Skip to content

Commit

Permalink
refactor(config): add VERIFY_UNCHANGED mode
Browse files Browse the repository at this point in the history
  • Loading branch information
rudenkornk committed May 2, 2024
1 parent 954dee6 commit 9b02408
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 13 deletions.
12 changes: 3 additions & 9 deletions .github/workflows/workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,7 @@ jobs:
- name: Config
run: make
- name: Check idempotence
run: |
make | tee __build__/log
! (grep -oP "changed=\d+" __build__/log | grep -oPq "changed=[1-9]")
run: make VERIFY_UNCHANGED=true
# All format checks only available after complete machine setup
# So, we need to do them in one of the check jobs
- name: Check format
Expand All @@ -50,9 +48,7 @@ jobs:
- name: Config
run: make
- name: Check idempotence
run: |
make | tee __build__/log
! (grep -oP "changed=\d+" __build__/log | grep -oPq "changed=[1-9]")
run: make VERIFY_UNCHANGED=true
strategy:
matrix:
image: ["ubuntu:22.04", "ubuntu:23.04", "ubuntu:23.10", "ubuntu:24.04"]
Expand All @@ -69,9 +65,7 @@ jobs:
- name: Check remote config
run: make check_host
- name: Check remote idempotence
run: |
make check_host | tee __build__/log
! (grep -oP "changed=\d+" __build__/log | grep -oPq "changed=[1-9]")
run: make check_host VERIFY_UNCHANGED=true

lint:
runs-on: ubuntu-22.04
Expand Down
2 changes: 2 additions & 0 deletions bootstrap.sh
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,8 @@ fi

source "$BUILD_DIR/venv/bin/activate"

export ANSIBLE_LOG_PATH="$BUILD_DIR/ansible_logs/bootstrap_control_node.log"

if [[
("$BUILD_DIR/bootstrap_control_node" -ot "$BUILD_DIR/venv") ||
("$BUILD_DIR/bootstrap_control_node" -ot "$PROJECT_DIR/playbook_bootstrap_control_node.yaml") ||
Expand Down
23 changes: 20 additions & 3 deletions config.sh
Original file line number Diff line number Diff line change
Expand Up @@ -19,18 +19,23 @@ else
LOCAL=false
fi

logs_path="$(realpath "$BUILD_DIR")/ansible_logs"
mkdir -p "$logs_path"

if [[ $LOCAL == true ]]; then
# In case of local execution, privileges escalation is equvalent of calling sudo
# We must call it beforehand, so Ansible will not ask for password
sudo bash -c ''
fi

if [[ "$HOSTS" =~ ^dotfiles_ ]]; then
ansible-playbook --extra-vars "container=$HOSTS image=$IMAGE" \
ANSIBLE_LOG_PATH="$logs_path/container.log" \
ansible-playbook --extra-vars "container=$HOSTS image=$IMAGE" \
--inventory "$PROJECT_DIR/inventory.yaml" "$PROJECT_DIR/playbook_dotfiles_container.yaml"
fi

ansible-playbook --extra-vars "hosts_var=$HOSTS" \
ANSIBLE_LOG_PATH="$logs_path/bootstrap_hosts.log" \
ansible-playbook --extra-vars "hosts_var=$HOSTS" \
--extra-vars "user=$REMOTE_USER" \
--inventory "$PROJECT_DIR/inventory.yaml" "$PROJECT_DIR/playbook_bootstrap_hosts.yaml"

Expand All @@ -48,17 +53,29 @@ if [[ $LOCAL == true ]] && [[ "$REMOTE_USER" != $(id --user --name) ]]; then
# One more problem is that nested shell disguises parent's python virtual environment,
# which results in picking wrong Ansible binary.
# We have to set $PATH and $VIRTUAL_ENV manually back to their original values
chmod 777 "$logs_path"
sudo --user "$REMOTE_USER" \
bash -c " \
sudo bash -c '' && \
PATH=$PATH \
VIRTUAL_ENV=$VIRTUAL_ENV \
ANSIBLE_LOG_PATH=\"$logs_path/main.log\" \
ansible-playbook --extra-vars \"hosts_var=$HOSTS\" \
--user \"$REMOTE_USER\" \
--inventory \"$PROJECT_DIR/inventory.yaml\" \"$PROJECT_DIR/playbook.yaml\" \
"
else
ansible-playbook --extra-vars "hosts_var=$HOSTS" \
ANSIBLE_LOG_PATH="$logs_path/main.log" \
ansible-playbook --extra-vars "hosts_var=$HOSTS" \
--user "$REMOTE_USER" \
--inventory "$PROJECT_DIR/inventory.yaml" "$PROJECT_DIR/playbook.yaml"
fi

if [[ "$VERIFY_UNCHANGED" == true ]]; then
for log in "$logs_path"/*; do
if (grep -oP "changed=\d+" "$log" | grep -oPq "changed=[1-9]"); then
echo "IDEMPOTENCY CHECK FAILED"
exit 1
fi
done
fi
9 changes: 8 additions & 1 deletion makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ SHELL = /usr/bin/env bash
############################# Arguments ############################
HOSTS ?= localhost
REMOTE_USER ?= $(shell id --user --name)
VERIFY_UNCHANGED ?= false


############################## Setup ###############################
Expand All @@ -16,7 +17,13 @@ BOOTSTRAP := $(BUILD_DIR)/bootstrap_control_node
########################### Main targets ###########################
.PHONY: config
config: $(BOOTSTRAP)
$(VENV) && HOSTS=$(HOSTS) REMOTE_USER=$(REMOTE_USER) IMAGE=$(IMAGE) ./config.sh
$(VENV) && \
HOSTS=$(HOSTS) \
REMOTE_USER=$(REMOTE_USER) \
VERIFY_UNCHANGED=$(VERIFY_UNCHANGED) \
BUILD_DIR=$(BUILD_DIR) \
IMAGE=$(IMAGE) \
./config.sh

.PHONY: update
update: $(BOOTSTRAP)
Expand Down

0 comments on commit 9b02408

Please sign in to comment.