fix2
This commit is contained in:
54
Dockerfile
54
Dockerfile
@@ -1,18 +1,52 @@
|
||||
FROM python:3.9-slim
|
||||
# Use the official Python 3.12.9 Bullseye image as the base
|
||||
FROM python:3.12.9-bullseye
|
||||
|
||||
# Устанавливаем зависимости
|
||||
RUN apt-get update && apt-get install -y \
|
||||
# Set environment variables
|
||||
ENV PYTHONUNBUFFERED=1
|
||||
|
||||
# Install system dependencies
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
git \
|
||||
curl \
|
||||
docker.io \
|
||||
docker-compose \
|
||||
ssh \
|
||||
gcc \
|
||||
libffi-dev \
|
||||
libssl-dev \
|
||||
make \
|
||||
sudo \
|
||||
sshpass \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
RUN pip3 install --no-cache-dir ansible ansible-lint ansible-vault molecule docker molecule-docker
|
||||
# Install Docker CLI
|
||||
RUN apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
curl \
|
||||
gnupg \
|
||||
lsb-release \
|
||||
&& mkdir -p /etc/apt/keyrings \
|
||||
&& curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
|
||||
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian bullseye stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
|
||||
&& apt-get update && \
|
||||
apt-get install -y --no-install-recommends \
|
||||
docker-ce-cli \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Устанавливаем Docker CLI
|
||||
RUN curl -fsSL https://get.docker.com | sh
|
||||
|
||||
# Install Python dependencies for Ansible and Molecule
|
||||
RUN pip install --upgrade pip && \
|
||||
pip install \
|
||||
ansible \
|
||||
ansible-lint \
|
||||
ansible-vault \
|
||||
molecule \
|
||||
molecule-docker \
|
||||
molecule-plugins ansible-compat \
|
||||
docker
|
||||
|
||||
|
||||
# Set the working directory
|
||||
WORKDIR /ansible
|
||||
ENTRYPOINT ["/bin/bash"]
|
||||
|
||||
# Default command
|
||||
CMD ["/bin/bash"]
|
||||
13
Makefile
13
Makefile
@@ -15,7 +15,7 @@ build:
|
||||
rebuild:
|
||||
docker compose build --no-cache $(c)
|
||||
docker compose down
|
||||
docker compose up -d
|
||||
# docker compose up -d
|
||||
|
||||
# Создание и запуск docker-контейнеров
|
||||
up:
|
||||
@@ -62,14 +62,17 @@ test: ## Запуск тестов с molecule
|
||||
docker compose run --rm ansible bash -c "molecule test"
|
||||
|
||||
lint: ## Проверка кода с ansible-lint
|
||||
docker compose run --rm ansible sh -c "ansible-lint roles/role"
|
||||
docker compose run --rm ansible bash -c "ansible-lint roles/role"
|
||||
|
||||
vault: ## Шифрование/дешифрование с ansible-vault
|
||||
docker compose run --rm ansible sh -c "ansible-vault edit --vault-password-file vault-password.txt vars/secrets.yml"
|
||||
vault_create: ## Шифрование/дешифрование с ansible-vault
|
||||
docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt roles/role/vars/secrets.yml"
|
||||
|
||||
vault_edit: ## Шифрование/дешифрование с ansible-vault
|
||||
docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt roles/role/vars/secrets.yml"
|
||||
|
||||
deploy: test ## Деплой на реальные машины, если тест прошел успешно
|
||||
@echo "Deploying roles to production..."
|
||||
docker compose run --rm ansible sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt"
|
||||
docker compose run --rm ansible /usr/bin/sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt"
|
||||
|
||||
####################################################################################################
|
||||
# Работа с Git
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
[defaults]
|
||||
inventory = /workspace/inventory
|
||||
vault_password_file = /workspace/vault_password_file
|
||||
remote_user = devops
|
||||
inventory = /ansible/inventory
|
||||
vault_password_file = /ansible/vault_password.txt
|
||||
remote_user = ansible
|
||||
host_key_checking = False
|
||||
enable_plugins = yaml, ini
|
||||
enable_plugins = yaml, ini
|
||||
roles_path = /ansible/roles
|
||||
@@ -4,6 +4,9 @@ services:
|
||||
container_name: ansible
|
||||
volumes:
|
||||
- .:/ansible
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
environment:
|
||||
- ANSIBLE_VAULT_PASSWORD_FILE=/ansible/vault-password.txt
|
||||
tty: true
|
||||
tty: true
|
||||
privileged: true
|
||||
working_dir: /ansible
|
||||
@@ -2,4 +2,4 @@
|
||||
- name: Converge
|
||||
hosts: all
|
||||
roles:
|
||||
- role: role
|
||||
- role: /ansible/roles/role
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
enabled: true
|
||||
options:
|
||||
requirements-file: /ansible/requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
|
||||
@@ -0,0 +1,11 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Install required packages
|
||||
debug:
|
||||
msg: "Hello, Prepare!"
|
||||
# apt:
|
||||
# name:
|
||||
# - git
|
||||
# state: present
|
||||
@@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: Install required packages
|
||||
debug:
|
||||
msg: "Hello, Verify!"
|
||||
@@ -1,5 +0,0 @@
|
||||
---
|
||||
- src: geerlingguy.nginx
|
||||
version: 3.1.0
|
||||
- src: geerlingguy.docker
|
||||
version: 6.0.1
|
||||
9
requirements.yml
Normal file
9
requirements.yml
Normal file
@@ -0,0 +1,9 @@
|
||||
---
|
||||
collections:
|
||||
- name: maxhoesel.proxmox
|
||||
version: 5.0.1
|
||||
- name: community.general
|
||||
version: 6.0.0
|
||||
- name: ansible.posix
|
||||
version: 1.4.0
|
||||
|
||||
Reference in New Issue
Block a user