faten/containerAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test3

Browse Source
This commit is contained in:
faten 2025-05-20 09:23:00 +00:00
parent f6d454ba64
commit 52ad66a2c0
1 changed files with 30 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
run_admin_container.sh
View File

@ -9,66 +9,47 @@ MAIN_BR="${MAIN_BR:-main}"
ENV="${ENV:-staging}"
ENV_BR="${ENV_BR:-test_feature}"
PLAYBOOK_FILE="${PLAYBOOK_FILE:-base.yaml}"
# The 'ssh_vm' environment variable is expected from the Variable Group
# --- USE SSH URLs ---
REPO_CORE="git@git.felcloud.io:felcloud/ansible_core_init_ansible.git"
REPO_ENV="git@git.felcloud.io:felcloud/ansible_env_staging.git"
echo "[INFO] Setting up SSH environment..."
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# --- INJECT SSH PRIVATE KEY FROM $ssh_vm ---
if [ -n "$ssh_vm" ]; then
echo "[INFO] Injecting SSH private key from \$ssh_vm into ~/.ssh/id_felcloud_key"
printf "%s\n" "$ssh_vm" > ~/.ssh/id_felcloud_key # Using a descriptive name
chmod 600 ~/.ssh/id_felcloud_key
echo "[DEBUG] SSH private key id_felcloud_key injected. Listing ~/.ssh:"
ls -la ~/.ssh
else
echo "[ERROR] \$ssh_vm environment variable is not set or is empty! This variable should contain the SSH private key."
echo "[ERROR] Please ensure the Variable Group 'ssh_vm' (or whichever is used by this task) has an environment variable named 'ssh_vm' with the private key content."
# --- VALIDATION DES IDENTIFIANTS GIT ---
if [ -z "$GIT_USERNAME" ] || [ -z "$GIT_TOKEN" ]; then
echo "[ERROR] Les variables d'environnement GIT_USERNAME et/ou GIT_TOKEN ne sont pas définies ou sont vides !"
echo "[ERROR] Veuillez vous assurer qu'elles sont fournies via l'interface utilisateur de Semaphore / Variable Group."
exit 1
fi
# --- END INJECT SSH PRIVATE KEY ---
echo "[INFO] Utilisation de GIT_USERNAME: $GIT_USERNAME pour le clonage HTTPS."
# Ne pas afficher le GIT_TOKEN dans les logs pour des raisons de sécurité.
# Add git.felcloud.io to known_hosts
echo "[INFO] Adding git.felcloud.io to known_hosts..."
ssh-keyscan git.felcloud.io >> ~/.ssh/known_hosts || echo "[WARN] ssh-keyscan failed but continuing."
chmod 644 ~/.ssh/known_hosts
# --- UTILISER LES URLS HTTPS AVEC AUTHENTIFICATION INTÉGRÉE ---
# Le format est : https://<username>:<token>@domain.com/path/to/repo.git
REPO_CORE_URL_RAW="git.felcloud.io/felcloud/ansible_core_init_ansible.git"
REPO_ENV_URL_RAW="git.felcloud.io/felcloud/ansible_env_staging.git"
echo "[DEBUG] Content of ~/.ssh/known_hosts after keyscan:"
cat ~/.ssh/known_hosts || echo "[WARN] Could not cat known_hosts"
REPO_CORE="https://"$GIT_USERNAME":"$GIT_TOKEN"@${REPO_CORE_URL_RAW}"
REPO_ENV="https://"$GIT_USERNAME":"$GIT_TOKEN"@${REPO_ENV_URL_RAW}"
# Define the SSH command for Git to use, explicitly pointing to our injected key
export GIT_SSH_COMMAND="ssh -vvv -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ~/.ssh/id_felcloud_key"
echo "[DEBUG] GIT_SSH_COMMAND is set to: $GIT_SSH_COMMAND"
echo "[INFO] Clonage des dépôts en utilisant HTTPS..."
# Pour l'affichage dans les logs, on utilise une version "propre" de l'URL sans le token
echo "[INFO] Clonage de https://${REPO_CORE_URL_RAW} sur la branche $ENV_BR..."
git clone --branch "$ENV_BR" "$REPO_CORE" ansible_core_init_ansible || {
echo "[FATAL] Échec du clonage de ${REPO_CORE_URL_RAW}. Vérifiez les identifiants, l'URL et les permissions du jeton.";
exit 1;
}
echo "[INFO] Clonage réussi de ${REPO_CORE_URL_RAW}."
# Enable verbose Git tracing
export GIT_TRACE=1
export GIT_TRACE_PACKET=1
export GIT_TRACE_SETUP=1
echo "[INFO] Cloning repositories using GIT_SSH_COMMAND..."
echo "[INFO] Cloning $REPO_CORE on branch $ENV_BR..."
git clone --branch "$ENV_BR" "$REPO_CORE" ansible_core_init_ansible || { echo "[FATAL] Failed to clone $REPO_CORE. See verbose SSH/Git output above."; exit 1; }
echo "[INFO] Successfully cloned $REPO_CORE."
echo "[INFO] Cloning $REPO_ENV..."
git clone "$REPO_ENV" ansible_env_staging || { echo "[FATAL] Failed to clone $REPO_ENV. See verbose SSH/Git output above."; exit 1; }
echo "[INFO] Successfully cloned $REPO_ENV."
# Unset GIT_SSH_COMMAND and trace variables if not needed later
# unset GIT_SSH_COMMAND GIT_TRACE GIT_TRACE_PACKET GIT_TRACE_SETUP
echo "[INFO] Clonage de https://${REPO_ENV_URL_RAW}..."
git clone "$REPO_ENV" ansible_env_staging || {
echo "[FATAL] Échec du clonage de ${REPO_ENV_URL_RAW}. Vérifiez les identifiants, l'URL et les permissions du jeton.";
exit 1;
}
echo "[INFO] Clonage réussi de ${REPO_ENV_URL_RAW}."
cd ansible_core_init_ansible
echo "[INFO] Building Docker image locally..."
echo "[INFO] Construction de l'image Docker localement..."
docker build --no-cache --build-arg branch=fix_packages_dependencies -t ansible-pulumi:local .
cd ..
echo "[INFO] Running the admin container with playbook: $PLAYBOOK_FILE"
echo "[INFO] Exécution du conteneur admin avec le playbook : $PLAYBOOK_FILE"
docker run --rm -it \
-v "$(pwd)/ansible_env_staging:/home/cloud/ansible_env_staging" \
-e MAIN_BR="$MAIN_BR" \
@ -76,9 +57,9 @@ docker run --rm -it \
-e ENV_BR="$ENV_BR" \
ansible-pulumi:local bash -c "
set -e; \
echo '[CONTAINER] Current directory: \$(pwd)'; \
echo '[CONTAINER] Répertoire courant : \$(pwd)'; \
cd /home/cloud/ansible-pulumi && \
source /home/cloud/venv/bin/activate && \
ansible-playbook playbooks/${PLAYBOOK_FILE} -i /home/cloud/ansible_env_staging/hosts"
echo "[INFO] Task completed."
echo "[INFO] Tâche terminée."