Giter Club home page Giter Club logo

ansible-role-bootstrap's Introduction

👋 Hey there. My name’s Jonas

LinkedIn stackshare tryhackme

📺 Favourite Series

Avatar: The Last Airbender, Star Trek (VOY / TNG / PICARD / DISCOVERY)

⛳ Hobbies and Interests

Watching Movies with Friends, Learning new things, Programming, Keeping a clean and organized home and setup

🔝 Current Primary Fascinations

Ansible Automation and CI/CD (because its Awesome), Cooking (I spend too much € on other things ;))

📍 Location

EU, Austria, Vorarlberg (CET +1 hour)

IT (Home Setup Diagram)

I know my way around Linux, Windows, IT, programming and generally like to always try to understand most of the things I stumble across every day.

My current keen interest area is Dev - Ops — Specifically, in my current decision case, IaaC with Ansible/Terraform/Amazon Web Services and Continious Automated Integration/Delivery with GitHub Actions and Docker.
I will never get bored of my enthusiasm for web development, the browser, the backend and everything around it, as well as the perspectives that they still offer and make possible for us today.

Details

These are very fascinating topics that are fundamentally changing the way software development and deployment is done. Servers / VMs are transformed from sacred "don’t touch" black box systems into simple disposable and on-demand createable goods. It is the pinnacle of automation and reproducibility.

And the crazy thing is that nothing has fundamentally changed - It’s just that the solutions (Linux, SSH, HTTP, TLS, ..) and concepts (TCP/IP, ..) that were created a long time ago by very smart people are so crazily thought-of princibles which we’re all just slowly sticking together and extending continously. IT is amazing.

🌱 Having just completed an IT apprenticeship, I am currently studying for various certifications (CCNA, MSCA, FSNE 1-4, RHCSA, …​) to solidify my knowledge and help myself making the decision on which path to truly pursue by digging into each of them.

Recent Activities

🙋‍♂️ I actively star repositories I find useful and interesting. Below is an automatically generated overview of my GitHub profile, showing mostly my recently starred projects (which may give somewhat of an indication of what I’m currently onto):

Metrics

Private, Work and Infrastructure Setup

Pinned Repositories / Recent Contributions

ansible-role-bootstrap's People

Contributors

dependabot[bot] avatar github-actions[bot] avatar jonaspammer avatar pre-commit-ci[bot] avatar renovate[bot] avatar

Stargazers

avatar avatar avatar

Watchers

avatar

Forkers

fossabot hartl3y94 lgtm-migrator

ansible-role-bootstrap's Issues

compare to 'thoughtworks/talisman', 'yelp/detect-secrets', 'githuardian/ggshield...

compare to 'thoughtworks/talisman', 'yelp/detect-secrets', 'githuardian/ggshield'

even uses shellcheck to check the RUN instructions.

against a curated database of insecure python packages.

checked into source control too.

pycodestyle (befriended with black through config changes),

pyflakes (detects various error by parsing [not importing] source file's),

mccabe (https://en.wikipedia.org/wiki/Cyclomatic_complexity checker),

and third-party plugins to check the style and quality of some python code.

ansible-role-bootstrap/.pre-commit-config.yaml

Line 29 in 79b384a

# TODO compare to 'thoughtworks/talisman', 'yelp/detect-secrets', 'githuardian/ggshield' 

      - id: check-toml
      - id: check-xml
      - id: debug-statements
      # TODO compare to 'thoughtworks/talisman', 'yelp/detect-secrets', 'githuardian/ggshield'
      - id: detect-private-key
      - id: detect-aws-credentials
      - id: fix-encoding-pragma
      - id: mixed-line-ending
      - id: requirements-txt-fixer
      - id: trailing-whitespace

  - repo: https://github.com/jumanjihouse/pre-commit-hooks
    rev: 2.1.5
    hooks:
      - id: git-check  # Configure in .gitattributes
      - id: script-must-have-extension
      - id: script-must-not-have-extension
      - id: shellcheck
      - id: shfmt
  
  # takes up the taunting task of formatting bash scripts
  - repo: https://github.com/lovesegfault/beautysh
    rev: v6.2.1
    hooks:
      - id: beautysh
  
  # opinionated code formatter for all things frontend (also includes Markdown, JSON, YAML)
  - repo: https://github.com/pre-commit/mirrors-prettier
    rev: v2.5.1
    hooks:
      - id: prettier

  - repo: https://github.com/adrienverge/yamllint
    rev: v1.26.3
    hooks:
      - id: yamllint
        args: [-c=.yamllint]

  ## DOCKER ##

  # verifies that docker-compose files are valid by using 'docker-compose config' to parse them
  - repo: https://github.com/IamTheFij/docker-pre-commit
    rev: v2.0.1
    hooks:
      - id: docker-compose-check
  
  # Dockerfile linter / best practice checker. 
  # even uses `shellcheck` to check the RUN instructions.
  - repo: https://github.com/hadolint/hadolint
    rev: v2.8.0
    hooks:
      - id: hadolint-docker


  ### ANSIBLE ###


  - repo: https://github.com/ansible-community/ansible-lint
    rev: v5.4.0
    hooks:
      - id: ansible-lint


  ### PYTHON ###

  # checks all files containing 'requirements' in their name in the repo 
  # against a curated database of insecure python packages.
  - repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.2.4
    hooks:
      - id: python-safety-dependencies-check

  # 'setup.cfg' line sorter
  - repo: https://github.com/asottile/setup-cfg-fmt
    rev: v1.20.0
    hooks:
      - id: setup-cfg-fmt
  
  # pip-compile`s 'requirements.in' files as its recommended to have the 'requirements.txt' version
  # checked into source control too.
  - repo: https://github.com/jazzband/pip-tools
    rev: 6.5.1
    hooks:
      - id: pip-compile
  
  # the uncompromising (opinionated / barely configurable) PEP8 Python code formatter.
  - repo: https://github.com/psf/black
    rev: '22.1.0'
    hooks:
      - id: black
  
  # a tool designed to find common security issues in Python code. 
  - repo: https://github.com/PyCQA/bandit
    rev: '1.7.2'
    hooks:
      - id: bandit

  # flake8 is a python tool that glues together 
  # pycodestyle (befriended with `black` through config changes), 
  # pyflakes (detects various error by parsing [not importing] source file's), 
  # mccabe (https://en.wikipedia.org/wiki/Cyclomatic_complexity checker), 
  # and third-party plugins to check the style and quality of some python code. 
  - repo: https://github.com/pycqa/flake8
    rev: '4.0.1'
    hooks:
      - id: flake8
  
  # TODO python doc formatter


default_language_version:
  python: python3
ci:
  autofix_commit_msg: |
    chore(pre-commit): auto fixes from hooks :rotating_light:

    for more information, see https://pre-commit.ci
  autoupdate_commit_msg: |
    chore(pre-commit): autoupdate :arrow_up:
exclude: ".idea"

2567b3b2c4f69fcdd534acd6674424fc96b6d4c1

[Bug]: test

Proposed feature

test auto-label

Rationale

No response

Additional context

No response

[Bug]: No package matching 'gnupg' is available

What happened?

https://github.com/JonasPammer/ansible-role-core_dependencies/runs/5694366210

The role itself should pre-heat the the package manager cache.
Maybe not every-time, but at least when the failure as seen in above workflow run happens.
This is currently only being done when the connection failed, e.g.:

ansible-role-bootstrap/vars/main.yml

Line 33 in 7f948c2

raw: "LANG=C apt-get update && apt-get install -y {{ bootstrap_packages }}"

This has also been reported a long time ago in robertdebock's original role, but with a stagnating pull request: robertdebock/ansible-role-bootstrap#57

Playbook

---
- name: prepare
  hosts: all
  become: yes
  gather_facts: no

  roles:
    - role: jonaspammer.bootstrap

Role Version

1.0.0

Environment / Control Node Information

debian 10
debian 11

ansible 2.9, 2.10, 2.11, 2.12

Environment / Managed Node Information

github's ubuntu-latest

docs: add gh-pages

add a new github action that generates a properly rendered README.html using asciidoctor and publishes it as a github page (actions-gh-pages).

if POC works, then even add a link in the README.adoc to the github pages url

docs: adapt vscode badge documentation / research bug

as seen in the below examplatory screenshot, https://open.vscode.dev/jonaspammer/ansible-role-bootstrap should lead to a page that looks like this (its an really old one, there also was a new button to "open in vscode for the web" the last last time i visited said page):

image

because of unknown reason, it now just opens vscode for the web - and it doesn't even load the project or bring any popup about it or something. it just turns the url bar into https://open.vscode.dev/ and does nothing. because of this, it seems like a bug on microsoft's end.

find out if there's an issue opened or if something has changed.

fix tox

current knowledge:

running with envlist set to just one worked:
9: https://github.com/JonasPammer/ansible-role-bootstrap/actions/runs/7856920577?pr=110 https://github.com/JonasPammer/ansible-role-bootstrap/actions/runs/7857151631?pr=110
8: https://github.com/JonasPammer/ansible-role-bootstrap/actions/runs/7857056464?pr=110
(7 not tested, but should also)
6: https://github.com/JonasPammer/ansible-role-bootstrap/actions/runs/7857073491?pr=110

running with 2+ though not (one fails at create, one at converge):
8,9: https://github.com/JonasPammer/ansible-role-bootstrap/actions/runs/7856946192/job/21440260584?pr=110

successfull action output from last month as reference:

JonasPammer ansible-role-bootstrap actions runs 7385671910 job 20090871797.txt

fedora35

As seen in https://github.com/JonasPammer/ansible-role-bootstrap/actions/runs/4713121941/jobs/8530764006#step:7:862 (a workflow run in which i manually sequentially clicked rerun on every one after one), fedora35 failing in a step of this role is the real reason of CI failure across the board of all my ansible roles and it's not just a fluke because I've now ran it multiple times (note: by now, only in CI though).

Molecule default > converge
...
  TASK [ansible-role-bootstrap : test connection] ********************************
  Sunday 16 April 2023  12:19:24 +0000 (0:00:00.038)       0:00:00.144 **********
  fatal: [instance-py3-ansible-6-fedora35]: FAILED! => changed=false 
    elapsed: 3
    msg: 'timed out waiting for ping module test: Failed to create temporary directory. In some cases, you may have been able to authenticate and did not have permissions on the target directory. Consider changing the remote tmp path in ansible.cfg to a path rooted in "/tmp", for more error information use -vvv. Failed command was: ( umask 77 && mkdir -p "` echo ~/.ansible/tmp `"&& mkdir "` echo ~/.ansible/tmp/ansible-tmp-1681647566.7499456-4057-266089596338126 `" && echo ansible-tmp-1681647566.7499456-4057-266089596338126="` echo ~/.ansible/tmp/ansible-tmp-1681647566.7499456-4057-266089596338126 `" ), exited with result 1'
...
  TASK [ansible-role-bootstrap : lookup bootstrap facts (raw).] ******************
  Sunday 16 April 2023  12:19:27 +0000 (0:00:00.019)       0:00:03.469 **********
  fatal: [instance-py3-ansible-6-fedora35]: FAILED! => changed=false 
    msg: non-zero return code
    rc: 1
    stderr: |-
      Error response from daemon: Container 1d3b7a53b2d739d78cfa443774df83b4b6da77af0a6071c8eb15314d0f177618 is not running
    stderr_lines: <omitted>
    stdout: ''
    stdout_lines: <omitted>

fixate the ansible version to match the one defined in meta/main.yml

Ad-Hoc'ly tried it in #3 by just changing the version of ansible, didn't work.

maybe even find a way to dynamically get the version from meta/main.yml like the following pseudocode demonstrates (which would probably mean to ditch the requirements file)

pip install ansible>={{ open('meta/main.yml').galaxy_info.min_ansible_version }}<=3

[Feature Request]: include markdown generation in molecule script

Proposed feature

remove generate-markdown-readme workflow,
only temporarily generate in release-to-molecule role

Rationale

do not pollute repo with possibly unpretty auto-generated markdown

Additional context

because the molecule workflow contains a checkout of the repo into a specific directory, i figure that galaxy does not request github for the files but the working directory

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

  • chore(deps): update actions/checkout digest to 0ad4b8f
  • chore(deps): update actions/download-artifact digest to 65a9edc
  • chore(deps): update actions/upload-artifact digest to 6546280
  • chore(deps): update stefanzweifel/git-auto-commit-action digest to 8621497
  • chore(deps): update pascalgn/size-label-action action to v0.5.2
  • chore(deps): update actions/configure-pages action to v5
  • chore(deps): update geekyeggo/delete-artifact action to v5

Detected dependencies

github-actions
.github/workflows/ci.yml
  • actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-python v5@82c7e631bb3cdc910f68e0081d67478d79c6982d
  • actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-python v5@82c7e631bb3cdc910f68e0081d67478d79c6982d
  • actions/cache v4@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9
  • actions/upload-artifact v4@5d5d22a31266ced268874388b861e4b58bb5c2f3
  • mxschmitt/action-tmate v3@a283f9441d2d96eb62436dc46d7014f5d357ac22
.github/workflows/gh-pages.yml
  • actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11
  • ruby/setup-ruby v1
  • actions/setup-python v5@82c7e631bb3cdc910f68e0081d67478d79c6982d
  • pandoc/core sha256:222badaf55d35aa19a54294721b2669a55737e8a96e78f038b89c2b70bccd13f
  • pandoc/core 3.1@sha256:222badaf55d35aa19a54294721b2669a55737e8a96e78f038b89c2b70bccd13f
  • stefanzweifel/git-auto-commit-action v5@8756aa072ef5b4a080af5dc8fef36c5d586e521d
  • actions/upload-artifact v4@5d5d22a31266ced268874388b861e4b58bb5c2f3
  • actions/download-artifact v4@c850b930e6ba138125429b7e5c93fc707a7f8427
  • actions/configure-pages v4@1f0c5cde4bc74cd7e1254d0cb4de8d49e9068c7d
  • actions/upload-pages-artifact v3@56afc609e74202658d3ffba0e8f6dda462b719fa
  • actions/deploy-pages v4@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e
  • geekyeggo/delete-artifact v4@65041433121f7239077fa20be14c0690f70569de
.github/workflows/issue-label-manager.yml
  • actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11
  • crazy-max/ghaction-github-labeler v5@de749cf181958193cb7debf1a9c5bb28922f3e1b
.github/workflows/label-pr-size.yml
  • pascalgn/size-label-action v0.5.0@37a5ad4ae20ea8032abf169d953bcd661fd82cd3
.github/workflows/release-to-galaxy.yml
  • actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-python v5@82c7e631bb3cdc910f68e0081d67478d79c6982d
pip_requirements
requirements-dev.txt
  • cruft >2.11
  • Check this box to trigger a request for Renovate to run again on this repository

deprecation warning for callback_whitelist

[DEPRECATION WARNING]: [defaults]callback_whitelist option, normalizing names
to new standard, use callbacks_enabled instead. This feature will be removed
from ansible-core in version 2.15. Deprecation warnings can be disabled by
setting deprecation_warnings=False in ansible.cfg.

docs: reword "Recommended Development Environment"

  • transform devcontainer into a simple Dockerfile
  • clearly tell the purpose of this, as illustrated by the emoji. it's just a nicety for 1-click to code in a full featured IDE, optionally even in a predefined small ubuntu env that has the features described below.
  • describe all possibilities shown in https://open.vscode.dev/jonaspammer/ansible-role-bootstrap
    • e.g. the dev container can not be used to locally test molecule, as this would need docker-in-docker, which for obvious reasons is not possible. the dev container just installs extensions useful for the project and provides an ubuntu terminal with appropiate ubuntu cli tools (e.g. github-cli, prettier, pre-commit, ... ?)

python doc formatter

python doc formatter

ansible-role-bootstrap/.pre-commit-config.yaml

Line 133 in 79b384a

# TODO python doc formatter 

      - id: check-toml
      - id: check-xml
      - id: debug-statements
      # TODO compare to 'thoughtworks/talisman', 'yelp/detect-secrets', 'githuardian/ggshield'
      - id: detect-private-key
      - id: detect-aws-credentials
      - id: fix-encoding-pragma
      - id: mixed-line-ending
      - id: requirements-txt-fixer
      - id: trailing-whitespace

  - repo: https://github.com/jumanjihouse/pre-commit-hooks
    rev: 2.1.5
    hooks:
      - id: git-check  # Configure in .gitattributes
      - id: script-must-have-extension
      - id: script-must-not-have-extension
      - id: shellcheck
      - id: shfmt
  
  # takes up the taunting task of formatting bash scripts
  - repo: https://github.com/lovesegfault/beautysh
    rev: v6.2.1
    hooks:
      - id: beautysh
  
  # opinionated code formatter for all things frontend (also includes Markdown, JSON, YAML)
  - repo: https://github.com/pre-commit/mirrors-prettier
    rev: v2.5.1
    hooks:
      - id: prettier

  - repo: https://github.com/adrienverge/yamllint
    rev: v1.26.3
    hooks:
      - id: yamllint
        args: [-c=.yamllint]

  ## DOCKER ##

  # verifies that docker-compose files are valid by using 'docker-compose config' to parse them
  - repo: https://github.com/IamTheFij/docker-pre-commit
    rev: v2.0.1
    hooks:
      - id: docker-compose-check
  
  # Dockerfile linter / best practice checker. 
  # even uses `shellcheck` to check the RUN instructions.
  - repo: https://github.com/hadolint/hadolint
    rev: v2.8.0
    hooks:
      - id: hadolint-docker


  ### ANSIBLE ###


  - repo: https://github.com/ansible-community/ansible-lint
    rev: v5.4.0
    hooks:
      - id: ansible-lint


  ### PYTHON ###

  # checks all files containing 'requirements' in their name in the repo 
  # against a curated database of insecure python packages.
  - repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.2.4
    hooks:
      - id: python-safety-dependencies-check

  # 'setup.cfg' line sorter
  - repo: https://github.com/asottile/setup-cfg-fmt
    rev: v1.20.0
    hooks:
      - id: setup-cfg-fmt
  
  # pip-compile`s 'requirements.in' files as its recommended to have the 'requirements.txt' version
  # checked into source control too.
  - repo: https://github.com/jazzband/pip-tools
    rev: 6.5.1
    hooks:
      - id: pip-compile
  
  # the uncompromising (opinionated / barely configurable) PEP8 Python code formatter.
  - repo: https://github.com/psf/black
    rev: '22.1.0'
    hooks:
      - id: black
  
  # a tool designed to find common security issues in Python code. 
  - repo: https://github.com/PyCQA/bandit
    rev: '1.7.2'
    hooks:
      - id: bandit

  # flake8 is a python tool that glues together 
  # pycodestyle (befriended with `black` through config changes), 
  # pyflakes (detects various error by parsing [not importing] source file's), 
  # mccabe (https://en.wikipedia.org/wiki/Cyclomatic_complexity checker), 
  # and third-party plugins to check the style and quality of some python code. 
  - repo: https://github.com/pycqa/flake8
    rev: '4.0.1'
    hooks:
      - id: flake8
  
  # TODO python doc formatter


default_language_version:
  python: python3
ci:
  autofix_commit_msg: |
    chore(pre-commit): auto fixes from hooks :rotating_light:

    for more information, see https://pre-commit.ci
  autoupdate_commit_msg: |
    chore(pre-commit): autoupdate :arrow_up:
exclude: ".idea"

e9af803301bf3c753595e93f955c1056b26e7b1b

remove community.docker from requirements.yml

Proposed feature

maybe add a command in tox.ini before "molecule converge" to install this collection

Rationale

this is no role dependency. this is a dependency needed only by molecule / lower ansible versions.

Additional context

No response

fix hadolint

previously just commented out:

ansible-role-bootstrap/.pre-commit-config.yaml

Lines 63 to 74 in 50da04e

# verifies that docker-compose files are valid by using 'docker-compose config' to parse them
# - repo: https://github.com/IamTheFij/docker-pre-commit
# rev: v2.0.1
# hooks:
# - id: docker-compose-check
# Dockerfile linter / best practice checker.
# even uses `shellcheck` to check the RUN instructions.
# - repo: https://github.com/hadolint/hadolint
# rev: v2.8.0
# hooks:
# - id: hadolint-docker

the reason was that pre-commit.ci complains about docker not being installed

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.