101 lines
3.2 KiB
Bash
101 lines
3.2 KiB
Bash
#!/bin/bash
|
||
set -euo pipefail
|
||
|
||
echo ">>>>>> DEBUG: Variables d'environnement <<<<<<"
|
||
env | sort
|
||
echo ">>>>>>>>>>>>>>>>>>>> FIN DEBUG <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<"
|
||
|
||
# --- Paramètres attendus ---
|
||
: "${ANSIBLE_ROLE_GIT:?Variable ANSIBLE_ROLE_GIT manquante (ex: git@git.repo.com:myroles/myrole.git)}"
|
||
: "${ROLE_NAME:?Nom du rôle Ansible manquant (ex: mongodb)}"
|
||
: "${EXECUTION_MODE:=remote}" # 'remote' ou 'local'
|
||
: "${TARGET_HOST:=}" # obligatoire si EXECUTION_MODE=remote
|
||
: "${USER_SSH:=ubuntu}" # utilisateur distant (remote)
|
||
: "${INVENTORY_GROUP:=vm_target}" # groupe inventaire (remote)
|
||
: "${HOST_VARS_JSON:=}" # JSON optionnel host vars
|
||
: "${GROUP_VARS_JSON:=}" # JSON optionnel group vars
|
||
|
||
# --- Répertoire temporaire ---
|
||
WORKDIR=$(mktemp -d)
|
||
trap "rm -rf $WORKDIR" EXIT
|
||
cd "$WORKDIR"
|
||
|
||
# --- Clonage du rôle ---
|
||
echo ">> Clonage du rôle depuis le dépôt Git : $ANSIBLE_ROLE_GIT"
|
||
git clone "$ANSIBLE_ROLE_GIT" "$ROLE_NAME"
|
||
|
||
|
||
# debug
|
||
echo ">> DEBUG: Test de résolution DNS..."
|
||
host "$GIT_HOST" || echo "❌ DNS lookup failed for $GIT_HOST"
|
||
|
||
echo ">> DEBUG: Test de connexion HTTPS..."
|
||
curl -Iv "https://$GIT_HOST" 2>&1 | grep -i "connected\|failed" || echo "❌ curl connection test failed for https://$GIT_HOST"
|
||
|
||
echo ">> Clonage du rôle depuis le dépôt Git : $ANSIBLE_ROLE_GIT"
|
||
if ! git clone "$ANSIBLE_ROLE_GIT" "$ROLE_NAME"; then
|
||
echo "❌ Échec du clonage Git. Vérifiez l'accès réseau, les permissions SSH ou le certificat SSL."
|
||
exit 1
|
||
fi
|
||
|
||
# --- Création de l’inventaire ---
|
||
mkdir -p inventory/group_vars inventory/host_vars
|
||
|
||
if [[ "$EXECUTION_MODE" == "local" ]]; then
|
||
echo ">> Mode local : playbook s'exécutera dans le container"
|
||
cat > inventory/hosts.ini <<EOF
|
||
[local]
|
||
localhost ansible_connection=local
|
||
EOF
|
||
INVENTORY_GROUP="local"
|
||
HOSTNAME="localhost"
|
||
|
||
if [[ -n "$HOST_VARS_JSON" ]]; then
|
||
echo "$HOST_VARS_JSON" | jq -r 'to_entries[] | "\(.key): \(.value)"' > "inventory/host_vars/localhost.yml"
|
||
fi
|
||
if [[ -n "$GROUP_VARS_JSON" ]]; then
|
||
echo "$GROUP_VARS_JSON" | jq -r 'to_entries[] | "\(.key): \(.value)"' > "inventory/group_vars/local.yml"
|
||
fi
|
||
|
||
elif [[ "$EXECUTION_MODE" == "remote" ]]; then
|
||
echo ">> Mode distant : playbook s'exécutera sur $TARGET_HOST via SSH"
|
||
if [[ -z "$TARGET_HOST" ]]; then
|
||
echo "Erreur : TARGET_HOST doit être défini en mode remote"
|
||
exit 1
|
||
fi
|
||
|
||
cat > inventory/hosts.ini <<EOF
|
||
[$INVENTORY_GROUP]
|
||
$TARGET_HOST ansible_user=$USER_SSH
|
||
EOF
|
||
INVENTORY_GROUP="$INVENTORY_GROUP"
|
||
HOSTNAME="$TARGET_HOST"
|
||
|
||
if [[ -n "$HOST_VARS_JSON" ]]; then
|
||
echo "$HOST_VARS_JSON" | jq -r 'to_entries[] | "\(.key): \(.value)"' > "inventory/host_vars/$TARGET_HOST.yml"
|
||
fi
|
||
if [[ -n "$GROUP_VARS_JSON" ]]; then
|
||
echo "$GROUP_VARS_JSON" | jq -r 'to_entries[] | "\(.key): \(.value)"' > "inventory/group_vars/$INVENTORY_GROUP.yml"
|
||
fi
|
||
|
||
else
|
||
echo "Erreur : EXECUTION_MODE doit être 'local' ou 'remote'"
|
||
exit 1
|
||
fi
|
||
|
||
# --- Création du playbook ---
|
||
cat > playbook.yml <<EOF
|
||
- name: Apply role $ROLE_NAME
|
||
hosts: $INVENTORY_GROUP
|
||
become: yes
|
||
roles:
|
||
- $ROLE_NAME
|
||
EOF
|
||
|
||
# --- Exécution ---
|
||
echo ">> Lancement du playbook avec le rôle $ROLE_NAME sur $HOSTNAME"
|
||
ansible-playbook -i inventory/hosts.ini playbook.yml -vvv
|
||
|
||
echo ">> Exécution terminée avec succès."
|
||
|