diff --git a/.gitignore b/.gitignore index d6b77c5..6812ae9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,5 @@ -# Created by https://www.toptal.com/developers/gitignore/api/linux,macos,archive,windows,intellij,sublimetext,certificates,visualstudiocode,ansible -# Edit at https://www.toptal.com/developers/gitignore?templates=linux,macos,archive,windows,intellij,sublimetext,certificates,visualstudiocode,ansible +# Created by https://www.toptal.com/developers/gitignore/api/linux,macos,ansible,archive,windows,intellij,sublimetext,certificates,visualstudiocode,python +# Edit at https://www.toptal.com/developers/gitignore?templates=linux,macos,ansible,archive,windows,intellij,sublimetext,certificates,visualstudiocode,python ### Ansible ### *.retry @@ -212,6 +212,178 @@ Temporary Items # iCloud generated files *.icloud +### Python ### +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ +cover/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py +db.sqlite3 +db.sqlite3-journal + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +.pybuilder/ +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# IPython +profile_default/ +ipython_config.py + +# pyenv +# For a library or package, you might want to ignore these files since the code is +# intended to run in multiple environments; otherwise, check them in: +# .python-version + +# pipenv +# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. +# However, in case of collaboration, if having platform-specific dependencies or dependencies +# having no cross-platform support, pipenv may install dependencies that don't work, or not +# install all needed dependencies. +#Pipfile.lock + +# poetry +# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. +# This is especially recommended for binary packages to ensure reproducibility, and is more +# commonly ignored for libraries. +# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control +#poetry.lock + +# pdm +# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. +#pdm.lock +# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it +# in version control. +# https://pdm.fming.dev/#use-with-ide +.pdm.toml + +# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm +__pypackages__/ + +# Celery stuff +celerybeat-schedule +celerybeat.pid + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ +.dmypy.json +dmypy.json + +# Pyre type checker +.pyre/ + +# pytype static type analyzer +.pytype/ + +# Cython debug symbols +cython_debug/ + +# PyCharm +# JetBrains specific template is maintained in a separate JetBrains.gitignore that can +# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore +# and can be added to the global gitignore or merged into this file. For a more nuclear +# option (not recommended) you can uncomment the following to ignore the entire idea folder. +#.idea/ + +### Python Patch ### +# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration +poetry.toml + +# ruff +.ruff_cache/ + +# LSP config files +pyrightconfig.json + ### SublimeText ### # Cache files for Sublime Text *.tmlanguage.cache @@ -287,7 +459,7 @@ $RECYCLE.BIN/ # Windows shortcuts *.lnk -# End of https://www.toptal.com/developers/gitignore/api/linux,macos,archive,windows,intellij,sublimetext,certificates,visualstudiocode,ansible +# End of https://www.toptal.com/developers/gitignore/api/linux,macos,ansible,archive,windows,intellij,sublimetext,certificates,visualstudiocode,python # ------------------------------------------------------------------------------ # CUSTOM diff --git a/ansible.cfg b/ansible.cfg index 225273a..4e1fb66 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -6,7 +6,6 @@ roles_path = roles/public:roles/local retry_files_enabled = False callback_result_format = yaml log_path = /tmp/ansible.linux-setup-playbook.log -ansible_managed = Managed by Ansible vault_password_file = scripts/vault-keyring.sh interpreter_python = python3 diff --git a/config.flaudisio.yml b/config.flaudisio.yml index 2f9984b..bc214a4 100644 --- a/config.flaudisio.yml +++ b/config.flaudisio.yml @@ -3,6 +3,8 @@ # Helper variables # ------------------------------------------------------------------------------ +ansible_managed: Managed by Ansible + __current_user: "{{ lookup('ansible.builtin.env', 'USER') }}" __templates_dir: "{{ playbook_dir }}/../templates" diff --git a/mise.toml b/mise.toml index 26b27c6..109fe4f 100644 --- a/mise.toml +++ b/mise.toml @@ -5,7 +5,7 @@ uv = "latest" [vars] PROJECT_NAME = "{{ config_root | basename }}" -VENV_DIR = "{{ env.HOME }}/.virtualenvs/{{ vars.PROJECT_NAME }}" +VENV_DIR = ".venv" COLLECTIONS_PATH = "collections" ROLES_PATH = "roles/public" @@ -31,24 +31,15 @@ run = [ "git clean -fdx -- '{{ vars.COLLECTIONS_PATH }}' '{{ vars.ROLES_PATH }}'", ] -[tasks."install:ansible"] -description = "Install Ansible and project dependencies" -run = "uv pip install -r requirements.txt" - -[tasks."install:galaxy"] -description = "Install Galaxy dependencies from requirements files" +[tasks.install] +description = "Install dependencies" +alias = "i" run = [ + "uv pip install -r requirements.txt", "ansible-galaxy collection install --upgrade --requirements-file requirements.yml --collections-path '{{ vars.COLLECTIONS_PATH }}'", "ansible-galaxy role install --role-file requirements.yml --roles-path '{{ vars.ROLES_PATH }}'", ] -[tasks.install] -description = "Run all installation tasks" -run = [ - "mise run install:ansible", - "mise run install:galaxy", -] - [tasks.venv-activate] description = "Print the virtualenv activation command" run = "echo source '{{ vars.VENV_DIR }}/bin/activate'" @@ -66,20 +57,20 @@ run = [ description = "Configure Ansible Vault password" run = "doppler secrets get VAULT_PASSWORD --project {{ vars.PROJECT_NAME }} --plain | ./scripts/vault-keyring.sh --debug" -[tasks."vault:download-vars"] +[tasks."vault:download"] description = "Create the variables file containing Vault secrets" run = [ "doppler secrets get VAULT_YAML --project {{ vars.PROJECT_NAME }} --plain > vault.yml", "chmod 600 vault.yml", ] +[tasks."vault:upload"] +description = "Upload the variables file to the cloud" +run = "cat vault.yml | doppler secrets set VAULT_YAML --project {{ vars.PROJECT_NAME }} --silent" + [tasks."vault:setup"] description = "Setup the repository to use Ansible Vault" run = [ "mise run vault:password", - "mise run vault:download-vars", + "mise run vault:download", ] - -[tasks."vault:upload-vars"] -description = "Upload the variables file to the cloud" -run = "cat vault.yml | doppler secrets set VAULT_YAML --project {{ vars.PROJECT_NAME }} --silent" diff --git a/requirements.txt b/requirements.txt index b563f44..5effaa3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ -ansible-core==2.17.* +ansible-core==2.20.* keyring==25.* diff --git a/requirements.yml b/requirements.yml index ee4a1fd..448d07d 100644 --- a/requirements.yml +++ b/requirements.yml @@ -3,8 +3,8 @@ collections: - name: ansible.posix version: ">=2.1,<3.0" - name: community.general - version: ">=12.2,<13.0" + version: ">=12.6,<13.0" roles: - src: geerlingguy.docker - version: 7.9.0 + version: 8.0.0