- ansible_galaxy/ansible_collections/
- ansible_galaxy/ansible_roles/
- bin/
+ - group_vars/all/ansible_vault.yml
- requirements.yml
warn_list:
/bin/ap
/bin/aps
/dist/
+
+.ansible-vault-secret
extends: default
rules:
+ comments:
+ min-spaces-from-content: 1
+ comments-indentation: false
+ braces:
+ max-spaces-inside: 1
line-length:
max: 100
level: warning
+ octal-values:
+ forbid-explicit-octal: true
+ forbid-implicit-octal: true
ignore: |
.trunk/
.venv/
ansible_galaxy/ansible_collections/
ansible_galaxy/ansible_roles/
+ group_vars/all/ansible_vault.yml
include Makefile.boilerplate
check: check-ansible
+ if command -v mdl >/dev/null; then make check-mdl; fi
+ if command -v shellcheck >/dev/null; then make check-shellcheck; fi
+
+check-mdl:
+ mdl -g -r '~MD013,~MD029' -w .
+
+check-shellcheck:
+ shellcheck \
+ bin/ansible-boilerplate \
+ bin/a bin/ap bin/aps
install:
distcheck: dist
# Run tests on distribution archive ...
mkdir -p "$(DIST_D)/check"
- tar -C "$(DIST_D)/check" -xzf "$(DIST_D)"/*.tar.gz
+ tar -C "$(DIST_D)/check" -xzf $$(find "$(DIST_D)" -name '*.tar.gz' | sort -Vr | head -n1)
test -e "$(VENV_D)" && ln -fs "$(VENV_D)" "$(DIST_D)/check/.venv"
make -C "$(DIST_D)/check" check
# Clean up ...
```bash
make upgrade
```
+
+## Upgrade vs. Update
+
+Updating an existing project, either with `./bin/ansible-boilerplate update` or
+by calling `make update`, means to fulfill all Python dependencies in
+`requirements.txt` and all Ansible Galaxy dependencies in `requirements.yml` by
+trying to install the latest/newest compatible versions. Ansible Boilerplate
+scripts are updated (overwritten) with their current versions; configuration is
+left unchanged.
+
+The `./bin/ansible-boilerplate upgrade` or `make upgrade` command do the same
+and additionally install new, missing and updated Ansible Boilerplate
+configuration files. Existing configuration files are not overwritten, new
+versions are installed with the ".new" file extension.
echo "$0 <command>"
echo
echo " help Show this help text and exit."
- echo " init Initialize project and boilerplate code."
- echo " upgrade Upgrade boilerplate code and dependencies. [Alias: update, up]"
+ echo " init Initialize project and boilerplate code. [Alias: upgrade]"
+ echo " update Update boilerplate code and dependencies. [Alias: up]"
echo " --force Force overwriting an existing role or collection."
echo
} >&2
# - Install Ansible when ansible-galaxy command is not found.
# - Install "ansible-boilerplate" collection when not found.
# - Update local "ansible-boilerplate" setup: copy script, create links, ...
-# - Upgrade template files.
+# - Upgrade template files (when "--init" is given).
# - Install/upgrade Python dependencies (from requirements.txt file).
# - Install/upgrade Ansible Galaxy dependencies (from requirements.yml file).
#
while [ $# -gt 0 ]; do
case "$1" in
"--force")
- do_force="--force"
+ do_force="--force --force-with-deps"
;;
"--init")
is_init="--init"
+ do_force="--force --force-with-deps"
;;
*)
Usage
if [ -r requirements.yml ]; then
echo "Upgrading Ansible Galaxy dependencies ..."
- # shellcheck disable=SC2248
+ # shellcheck disable=SC2086
"${ANSIBLE_GALAXY}" collection install -U -r requirements.yml ${do_force}
- # shellcheck disable=SC2248
+ # shellcheck disable=SC2086
"${ANSIBLE_GALAXY}" role install -r requirements.yml ${do_force}
fi
requirements.txt \
; do
# shellcheck disable=SC2086
- Upgrade_Template "${file}" ${is_init}
+ Upgrade_Template "${file}" $1
+ done
+
+ # List differences in *.new template files, if any:
+ find . \( -name '*.new' -o -name '.*.new' \) | while read -r fname; do
+ diff -u "${fname%*.new}" "${fname}" || true; echo
done
}
# Do not override the target when it exists already!
if [ -e "$1" ]; then
# Target already exists. Is it different?
- if [ "$2" = "--init" ] && ! cmp "$1" "${BASE_D}/$1"; then
+ if [ "$2" = "--init" ] && ! cmp -s "$1" "${BASE_D}/$1"; then
# Files are not the same! Install new version in parallel:
install -b -m 0644 -p -v "${BASE_D}/$1" "$1.new"
fi
[ $# -gt 0 ] && shift
case "${cmd}" in
- "init")
+ "init"|"upgrade")
Init "$@"
;;
- "upgrade"|"update"|"up")
+ "update"|"up")
Upgrade "$@"
;;
"help"|"--help")
--- /dev/null
+# Ansible Boilerplate Collection and Ansible vault
+
+This Boilerplate Collection is meant to cope well with Ansible vault.
+
+The following files are treated specially for ansible-vault(1) usage:
+
+- `.ansible-vault-secret`: You can use this as a "local vault password file".
+ It should _not_ be added to the Git repository and is listed in the
+ `.gitignore` template file by default.
+
+- `group_vars/all/ansible_vault.yml`: Use this file to store encrypted Ansible
+ variables which are handled by ansible-vault(1). It is automatically added to
+ some commands invoked by the Ansible Boilerplate scripts, wrappers, and
+ Makefile's.
--- /dev/null
+# Creating a new Ansible Boilerplate Collection Release
+
+## Prerequisites
+
+1. Make sure your source tree is clean.
+2. Make sure everything is committed and pushed out.
+3. Run `make check`!
+
+## Steps to Create the new Release
+
+1. Set new version number (major.minor.fix):
+
+ ```sh
+ major=1; minor=2; fix=3
+ galaxy_api_key=…
+ ```
+
+2. Update `galaxy.yml`, bump the version number accordingly:
+
+ ```sh
+ sed -i'.bak' \
+ -e "s/^version: .*$/version: ${major}.${minor}.${fix}/g" galaxy.yml
+ rm -fv galaxy.yml.bak
+ ```
+
+3. Create the release commit and signed tag:
+
+ ```sh
+ git add galaxy.yml
+ git diff --cached --patch-with-stat
+ git commit --message "Release ${major}.${minor}.${fix}"
+ git tag -m "Release ${major}.${minor}.${fix}" -s \
+ "rel-${major}-${minor}-${fix}"
+ ```
+
+4. Create the distribution archive:
+
+ ```sh
+ make distcheck
+ ```
+
+ The resulting `.tar.gz` file is in the `./dist/` sub-directory.
+
+5. Push the commit and tag out:
+
+ ```sh
+ git push --all
+ ```
+
+6. Publish the new release on the Ansible Galaxy repository:
+
+ ```sh
+ .venv/bin/ansible-galaxy collection publish \
+ --api-key "${galaxy_api_key}" \
+ "dist/alexbarton-boilerplate-${major}.${minor}.${fix}.tar.gz"
+ ```
+
+7. Check the result online:
+ <https://galaxy.ansible.com/ui/repo/published/alexbarton/boilerplate/>
---
namespace: alexbarton
name: boilerplate
-version: 1.0.1
+version: 1.1.2
authors:
- Alexander Barton <alex@barton.de>
# Python dependencies
-ansible>=8.2
-ansible-lint>=6.17
+ansible>=9.6
+ansible-lint>=24.5