First commit

2020-05-31 18:18:14 +02:00 · 2020-05-31 18:18:14 +02:00 · f498390635
commit f498390635
parent 1ac9d9d809
3 changed files with 84 additions and 1 deletions
--- a/ansible.Dockerfile
+++ b/ansible.Dockerfile
@ -0,0 +1,44 @@
+# docker container run -ti --name ansible python:3.6-alpine sh
+# ~/.vault-token
+# docker build -f ansible.Dockerfile -t adrien/ansible ./
+# time docker run --rm --dns=192.168.18.11 -ti -v $(pwd):/ansible/playbooks -v ~/.kube:/root/.kube -e VAULT_ADDR=$VAULT_ADDR -e VAULT_TOKEN="$(cat ~/.vault-token)" -e VAULT_CACERT=/ansible/playbooks/rootCA.pem adrien/ansible ansible-playbook -i inventories/bpipp.flaminem.com/ -l localhost playbook.yml --diff -t prom
+
+FROM python:3.7-alpine
+LABEL name="ansible" \
+      version="latest"
+RUN VAULT_VERSION=1.4.2 && KUBECTL_VERSION=v1.18.3 && \
+    apk --update add --virtual build-dependencies gcc musl-dev libffi-dev openssl-dev build-base libvirt-dev && \
+    pip3 install ansible asn1crypto bcrypt cachetools certifi cffi chardet cryptography dictdiffer \
+      docker-py google-auth httplib2 hvac idna ipaddress Jinja2 jmespath jsonpatch jsonpointer jsonschema \
+      kubernetes~=9.0.0 libvirt-python MarkupSafe oauthlib openshift~=0.9.0 paramiko pyasn1 pyasn1-modules pycparser \
+      PyNaCl python-dateutil python-string-utils PyYAML q requests requests-oauthlib rsa ruamel.yaml \
+      six simplejson urllib3 websocket-client ansible-lint && \
+    apk add ca-certificates && \
+    apk del build-dependencies && \
+    rm -rf /var/cache/apk/* && \
+    wget https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip && \
+    unzip vault_${VAULT_VERSION}_linux_amd64.zip && \
+    install vault /usr/local/bin/vault -o root -g root -m 0755 && \
+    rm -f vault vault_${VAULT_VERSION}_linux_amd64.zip && \
+    wget https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/amd64/kubectl && \
+    install kubectl /usr/local/bin/kubectl -o root -g root -m 0755 && \
+    rm -f kubectl && \
+    mkdir -p /etc/ansible /ansible && \
+    echo "[local]" >> /etc/ansible/hosts && \
+    echo "localhost" >> /etc/ansible/hosts && \
+    ln -s /usr/local/bin/python3 /usr/bin/python3
+COPY ./rootCA.pem /usr/local/share/ca-certificates/beethoven.pem
+RUN update-ca-certificates
+
+ENV ANSIBLE_GATHERING=smart \
+    ANSIBLE_HOST_KEY_CHECKING=false \
+    ANSIBLE_RETRY_FILES_ENABLED=false \
+    ANSIBLE_ROLES_PATH=/ansible/playbooks/roles \
+    ANSIBLE_SSH_PIPELINING=True \
+    PYTHONPATH=/ansible/lib \
+    PATH=/ansible/bin:$PATH \
+    ANSIBLE_LIBRARY=/ansible/library
+ 
+WORKDIR /ansible/playbooks
+ 
+CMD ["ansible"]