diff --git a/Dockerfile b/Dockerfile index 627ecb5..9ddc0ef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,6 +3,7 @@ FROM python:3.12.9-bullseye # Set environment variables ENV PYTHONUNBUFFERED=1 +ENV EDITOR=nano # Install system dependencies RUN apt-get update && \ @@ -15,6 +16,8 @@ RUN apt-get update && \ make \ sudo \ sshpass \ + nano \ + less \ && rm -rf /var/lib/apt/lists/* # Install Docker CLI diff --git a/Makefile b/Makefile index 9502077..2b1a6c5 100644 --- a/Makefile +++ b/Makefile @@ -55,24 +55,34 @@ logs: shell: docker compose exec ansible bash +#################################################################################################### +# Работа с ролью +#################################################################################################### +view create edit view delete test lint deploy: + @true -.PHONY: test lint vault deploy +vault: + @case "$(word 2, $(MAKECMDGOALS))" in \ + view) docker compose run --rm ansible bash -c "ansible-vault view --vault-password-file vault-password.txt roles/role/vars/secrets.yml";; \ + create) docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt roles/role/vars/secrets.yml";; \ + edit) docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt roles/role/vars/secrets.yml";; \ + delete) docker compose run --rm ansible bash -c "rm roles/role/vars/secrets.yml";; \ + *) echo "Unknown action";; \ + esac -test: ## Запуск тестов с molecule - docker compose run --rm ansible bash -c "molecule test" - -lint: ## Проверка кода с ansible-lint - docker compose run --rm ansible bash -c "ansible-lint roles/role" - -vault_create: ## Шифрование/дешифрование с ansible-vault - docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt roles/role/vars/secrets.yml" - -vault_edit: ## Шифрование/дешифрование с ansible-vault - docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt roles/role/vars/secrets.yml" - -deploy: test ## Деплой на реальные машины, если тест прошел успешно - @echo "Deploying roles to production..." - docker compose run --rm ansible /usr/bin/sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt" +role: + @case "$(word 2, $(MAKECMDGOALS))" in \ + test) \ + echo "Running test roles..."; \ + docker compose run --rm ansible bash -c "molecule test";; \ + lint) \ + echo "Check your role..."; \ + docker compose run --rm ansible bash -c "ansible-lint roles/role";; \ + deploy) \ + echo "Deploying roles to production..."; \ + docker compose run --rm ansible /usr/bin/sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt";; \ + *) echo "Unknown action";; \ + esac #################################################################################################### # Работа с Git diff --git a/roles/role/vars/secrets.yml b/roles/role/vars/secrets.yml new file mode 100644 index 0000000..046de5c --- /dev/null +++ b/roles/role/vars/secrets.yml @@ -0,0 +1,6 @@ +$ANSIBLE_VAULT;1.1;AES256 +30363439326335316131303133653930363431336539356134363933656566663330366165616366 +6639353565306634613164636161353362643237353933610a323838666436363835303765323930 +62333364613535656138623233666635303934376234633937666131366239323436333334646666 +6364303839396532310a633636333665346538313931366666333665363163623966666236346666 +6464