Merge pull request '[INFO] Création du rôle' (#1) from alpha into master
Reviewed-on: #1
This commit is contained in:
commit
b787b15353
200
README.md
200
README.md
@ -1,3 +1,199 @@
|
|||||||
# role_modele
|
# role_drone_runner_exec
|
||||||
|
|
||||||
Modèle
|
Rôle de déploiement d'un runner-exec drone.io.
|
||||||
|
|
||||||
|
## Variables
|
||||||
|
|
||||||
|
### drone_runner_exec_prerequisites
|
||||||
|
|
||||||
|
Liste des paquets pré-requis.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `["curl", "jq"]`
|
||||||
|
|
||||||
|
### drone_runner_exec_url
|
||||||
|
|
||||||
|
URL pointant vers l'API de github.com fournissant le lien de téléchargement de l'archive.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `https://api.github.com/repos/drone-runners/drone-runner-exec/releases/latest`
|
||||||
|
|
||||||
|
### drone_runner_exec_architecture
|
||||||
|
|
||||||
|
Nécessaire pour télécharger la bonne archive depuis github.com.<br />
|
||||||
|
Les architectures disponibles sont visibles dans [la liste de release du dépôt](https://github.com/drone-runners/drone-runner-exec/releases).
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `arm64`
|
||||||
|
|
||||||
|
### drone_runner_exec_rpc_proto
|
||||||
|
|
||||||
|
Protocole utilisé pour contacter le serveur drone.io.<br />
|
||||||
|
Les valeurs peuvent être `http` ou `https`.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_rpc_host
|
||||||
|
|
||||||
|
Adresse IP ou nom d'hôte suivi du numéro de port du serveur drone.io.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_rpc_secret
|
||||||
|
|
||||||
|
Clé utilisée par le serveur drone.io.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_log_file
|
||||||
|
|
||||||
|
Emplacement des journaux.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `/var/log/drone-runner-exec/log.txt`
|
||||||
|
|
||||||
|
### drone_runner_exec_log_file_max_size
|
||||||
|
|
||||||
|
Taille maximal en mégaoctets d'un journal.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `10`
|
||||||
|
|
||||||
|
### drone_runner_exec_log_file_max_age
|
||||||
|
|
||||||
|
Nombre de jour où sera conservé un journal.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `7`
|
||||||
|
|
||||||
|
### drone_runner_exec_log_file_max_backup
|
||||||
|
|
||||||
|
Nombre d'ancien journaux conservés.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `0`
|
||||||
|
|
||||||
|
### drone_runner_exec_debug
|
||||||
|
|
||||||
|
Activer le mode debug.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `false`
|
||||||
|
|
||||||
|
### drone_runner_exec_trace
|
||||||
|
|
||||||
|
Activer le mode trace.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `false`
|
||||||
|
|
||||||
|
### drone_runner_exec_rpc_dump
|
||||||
|
|
||||||
|
Afficher le détail des communication entre le serveur et le runner en activant les paramètre suivants :
|
||||||
|
|
||||||
|
- `DRONE_RPC_DUMP_HTTP`
|
||||||
|
- `DRONE_RPC_DUMP_HTTP_BODY`
|
||||||
|
|
||||||
|
Activer cette option génère énormément de ligne en sortie ; à n'activer que sur une très petite période.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `false`
|
||||||
|
|
||||||
|
### drone_runner_exec_runner_name
|
||||||
|
|
||||||
|
Définir le nom du runner au lieu d'utiliser le nom d'hôte.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_runner_labels
|
||||||
|
|
||||||
|
Définir les étiquettes (tags) pour le runner.<br />
|
||||||
|
Cette option sert à cibler les runners depuis les pipelines.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_ui_username
|
||||||
|
|
||||||
|
Activer l'interface web du runner en définissant un nom d'utilisateur pour s'y connecter.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_ui_password
|
||||||
|
|
||||||
|
Activer l'interface web du runner en définissant un mot de passe pour s'y connecter.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> aucune
|
||||||
|
|
||||||
|
### drone_runner_exec_user: drone_runner
|
||||||
|
|
||||||
|
Utilisateur exécutant le runner.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `drone_runner`
|
||||||
|
|
||||||
|
### drone_runner_exec_group: drone_runner
|
||||||
|
|
||||||
|
Groupe exécutant le runner.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `drone_runner`
|
||||||
|
|
||||||
|
### drone_runner_exec_config_base_path
|
||||||
|
|
||||||
|
Chemin vers le fichier de configuration du runner.
|
||||||
|
|
||||||
|
<span style="text-decoration: underline">Valeur par défaut:</span> `/home/{{ drone_runner_exec_user }}/.drone-runner-exec`
|
||||||
|
|
||||||
|
## Exemple d'utilisation
|
||||||
|
|
||||||
|
### inventory.yml
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
---
|
||||||
|
|
||||||
|
all:
|
||||||
|
hosts:
|
||||||
|
host1.ykn.local:
|
||||||
|
```
|
||||||
|
|
||||||
|
### group_vars/all.yml
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
---
|
||||||
|
|
||||||
|
drone_runner_exec_architecture: arm64
|
||||||
|
drone_runner_exec_rpc_proto: http
|
||||||
|
drone_runner_exec_rpc_host: "192.168.1.1:9082"
|
||||||
|
drone_runner_exec_rpc_secret: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
31383335306534333462613832646537376232386465643262306134653931383863336133306561
|
||||||
|
3964303562336532393334343530636161343366656539620a326337376232623163323439303735
|
||||||
|
39656634356366306361366537663939653336323432646335656230663133393039343638363536
|
||||||
|
6565336166666261350a343937373733396131623962303237316661666539653432326136306239
|
||||||
|
3538
|
||||||
|
|
||||||
|
drone_runner_api_url: "https://drone.ykn.local/api"
|
||||||
|
drone_runner_api_key: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
31383335306534333462613832646537376232386465643262306134653931383863336133306561
|
||||||
|
3964303562336532393334343530636161343366656539620a326337376232623163323439303735
|
||||||
|
39656634356366306361366537663939653336323432646335656230663133393039343638363536
|
||||||
|
6565336166666261350a343937373733396131623962303237316661666539653432326136306239
|
||||||
|
3538
|
||||||
|
drone_runner_api_requests:
|
||||||
|
- path: /repos/ansible/playbook_lxc/secrets
|
||||||
|
name: ANSIBLE_VAULT_PASSWORD
|
||||||
|
data: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
31383335306534333462613832646537376232386465643262306134653931383863336133306561
|
||||||
|
3964303562336532393334343530636161343366656539620a326337376232623163323439303735
|
||||||
|
39656634356366306361366537663939653336323432646335656230663133393039343638363536
|
||||||
|
6565336166666261350a343937373733396131623962303237316661666539653432326136306239
|
||||||
|
3538
|
||||||
|
pull_request: false
|
||||||
|
```
|
||||||
|
|
||||||
|
### host_vars/host1.ykn.local.yml
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
drone_runner_exec_runner_name: "runner-1"
|
||||||
|
drone_runner_exec_runner_labels: "runner_name: {{ drone_runner_exec_runner_name }}"
|
||||||
|
```
|
||||||
|
|
||||||
|
### playbook.yml
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
---
|
||||||
|
|
||||||
|
- hosts: 'all'
|
||||||
|
roles:
|
||||||
|
- name: drone_runner_exec
|
||||||
|
```
|
||||||
|
33
defaults/main.yml
Normal file
33
defaults/main.yml
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
---
|
||||||
|
# defaults file for drone_runner_exec
|
||||||
|
|
||||||
|
drone_runner_exec_prerequisites:
|
||||||
|
- curl
|
||||||
|
- jq
|
||||||
|
- git
|
||||||
|
|
||||||
|
drone_runner_exec_url: https://api.github.com/repos/drone-runners/drone-runner-exec/releases/latest
|
||||||
|
drone_runner_exec_architecture: arm64
|
||||||
|
|
||||||
|
drone_runner_exec_rpc_proto: ""
|
||||||
|
drone_runner_exec_rpc_host: ""
|
||||||
|
drone_runner_exec_rpc_secret: ""
|
||||||
|
|
||||||
|
drone_runner_exec_log_file: /var/log/drone-runner-exec/log.txt
|
||||||
|
drone_runner_exec_log_file_max_size: 10
|
||||||
|
drone_runner_exec_log_file_max_age: 7
|
||||||
|
drone_runner_exec_log_file_max_backup: 0
|
||||||
|
|
||||||
|
drone_runner_exec_debug: false
|
||||||
|
drone_runner_exec_trace: false
|
||||||
|
drone_runner_exec_rpc_dump: false
|
||||||
|
|
||||||
|
drone_runner_exec_runner_name: ""
|
||||||
|
drone_runner_exec_runner_labels: ""
|
||||||
|
|
||||||
|
drone_runner_exec_ui_username: ""
|
||||||
|
drone_runner_exec_ui_password: ""
|
||||||
|
|
||||||
|
drone_runner_exec_user: drone_runner
|
||||||
|
drone_runner_exec_group: drone_runner
|
||||||
|
drone_runner_exec_config_base_path: "/home/{{ drone_runner_exec_user }}/.drone-runner-exec"
|
24
files/drone-downstream.bash
Normal file
24
files/drone-downstream.bash
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# Lancer une pipeline
|
||||||
|
request=$(curl --silent --request POST --header "Authorization: Bearer ${DRONE_TOKEN}" ${DRONE_BASE_URL}/api/repos/${DRONE_REPOSITORY_PATH}/builds${DRONE_URL_PARAM} | jq .number)
|
||||||
|
|
||||||
|
# Attendre que la pipeline ne soit plus en exécution
|
||||||
|
while true; do
|
||||||
|
# Récupérer l'état de la pipeline
|
||||||
|
status=$(curl --silent --request GET --header "Authorization: Bearer ${DRONE_TOKEN}" ${DRONE_BASE_URL}/api/repos/${DRONE_REPOSITORY_PATH}/builds/$request | jq .status)
|
||||||
|
|
||||||
|
case "${status}" in
|
||||||
|
"\"pending\"" | "\"running\"")
|
||||||
|
sleep 5s
|
||||||
|
;;
|
||||||
|
"\"success\"")
|
||||||
|
echo "${DRONE_REPOSITORY_PATH}: ${status}"
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "${DRONE_REPOSITORY_PATH}: ${status}"
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
10
handlers/main.yml
Normal file
10
handlers/main.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
# handlers file for drone_runner_exec
|
||||||
|
|
||||||
|
- name: Redémarrer drone-runner-exec.service
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
enabled: true
|
||||||
|
daemon_reload: true
|
||||||
|
state: restarted
|
||||||
|
name: drone-runner-exec.service
|
||||||
|
become: true
|
@ -1,7 +1,7 @@
|
|||||||
galaxy_info:
|
galaxy_info:
|
||||||
namespace: ykn
|
namespace: ykn
|
||||||
author: pulsar89.5
|
author: pulsar89.5
|
||||||
description: Rôle modèle
|
description: Rôle de déploiement d'un runner-exec drone.io
|
||||||
|
|
||||||
license: GPL-3.0-or-later
|
license: GPL-3.0-or-later
|
||||||
|
|
||||||
@ -12,4 +12,5 @@ galaxy_info:
|
|||||||
versions:
|
versions:
|
||||||
- all
|
- all
|
||||||
|
|
||||||
dependencies: []
|
dependencies:
|
||||||
|
- role: users
|
||||||
|
69
tasks/configuration.yml
Normal file
69
tasks/configuration.yml
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
---
|
||||||
|
# tasks file for drone_runner_exec
|
||||||
|
|
||||||
|
- name: Créer le dossier de configuration
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: directory
|
||||||
|
path: "{{ drone_runner_exec_config_base_path }}"
|
||||||
|
owner: "{{ drone_runner_exec_user }}"
|
||||||
|
group: "{{ drone_runner_exec_user }}"
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Créer le dossier de journalisation
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: directory
|
||||||
|
path: /var/log/drone-runner-exec
|
||||||
|
owner: "{{ drone_runner_exec_user }}"
|
||||||
|
group: "{{ drone_runner_exec_user }}"
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Configurer le runner
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: config.j2
|
||||||
|
dest: "{{ drone_runner_exec_config_base_path }}/config"
|
||||||
|
owner: "{{ drone_runner_exec_user }}"
|
||||||
|
group: "{{ drone_runner_exec_user }}"
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
notify: Redémarrer drone-runner-exec.service
|
||||||
|
|
||||||
|
- name: Récupérer les faits sur les services
|
||||||
|
ansible.builtin.service_facts:
|
||||||
|
|
||||||
|
- name: Installer drone-runner.service
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: >-
|
||||||
|
/opt/drone-runner-exec/drone-runner-exec service install
|
||||||
|
--config="{{ drone_runner_exec_config_base_path }}/config"
|
||||||
|
when: "'drone-runner-exec.service' not in ansible_facts.services"
|
||||||
|
become: true
|
||||||
|
notify: Redémarrer drone-runner-exec.service
|
||||||
|
|
||||||
|
- name: Créer le dossier de surcharge du service
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: directory
|
||||||
|
path: /etc/systemd/system/drone-runner-exec.service.d
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Définir l'utilisateur du service
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: override.conf.j2
|
||||||
|
dest: /etc/systemd/system/drone-runner-exec.service.d/override.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
notify: Redémarrer drone-runner-exec.service
|
||||||
|
|
||||||
|
- name: Déployer le script permettant d'exécuter un pipeline depuis une autre
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: drone-downstream.bash
|
||||||
|
dest: /opt/drone-runner-exec/drone-downstream.bash
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
become: true
|
||||||
|
diff: false
|
46
tasks/installation.yml
Normal file
46
tasks/installation.yml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
---
|
||||||
|
# tasks file for drone_runner_exec
|
||||||
|
|
||||||
|
- name: Installer les prérequis
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: "{{ item }}"
|
||||||
|
become: true
|
||||||
|
loop: "{{ drone_runner_exec_prerequisites }}"
|
||||||
|
|
||||||
|
- name: Créer le dossier dédié
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /opt/drone-runner-exec
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Récupérer le contenu du fichier de version
|
||||||
|
ansible.builtin.uri:
|
||||||
|
url: "{{ drone_runner_exec_url }}"
|
||||||
|
return_content: true
|
||||||
|
follow_redirects: all
|
||||||
|
register: releases
|
||||||
|
|
||||||
|
- name: Extraire l'URL du paquet
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
browser_download_url: >
|
||||||
|
{{
|
||||||
|
releases.json.assets |
|
||||||
|
selectattr('browser_download_url', 'search', 'linux') |
|
||||||
|
selectattr('browser_download_url', 'search', drone_runner_exec_architecture) |
|
||||||
|
map(attribute='browser_download_url')
|
||||||
|
}}
|
||||||
|
|
||||||
|
- name: Extraire le runner
|
||||||
|
ansible.builtin.unarchive:
|
||||||
|
src: "{{ browser_download_url | first }}"
|
||||||
|
dest: /opt/drone-runner-exec
|
||||||
|
remote_src: true
|
||||||
|
list_files: true
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: u=rwX,g=rX,o=rX
|
||||||
|
become: true
|
||||||
|
notify: Redémarrer drone-runner-exec.service
|
10
tasks/main.yml
Normal file
10
tasks/main.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
# tasks file for drone_runner_exec
|
||||||
|
|
||||||
|
- name: Importer les tâches d'installation
|
||||||
|
tags: installation
|
||||||
|
ansible.builtin.import_tasks: installation.yml
|
||||||
|
|
||||||
|
- name: Importer les tâches de configuration
|
||||||
|
tags: configuration
|
||||||
|
ansible.builtin.import_tasks: configuration.yml
|
31
templates/config.j2
Normal file
31
templates/config.j2
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
DRONE_RPC_PROTO={{ drone_runner_exec_rpc_proto }}
|
||||||
|
DRONE_RPC_HOST={{ drone_runner_exec_rpc_host }}
|
||||||
|
DRONE_RPC_SECRET={{ drone_runner_exec_rpc_secret }}
|
||||||
|
|
||||||
|
DRONE_LOG_FILE={{ drone_runner_exec_log_file }}
|
||||||
|
DRONE_LOG_FILE_MAX_SIZE={{ drone_runner_exec_log_file_max_size }}
|
||||||
|
DRONE_LOG_FILE_MAX_AGE={{ drone_runner_exec_log_file_max_age }}
|
||||||
|
DRONE_LOG_FILE_MAX_BACKUPS={{ drone_runner_exec_log_file_max_backup }}
|
||||||
|
|
||||||
|
DRONE_DEBUG={{ drone_runner_exec_debug }}
|
||||||
|
DRONE_TRACE={{ drone_runner_exec_trace }}
|
||||||
|
{% if drone_runner_exec_rpc_dump %}
|
||||||
|
DRONE_RPC_DUMP_HTTP=true
|
||||||
|
DRONE_RPC_DUMP_HTTP_BODY=true
|
||||||
|
{% endif %}
|
||||||
|
{% if drone_runner_exec_runner_name | length > 0 %}
|
||||||
|
DRONE_RUNNER_NAME={{ drone_runner_exec_runner_name }}
|
||||||
|
{% endif %}
|
||||||
|
{% if drone_runner_exec_runner_labels | length > 0 %}
|
||||||
|
DRONE_RUNNER_LABELS={{ drone_runner_exec_runner_labels }}
|
||||||
|
{% endif %}
|
||||||
|
{% if
|
||||||
|
drone_runner_exec_ui_username | length > 0
|
||||||
|
and
|
||||||
|
drone_runner_exec_ui_password | length > 0
|
||||||
|
%}
|
||||||
|
DRONE_UI_USERNAME={{ drone_runner_exec_ui_username }}
|
||||||
|
DRONE_UI_PASSWORD={{ drone_runner_exec_ui_password }}
|
||||||
|
{% endif %}
|
5
templates/override.conf.j2
Normal file
5
templates/override.conf.j2
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
# {{ ansible_managed }}
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User={{ drone_runner_exec_user }}
|
||||||
|
Group={{ drone_runner_exec_group }}
|
Loading…
Reference in New Issue
Block a user