-
Notifications
You must be signed in to change notification settings - Fork 13
/
lor-init
executable file
·138 lines (135 loc) · 5.32 KB
/
lor-init
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/bin/bash
#
# Bash code to initialize the environment / repo settings for deploying a specific HPC cluster,
# for which the config is stored in the repo containing this script.
#
# This script assumes there is for each ${STACK_NAME} a corresponding:
# 1. ./group_vars/${STACK_NAME}/ Ansible group_vars directory with variables and secrets encrypted with Ansible vault.
# ./group_vars/${STACK_NAME}/vars.yml Ansible variables for this stack, which defines the {{ stack_prefix }} Ansible variable.
# 2. ./static_inventories/${STACK_NAME}.yml Ansible inventory file.
# 3. ./.vault/vault_pass.txt.${STACK_NAME} Ansible vault password file.
#
# Once this code was sourced (not executed!) like this:
# $> . ./lor-init
# You can call the lor-config function for a specific stack prefix. E.g.:
# $> lor-config tl
#
#
##
### Environment and bash sanity.
##
#
export LOR_DIR="$( cd -P "$( dirname "${BASH_SOURCE:-}" )" && pwd )"
#
##
### Main.
##
#
function lor-config() {
local _previous_opt_nounset_state
if [[ -o nounset ]]; then
_previous_opt_nounset_state='-u'
else
_previous_opt_nounset_state='+u'
fi
set -u
#
# Check if Python venv was initialized.
#
if [[ -z "${VIRTUAL_ENV:-}" ]]; then
printf 'ERROR: ${VIRTUAL_ENV} is empty.\n'
printf 'FATAL: The code from this repo requires Ansible and its dependencies installed in a Python virtual environment.\n'
printf 'FATAL: See the README.md for instructions.\n'
set "${_previous_opt_nounset_state}"
return 1
fi
#
# Ensure we have a .vault dir with sane, safe permissions.
#
mkdir -p -m 700 "${LOR_DIR}/.vault"
chmod -R go-rwx "${LOR_DIR}/.vault"
#
# Get and check input.
#
local _stack_prefix="${1-}"
if [[ -z "${_stack_prefix:-}" ]]; then
printf '%s\n' 'ERROR: must specify an infra stack prefix.'
set "${_previous_opt_nounset_state}"
return 1
fi
local _group_vars="$(grep "^stack_prefix: ['\"]*${_stack_prefix}['\"]*$" "${LOR_DIR}/group_vars/"*/vars.yml | sed 's|:.*||')"
if [[ -z "${_group_vars:-}" ]]; then
printf '%s\n' "ERROR: cannot find group_vars/*/vars.yml for infra stack prefix ${_stack_prefix}."
set "${_previous_opt_nounset_state}"
return 1
fi
local _stack_name="$(basename "$(dirname "${_group_vars}")")"
declare -a _required_paths=(
"${LOR_DIR}/group_vars/${_stack_name}/"
"${LOR_DIR}/static_inventories/${_stack_name}.yml"
"${LOR_DIR}/.vault/vault_pass.txt.${_stack_name}"
"${LOR_DIR}/.vault/vault_pass.txt.all"
)
local _required_path
for _required_path in "${_required_paths[@]}"; do
if [[ ! -e "${_required_path}" ]]; then
printf '%s\n' "ERROR: ${_required_path} does not exist for infra stack prefix ${_stack_prefix}."
set "${_previous_opt_nounset_state}"
return 1
fi
done
#
# Get jumphost from inventory file.
#
# ToDo: this is rather brittle code;
# install something like https://github.com/mikefarah/yq
# for proper parsing of YAML files.
#
local _jumphost_block=$(grep -F -A1 'jumphost' "${LOR_DIR}/static_inventories/${_stack_name}.yml" | head -2 | tail -1 | tr -d ' :')
if [[ "${_jumphost_block:-}" == 'hosts' ]]; then
local _jumphost=$(grep -F -A2 'jumphost' "${LOR_DIR}/static_inventories/${_stack_name}.yml" | head -3 | tail -1 | tr -d ' :')
fi
#
# Init and report current setup.
#
cd "${LOR_DIR}"
if [[ -n "${_jumphost:-}" ]]; then
export AI_PROXY="${_jumphost}"
else
unset AI_PROXY
fi
export ANSIBLE_INVENTORY="static_inventories/${_stack_name}.yml"
export ANSIBLE_VAULT_IDENTITY_LIST="[email protected]/vault_pass.txt.all, ${_stack_name}@.vault/vault_pass.txt.${_stack_name}"
export ANSIBLE_ROLES_PATH="${VIRTUAL_ENV}/ansible/ansible_roles/:"
export ANSIBLE_COLLECTIONS_PATH="${VIRTUAL_ENV}/ansible/:"
printf 'INFO: Current working directory is: %s\n' "$(pwd)"
printf 'INFO: Using ANSIBLE_INVENTORY: %s\n' "${ANSIBLE_INVENTORY}"
printf 'INFO: Using AI_PROXY: %s\n' "${AI_PROXY:-None: no jumphost specified in ANSIBLE_INVENTORY}"
printf 'INFO: Using ANSIBLE_VAULT_IDENTITY_LIST: %s\n' "${ANSIBLE_VAULT_IDENTITY_LIST}"
printf 'INFO: Using ANSIBLE_ROLES_PATH: %s\n' "${ANSIBLE_ROLES_PATH}"
printf 'INFO: Using ANSIBLE_COLLECTIONS_PATH: %s\n' "${ANSIBLE_COLLECTIONS_PATH}"
#
# Enable ansible_mitogen strategy plugin for improved speed of plays when available.
#
_ansible_mitogen_search_path='.*/lib/python.*/site-packages/ansible_mitogen/plugins/strategy'
_ansible_mitogen_path=$(find ${VIRTUAL_ENV:-.} -regex "${_ansible_mitogen_search_path}" | sort -V | tail -1)
if [[ -n "${_ansible_mitogen_path}" ]]; then
export ANSIBLE_STRATEGY_PLUGINS="${_ansible_mitogen_path}"
export ANSIBLE_STRATEGY='mitogen_linear'
printf 'INFO: Found Mitogen strategy plugin in: %s\n' "${ANSIBLE_STRATEGY_PLUGINS}"
printf 'INFO: Using Ansible strategy: %s.\n' "${ANSIBLE_STRATEGY}"
else
printf 'WARNING: Could not find Mitogen strategy plugin in %s\n' "${_ansible_mitogen_search_path}"
printf 'INFO: Mitogen strategy plugin is: %s.\n' 'disabled (default)'
fi
if [[ -n "${OS_AUTH_URL:-}" ]]; then
local _openstack_cloud="${OS_AUTH_URL#*//}"
_openstack_cloud="${_openstack_cloud%:*}"
printf 'INFO: Using OpenStack cloud: %s.\n' "${_openstack_cloud}"
else
printf 'INFO: Using OpenStack cloud: %s.\n' 'none'
fi
set "${_previous_opt_nounset_state}"
# Configure Azure environment
export AZURE_CONFIG_DIR=${PWD}/.azure
}