257 lines
9.6 KiB
Python
Executable file
257 lines
9.6 KiB
Python
Executable file
#!/usr/bin/env python
|
|
|
|
# (c) 2012, Stephen Fromm <sfromm@gmail.com>
|
|
#
|
|
# Ansible is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# Ansible is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
#
|
|
# ansible-pull is a script that runs ansible in local mode
|
|
# after checking out a playbooks directory from source repo. There is an
|
|
# example playbook to bootstrap this script in the examples/ dir which
|
|
# installs ansible and sets it up to run on cron.
|
|
|
|
# usage:
|
|
# ansible-pull -d /var/lib/ansible \
|
|
# -U http://example.net/content.git [-C production] \
|
|
# [path/playbook.yml]
|
|
#
|
|
# the -d and -U arguments are required; the -C argument is optional.
|
|
#
|
|
# ansible-pull accepts an optional argument to specify a playbook
|
|
# location underneath the workdir and then searches the source repo
|
|
# for playbooks in the following order, stopping at the first match:
|
|
#
|
|
# 1. $workdir/path/playbook.yml, if specified
|
|
# 2. $workdir/$fqdn.yml
|
|
# 3. $workdir/$hostname.yml
|
|
# 4. $workdir/local.yml
|
|
#
|
|
# the source repo must contain at least one of these playbooks.
|
|
|
|
import os
|
|
import shutil
|
|
import sys
|
|
import datetime
|
|
import socket
|
|
import random
|
|
import time
|
|
from ansible import utils
|
|
from ansible.utils import cmd_functions
|
|
from ansible import errors
|
|
from ansible import inventory
|
|
|
|
DEFAULT_REPO_TYPE = 'git'
|
|
DEFAULT_PLAYBOOK = 'local.yml'
|
|
PLAYBOOK_ERRORS = {1: 'File does not exist',
|
|
2: 'File is not readable'}
|
|
|
|
VERBOSITY=0
|
|
|
|
def increment_debug(option, opt, value, parser):
|
|
global VERBOSITY
|
|
VERBOSITY += 1
|
|
|
|
def try_playbook(path):
|
|
if not os.path.exists(path):
|
|
return 1
|
|
if not os.access(path, os.R_OK):
|
|
return 2
|
|
return 0
|
|
|
|
|
|
def select_playbook(path, args):
|
|
playbook = None
|
|
if len(args) > 0 and args[0] is not None:
|
|
playbook = "%s/%s" % (path, args[0])
|
|
rc = try_playbook(playbook)
|
|
if rc != 0:
|
|
print >>sys.stderr, "%s: %s" % (playbook, PLAYBOOK_ERRORS[rc])
|
|
return None
|
|
return playbook
|
|
else:
|
|
fqdn = socket.getfqdn()
|
|
hostpb = "%s/%s.yml" % (path, fqdn)
|
|
shorthostpb = "%s/%s.yml" % (path, fqdn.split('.')[0])
|
|
localpb = "%s/%s" % (path, DEFAULT_PLAYBOOK)
|
|
errors = []
|
|
for pb in [hostpb, shorthostpb, localpb]:
|
|
rc = try_playbook(pb)
|
|
if rc == 0:
|
|
playbook = pb
|
|
break
|
|
else:
|
|
errors.append("%s: %s" % (pb, PLAYBOOK_ERRORS[rc]))
|
|
if playbook is None:
|
|
print >>sys.stderr, "\n".join(errors)
|
|
return playbook
|
|
|
|
|
|
def main(args):
|
|
""" Set up and run a local playbook """
|
|
usage = "%prog [options] [playbook.yml]"
|
|
parser = utils.SortedOptParser(usage=usage)
|
|
parser.add_option('--purge', default=False, action='store_true',
|
|
help='purge checkout after playbook run')
|
|
parser.add_option('-o', '--only-if-changed', dest='ifchanged', default=False, action='store_true',
|
|
help='only run the playbook if the repository has been updated')
|
|
parser.add_option('-s', '--sleep', dest='sleep', default=None,
|
|
help='sleep for random interval (between 0 and n number of seconds) before starting. this is a useful way to disperse git requests')
|
|
parser.add_option('-f', '--force', dest='force', default=False,
|
|
action='store_true',
|
|
help='run the playbook even if the repository could '
|
|
'not be updated')
|
|
parser.add_option('-d', '--directory', dest='dest', default=None,
|
|
help='directory to checkout repository to')
|
|
#parser.add_option('-l', '--live', default=True, action='store_live',
|
|
# help='Print the ansible-playbook output while running')
|
|
parser.add_option('-U', '--url', dest='url', default=None,
|
|
help='URL of the playbook repository')
|
|
parser.add_option('-C', '--checkout', dest='checkout',
|
|
help='branch/tag/commit to checkout. '
|
|
'Defaults to behavior of repository module.')
|
|
parser.add_option('-i', '--inventory-file', dest='inventory',
|
|
help="location of the inventory host file")
|
|
parser.add_option('-e', '--extra-vars', dest="extra_vars", action="append",
|
|
help="set additional variables as key=value or YAML/JSON", default=[])
|
|
parser.add_option('-v', '--verbose', default=False, action="callback",
|
|
callback=increment_debug,
|
|
help='Pass -vvvv to ansible-playbook')
|
|
parser.add_option('-m', '--module-name', dest='module_name',
|
|
default=DEFAULT_REPO_TYPE,
|
|
help='Module name used to check out repository. '
|
|
'Default is %s.' % DEFAULT_REPO_TYPE)
|
|
parser.add_option('--vault-password-file', dest='vault_password_file',
|
|
help="vault password file")
|
|
parser.add_option('-K', '--ask-sudo-pass', default=False, dest='ask_sudo_pass', action='store_true',
|
|
help='ask for sudo password')
|
|
parser.add_option('-t', '--tags', dest='tags', default=False,
|
|
help='only run plays and tasks tagged with these values')
|
|
parser.add_option('--accept-host-key', default=False, dest='accept_host_key', action='store_true',
|
|
help='adds the hostkey for the repo url if not already added')
|
|
parser.add_option('--key-file', dest='key_file',
|
|
help="Pass '-i <key_file>' to the SSH arguments used by git.")
|
|
options, args = parser.parse_args(args)
|
|
|
|
hostname = socket.getfqdn()
|
|
if not options.dest:
|
|
# use a hostname dependent directory, in case of $HOME on nfs
|
|
options.dest = utils.prepare_writeable_dir('~/.ansible/pull/%s' % hostname)
|
|
|
|
options.dest = os.path.abspath(options.dest)
|
|
|
|
if not options.url:
|
|
parser.error("URL for repository not specified, use -h for help")
|
|
return 1
|
|
|
|
now = datetime.datetime.now()
|
|
print now.strftime("Starting ansible-pull at %F %T")
|
|
|
|
# Attempt to use the inventory passed in as an argument
|
|
# It might not yet have been downloaded so use localhost if note
|
|
if not options.inventory or not os.path.exists(options.inventory):
|
|
inv_opts = 'localhost,'
|
|
else:
|
|
inv_opts = options.inventory
|
|
limit_opts = 'localhost:%s:127.0.0.1' % hostname
|
|
repo_opts = "name=%s dest=%s" % (options.url, options.dest)
|
|
|
|
if VERBOSITY == 0:
|
|
base_opts = '-c local --limit "%s"' % limit_opts
|
|
elif VERBOSITY > 0:
|
|
debug_level = ''.join([ "v" for x in range(0, VERBOSITY) ])
|
|
base_opts = '-%s -c local --limit "%s"' % (debug_level, limit_opts)
|
|
|
|
if options.checkout:
|
|
repo_opts += ' version=%s' % options.checkout
|
|
|
|
# Only git module is supported
|
|
if options.module_name == DEFAULT_REPO_TYPE:
|
|
if options.accept_host_key:
|
|
repo_opts += ' accept_hostkey=yes'
|
|
|
|
if options.key_file:
|
|
repo_opts += ' key_file=%s' % options.key_file
|
|
|
|
path = utils.plugins.module_finder.find_plugin(options.module_name)
|
|
if path is None:
|
|
sys.stderr.write("module '%s' not found.\n" % options.module_name)
|
|
return 1
|
|
|
|
bin_path = os.path.dirname(os.path.abspath(__file__))
|
|
cmd = '%s/ansible localhost -i "%s" %s -m %s -a "%s"' % (
|
|
bin_path, inv_opts, base_opts, options.module_name, repo_opts
|
|
)
|
|
|
|
for ev in options.extra_vars:
|
|
cmd += ' -e "%s"' % ev
|
|
|
|
if options.sleep:
|
|
try:
|
|
secs = random.randint(0,int(options.sleep));
|
|
except ValueError:
|
|
parser.error("%s is not a number." % options.sleep)
|
|
return 1
|
|
|
|
print >>sys.stderr, "Sleeping for %d seconds..." % secs
|
|
time.sleep(secs);
|
|
|
|
|
|
# RUN THe CHECKOUT COMMAND
|
|
rc, out, err = cmd_functions.run_cmd(cmd, live=True)
|
|
|
|
if rc != 0:
|
|
if options.force:
|
|
print >>sys.stderr, "Unable to update repository. Continuing with (forced) run of playbook."
|
|
else:
|
|
return rc
|
|
elif options.ifchanged and '"changed": true' not in out:
|
|
print "Repository has not changed, quitting."
|
|
return 0
|
|
|
|
playbook = select_playbook(options.dest, args)
|
|
|
|
if playbook is None:
|
|
print >>sys.stderr, "Could not find a playbook to run."
|
|
return 1
|
|
|
|
cmd = '%s/ansible-playbook %s %s' % (bin_path, base_opts, playbook)
|
|
if options.vault_password_file:
|
|
cmd += " --vault-password-file=%s" % options.vault_password_file
|
|
if options.inventory:
|
|
cmd += ' -i "%s"' % options.inventory
|
|
for ev in options.extra_vars:
|
|
cmd += ' -e "%s"' % ev
|
|
if options.ask_sudo_pass:
|
|
cmd += ' -K'
|
|
if options.tags:
|
|
cmd += ' -t "%s"' % options.tags
|
|
os.chdir(options.dest)
|
|
|
|
# RUN THE PLAYBOOK COMMAND
|
|
rc, out, err = cmd_functions.run_cmd(cmd, live=True)
|
|
|
|
if options.purge:
|
|
os.chdir('/')
|
|
try:
|
|
shutil.rmtree(options.dest)
|
|
except Exception, e:
|
|
print >>sys.stderr, "Failed to remove %s: %s" % (options.dest, str(e))
|
|
|
|
return rc
|
|
|
|
if __name__ == '__main__':
|
|
try:
|
|
sys.exit(main(sys.argv[1:]))
|
|
except KeyboardInterrupt, e:
|
|
print >>sys.stderr, "Exit on user request.\n"
|
|
sys.exit(1)
|