-
Notifications
You must be signed in to change notification settings - Fork 0
/
run_ansible
executable file
·125 lines (110 loc) · 3.46 KB
/
run_ansible
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#!/bin/bash
set -eu
scriptDir="$(dirname "$0")"
rootDir="$scriptDir/.."
readonly ENVIRONMENT_VAGRANT=vagrant
readonly ENVIRONMENT_PRODUCTION=production
# This script orchestrates deployments via ansible. Fresh artifacts are always built and then deployed.
function usage() {
echo "usage: $0 [options]"
echo ""
echo "Examples:"
echo "$0 --environment $ENVIRONMENT_VAGRANT"
echo "$0 --environment $ENVIRONMENT_VAGRANT --diff --dry-run --verbose"
echo ""
echo "[options]"
echo " --environment, --env [$ENVIRONMENT_VAGRANT|$ENVIRONMENT_PRODUCTION]"
echo " The target environment for the deployment."
echo " $ENVIRONMENT_VAGRANT is an environment that can be launched locally via a VM"
echo " --tags, -t [ansible tags]"
echo " Defaults to the empty set"
echo " Any tags that should be passed to ansible"
echo " --diff, -d"
echo " Ansible reports line-diffs of what has changed"
echo " --dry-run"
echo " Sets ansible to 'check' mode, no actual changes are made. Useful with '--diff'"
echo " This option can cause false positive failures if one action depends on a previous"
echo " --verbose, -v"
echo " Shows ansible verbose output, gives more detail about what has changed."
echo " --limit, -l"
echo " Limits which servers we deploy to, only these servers will be updated."
echo " Specify server hostnames, and/or hostgroup names"
exit 1
}
if [[ $# -eq 0 ]]; then
usage
fi
DIFF_ARG=""
DRY_RUN_ARG=""
ENVIRONMENT=""
TAGS_ARG=""
VERBOSE_ARG=""
LIMIT_ARG=""
while [[ $# -gt 0 ]]; do
key="$1"
case $key in
-env|--env|--environment)
ENVIRONMENT="$2"
if [[ "$ENVIRONMENT" != "$ENVIRONMENT_PRODUCTION" \
&& "$ENVIRONMENT" != "$ENVIRONMENT_VAGRANT" ]]; then
echo "Error, invalid value for --environment: $ENVIRONMENT"
usage
fi
shift # past argument
shift # past value
;;
--tags|-t)
TAGS_ARG="--tags $2"
shift # past argument
shift # past value
;;
--diff|-d|--d)
DIFF_ARG="--diff"
shift
;;
--dry-run)
DRY_RUN_ARG="--check"
shift
;;
--verbose|-v)
VERBOSE_ARG="-v"
shift
;;
--limit|-l)
LIMIT_ARG="--limit $2"
shift
shift
;;
*)
echo "Error, unknown option: $1"
exit 1
;;
esac
done
if [ -z "$ENVIRONMENT" ]; then
echo "Missing arg: --environment"
usage
fi
# If we are deploying to non-vagrant environment then we will need
# an ansible vault passphrase value to decrypt secrets.
VAULT_PASSWORD_FILE_ARG=""
if [ "$ENVIRONMENT" == "$ENVIRONMENT_PRODUCTION" ]; then
VAULT_PASSWORD_FILE="$rootDir/infrastructure/vault_password"
if [ ! -f "$VAULT_PASSWORD_FILE" ]; then
echo "Deployments to production environment requires vault password file: $VAULT_PASSWORD_FILE"
exit 1
fi
VAULT_PASSWORD_FILE_ARG="--vault-password-file $VAULT_PASSWORD_FILE"
readonly VAULT_PASSWORD_FILE_ARG
fi
"$scriptDir/.include/build_latest_artifacts"
BUILD_VERSION=$("$rootDir/.build/get-build-version")
PRODUCT_VERSION=$("$rootDir/.build/get-product-version")
# Run deployment
set -x
ANSIBLE_CONFIG="$scriptDir/ansible.cfg" ansible-playbook \
--extra-vars "build_version=$BUILD_VERSION" \
--extra-vars "product_version=$PRODUCT_VERSION" \
--inventory "$scriptDir/ansible/inventory/$ENVIRONMENT" $DRY_RUN_ARG $LIMIT_ARG \
$VAULT_PASSWORD_FILE_ARG $TAGS_ARG $DIFF_ARG $VERBOSE_ARG "$scriptDir/ansible/site.yml"
set +x