tec3/ublue-forge
tec3/ublue-forge
1
0
Fork 0
mirror of https://github.com/ublue-os/forge.git synced 2025-04-27 16:54:38 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #27 from ublue-os/tepene/playbook-clone-build

Browse source 
feat: ansible playbooks for clone, build & push (#13)
This commit is contained in:
Stephan Lüscher 2024-05-01 20:58:05 +02:00 committed by GitHub
parent b0470d1610 c007e2b505
commit 9f1d816d57
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
15 changed files with 95 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.devcontainer/devcontainer.json
View file

@ -56,7 +56,8 @@
}, },
// Ansible configuration // Ansible configuration
"ansible.validation.enabled": true, "ansible.validation.enabled": true,
"ansible.validation.lint.arguments": "-c .ansible-lint", "ansible.validation.lint.arguments": "-c ansible/.ansible-lint",
"ansible.python.interpreterPath": "/usr/local/python/current/bin/python",
"ansible.ansible.reuseTerminal": true, "ansible.ansible.reuseTerminal": true,
"ansible.lightspeed.enabled": true, "ansible.lightspeed.enabled": true,
"ansible.lightspeed.suggestions.enabled": true, "ansible.lightspeed.suggestions.enabled": true,

10
.devcontainer/install-dev-tools.sh
View file

@ -35,11 +35,11 @@ echo -e "${YELLOW}Installing project dependencies${ENDCOLOR}"
echo "" echo ""
poetry install --no-root -C /workspaces/forge/ansible poetry install --no-root -C /workspaces/forge/ansible
# Install ansible dependencies Install ansible dependencies
# echo "" echo ""
# echo -e "${YELLOW}Installing ansible dependencies${ENDCOLOR}" echo -e "${YELLOW}Installing ansible dependencies${ENDCOLOR}"
# echo "" echo ""
# ansible-galaxy collection install -r /workspaces/forge/setup/ansible/collections/requirements.yml ansible-galaxy collection install -r /workspaces/forge/ansible/collections/requirements.yml
# Finish # Finish
echo "" echo ""

2
.vscode/cspell_custom.txt vendored
View file

@ -10,6 +10,7 @@ gitmessage
hostvars hostvars
keygen keygen
LAZYGIT LAZYGIT
lightspeed
lineinfile lineinfile
minica minica
Mountpoint Mountpoint
@ -19,6 +20,7 @@ Nosniff
nosnippet nosnippet
notranslate notranslate
pipx pipx
posix
Proto Proto
redirections redirections
rvproxy rvproxy

14
README.md
View file

@ -36,12 +36,20 @@ As an entry point for all components we use [Traefik](https://doc.traefik.io/tra
a reverse proxy. Based on URL routing it will redirect the traffic to the a reverse proxy. Based on URL routing it will redirect the traffic to the
right container instance. right container instance.
The reverse proxy dashboard is available at <https://traefik.ublue.local>
### Container Registry ### Container Registry
As container registry we make use of the [Docker Registry 2.0](https://hub.docker.com/_/registry/) As container registry we make use of the [Docker Registry 2.0](https://hub.docker.com/_/registry/)
implementation for storing and distributing container images implementation for storing and distributing container images
The container registry is available at `registry.ublue.local` The container registry API is available at <https://registry.ublue.local/v2>
### Anvil
The blacksmith's work is done with [Ansible](https://docs.ansible.com/ansible/latest/index.html).
The shiny GUI is missing but this should not shy us away. See [usage](#usage) for instructions.
## Handling the forge ## Handling the forge
@ -52,3 +60,7 @@ You can use the `forge.sh` to **setup**, **heat-up** and **cool-down** the forge
| `./forge.sh setup` | Setup the forge for the first time or update existing setup | | `./forge.sh setup` | Setup the forge for the first time or update existing setup |
| `./forge.sh heat-up` | Start the forge | | `./forge.sh heat-up` | Start the forge |
| `./forge.sh cool-down` | Stop the forge | | `./forge.sh cool-down` | Stop the forge |
### Usage
..tbd...

7
ansible/Containerfile
View file

@ -17,4 +17,9 @@ RUN pipx install poetry==${POETRY_VERSION}
WORKDIR /ansible WORKDIR /ansible
COPY . . COPY . .
RUN poetry install --no-root RUN poetry install --no-root
CMD poetry env use .venv/bin/python CMD poetry env use .venv/bin/python && \
chmod +x entrypoint.sh
RUN ansible-galaxy collection install -r collections/requirements.yml
# Set entrypoint
ENTRYPOINT [ "/ansible/entrypoint.sh" ]

4
ansible/ansible.cfg
View file

@ -11,8 +11,12 @@ library = ./library
private_key_file = /certs/ssh/ublue-os_forge-id_ed25519 private_key_file = /certs/ssh/ublue-os_forge-id_ed25519
# Console log settings # Console log settings
display_skipped_hosts = false display_skipped_hosts = false
# Use the YAML callback plugin.
stdout_callback = yaml
# Use the stdout_callback when running ad-hoc commands. # Use the stdout_callback when running ad-hoc commands.
bin_ansible_callbacks = True bin_ansible_callbacks = True
# Callback plugins
callbacks_enabled=ansible.posix.profile_tasks
# Skip SSH host key checking # Skip SSH host key checking
host_key_checking = False host_key_checking = False
# Disable cowsay # Disable cowsay

8
ansible/collections/requirements.yml Normal file
View file

@ -0,0 +1,8 @@
---
collections:
- name: ansible.posix
version: 1.5.4
- name: community.general
version: 8.6.0
- name: containers.podman
version: 1.13.0

3
ansible/entrypoint.sh Executable file
View file

@ -0,0 +1,3 @@
#! /bin/bash
## Keep container running
sleep infinity

10
ansible/group_vars/all.yml Normal file
View file

@ -0,0 +1,10 @@
---
# variables used for all groups and hosts
## container registry
forge_registry_url: registry.ublue.local
## Git
forge_git_repository_url: https://github.com/ublue-os/bluefin.git
forge_git_repository_destination: "{{ ansible_facts.env.HOME }}/ublue-os/forge/bluefin"
forge_git_repository_version: main

2
ansible/host_vars/host.ublue.local.yml Normal file
View file

@ -0,0 +1,2 @@
---
# variables used in playbooks with target host.ublue.local

17
ansible/playbooks/project_build.yml Normal file
View file

@ -0,0 +1,17 @@
---
- name: Build project
hosts: host.ublue.local
gather_facts: true
tasks:
- name: Build and push an image to registry
containers.podman.podman_image:
name: bluefin
tag: latest
path: "{{ forge_git_repository_destination }}"
build:
file: Containerfile
format: oci
pull: false
push: true
push_args:
dest: "{{ forge_registry_url }}"

10
ansible/playbooks/project_clone.yml Normal file
View file

@ -0,0 +1,10 @@
---
- name: Clone project
hosts: host.ublue.local
gather_facts: true
tasks:
- name: Clone project
ansible.builtin.git:
repo: "{{ forge_git_repository_url }}"
dest: "{{ forge_git_repository_destination }}"
version: "{{ forge_git_repository_version }}"

6
forge-pod.yml
View file

@ -95,7 +95,7 @@ spec:
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: ${FORGE_POD_NAME_SETUP} name: ${FORGE_POD_NAME_ANVIL}
spec: spec:
restartPolicy: OnFailure restartPolicy: OnFailure
volumes: volumes:
@ -121,7 +121,3 @@ spec:
secretKeyRef: secretKeyRef:
name: ublue-os_forge-secure name: ublue-os_forge-secure
key: ANSIBLE_HOST_BECOME_PASSWORD key: ANSIBLE_HOST_BECOME_PASSWORD
command:
- ansible-playbook
args:
- playbooks/configure_host.yml

8
forge.just Normal file
View file

@ -0,0 +1,8 @@
# ublue-os forge just configuration
# Show all messages from this boot
forge_clone-repository:
podman exec ublue-os_forge-anvil-ansible.ublue.local ansible-playbook playbooks/project_clone.yml
forge_build-image:
podman exec ublue-os_forge-anvil-ansible.ublue.local ansible-playbook playbooks/project_build.yml

6
forge.sh
View file

@ -6,7 +6,7 @@ export FORGE_POD_CONFIGURATION="forge-pod.yml"
export FORGE_POD_NAME_PRE_AMBLE="ublue-os_forge-" export FORGE_POD_NAME_PRE_AMBLE="ublue-os_forge-"
export FORGE_POD_NAME_REVERSE_PROXY=${FORGE_POD_NAME_PRE_AMBLE}rvproxy export FORGE_POD_NAME_REVERSE_PROXY=${FORGE_POD_NAME_PRE_AMBLE}rvproxy
export FORGE_POD_NAME_REGISTRY=${FORGE_POD_NAME_PRE_AMBLE}registry export FORGE_POD_NAME_REGISTRY=${FORGE_POD_NAME_PRE_AMBLE}registry
export FORGE_POD_NAME_SETUP=${FORGE_POD_NAME_PRE_AMBLE}setup export FORGE_POD_NAME_ANVIL=${FORGE_POD_NAME_PRE_AMBLE}anvil
# Functions # Functions
function setup { function setup {
@ -23,7 +23,7 @@ function setup {
configure_host_prerequisites & PID_CONFIG=$! configure_host_prerequisites & PID_CONFIG=$!
wait ${PID_CONFIG} wait ${PID_CONFIG}
echo -e "${YELLOW}Configuring host system...${ENDCOLOR}" echo -e "${YELLOW}Configuring host system...${ENDCOLOR}"
podman logs --color --follow "${FORGE_POD_NAME_SETUP}-ansible.${FORGE_DOMAIN_NAME}" podman exec ${FORGE_POD_NAME_ANVIL}-ansible.${FORGE_DOMAIN_NAME} ansible-playbook playbooks/configure_host.yml
echo "" echo ""
echo -e "${YELLOW}Cleaning up secrets...${ENDCOLOR}" echo -e "${YELLOW}Cleaning up secrets...${ENDCOLOR}"
delete_secrets delete_secrets
@ -36,6 +36,7 @@ function up {
echo -e "${YELLOW}Heating up forge...${ENDCOLOR}" echo -e "${YELLOW}Heating up forge...${ENDCOLOR}"
podman pod start ${FORGE_POD_NAME_REVERSE_PROXY} podman pod start ${FORGE_POD_NAME_REVERSE_PROXY}
podman pod start ${FORGE_POD_NAME_REGISTRY} podman pod start ${FORGE_POD_NAME_REGISTRY}
podman pod start ${FORGE_POD_NAME_ANVIL}
echo -e "${GREEN}The following containers are now running...${ENDCOLOR}" echo -e "${GREEN}The following containers are now running...${ENDCOLOR}"
show_containter_info show_containter_info
echo -e "${GREEN}Done. Happy forging!${ENDCOLOR}" echo -e "${GREEN}Done. Happy forging!${ENDCOLOR}"
@ -47,6 +48,7 @@ function down {
show_containter_info show_containter_info
podman pod stop "${FORGE_POD_NAME_REVERSE_PROXY}" --ignore podman pod stop "${FORGE_POD_NAME_REVERSE_PROXY}" --ignore
podman pod stop "${FORGE_POD_NAME_REGISTRY}" --ignore podman pod stop "${FORGE_POD_NAME_REGISTRY}" --ignore
podman pod stop "${FORGE_POD_NAME_ANVIL}" --ignore
echo -e "${GREEN}Done. Have a nice day${ENDCOLOR}" echo -e "${GREEN}Done. Have a nice day${ENDCOLOR}"
} }