From 70fe486bd0181aabb03874c5562eb9f894cb5542 Mon Sep 17 00:00:00 2001
From: Sergey Antropoff <sergey@antropoff.ru>
Date: Mon, 17 Mar 2025 13:45:21 +0300
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20ma?=
 =?UTF-8?q?ke=20release=20=D0=B4=D0=BB=D1=8F=20=D1=80=D0=B5=D0=BB=D0=B8?=
 =?UTF-8?q?=D0=B7=D0=B0=20=D0=BA=D0=BE=D0=BD=D1=82=D0=B5=D0=B9=D0=BD=D0=B5?=
 =?UTF-8?q?=D1=80=D0=B0=20=D0=B2=20=D0=B4=D0=BE=D0=BA=D0=B5=D1=80=20=D1=80?=
 =?UTF-8?q?=D0=B5=D0=B4=D0=B6=D0=B8=D1=81=D1=82=D1=80=D0=B8=20+=20=D0=B4?=
 =?UTF-8?q?=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20=D0=B2=D0=BE=D0=B7=D0=BC?=
 =?UTF-8?q?=D0=BE=D0=B6=D0=BD=D0=BE=D1=81=D1=82=D1=8C=20=D0=B2=D1=8B=D0=B1?=
 =?UTF-8?q?=D0=BE=D1=80=D0=B0=20=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D1=8B=20?=
 =?UTF-8?q?=D1=81=20docker-compose=20=D0=B4=D0=BB=D1=8F=20=D0=BB=D0=BE?=
 =?UTF-8?q?=D0=BA=D0=B0=D0=BB=D1=8C=D0=BD=D0=BE=D0=B9=20=D1=80=D0=B0=D0=B7?=
 =?UTF-8?q?=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D1=82=D0=BA=D0=B8=20=D0=B8=20?=
 =?UTF-8?q?=D0=B7=D0=B0=D0=BF=D1=83=D1=81=D0=BA=20=D1=87=D0=B5=D1=80=D0=B5?=
 =?UTF-8?q?=D0=B7=20docker=20=D0=B4=D0=BB=D1=8F=20CI/CD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Makefile         | 56 +++++++++++++++++++++++++++++++++---------------
 README.md        |  1 +
 vars/secrets.yml | 10 ++++-----
 3 files changed, 45 insertions(+), 22 deletions(-)

diff --git a/Makefile b/Makefile
index a4820db..b636f9c 100644
--- a/Makefile
+++ b/Makefile
@@ -2,23 +2,49 @@
 IMAGE ?= ansible
 TAG ?= 0.1
 REGISTRY ?= hub.cism-ms.ru
+# По умолчанию используем docker. Для локальной разработки используйте docker-compose
+RUN_MODE ?= docker
+
+# Определение команды RUN в зависимости от RUN_MODE
+ifeq ($(RUN_MODE), docker-compose)
+  RUN = docker compose run --rm $(IMAGE)
+else ifeq ($(RUN_MODE), docker)
+  RUN = docker run -it --rm \
+    --name $(IMAGE) \
+    -v $(PWD):/ansible \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -e ANSIBLE_VAULT_PASSWORD_FILE=/ansible/vault-password.txt \
+    --privileged \
+    --workdir /ansible \
+    $(REGISTRY)/ansible/$(IMAGE)
+else
+  $(error Invalid RUN_MODE. Use "docker-compose" or "docker")
+endif
 
 view create edit show delete test lint deploy new:
 	@true
 
 ####################################################################################################
-# Управление контейнерами с помощью docker compose
+# Управление контейнерами с помощью docker compose или docker run
 ####################################################################################################
 # Сборка docker-образов
 build:
 	cp ~/.ssh/id_rsa .
+ifeq ($(RUN_MODE), docker-compose)
 	docker compose build $(c)
+else
+	docker build -t $(REGISTRY)/ansible/$(IMAGE) .
+endif
 	rm id_rsa
 
 # Пересборка docker-образов
 rebuild:
 	cp ~/.ssh/id_rsa .
+ifeq ($(RUN_MODE), docker-compose)
 	docker compose build --no-cache $(c)
+else
+	docker build --no-cache -t $(REGISTRY)/ansible/$(IMAGE) .
+endif
 	rm id_rsa
 
 # Удаление docker-контейнеров с полной очисткой неактивных контейнеров
@@ -31,20 +57,18 @@ release:
 	docker buildx build -t $(REGISTRY)/ansible/$(IMAGE):$(TAG) --platform linux/amd64,linux/arm64 --push .
 	rm id_rsa
 
-
 ####################################################################################################
 # Работа с ролью
 ####################################################################################################
 vault:
 	@case "$(word 2, $(MAKECMDGOALS))" in \
-		show) docker compose run --rm ansible bash -c "ansible-vault view --vault-password-file vault-password.txt vars/secrets.yml";; \
-		create) docker compose run --rm ansible bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt vars/secrets.yml";; \
-		edit) docker compose run --rm ansible bash -c "ansible-vault edit --vault-password-file vault-password.txt vars/secrets.yml";; \
-		delete) docker compose run --rm ansible bash -c "rm vars/secrets.yml";; \
+		show) $(RUN) bash -c "ansible-vault view --vault-password-file vault-password.txt vars/secrets.yml";; \
+		create) $(RUN) bash -c "ansible-vault create --encrypt-vault-id default --vault-password-file vault-password.txt vars/secrets.yml";; \
+		edit) $(RUN) bash -c "ansible-vault edit --vault-password-file vault-password.txt vars/secrets.yml";; \
+		delete) $(RUN) bash -c "rm vars/secrets.yml";; \
 		*) echo "Unknown action";; \
 	esac
 
-
 role:
 	@case "$(word 2, $(MAKECMDGOALS))" in \
 		new) \
@@ -61,21 +85,19 @@ role:
 		lint) \
 			clear; \
 			echo "Check your role..."; \
-			docker compose run --rm ansible bash -c "ansible-vault decrypt --vault-password-file vault-password.txt vars/secrets.yml"; \
-			docker compose run --rm ansible bash -c "ansible-lint roles/*"; \
-			echo " "; \
-			docker compose run --rm ansible bash -c "ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt";; \
+			$(RUN) bash -c "ansible-vault decrypt --vault-password-file vault-password.txt vars/secrets.yml"; \
+			$(RUN) bash -c "ansible-lint roles/*"; \
+			$(RUN) bash -c "ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt";; \
 		test) \
 			clear; \
 			echo "Running test roles..."; \
-			docker compose run --rm ansible bash -c "ansible-vault decrypt --vault-password-file vault-password.txt vars/secrets.yml"; \
-			docker compose run --rm ansible bash -c "molecule test --parallel"; \
-			echo " "; \
-			docker compose run --rm ansible bash -c "ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt";; \
+			$(RUN) bash -c "ansible-vault decrypt --vault-password-file vault-password.txt vars/secrets.yml"; \
+			$(RUN) bash -c "molecule test --parallel"; \
+			$(RUN) bash -c "ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt";; \
 		deploy) \
 			clear; \
 			echo "Deploying roles to production..."; \
-			docker compose run --rm ansible bash -c "ansible-playbook /ansible/roles/deploy.yaml";; \
+			$(RUN) bash -c "ansible-playbook /ansible/roles/deploy.yaml";; \
 		*) echo "Unknown action";; \
 	esac
 
@@ -93,4 +115,4 @@ push:
 	echo "Изменения внесены в Git"
 
 pull:
-	git pull
+	git pull
\ No newline at end of file
diff --git a/README.md b/README.md
index e758d17..b4d2b17 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,7 @@
 - **make build** - создание контейнера
 - **make rebuild** - пересоздание контейнера, если были внесены изменения в Dockerfile
 - **make prune** - очистить систему от лишних образов 
+- **make release** - собирает образ контейнера и пушит его в докер реджистри
 
 ### Работа с ролью
 - **make role new** - создать новую роль из шаблона. Название роли пишется на английском, описание роли на любом языке
diff --git a/vars/secrets.yml b/vars/secrets.yml
index 92757ea..ddbbc03 100644
--- a/vars/secrets.yml
+++ b/vars/secrets.yml
@@ -1,6 +1,6 @@
 $ANSIBLE_VAULT;1.1;AES256
-30376237306137343436646138333634613432346133323130646136633466643964336637306434
-3963303237623565666462393234653266333036363538370a643739633530313766363035633266
-37623335383861333034653064613865396332653561356333346333373533353561663431323539
-6365636662376666380a636332333435636662303732623531613661313835376636383664373534
-30363830383731666334653635366236323262326432326338366237383533366231
+64643732316637616663343739653439343061343163633365653364303163616365323038633733
+6331663939323536363830643332343434316265643363370a653034323061303632353163663362
+33353639336631633663643337356238333631363166643961346431633137356236323562363361
+3431366263393334300a303461643261363465613931633061366635623162353664343264393932
+35653434646636663831623431656231393630616331623863643132663466323636