#!/usr/bin/env bash # ENV Vars: # VAGRANT_MODE - [0,1] # - to be used with bovine-inventory's vagrant mode # ANSIBLE_RUN_MODE - ["playbook","ad-hoc"] # - specify which mode to run ansible in # ANSIBLE_PLAYBOOK_FILE - defaults to "infra.yml" # - specify playbook to pass to ansible-playbook # - NB: only used when run mode is "playbook" # ANSIBLE_BASE_ARA - ["0","1"] # - a bash STRING (not numeral) to enable ARA # VAULT_PASSWORD_FILE - export ANSIBLE_RUN_MODE="${ANSIBLE_RUN_MODE:-playbook}" export ANSIBLE_PLAYBOOK_FILE="${ANSIBLE_PLAYBOOK_FILE:-infra.yml}" export VAULT_PASSWORD_FILE="${VAULT_PASSWORD_FILE:-${HOME}/.ssh/creds/vault_password.txt}" export VAGRANT_MODE="${VAGRANT_MODE:-0}" run_ansible() { INOPTS=( "$@" ) VAULTOPTS="" # Plaintext vault decryption key, not checked into SCM if [ -f "${VAULT_PASSWORD_FILE}" ]; then VAULTOPTS="--vault-password-file=${VAULT_PASSWORD_FILE}" if [ ${ANSIBLE_RUN_MODE} == 'playbook' ]; then time ansible-playbook --diff ${VAULTOPTS} "${ANSIBLE_PLAYBOOK_FILE}" "${INOPTS[@]}" return $? elif [ ${ANSIBLE_RUN_MODE} == 'ad-hoc' ]; then time ansible --diff ${VAULTOPTS} "${INOPTS[@]}" return $? fi else if [ "${ANSIBLE_RUN_MODE}" == 'playbook' ]; then echo "Vault password file unreachable. Skip steps require vault." VAULTOPTS="--skip-tags=requires_vault" #echo "ansible-playbook --diff $VAULTOPTS ${INOPTS[@]} ${ANSIBLE_PLAYBOOK_FILE}" && \ time ansible-playbook --diff ${VAULTOPTS} "${ANSIBLE_PLAYBOOK_FILE}" "${INOPTS[@]}" return $? elif [ "${ANSIBLE_RUN_MODE}" == 'ad-hoc' ]; then #echo "ansible --diff $VAULTOPTS ${INOPTS[@]}" && \ time ansible --diff ${VAULTOPTS} "${INOPTS[@]}" return $? else echo "Invalid run mode: ${ANSIBLE_RUN_MODE}" exit 15 fi fi } if [ "${VAGRANT_MODE}" -eq 1 ]; then export ANSIBLE_SSH_ARGS="-o UserKnownHostsFile=/dev/null" export ANSIBLE_HOST_KEY_CHECKING=false fi run_ansible "$@" retcode=$? exit $retcode