From f4983906359bb172917b4c89e617abd50193099b Mon Sep 17 00:00:00 2001
From: Adrien <adrien@reslinger.net>
Date: Sun, 31 May 2020 18:18:14 +0200
Subject: [PATCH] First commit

---
 .gitlab-ci.yml     | 29 +++++++++++++++++++++++++++++
 README.md          | 12 +++++++++++-
 ansible.Dockerfile | 44 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 84 insertions(+), 1 deletion(-)
 create mode 100644 .gitlab-ci.yml
 create mode 100644 ansible.Dockerfile

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..6ce201f
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,29 @@
+
+stages:
+  - verify
+  - build
+
+variables:
+  IMAGE_NAME: "$CI_REGISTRY_IMAGE"
+
+image: docker:latest
+
+# Beyond this point, each top level item is a Job name (beside templates)
+# NB: each job is run on a separate container
+
+docker:lint:
+  stage: verify
+  image: projectatomic/dockerfile-lint
+  script:
+    - dockerfile_lint -p -f ansible.Dockerfile
+
+build:
+  stage: build
+  image: docker:latest
+  script:
+    - docker login -u "$CI_REGISTRY_USER" -p "$CI_BUILD_TOKEN" "$CI_REGISTRY"
+    - export DATE=$(date +%Y%m%d)
+    - docker build -f ansible.Dockerfile -t $CI_REGISTRY_IMAGE:$DATE .
+    - docker push $CI_REGISTRY_IMAGE:$DATE
+    - docker build -f ansible.Dockerfile -t $CI_REGISTRY_IMAGE:latest .
+    - docker push $CI_REGISTRY_IMAGE:latest
diff --git a/README.md b/README.md
index 4df29d8..03be694 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,13 @@
 # ansible-docker
 
-ansible in a container
\ No newline at end of file
+ansible in a container
+
+It include hashicorp vault and kubectl binary
+
+You can use it with something like that :
+
+```bash
+alias ansible-playbook='docker run --rm --dns=192.168.18.11 -ti -v $(pwd):/ansible/playbooks -v ~/.kube:/root/.kube -e VAULT_ADDR=$VAULT_ADDR -e VAULT_TOKEN="$(cat ~/.vault-token)" registry.example.net/ansible-docker:latest ansible-playbook'
+
+ansible-playbook main.yml
+```
diff --git a/ansible.Dockerfile b/ansible.Dockerfile
new file mode 100644
index 0000000..12d738a
--- /dev/null
+++ b/ansible.Dockerfile
@@ -0,0 +1,44 @@
+# docker container run -ti --name ansible python:3.6-alpine sh
+# ~/.vault-token
+# docker build -f ansible.Dockerfile -t adrien/ansible ./
+# time docker run --rm --dns=192.168.18.11 -ti -v $(pwd):/ansible/playbooks -v ~/.kube:/root/.kube -e VAULT_ADDR=$VAULT_ADDR -e VAULT_TOKEN="$(cat ~/.vault-token)" -e VAULT_CACERT=/ansible/playbooks/rootCA.pem adrien/ansible ansible-playbook -i inventories/bpipp.flaminem.com/ -l localhost playbook.yml --diff -t prom
+
+FROM python:3.7-alpine
+LABEL name="ansible" \
+      version="latest"
+RUN VAULT_VERSION=1.4.2 && KUBECTL_VERSION=v1.18.3 && \
+    apk --update add --virtual build-dependencies gcc musl-dev libffi-dev openssl-dev build-base libvirt-dev && \
+    pip3 install ansible asn1crypto bcrypt cachetools certifi cffi chardet cryptography dictdiffer \
+      docker-py google-auth httplib2 hvac idna ipaddress Jinja2 jmespath jsonpatch jsonpointer jsonschema \
+      kubernetes~=9.0.0 libvirt-python MarkupSafe oauthlib openshift~=0.9.0 paramiko pyasn1 pyasn1-modules pycparser \
+      PyNaCl python-dateutil python-string-utils PyYAML q requests requests-oauthlib rsa ruamel.yaml \
+      six simplejson urllib3 websocket-client ansible-lint && \
+    apk add ca-certificates && \
+    apk del build-dependencies && \
+    rm -rf /var/cache/apk/* && \
+    wget https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip && \
+    unzip vault_${VAULT_VERSION}_linux_amd64.zip && \
+    install vault /usr/local/bin/vault -o root -g root -m 0755 && \
+    rm -f vault vault_${VAULT_VERSION}_linux_amd64.zip && \
+    wget https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl && \
+    install kubectl /usr/local/bin/kubectl -o root -g root -m 0755 && \
+    rm -f kubectl && \
+    mkdir -p /etc/ansible /ansible && \
+    echo "[local]" >> /etc/ansible/hosts && \
+    echo "localhost" >> /etc/ansible/hosts && \
+    ln -s /usr/local/bin/python3 /usr/bin/python3
+COPY ./rootCA.pem /usr/local/share/ca-certificates/beethoven.pem
+RUN update-ca-certificates
+
+ENV ANSIBLE_GATHERING=smart \
+    ANSIBLE_HOST_KEY_CHECKING=false \
+    ANSIBLE_RETRY_FILES_ENABLED=false \
+    ANSIBLE_ROLES_PATH=/ansible/playbooks/roles \
+    ANSIBLE_SSH_PIPELINING=True \
+    PYTHONPATH=/ansible/lib \
+    PATH=/ansible/bin:$PATH \
+    ANSIBLE_LIBRARY=/ansible/library
+ 
+WORKDIR /ansible/playbooks
+ 
+CMD ["ansible"]
\ No newline at end of file