FAQ | This is a LIVE service | Changelog

Skip to content

Support common roles in Ansible image

Write a Python tool which will clone a set of Ansible role repositories to a temporary directory and print out a colon-separated path for Ansible.

$ ansible_roles.py  # in root of repo
Cloning foo@bar.com....  # NB: standard error
/tmp/devops-common-EWUEWB/stable:/tmp/gp-roles-WEWWEIN  # NB: standard output

Write an entrypoint script for the Ansible image which runs the Ansible roles script and arranges for the list of directories it creates to be added to the Ansible path.

The Python tool should do nothing if there is no file at the root of the repo called .ansible-roles.yaml. If there is a file, it has the following format:

- name: DevOps Division Common Roles
  git:
    short_name: devops
    repo: git@github.com:foo/bar
    path: /stable
    ref: production

- name: Another repo
  git:
    repo: git@gitlab.com:buzz/bing

- git:
    repo: https://github.com/ansible/better-roles

The use of git is to a) mirror the Ansible role of the same name, b) mirror the role task file format and c) allows $BETTER_SCM when it comes along.

repo is REQUIRED and is the repository URL suitable for passing to git clone.

name is OPTIONAL and is a human friendly name. It defaults to "Git repository {repo}".

short_name is OPTIONAL and is used to generate the /tmp/ directory templates. It defaults to the name value lower-cased with non-alphabetic/non-numeric characters replaced with "-".

path is OPTIONAL and is an absolute path within the repo. It defaults to "/"

ref is OPTIONAL and is a branch name suitable for passing to git clone --branch. It defaults to HEAD.

The script should perform the equivalent of git clone --depth=1 --recurse-submodules into a temporary directory. The (sanitised) short_name should appear in the directory name. The path should be appended to the directory name when output to the colon-separated path.

path should be verified to be a) absolute and b) contain no relative specifiers such as "/..".

The temporary directory name pattern should be {sanitised_short_name}-XXXXXXXX where sanitised_short_name is short_name with non-alphabetic/non-numeric characters replaced with "-".

Edited by Dr Rich Wareham