diff options
| -rw-r--r-- | .github/workflows/lint-ansible.yaml | 2 | ||||
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | ansible/README.md | 10 | ||||
| -rw-r--r-- | ansible/ansible.cfg | 2 | ||||
| -rw-r--r-- | ansible/local_testing/Vagrantfile | 2 | ||||
| -rw-r--r-- | ansible/roles/requirements.yml | 10 | ||||
| -rw-r--r-- | poetry.lock | 76 | ||||
| -rw-r--r-- | pyproject.toml | 2 |
8 files changed, 83 insertions, 22 deletions
diff --git a/.github/workflows/lint-ansible.yaml b/.github/workflows/lint-ansible.yaml index 7bd0a25..5160262 100644 --- a/.github/workflows/lint-ansible.yaml +++ b/.github/workflows/lint-ansible.yaml @@ -21,4 +21,4 @@ jobs: # Remove any Vaulted files and Vault configuration grep -R '$ANSIBLE_VAULT;' --files-with-matches . | xargs rm sed --in-place '/vault_password_file/d' ansible.cfg - ansible-lint --offline + ansible-lint @@ -1,3 +1,4 @@ +/ansible/.ansible/ vault_passwords /docs/.hugo_build.lock /docs/public/ diff --git a/ansible/README.md b/ansible/README.md index cdb5278..bdc4034 100644 --- a/ansible/README.md +++ b/ansible/README.md @@ -9,11 +9,13 @@ If you are on Windows, you need to install WSL and run Ansible in there, as natively](https://docs.ansible.com/ansible/latest/user_guide/windows_faq.html#can-ansible-run-on-windows). Debian Stable is recommended, but any Linux distribution should work. -1. Create a virtual environment: `python -m venv venv` -1. Activate the virtual environment -1. Update pip and builder deps: `python -m pip install --upgrade pip wheel setuptools` -1. Install project dependencies: `python -m pip install -r requirements.txt` +From the project root directory: + 1. Install the pre-commit hook: `pre-commit install` +1. Install Poetry: `apt install python3-poetry` +1. Install dependencies: `poetry install` +1. Head to the `ansible` directory: `cd ansible` +1. Install Ansible dependencies: `poetry run ansible-galaxy install -r roles/requirements.yml` 1. Create a `vault_passwords` file and write the vault password to it 1. Configure the Ansible Vault git diff driver using `git config --global diff.ansible-vault.textconv "ansible-vault view"` and `git config diff.ansible-vault.cachetextconv false` diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index bf8864e..10c66be 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -2,6 +2,8 @@ inventory = inventory/hosts.yaml host_key_checking = False vault_password_file = vault_passwords +collections_path = .ansible/galaxy_collections/ +roles_path = .ansible/galaxy_roles/:roles/ [privilege_escalation] become = yes diff --git a/ansible/local_testing/Vagrantfile b/ansible/local_testing/Vagrantfile index e21357b..3532c0c 100644 --- a/ansible/local_testing/Vagrantfile +++ b/ansible/local_testing/Vagrantfile @@ -26,6 +26,8 @@ Vagrant.configure("2") do |config| cd /home/vagrant/infra sudo poetry config virtualenvs.create false sudo PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring poetry install --only ansible --no-root + cd ansible/ + ansible-galaxy install -r roles/requirements.yml SHELL control.vm.provider "virtualbox" do |v| diff --git a/ansible/roles/requirements.yml b/ansible/roles/requirements.yml new file mode 100644 index 0000000..063bead --- /dev/null +++ b/ansible/roles/requirements.yml @@ -0,0 +1,10 @@ +--- +collections: + - name: ansible.posix + version: 1.5.4 + - name: community.crypto + version: 2.19.0 + - name: community.general + version: 8.6.0 + - name: community.postgresql + version: 3.4.0 diff --git a/poetry.lock b/poetry.lock index 74a9287..1969a34 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,23 +1,10 @@ -# This file is automatically @generated by Poetry 1.8.2 and should not be changed by hand. - -[[package]] -name = "ansible" -version = "9.5.1" -description = "Radically simple IT automation" -optional = false -python-versions = ">=3.10" -files = [ - {file = "ansible-9.5.1-py3-none-any.whl", hash = "sha256:aed2f4208a75836a27c13555ec5d8d942fe3b089a8b1fc44e8234fadd9e649fd"}, - {file = "ansible-9.5.1.tar.gz", hash = "sha256:3c278bc9642b97fc953b2ba05b99cd80801e75bf3567dfaa1cb5131fe0ec1ecd"}, -] - -[package.dependencies] -ansible-core = ">=2.16.6,<2.17.0" +# This file is automatically @generated by Poetry and should not be changed by hand. [[package]] name = "ansible-compat" version = "4.1.11" description = "Ansible compatibility goodies" +category = "dev" optional = false python-versions = ">=3.9" files = [ @@ -40,6 +27,7 @@ test = ["coverage", "pip-tools", "pytest (>=7.2.0)", "pytest-mock", "pytest-plus name = "ansible-core" version = "2.16.6" description = "Radically simple IT automation" +category = "dev" optional = false python-versions = ">=3.10" files = [ @@ -58,6 +46,7 @@ resolvelib = ">=0.5.3,<1.1.0" name = "ansible-lint" version = "24.2.2" description = "Checks playbooks for practices and behavior that could potentially be improved" +category = "dev" optional = false python-versions = ">=3.10" files = [ @@ -88,6 +77,7 @@ test = ["black", "coverage-enable-subprocess", "coverage[toml] (>=6.4.4)", "jmes name = "attrs" version = "23.2.0" description = "Classes Without Boilerplate" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -107,6 +97,7 @@ tests-no-zope = ["attrs[tests-mypy]", "cloudpickle", "hypothesis", "pympler", "p name = "black" version = "24.4.2" description = "The uncompromising code formatter." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -151,6 +142,7 @@ uvloop = ["uvloop (>=0.15.2)"] name = "bracex" version = "2.4" description = "Bash style brace expander." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -162,6 +154,7 @@ files = [ name = "certifi" version = "2024.2.2" description = "Python package for providing Mozilla's CA Bundle." +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -173,6 +166,7 @@ files = [ name = "cffi" version = "1.16.0" description = "Foreign Function Interface for Python calling C code." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -237,6 +231,7 @@ pycparser = "*" name = "cfgv" version = "3.4.0" description = "Validate configuration and produce human readable error messages." +category = "main" optional = false python-versions = ">=3.8" files = [ @@ -248,6 +243,7 @@ files = [ name = "charset-normalizer" version = "3.3.2" description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." +category = "dev" optional = false python-versions = ">=3.7.0" files = [ @@ -347,6 +343,7 @@ files = [ name = "click" version = "8.1.7" description = "Composable command line interface toolkit" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -358,6 +355,7 @@ files = [ name = "colorama" version = "0.4.6" description = "Cross-platform colored terminal text." +category = "main" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" files = [ @@ -369,6 +367,7 @@ files = [ name = "cryptography" version = "42.0.5" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -423,6 +422,7 @@ test-randomorder = ["pytest-randomly"] name = "distlib" version = "0.3.8" description = "Distribution utilities" +category = "main" optional = false python-versions = "*" files = [ @@ -434,6 +434,7 @@ files = [ name = "dnspython" version = "2.6.1" description = "DNS toolkit" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -454,6 +455,7 @@ wmi = ["wmi (>=1.5.1)"] name = "filelock" version = "3.13.4" description = "A platform independent file lock." +category = "main" optional = false python-versions = ">=3.8" files = [ @@ -470,6 +472,7 @@ typing = ["typing-extensions (>=4.8)"] name = "fqdn" version = "1.5.1" description = "Validates fully-qualified domain names against RFC 1123, so that they are acceptable to modern bowsers" +category = "dev" optional = false python-versions = ">=2.7, !=3.0, !=3.1, !=3.2, !=3.3, !=3.4, <4" files = [ @@ -481,6 +484,7 @@ files = [ name = "identify" version = "2.5.36" description = "File identification library for Python" +category = "main" optional = false python-versions = ">=3.8" files = [ @@ -495,6 +499,7 @@ license = ["ukkonen"] name = "idna" version = "3.7" description = "Internationalized Domain Names in Applications (IDNA)" +category = "dev" optional = false python-versions = ">=3.5" files = [ @@ -506,6 +511,7 @@ files = [ name = "jinja2" version = "3.1.3" description = "A very fast and expressive template engine." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -523,6 +529,7 @@ i18n = ["Babel (>=2.7)"] name = "jsonschema" version = "4.21.1" description = "An implementation of JSON Schema validation for Python" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -544,6 +551,7 @@ format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339- name = "jsonschema-specifications" version = "2023.12.1" description = "The JSON Schema meta-schemas and vocabularies, exposed as a Registry" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -558,6 +566,7 @@ referencing = ">=0.31.0" name = "markdown-it-py" version = "3.0.0" description = "Python port of markdown-it. Markdown parsing, done right!" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -582,6 +591,7 @@ testing = ["coverage", "pytest", "pytest-cov", "pytest-regressions"] name = "markupsafe" version = "2.1.5" description = "Safely add untrusted strings to HTML/XML markup." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -651,6 +661,7 @@ files = [ name = "mdurl" version = "0.1.2" description = "Markdown URL utilities" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -662,6 +673,7 @@ files = [ name = "mslex" version = "1.2.0" description = "shlex for windows" +category = "main" optional = false python-versions = ">=3.5" files = [ @@ -673,6 +685,7 @@ files = [ name = "mypy-extensions" version = "1.0.0" description = "Type system extensions for programs checked with the mypy type checker." +category = "dev" optional = false python-versions = ">=3.5" files = [ @@ -684,6 +697,7 @@ files = [ name = "natsort" version = "8.4.0" description = "Simple yet flexible natural sorting in Python." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -699,6 +713,7 @@ icu = ["PyICU (>=1.0.0)"] name = "nodeenv" version = "1.8.0" description = "Node.js virtual environment builder" +category = "main" optional = false python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*" files = [ @@ -713,6 +728,7 @@ setuptools = "*" name = "octodns" version = "1.6.1" description = "OctoDNS: DNS as code - Tools for managing DNS across multiple providers" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -735,6 +751,7 @@ dev = ["black (>=23.1.0,<24.0.0)", "build (>=0.7.0)", "isort (>=5.11.5)", "pycou name = "octodns-cloudflare" version = "0.0.5" description = "Cloudflare provider for octoDNS" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -754,6 +771,7 @@ test = ["pytest", "pytest-cov", "pytest-network", "requests-mock"] name = "packaging" version = "24.0" description = "Core utilities for Python packages" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -765,6 +783,7 @@ files = [ name = "pathspec" version = "0.12.1" description = "Utility library for gitignore style pattern matching of file paths." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -776,6 +795,7 @@ files = [ name = "platformdirs" version = "4.2.1" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a `user data dir`." +category = "main" optional = false python-versions = ">=3.8" files = [ @@ -792,6 +812,7 @@ type = ["mypy (>=1.8)"] name = "pre-commit" version = "3.7.0" description = "A framework for managing and maintaining multi-language pre-commit hooks." +category = "main" optional = false python-versions = ">=3.9" files = [ @@ -810,6 +831,7 @@ virtualenv = ">=20.10.0" name = "psutil" version = "5.9.8" description = "Cross-platform lib for process and system monitoring in Python." +category = "main" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" files = [ @@ -838,6 +860,7 @@ test = ["enum34", "ipaddress", "mock", "pywin32", "wmi"] name = "pycparser" version = "2.22" description = "C parser in Python" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -849,6 +872,7 @@ files = [ name = "pygments" version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -864,6 +888,7 @@ windows-terminal = ["colorama (>=0.4.6)"] name = "python-dateutil" version = "2.9.0.post0" description = "Extensions to the standard Python datetime module" +category = "dev" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" files = [ @@ -878,6 +903,7 @@ six = ">=1.5" name = "pyyaml" version = "6.0.1" description = "YAML parser and emitter for Python" +category = "main" optional = false python-versions = ">=3.6" files = [ @@ -899,6 +925,7 @@ files = [ {file = "PyYAML-6.0.1-cp311-cp311-win_amd64.whl", hash = "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34"}, {file = "PyYAML-6.0.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28"}, {file = "PyYAML-6.0.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9"}, + {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a08c6f0fe150303c1c6b71ebcd7213c2858041a7e01975da3a99aed1e7a378ef"}, {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0"}, {file = "PyYAML-6.0.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4"}, {file = "PyYAML-6.0.1-cp312-cp312-win32.whl", hash = "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54"}, @@ -937,6 +964,7 @@ files = [ name = "referencing" version = "0.35.0" description = "JSON Referencing + Python" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -952,6 +980,7 @@ rpds-py = ">=0.7.0" name = "requests" version = "2.31.0" description = "Python HTTP for Humans." +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -973,6 +1002,7 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] name = "resolvelib" version = "1.0.1" description = "Resolve abstract dependencies into concrete ones" +category = "dev" optional = false python-versions = "*" files = [ @@ -990,6 +1020,7 @@ test = ["commentjson", "packaging", "pytest"] name = "rich" version = "13.7.1" description = "Render rich text, tables, progress bars, syntax highlighting, markdown and more to the terminal" +category = "dev" optional = false python-versions = ">=3.7.0" files = [ @@ -1008,6 +1039,7 @@ jupyter = ["ipywidgets (>=7.5.1,<9)"] name = "rpds-py" version = "0.18.0" description = "Python bindings to Rust's persistent data structures (rpds)" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1116,6 +1148,7 @@ files = [ name = "ruamel-yaml" version = "0.18.6" description = "ruamel.yaml is a YAML parser/emitter that supports roundtrip preservation of comments, seq/map flow style, and map key order" +category = "dev" optional = false python-versions = ">=3.7" files = [ @@ -1134,6 +1167,7 @@ jinja2 = ["ruamel.yaml.jinja2 (>=0.2)"] name = "ruamel-yaml-clib" version = "0.2.8" description = "C version of reader, parser and emitter for ruamel.yaml derived from libyaml" +category = "dev" optional = false python-versions = ">=3.6" files = [ @@ -1193,6 +1227,7 @@ files = [ name = "ruff" version = "0.4.2" description = "An extremely fast Python linter and code formatter, written in Rust." +category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1219,6 +1254,7 @@ files = [ name = "setuptools" version = "69.5.1" description = "Easily download, build, install, upgrade, and uninstall Python packages" +category = "main" optional = false python-versions = ">=3.8" files = [ @@ -1235,6 +1271,7 @@ testing-integration = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "jar name = "six" version = "1.16.0" description = "Python 2 and 3 compatibility utilities" +category = "dev" optional = false python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*" files = [ @@ -1246,6 +1283,7 @@ files = [ name = "subprocess-tee" version = "0.4.1" description = "subprocess-tee" +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1260,6 +1298,7 @@ test = ["enrich (>=1.2.6)", "molecule (>=3.4.0)", "pytest (>=6.2.5)", "pytest-co name = "taskipy" version = "1.12.2" description = "tasks runner for python projects" +category = "main" optional = false python-versions = ">=3.6,<4.0" files = [ @@ -1277,6 +1316,7 @@ tomli = {version = ">=2.0.1,<3.0.0", markers = "python_version >= \"3.7\" and py name = "tomli" version = "2.0.1" description = "A lil' TOML parser" +category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1288,6 +1328,7 @@ files = [ name = "urllib3" version = "2.2.1" description = "HTTP library with thread-safe connection pooling, file post, and more." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1305,6 +1346,7 @@ zstd = ["zstandard (>=0.18.0)"] name = "virtualenv" version = "20.26.0" description = "Virtual Python Environment builder" +category = "main" optional = false python-versions = ">=3.7" files = [ @@ -1325,6 +1367,7 @@ test = ["covdefaults (>=2.3)", "coverage (>=7.2.7)", "coverage-enable-subprocess name = "wcmatch" version = "8.5.1" description = "Wildcard/glob file name matcher." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1339,6 +1382,7 @@ bracex = ">=2.1.1" name = "yamllint" version = "1.35.1" description = "A linter for YAML files." +category = "dev" optional = false python-versions = ">=3.8" files = [ @@ -1356,4 +1400,4 @@ dev = ["doc8", "flake8", "flake8-import-order", "rstcheck[sphinx]", "sphinx"] [metadata] lock-version = "2.0" python-versions = ">3.11,<4.0" -content-hash = "6a36cd4e1377ffe07de6d0eea7de0274954eeb1a02f634e90bf18528c2c5c3ef" +content-hash = "c229909adfb25834d842eb25bebcd81d5f31eea2a3b0762d371e3dad83c7b0c9" diff --git a/pyproject.toml b/pyproject.toml index 2bf34a9..4ef4bf3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -14,7 +14,7 @@ ruff = "0.4.2" taskipy = "1.12.2" [tool.poetry.group.ansible.dependencies] -ansible = "9.5.1" +ansible-core = "^2.16.6" ansible-lint = { version = "24.2.2", markers = "platform_system != 'Windows'" } dnspython = "2.6.1" |