHECKPOINT_DISABLE=true \
|
||||
-e VAGRANT_BOX_UPDATE_CHECK_DISABLE=true \
|
||||
-v /var/run/libvirt:/var/run/libvirt \
|
||||
-v ~/.vagrant.d:/.vagrant.d \
|
||||
-v "$(realpath "$PWD")":"$PWD" \
|
||||
-w "$PWD" \
|
||||
--network host \
|
||||
--entrypoint /bin/bash \
|
||||
--security-opt label=disable \
|
||||
{{ vagrant_image_repository }}:{{ vagrant_image_tag }} \
|
||||
vagrant "$@"
|
|
@ -74,7 +74,7 @@ local packages =
|
|||
{ name: 'zk', url: 'github.com/mickael-menu/zk' },
|
||||
{ name: 'mods', url: 'github.com/charmbracelet/mods' },
|
||||
|
||||
// Nicety Pulumi stuff
|
||||
// Nifty Pulumi stuff
|
||||
{ name: 'crd2pulumi', url: 'github.com/pulumi/crd2pulumi' },
|
||||
{ name: 'schema-tools', url: 'github.com/pulumi/schema-tools' },
|
||||
{ name: 'kubespy', url: 'github.com/pulumi/kubespy' },
|
||||
|
|
|
@ -29,13 +29,6 @@
|
|||
cabal_arguments: --overwrite-policy=always --enable-library-stripping --enable-executable-stripping
|
||||
import_tasks: haskell-packages.yml
|
||||
|
||||
- name: packages | Install Ruby packages with gem
|
||||
tags: [gem, ruby]
|
||||
environment:
|
||||
GEM_HOME: '{{ ansible_env.HOME }}/.local/share/gem'
|
||||
GEM_SPEC_CACHE: '{{ ansible_env.HOME }}/.cache/gem'
|
||||
import_tasks: ruby-packages.yml
|
||||
|
||||
- name: packages | Install Python packages with pip
|
||||
tags: [pip, python]
|
||||
vars:
|
||||
|
@ -49,10 +42,6 @@
|
|||
PYENV_ROOT: '{{ ansible_env.HOME }}/.local/share/pyenv'
|
||||
import_tasks: pyenv.yml
|
||||
|
||||
- name: packages | Install vagrant
|
||||
tags: vagrant
|
||||
import_tasks: vagrant.yml
|
||||
|
||||
- name: packages | Install system packages
|
||||
tags: apk
|
||||
become: true
|
||||
|
@ -79,3 +68,4 @@
|
|||
- https://github.com/helm/helm-mapkubeapis.git
|
||||
- https://github.com/hypnoglow/helm-s3.git
|
||||
- https://github.com/jkroepke/helm-secrets.git
|
||||
- https://github.com/chartmuseum/helm-push.git
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
repo: 'https://github.com/pyenv/{{ item }}.git'
|
||||
dest: '{{ ansible_env.PYENV_ROOT }}/plugins/{{ item }}'
|
||||
loop:
|
||||
- pyenv-ccache # requires `ccache` package installed
|
||||
- pyenv-update
|
||||
- pyenv-virtualenv
|
||||
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
- name: packages | Install asciidoctor-diagram
|
||||
community.general.gem:
|
||||
name: asciidoctor-diagram
|
||||
norc: true
|
||||
state: latest
|
||||
tags: asciidoctor-diagram
|
|
@ -1,42 +0,0 @@
|
|||
---
|
||||
- name: vagrant | Install system dependencies
|
||||
community.general.apk:
|
||||
name: libvirt-dev, ruby-bundler, ruby-dev
|
||||
state: present
|
||||
tags: system
|
||||
become: true
|
||||
|
||||
- name: vagrant | Clone vagant repository
|
||||
git:
|
||||
depth: 1
|
||||
repo: https://github.com/hashicorp/vagrant.git
|
||||
dest: '{{ vagrant_dir }}'
|
||||
|
||||
- name: vagrant | Build vagrant
|
||||
community.general.bundler:
|
||||
chdir: '{{ vagrant_dir }}'
|
||||
state: present
|
||||
gem_path: vendor
|
||||
binstub_directory: exec
|
||||
|
||||
- name: vagrant | Symlink vagrant executable
|
||||
file:
|
||||
src: '{{ vagrant_dir }}/exec/vagrant'
|
||||
dest: ~/.local/bin/vagrant
|
||||
state: link
|
||||
|
||||
- name: vagrant | Check whether vagrant-libvirt plugin is installed
|
||||
shell:
|
||||
cmd: ~/.local/bin/vagrant plugin list | grep -qF 'vagrant-libvirt'
|
||||
removes: ~/.local/bin/vagrant
|
||||
register: vagrant_plugin_check
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: vagrant | Install vagrant-libvirt plugin
|
||||
command:
|
||||
cmd: ~/.local/bin/vagrant plugin install vagrant-libvirt
|
||||
removes: ~/.local/bin/vagrant
|
||||
when: vagrant_plugin_check.rc == 1
|
||||
environment:
|
||||
CONFIGURE_ARGS: with-libvirt-include=/usr/include/libvirt with-libvirt-lib=/usr/lib
|
|
@ -2,7 +2,7 @@
|
|||
- name: check | Import accepted values for defined variables
|
||||
include_vars:
|
||||
name: accepted_vals
|
||||
file: ../requirements/accepted_variables.yml
|
||||
file: ../requirements/assert.yml
|
||||
|
||||
- name: check | Defined variable values
|
||||
fail:
|
||||
|
|
Loading…
Reference in New Issue