-
Notifications
You must be signed in to change notification settings - Fork 5
/
component.yml.tpl
60 lines (60 loc) · 2.14 KB
/
component.yml.tpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
name: ${name}-document
%{ if description != null ~}
description: ${description}
%{ endif ~}
schemaVersion: 1.0
phases:
- name: build
steps:
- name: get-playbook
action: ExecuteBash
inputs:
commands:
- set -ex
# Get ssh key
%{~ if ssh_key_name != null ~}
# Install jq
- sudo yum install -y jq
- mkdir -p ~/.ssh
- ssh-keyscan -p ${repo_port} ${repo_host} >> ~/.ssh/known_hosts
- >
aws --region
$(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone | sed 's/\(.*\)[a-z]/\1/')
--output json
secretsmanager get-secret-value
--secret-id ${ ssh_key_name }
| jq -r .SecretString
> ~/.ssh/git_rsa
- chmod 0600 ~/.ssh/git_rsa
- eval "$(ssh-agent -s)"
- ssh-add ~/.ssh/git_rsa
%{~ endif ~}
- rm -rf ansible-repo
- git clone --depth 1 ${playbook_repo} ansible-repo
- name: run-playbook
action: ExecuteBash
inputs:
commands:
- set -ex
- cd ansible-repo
%{~ if playbook_dir != null ~}
- cd ${playbook_dir}
%{~ endif ~}
%{~ if ssh_key_name != null ~}
- ssh-keyscan -p ${repo_port} ${repo_host} >> ~/.ssh/known_hosts
- eval "$(ssh-agent -s)"
- ssh-add ~/.ssh/git_rsa
%{~ endif ~}
%{ if use_venv ~}
# activate venv
- source ${ansible_venv_path}/bin/activate
%{~ endif ~}
# Install playbook dependencies
- ansible-galaxy role install -f -r requirements.yml || true
- ansible-galaxy collection install -f -r requirements.yml || true
# Wait for cloud-init
- while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done
# Work around for missing environment
- export HOME=/root
# Run playbook
- ansible-playbook ${playbook_file}