diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1ef730a..4c8b43e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,11 +16,12 @@ jobs: ci: name: Test Ansible provisioning runs-on: macos-latest + env: + INVENTORY: work steps: - - run: | - echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event." - echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!" - echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." + - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event." + - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!" + - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." - name: Check out repository code uses: actions/checkout@v4 @@ -28,13 +29,28 @@ jobs: - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner." - run: echo "🖥️ The workflow is now ready to test your code on the runner." - - name: List files in the repository + - name: Install Ansible + run: brew install ansible + + - run: ansible --version + + - name: Verify the playbook's syntax + run: ansible-playbook --inventory ${INVENTORY} --syntax-check site.yml + + - name: Test the playbook + run: ansible-playbook --inventory ${INVENTORY} site.yml + + - name: Test the playbook's idempotence run: | - ls ${{ github.workspace }} + output=$(mktemp) + ansible-playbook --inventory ${INVENTORY} site.yml | tee ${output} - - run: echo "🍏 This job's status is ${{ job.status }}." + # anything_changed=$(tail ${output} | grep -q 'changed=0.*failed=0') + # if [[ "${anything_changed}" -gt 0 ]]; then + # echo "Playbook not idempotent!" >> $GITHUB_OUTPUT + # # TODO fix up playbook + # # exit 1 + # fi; - # - name: Check Syntax + - run: echo "🍏 This job's status is ${{ job.status }}." - # test-installation: - # test-idempotence: diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 94bf5c6..0000000 --- a/.travis.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -os: osx -osx_image: xcode10.2 - -env: - - INV=home - - INV=work - -before_install: sudo easy_install pip - -install: sudo pip install ansible - -script: - # Check the playbook's syntax - - ansible-playbook -i ${INV} --syntax-check site.yml - - # Test the playbook - - ansible-playbook -i ${INV} site.yml - - # Test the playbook's idempotence - - idempotence=$(mktemp) - - ansible-playbook -i ${INV} site.yml | tee -a ${idempotence} - - > - tail ${idempotence} - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) diff --git a/README.md b/README.md index c17e124..745b060 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ -# Ansible macOS provisioning -[![Build Status](https://travis-ci.org/andrewdavidbell/macos-infra.svg?branch=generic-list-style)](https://travis-ci.org/andrewdavidbell/macos-infra) +# Ansible macOS infrastructure provisioning +![CI workflow status](https://github.com/andrewdavidbell/macos-infra/actions/workflows/ci.yml/badge.svg) -Ansible automation to configure macOS-based machines for software development -and personal use. +Ansible automation to configure my macOS machines diff --git a/install.sh b/install.sh index b0eac4c..9a9ed87 100755 --- a/install.sh +++ b/install.sh @@ -68,7 +68,7 @@ function main() { # install_ansible_vault_password echo "Run the following command to provision the infrastructure:" - echo "ansible-playbook -K -i site.yml -v" + echo "ansible-playbook -i site.yml -v" } main diff --git a/roles/awscli/tasks/main.yml b/roles/awscli/tasks/main.yml index 7cf8239..01c8443 100644 --- a/roles/awscli/tasks/main.yml +++ b/roles/awscli/tasks/main.yml @@ -14,6 +14,10 @@ group: staff mode: 0755 +- name: Check if config dir exists + local_action: stat path="{{ aws_config_dir }}" + register: dir + - name: Install AWS config file from fragments assemble: src: "{{ aws_config_dir }}/config.d" @@ -22,6 +26,7 @@ owner: "{{ ansible_user_id }}" group: staff mode: 0600 + when: dir.stat.exists - name: Install aws aliases for zsh lineinfile: @@ -30,10 +35,10 @@ insertafter: '# ANSIBLE MANAGED: Antigen' line: ' aws' -- name: Ensure /usr/local/bin directory exists - file: - path: /usr/local/bin - state: directory - owner: root - group: wheel - mode: 0755 +# - name: Ensure /usr/local/bin directory exists +# file: +# path: /usr/local/bin +# state: directory +# owner: root +# group: wheel +# mode: 0755 diff --git a/roles/ssh/tasks/main.yml b/roles/ssh/tasks/main.yml index 9fb0ec8..bd31fe2 100644 --- a/roles/ssh/tasks/main.yml +++ b/roles/ssh/tasks/main.yml @@ -33,6 +33,10 @@ group: staff mode: 0600 +- name: Check if config dir exists + local_action: stat path="{{ ssh_config_dir }}" + register: dir + - name: Copy configuration files into place copy: src: "{{ ssh_config_dir }}/config.d/" @@ -40,11 +44,13 @@ owner: "{{ ansible_user_id }}" group: staff mode: 0600 + when: dir.stat.exists -- name: Copy keys into place +- name: Copy key files into place copy: src: "{{ ssh_config_dir }}/keys/" dest: "{{ ansible_user_dir }}/.ssh/keys/" owner: "{{ ansible_user_id }}" group: staff mode: 0600 + when: dir.stat.exists diff --git a/test_playbook.sh b/test_playbook.sh deleted file mode 100755 index b86cde3..0000000 --- a/test_playbook.sh +++ /dev/null @@ -1,14 +0,0 @@ -# Check the playbook's syntax -ansible-playbook --become --inventory ${INV} --syntax-check site.yml - -# Test the playbook -ansible-playbook --become --inventory ${INV} site.yml - -# Test the playbook's idempotence -if [[ $? == 0 ]]; then - local idempotence=$(mktemp) - ansible-playbook --become --inventory ${INV} site.yml | tee -a ${idempotence} - grep -q 'changed=0.*failed=0' ${idempotence} \ - && (echo 'Idempotence test: pass' && exit 0) \ - || (echo 'Idempotence test: fail' && exit 1) -fi