faten/containerAdmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test2

Browse Source
This commit is contained in:
faten 2025-05-20 08:41:33 +00:00
parent d642ee159b
commit f6d454ba64
1 changed files with 39 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
run_admin_container.sh
View File

@ -1,23 +1,39 @@
#!/bin/bash
set -e # Exit immediately if a command exits with a non-zero status.
set -o pipefail # Causes a pipeline to return the exit status of the last command in the pipe that failed.
# set -x # Uncomment for verbose debugging
set -e
set -o pipefail
# set -x
# vars via Semaphore UI
# vars via Semaphore UI / Variable Group
MAIN_BR="${MAIN_BR:-main}"
ENV="${ENV:-staging}"
ENV_BR="${ENV_BR:-test_feature}"
PLAYBOOK_FILE="${PLAYBOOK_FILE:-base.yaml}"
# The 'ssh_vm' environment variable is expected from the Variable Group
REPO_CORE="https://git.felcloud.io/felcloud/ansible_core_init_ansible.git"
REPO_ENV="https://git.felcloud.io/felcloud/ansible_env_staging.git"
# --- USE SSH URLs ---
REPO_CORE="git@git.felcloud.io:felcloud/ansible_core_init_ansible.git"
REPO_ENV="git@git.felcloud.io:felcloud/ansible_env_staging.git"
echo "[INFO] Setting up SSH environment..."
mkdir -p ~/.ssh
chmod 700 ~/.ssh
# Add git.felcloud.io to known_hosts (good practice, but we'll override for clone if needed)
# --- INJECT SSH PRIVATE KEY FROM $ssh_vm ---
if [ -n "$ssh_vm" ]; then
echo "[INFO] Injecting SSH private key from \$ssh_vm into ~/.ssh/id_felcloud_key"
printf "%s\n" "$ssh_vm" > ~/.ssh/id_felcloud_key # Using a descriptive name
chmod 600 ~/.ssh/id_felcloud_key
echo "[DEBUG] SSH private key id_felcloud_key injected. Listing ~/.ssh:"
ls -la ~/.ssh
else
echo "[ERROR] \$ssh_vm environment variable is not set or is empty! This variable should contain the SSH private key."
echo "[ERROR] Please ensure the Variable Group 'ssh_vm' (or whichever is used by this task) has an environment variable named 'ssh_vm' with the private key content."
exit 1
fi
# --- END INJECT SSH PRIVATE KEY ---
# Add git.felcloud.io to known_hosts
echo "[INFO] Adding git.felcloud.io to known_hosts..."
ssh-keyscan git.felcloud.io >> ~/.ssh/known_hosts || echo "[WARN] ssh-keyscan failed but continuing."
chmod 644 ~/.ssh/known_hosts
@ -25,38 +41,33 @@ chmod 644 ~/.ssh/known_hosts
echo "[DEBUG] Content of ~/.ssh/known_hosts after keyscan:"
cat ~/.ssh/known_hosts || echo "[WARN] Could not cat known_hosts"
# Debug SSH keys available from Semaphore Secrets
echo "[DEBUG] Available SSH keys in ~/.ssh:"
ls -la ~/.ssh
# Define the SSH command for Git to use, explicitly pointing to our injected key
export GIT_SSH_COMMAND="ssh -vvv -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ~/.ssh/id_felcloud_key"
echo "[DEBUG] GIT_SSH_COMMAND is set to: $GIT_SSH_COMMAND"
# Define the SSH command for Git to use
# This will bypass strict host key checking and not use the system known_hosts file for these specific git commands.
# It will still use any identity files (private keys) found in ~/.ssh/
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
# Enable verbose Git tracing
export GIT_TRACE=1
export GIT_TRACE_PACKET=1
export GIT_TRACE_SETUP=1
# 1/Cloner les dépôts nécessaires:
echo "[INFO] Cloning repositories using GIT_SSH_COMMAND..."
echo "[INFO] Cloning $REPO_CORE on branch $ENV_BR..."
git clone --branch "$ENV_BR" "$REPO_CORE" ansible_core_init_ansible
git clone --branch "$ENV_BR" "$REPO_CORE" ansible_core_init_ansible || { echo "[FATAL] Failed to clone $REPO_CORE. See verbose SSH/Git output above."; exit 1; }
echo "[INFO] Successfully cloned $REPO_CORE."
echo "[INFO] Cloning $REPO_ENV..."
# If ansible_env_staging also needs a specific branch:
# git clone --branch "<some_branch_for_env>" "$REPO_ENV" ansible_env_staging
git clone "$REPO_ENV" ansible_env_staging
git clone "$REPO_ENV" ansible_env_staging || { echo "[FATAL] Failed to clone $REPO_ENV. See verbose SSH/Git output above."; exit 1; }
echo "[INFO] Successfully cloned $REPO_ENV."
# Unset GIT_SSH_COMMAND if you want subsequent ssh operations to use default behavior
# unset GIT_SSH_COMMAND
# Unset GIT_SSH_COMMAND and trace variables if not needed later
# unset GIT_SSH_COMMAND GIT_TRACE GIT_TRACE_PACKET GIT_TRACE_SETUP
cd ansible_core_init_ansible
# git checkout "$ENV_BR" # Already done by --branch in clone
# 2/Build local de limage Docker admin:
echo "[INFO] Building Docker image locally..."
# Build context is the current directory: ./ansible_core_init_ansible
docker build --no-cache --build-arg branch=fix_packages_dependencies -t ansible-pulumi:local .
cd .. # Go back to the parent directory (where ansible_env_staging also is)
cd ..
# 3/Lancer le conteneur admin avec le playbook choisi:
echo "[INFO] Running the admin container with playbook: $PLAYBOOK_FILE"
docker run --rm -it \
-v "$(pwd)/ansible_env_staging:/home/cloud/ansible_env_staging" \
@ -66,13 +77,8 @@ docker run --rm -it \
ansible-pulumi:local bash -c "
set -e; \
echo '[CONTAINER] Current directory: \$(pwd)'; \
echo '[CONTAINER] Listing /home/cloud:'; ls -la /home/cloud; \
echo '[CONTAINER] Listing /home/cloud/ansible_env_staging:'; ls -la /home/cloud/ansible_env_staging; \
echo '[CONTAINER] Activating venv...'; \
source /home/cloud/venv/bin/activate; \
echo '[CONTAINER] Changing to playbook directory /home/cloud/ansible-pulumi...'; \
cd /home/cloud/ansible-pulumi; \
echo '[CONTAINER] Running ansible-playbook...'; \
cd /home/cloud/ansible-pulumi && \
source /home/cloud/venv/bin/activate && \
ansible-playbook playbooks/${PLAYBOOK_FILE} -i /home/cloud/ansible_env_staging/hosts"
echo "[INFO] Task completed."