Simplify the provision script

- Remove Vagrant VM stuff - Remove remove secrets_file location and use a default value - Remove the user argument for the provision script - enviromment_dir is no longer needed. The ansible magic var inventory_dir is reintroduced. You need to add localhost to the inventory for this to work
OpenConext · Oct 9, 2024 · c19587f · c19587f
1 parent 3cbcc8a
commit c19587f
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 102 deletions.
diff --git a/environments/template/inventory b/environments/template/inventory
@@ -87,3 +87,6 @@ java_apps_vm
 
 [app_oidc:children]
 oidc
+
+[local]
+localhost ansible_connection=local
diff --git a/group_vars/all.yml b/group_vars/all.yml
@@ -2,7 +2,7 @@
 # The develop flag is used for development-specific tasks/roles and is set to true via --extra-vars
 # By default, these should not be run
 develop: false
-
+secrets_file: "{{ inventory_dir }}/secrets/secrets.yml"
 # To enable a minimal installation the following variable should be enabled:
 minimal_install: false
 

diff --git a/provision b/provision
@@ -2,115 +2,44 @@
 set -e
 export ANSIBLE_ROLES_PATH="roles:roles-external"
 
-
-# helper function: check if a specified value is present in a space-separated list
-listcontains() {
-	match=$1
-	shift
-	for word in $@
-	do
-		[[ $word = $match ]] && return 0
-	done
-	return 1
-}
-
 # parse parameters
-help="Usage: $0 vm    [ANSIBLE_OPT]\n       $0 <ENV> <SSH_USERNAME> <SECRET_FILE> [ANSIBLE_OPT]"
-if [ "$#" -eq 0 ]
-then
+help="Usage: $0 <ENV> [ANSIBLE_OPT]
+eg $0 acc --tags eb 
+will provision the tag eb on acc"
+
+if [ "$#" -eq 0 ]; then
   echo -e "$help"
   exit 1
 fi
 
 env=$1
 shift
 
-if [ "$env" = "vm" ] || [ $env = "devvm" ]
-then
-	user="vagrant"
-	secret="environments/vm/secrets/vm.yml"
-	environment_dir="environments/vm/"
-elif [ $# -lt 2 ]
-then
-	echo -e "$help"
-	exit 1
-else
-	user=$1
-	secret=$2
-	environment_dir="environments-external/$env/"
-	shift; shift
-fi
-
-# Download extra roles when requirements.yml is present
-if [ -f "$environment_dir"/requirements.yml ]
-then
-	echo "Downloading roles to roles-external"
-	ansible-galaxy install -r "$environment_dir"/requirements.yml -f -p .
-else
-	echo "No extra roles found to be downloaded"
-fi
-
-
-# find matching playbook
+# Set some variables
+environment_dir="environments-external/$env/"
+inventory="environments-external/$env/inventory"
 playbook="provision.yml"
-#listcontains "$env" "vm" &&  playbook="provision-vm.yml"
 
-# find inventory
-if [ $env = "vm" ] || [ $env = "template" ]
-then
-	inventory="environments/$env/inventory"
-elif [ $env = "devvm" ]
-then
-	inventory="environments/vm/inventory"
-else
-	inventory="environments-external/$env/inventory"
-fi
-
-if ! [ -e $inventory ]
-then
-	echo "Inventory file '$inventory' for environment '$env' not found."
-	exit 1
+if ! [ -e "$inventory" ]; then
+  echo "Inventory file '$inventory' for environment '$env' not found."
+  exit 1
 fi
 
-# run vm
-if [ "$env" = "vm" ]
-then
-  vagrant up
-fi
-if [ "$env" = "devvm" ]
-then
-  ENV=dev vagrant up
+# Download extra roles when requirements.yml is present
+if [ -f "$environment_dir"/requirements.yml ]; then
+  echo "Downloading roles to roles-external"
+  ansible-galaxy install -r "$environment_dir"/requirements.yml -f -p .
+else
+  echo "No extra roles found to be downloaded"
 fi
 
-# run ansible
-if [ $env = "vm" ] || [ $env = "template" ]
-then
-        cmd=$(cat <<-EOF
-	  ansible-playbook -i "$inventory" -u "$user" "$playbook"
-                           --extra-vars="secrets_file=$secret"
-                           --extra-vars="environment_dir=$environment_dir"
-                           $@
-	EOF
+cmd=$(
+  cat <<-EOF
+ansible-playbook -i $inventory $playbook $@
+EOF
 )
-elif [ $env = "devvm" ]
-then
-        cmd=$(cat <<-EOF
-          ansible-playbook -i "$inventory" -u "$user" "$playbook"
-	                   --extra-vars="secrets_file=$secret"
-                           --extra-vars="environment_dir=$environment_dir"
-	                   --extra-vars="@environments/vm/group_vars/dev.yml"
-                           $@
-	EOF
-	)
-else
-        cmd=$(cat <<-EOF
-	  ansible-playbook -i $inventory -u $user  $playbook
-                           --extra-vars=secrets_file=$secret
-                           --extra-vars=environment_dir=$environment_dir
-                           $@
-	EOF
-	)
-fi
 echo "executing $cmd" | tr -d "\n" | tr -s ' '
-$cmd
 
+echo $cmd
+
+$cmd
diff --git a/provision.yml b/provision.yml
@@ -102,10 +102,6 @@
       when:
         - inventory_hostname not in groups['lifecycle']
       tags: ['core', 'app_php', 'eb']
-    - role: lifecycle
-      when:
-        - inventory_hostname in groups['lifecycle']
-      tags: ['app_php', 'lifecycle']
   handlers:
     - import_tasks: roles/httpd/handlers/main.yml
 
@@ -189,5 +185,7 @@
     - { role: lifecycle,      tags: ["lifecycle"] }  
     - { role: stepuptiqr, tags: ['stepuptiqr' , 'stepup'] }
 
-- import_playbook: "{{ environment_dir }}/playbook.yml"
-
+- hosts: localhost
+  become: false
+  tasks:
+    - import_playbook: "{{ inventory_dir }}/playbook.yml"
-Original file line number
+Diff line change
@@ Expand Up / @@ -87,3 +87,6 @@ java_apps_vm @@
     [app_oidc:children]
     oidc
+    [local]
+    localhost ansible_connection=local