verdnatura/vn-ansible
verdnatura
/
vn-ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refs #8025 Local host vars

This commit is contained in:
Juan Ferrer 2025-02-04 12:08:48 +01:00
parent f6f44ce859
commit 715090ec7c
3 changed files with 39 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -3,4 +3,9 @@
.vault.yml
.passbolt.yml
inventories/local
inventories/local-*
inventories/*/local-*.yml
inventories/*/local-*.yaml
inventories/host_vars/*.local.yml
inventories/host_vars/*.local.yaml
venv

16
README.md
View File

@ -40,10 +40,7 @@ ansible-galaxy collection install -r collections/requirements.yml
## Run playbook
Before merging changes into protected branches, playbooks should be tested
locally to ensure they work properly. The *inventories/local* inventory is not
uploaded to the repository and can be used for local testing. In any case, it
is advisable to use a different repository to store inventories.
It is advisable to use a different repository to store inventories.
Run playbook on inventory host.
```
@ -62,6 +59,17 @@ List available tags for playbook.
ansible-playbook playbooks/<playbook_name>.yml --list-tags
```
## Playbook testing
Before merging changes into protected branches, playbooks should be tested
locally to ensure they work properly. The following file patterns are in
*.gitignore* and can be used for local testing:
* Inventory: `inventories/local` or `inventories/local-*`
* Host vars: `local-[hostname].{yml|yaml}` or `[hostname].local.{yml|yaml}`
(Only when *run-playbook.sh* is used)
* Group vars: `local-[group].{yml|yaml}`
## Manage secrets
Secrets can be managed by using Ansible vault or an external keystore, Passbolt

22
run-playbook.sh
View File

@ -2,12 +2,34 @@
EXTRA_ARGS=()
OPTSTRING="i:l:"
while getopts ${OPTSTRING} opt; do
case ${opt} in
i)
INVENTORY="$OPTARG"
;;
l)
LIMIT="$OPTARG"
;;
esac
done
if [ -f .passbolt.yml ]; then
EXTRA_ARGS+=("--extra-vars" "@.passbolt.yml")
fi
if [ -f .vault-pass ]; then
EXTRA_ARGS+=("--vault-password-file" ".vault-pass")
fi
if [[ -n "${LIMIT:-}" && -n "${INVENTORY:-}" ]]; then
INVENTORY_DIR=$(dirname "$INVENTORY")
LOCAL_HOST_VARS="$INVENTORY_DIR/host_vars/$LIMIT.local"
if [ -f "$LOCAL_HOST_VARS.yml" ]; then
EXTRA_ARGS+=("--extra-vars" "@$LOCAL_HOST_VARS.yml")
fi
if [ -f "$LOCAL_HOST_VARS.yaml" ]; then
EXTRA_ARGS+=("--extra-vars" "@$LOCAL_HOST_VARS.yaml")
fi
fi
#export PYTHONPATH=./venv/lib/python3.12/site-packages/
ansible-playbook ${EXTRA_ARGS[@]} $@