diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..566f51f --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,3 @@ +--- +warn_list: + - yaml[line-length] diff --git a/meta/main.yml b/meta/main.yml index 329e393..489b7c8 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,12 +1,13 @@ galaxy_info: role_name: azure_devops_agent - author: Yohan Belval + author: gsoft description: Azure DevOps Agent for Linux. company: GSoft + standalone: true license: "license (Apache-2.0)" - min_ansible_version: 2.4 + min_ansible_version: '2.4' platforms: - name: Ubuntu @@ -16,18 +17,18 @@ galaxy_info: - focal - name: EL versions: - - 7 + - '7' - name: Debian versions: - stretch - buster - name: Windows versions: - - 2016 - - 2019 + - '2016' + - '2019' - name: MacOSX versions: - - 10.15 + - '10.15' galaxy_tags: - azure diff --git a/tasks/Darwin.yml b/tasks/Darwin.yml index b870459..0c0b42c 100644 --- a/tasks/Darwin.yml +++ b/tasks/Darwin.yml @@ -1,19 +1,20 @@ +--- - name: Add an agent user - user: + ansible.builtin.user: name: "{{ az_devops_agent_user }}" comment: "Azure DevOps Agent" shell: /bin/zsh group: "{{ az_devops_agent_group }}" - uid: "{{ az_devops_agent_uid|default(omit) }}" + uid: "{{ az_devops_agent_uid | default(omit) }}" become: true - name: Create directories - file: + ansible.builtin.file: state: directory path: "{{ item }}" owner: "{{ az_devops_agent_user }}" group: "{{ az_devops_agent_group }}" - mode: 0755 + mode: '0755' loop: - "{{ az_devops_launchagent_folder }}" - "{{ az_devops_agent_folder }}" @@ -25,7 +26,7 @@ # even then doesn't use the provided gnu tar. # Makes using ansible on macos a questionable endeavor (but some of us are left with that)... - name: Download agent - get_url: + ansible.builtin.get_url: url: "{{ az_devops_agent_package_url }}" dest: "{{ az_devops_default_agent_local_package }}" owner: "{{ az_devops_agent_user }}" @@ -35,33 +36,33 @@ become: true - name: Unarchive agent - shell: "cd {{ az_devops_agent_folder }} && tar -zxf {{ az_devops_default_agent_local_package }}" + ansible.builtin.shell: "cd {{ az_devops_agent_folder }} && tar -zxf {{ az_devops_default_agent_local_package }}" become: true become_user: "{{ az_devops_agent_user }}" when: agent_download.changed or agent_directory.changed tags: ['skip_ansible_lint'] - name: Check if svc.sh exists - stat: + ansible.builtin.stat: path: "{{ '/'.join((az_devops_agent_folder, 'svc.sh')) }}" register: svc_sh become: true changed_when: false - check_mode: no + check_mode: false - name: Check service status - command: ./svc.sh status + ansible.builtin.command: ./svc.sh status become: true become_user: "{{ az_devops_agent_user }}" args: chdir: "{{ az_devops_agent_folder }}" register: svc_status changed_when: false - check_mode: no + check_mode: false when: svc_sh.stat.exists - name: Set agent config facts - set_fact: + ansible.builtin.set_fact: agent_cmd_args: - "./config.sh" - "--unattended" @@ -88,21 +89,21 @@ reconfigure_or_replace: "{{ az_devops_reconfigure_agent or az_devops_agent_replace_existing }}" - name: Add deployment group tags - set_fact: + ansible.builtin.set_fact: deployment_agent_cmd_args: "{{ deployment_agent_cmd_args }} + ['--addDeploymentGroupTags', '--deploymentGroupTags \\'{{ az_devops_deployment_group_tags }}\\'']" when: - az_devops_deployment_group_tags is defined - name: Set proxy - set_fact: + ansible.builtin.set_fact: agent_cmd_args: "{{ agent_cmd_args }} + ['--proxyurl \\'{{ az_devops_proxy_url }}\\'', '--proxyusername \\'{{ az_devops_proxy_username }}\\'', '--proxypassword \\'{{ az_devops_proxy_password }}\\'']" when: - az_devops_proxy_url is defined - name: Uninstall agent service - command: ./svc.sh uninstall + ansible.builtin.command: ./svc.sh uninstall become: true become_user: "{{ az_devops_agent_user }}" args: @@ -113,7 +114,7 @@ - reconfigure_or_replace - name: Unconfigure agent - command: "./config.sh remove --auth PAT --token {{ az_devops_accesstoken }}" + ansible.builtin.command: "./config.sh remove --auth PAT --token {{ az_devops_accesstoken }}" args: chdir: "{{ az_devops_agent_folder }}" removes: "{{ az_devops_agent_folder }}/.agent" @@ -124,7 +125,7 @@ - reconfigure_or_replace - name: Add '--replace' configuration argument - set_fact: + ansible.builtin.set_fact: build_agent_cmd_args: "{{ build_agent_cmd_args }} + ['--replace']" deployment_agent_cmd_args: "{{ build_agent_cmd_args }} + ['--replace']" resource_agent_cmd_args: "{{ resource_agent_cmd_args }} + ['--replace']" @@ -132,7 +133,7 @@ - az_devops_agent_replace_existing - name: Configure agent as a build server - command: "{{ (agent_cmd_args + build_agent_cmd_args) | join(' ') }}" + ansible.builtin.command: "{{ (agent_cmd_args + build_agent_cmd_args) | join(' ') }}" args: chdir: "{{ az_devops_agent_folder }}" creates: "{{ az_devops_agent_folder }}/.agent" @@ -143,7 +144,7 @@ - (not service_is_installed) or reconfigure_or_replace - name: Configure agent as a deployment server - command: "{{ (agent_cmd_args + deployment_agent_cmd_args) | join(' ') }}" + ansible.builtin.command: "{{ (agent_cmd_args + deployment_agent_cmd_args) | join(' ') }}" args: chdir: "{{ az_devops_agent_folder }}" creates: "{{ az_devops_agent_folder }}/.agent" @@ -154,7 +155,7 @@ - (not service_is_installed) or reconfigure_or_replace - name: Configure agent as an environment resource - command: "{{ (agent_cmd_args + resource_agent_cmd_args) | join(' ') }}" + ansible.builtin.command: "{{ (agent_cmd_args + resource_agent_cmd_args) | join(' ') }}" args: chdir: "{{ az_devops_agent_folder }}" creates: "{{ az_devops_agent_folder }}/.agent" @@ -165,19 +166,20 @@ - (not service_is_installed) or reconfigure_or_replace - name: Set provided user defined capabilities - ini_file: + community.general.ini_file: path: "{{ az_devops_agent_folder }}/.env" section: null option: "{{ item.key }}" value: "{{ item.value }}" - no_extra_spaces: yes + no_extra_spaces: true owner: "{{ az_devops_agent_user }}" group: "{{ az_devops_agent_group }}" + mode: '0600' loop: "{{ az_devops_agent_user_capabilities | default({}) | dict2items }}" become: true -- name: Install agent service - command: ./svc.sh install {{ az_devops_agent_user }} +- name: Install agent service # noqa no-changed-when + ansible.builtin.command: ./svc.sh install {{ az_devops_agent_user }} become: true become_user: "{{ az_devops_agent_user }}" args: @@ -185,8 +187,8 @@ when: - (not service_is_installed) or reconfigure_or_replace -- name: Start agent service - command: ./svc.sh start +- name: Start agent service # noqa no-changed-when + ansible.builtin.command: ./svc.sh start become: true become_user: "{{ az_devops_agent_user }}" args: diff --git a/tasks/Linux.yml b/tasks/Linux.yml index ae60468..b3e4f14 100644 --- a/tasks/Linux.yml +++ b/tasks/Linux.yml @@ -1,68 +1,69 @@ +--- - name: Add an agent user - user: + ansible.builtin.user: name: "{{ az_devops_agent_user }}" group: "{{ az_devops_agent_group }}" - uid: "{{ az_devops_agent_uid|default(omit) }}" + uid: "{{ az_devops_agent_uid | default(omit) }}" comment: "Azure DevOps Agent" shell: /bin/bash become: true - name: Create directories - file: + ansible.builtin.file: state: directory path: "{{ item }}" owner: "{{ az_devops_agent_user }}" group: "{{ az_devops_agent_group }}" - mode: 0755 + mode: '0755' loop: - "{{ az_devops_agent_folder }}" - "{{ az_devops_work_folder }}" become: true - name: Install dependencies - package: + ansible.builtin.package: name: "{{ az_devops_agent_dependencies }}" state: present become: true - name: Check if svc.sh exists - stat: + ansible.builtin.stat: path: "{{ '/'.join((az_devops_agent_folder, 'svc.sh')) }}" register: svc_sh become: true changed_when: false - check_mode: no + check_mode: false - name: Check service status - command: ./svc.sh status + ansible.builtin.command: ./svc.sh status become: true args: chdir: "{{ az_devops_agent_folder }}" register: svc_status changed_when: false - check_mode: no + check_mode: false when: svc_sh.stat.exists - name: Check if bin/Agent.Listener exists - stat: + ansible.builtin.stat: path: "{{ '/'.join((az_devops_agent_folder, 'bin/Agent.Listener')) }}" register: bin_agent_listener become: true changed_when: false - check_mode: no + check_mode: false - name: Check agent version - command: ./bin/Agent.Listener --version + ansible.builtin.command: ./bin/Agent.Listener --version become: true args: chdir: "{{ az_devops_agent_folder }}" register: agent_listener_version changed_when: false - check_mode: no + check_mode: false when: bin_agent_listener.stat.exists - name: Set agent config facts - set_fact: + ansible.builtin.set_fact: agent_cmd_args: - "./config.sh" - "--unattended" @@ -87,29 +88,56 @@ service_is_installed: "{{ svc_status.stdout is defined and svc_status.stdout is not regex('not installed') }}" service_is_running: "{{ svc_status.stdout is defined and svc_status.stdout is regex('active \\(running\\)') }}" is_requested_version: "{{ bin_agent_listener.stat.exists and agent_listener_version.stdout is defined and agent_listener_version.stdout == az_devops_agent_version }}" + no_log: "{{ az_devops_no_log | default(true) }}" - name: Determine if the agent should be reconfigured or replaced - set_fact: + ansible.builtin.set_fact: reconfigure_or_replace: "{{ az_devops_reconfigure_agent or az_devops_agent_replace_existing or not is_requested_version }}" - name: Add deployment group tags - set_fact: - deployment_agent_cmd_args: "{{ deployment_agent_cmd_args }} + - ['--addDeploymentGroupTags', '--deploymentGroupTags \\'{{ az_devops_deployment_group_tags }}\\'']" when: - az_devops_deployment_group_tags is defined + - az_devops_deployment_group_tags|string + block: + - name: Set fact temporary variable - deployment_agent_cmd_args_tmp + ansible.builtin.set_fact: + deployment_agent_cmd_args_tmp: + - '--addDeploymentGroupTags' + - "--deploymentGroupTags '{{ az_devops_deployment_group_tags }}'" + no_log: "{{ az_devops_no_log | default(true) }}" + - name: Set fact merge into main variable - deployment_agent_cmd_args + ansible.builtin.set_fact: + # need first filter else getting array of array of strings + deployment_agent_cmd_args: + # - "{{ (deployment_agent_cmd_args + deployment_agent_cmd_args_tmp) | first }}" + - "{{ (deployment_agent_cmd_args + deployment_agent_cmd_args_tmp) }}" + no_log: "{{ az_devops_no_log | default(true) }}" - name: Set proxy - set_fact: - agent_cmd_args: "{{ agent_cmd_args }} + ['--proxyurl \\'{{ az_devops_proxy_url }}\\'', '--proxyusername \\'{{ az_devops_proxy_username }}\\'', '--proxypassword \\'{{ az_devops_proxy_password }}\\'']" when: - az_devops_proxy_url is defined + - az_devops_proxy_url|string + - az_devops_proxy_username|string + - az_devops_proxy_password|string + block: + - name: Set fact temporary variable - agent_cmd_args_tmp + ansible.builtin.set_fact: + agent_cmd_args_tmp: + - "--proxyurl '{{ az_devops_proxy_url }}'" + - "--proxyusername '{{ az_devops_proxy_username }}'" + - "--proxypassword '{{ az_devops_proxy_password }}'" + no_log: "{{ az_devops_no_log | default(true) }}" + - name: Set fact merge into main variable agent_cmd_args + ansible.builtin.set_fact: + agent_cmd_args: + - "{{ (agent_cmd_args + agent_cmd_args_tmp) }}" + no_log: "{{ az_devops_no_log | default(true) }}" - name: Download and unarchive - unarchive: + ansible.builtin.unarchive: src: "{{ az_devops_agent_package_url }}" dest: "{{ az_devops_agent_folder }}" - remote_src: yes + remote_src: true owner: "{{ az_devops_agent_user }}" group: "{{ az_devops_agent_group }}" become: true @@ -117,7 +145,7 @@ - (not service_is_installed) or reconfigure_or_replace - name: Uninstall agent service - command: ./svc.sh uninstall + ansible.builtin.command: ./svc.sh uninstall become: true args: chdir: "{{ az_devops_agent_folder }}" @@ -127,7 +155,7 @@ - reconfigure_or_replace - name: Unconfigure agent - command: "./config.sh remove --auth PAT --token {{ az_devops_accesstoken }}" + ansible.builtin.command: "./config.sh remove --auth PAT --token {{ az_devops_accesstoken }}" args: chdir: "{{ az_devops_agent_folder }}" removes: "{{ az_devops_agent_folder }}/.agent" @@ -138,15 +166,15 @@ - reconfigure_or_replace - name: Add '--replace' configuration argument - set_fact: - build_agent_cmd_args: "{{ build_agent_cmd_args }} + ['--replace']" - deployment_agent_cmd_args: "{{ build_agent_cmd_args }} + ['--replace']" - resource_agent_cmd_args: "{{ resource_agent_cmd_args }} + ['--replace']" + ansible.builtin.set_fact: + build_agent_cmd_args: "{{ build_agent_cmd_args + ['--replace'] }}" + deployment_agent_cmd_args: "{{ build_agent_cmd_args + ['--replace'] }}" + resource_agent_cmd_args: "{{ resource_agent_cmd_args + ['--replace'] }}" when: - az_devops_agent_replace_existing - name: Configure agent as a build server - command: "{{ (agent_cmd_args + build_agent_cmd_args) | join(' ') }}" + ansible.builtin.command: "{{ (agent_cmd_args + build_agent_cmd_args) | join(' ') }}" args: chdir: "{{ az_devops_agent_folder }}" creates: "{{ az_devops_agent_folder }}/.agent" @@ -155,9 +183,10 @@ when: - az_devops_agent_role == 'build' - (not service_is_installed) or reconfigure_or_replace + no_log: "{{ az_devops_no_log | default(true) }}" - name: Configure agent as a deployment server - command: "{{ (agent_cmd_args + deployment_agent_cmd_args) | join(' ') }}" + ansible.builtin.command: "{{ (agent_cmd_args + deployment_agent_cmd_args) | join(' ') }}" args: chdir: "{{ az_devops_agent_folder }}" creates: "{{ az_devops_agent_folder }}/.agent" @@ -168,7 +197,7 @@ - (not service_is_installed) or reconfigure_or_replace - name: Configure agent as an environment resource - command: "{{ (agent_cmd_args + resource_agent_cmd_args) | join(' ') }}" + ansible.builtin.command: "{{ (agent_cmd_args + resource_agent_cmd_args) | join(' ') }}" args: chdir: "{{ az_devops_agent_folder }}" creates: "{{ az_devops_agent_folder }}/.agent" @@ -184,22 +213,23 @@ section: null option: "{{ item.key }}" value: "{{ item.value }}" - no_extra_spaces: yes + no_extra_spaces: true owner: "{{ az_devops_agent_user }}" group: "{{ az_devops_agent_group }}" + mode: '0600' loop: "{{ az_devops_agent_user_capabilities | default({}) | dict2items }}" become: true -- name: Install agent service - command: ./svc.sh install {{ az_devops_agent_user }} +- name: Install agent service # noqa no-changed-when + ansible.builtin.command: ./svc.sh install {{ az_devops_agent_user }} become: true args: chdir: "{{ az_devops_agent_folder }}" when: - (not service_is_installed) or reconfigure_or_replace -- name: Start agent service - command: ./svc.sh start +- name: Start agent service # noqa no-changed-when + ansible.builtin.command: ./svc.sh start become: true args: chdir: "{{ az_devops_agent_folder }}" diff --git a/tasks/Windows.yml b/tasks/Windows.yml index ceaedaa..1190d51 100644 --- a/tasks/Windows.yml +++ b/tasks/Windows.yml @@ -1,15 +1,15 @@ - name: Add an agent user - win_user: + ansible.windows.win_user: name: "{{ az_devops_agent_user }}" password: "{{ az_devops_agent_password }}" state: present password_never_expires: true - become: yes + become: true when: - az_devops_agent_create_local_user - + - name: Ensure chocolatey is present - win_chocolatey: + chocolatey.chocolatey.win_chocolatey: name: chocolatey state: present @@ -17,7 +17,7 @@ # https://github.com/flcdrg/au-packages/blob/master/azure-pipelines-agent/README.md - name: Set basic agent package parameters - set_fact: + ansible.builtin.set_fact: common_install_options: - "/Directory:{{ az_devops_agent_folder }}" - "/Url:{{ az_devops_server_url }}" @@ -41,55 +41,55 @@ - "/ProjectName:{{ az_devops_project_name }}" - name: Add '/Replace' configuration argument - set_fact: + ansible.builtin.set_fact: common_install_options: "{{ common_install_options }} + ['/Replace']" when: - az_devops_agent_replace_existing - name: Add deployment group tags - set_fact: + ansible.builtin.set_fact: deployment_install_options: "{{ deployment_install_options }} + ['/DeploymentGroupTags:{{ az_devops_deployment_group_tags }}']" when: - az_devops_deployment_group_tags is defined - name: Add az_devops_proxy_url - set_fact: + ansible.builtin.set_fact: common_install_options: "{{ common_install_options }} + ['/ProxyUrl:{{ az_devops_proxy_url }}']" when: - az_devops_proxy_url is defined and az_devops_proxy_url - name: Add az_devops_proxy_username - set_fact: + ansible.builtin.set_fact: common_install_options: "{{ common_install_options }} + ['/ProxyUserName:{{ az_devops_proxy_username }}']" when: - az_devops_proxy_username is defined and az_devops_proxy_username - name: Add az_devops_proxy_password - set_fact: + ansible.builtin.set_fact: common_install_options: "{{ common_install_options }} + ['/ProxyPassword:{{ az_devops_proxy_password }}']" when: - az_devops_proxy_password is defined and az_devops_proxy_password - name: Configure agent as a build server - set_fact: + ansible.builtin.set_fact: az_devops_agent_package_params: "{{ common_install_options }} + {{ build_agent_install_options }}" when: - - az_devops_agent_role == 'build' + - az_devops_agent_role == 'build' - name: Configure agent as a deployment server - set_fact: + ansible.builtin.set_fact: az_devops_agent_package_params: "{{ common_install_options }} + {{ deployment_install_options }}" when: - - az_devops_agent_role == 'deployment' + - az_devops_agent_role == 'deployment' - name: Configure agent as an environment resource - set_fact: + ansible.builtin.set_fact: az_devops_agent_package_params: "{{ common_install_options }} + {{ resource_agent_install_options }}" when: - - az_devops_agent_role == 'resource' + - az_devops_agent_role == 'resource' - name: Install azure-pipelines-agent package - win_chocolatey: + chocolatey.chocolatey.win_chocolatey: name: azure-pipelines-agent state: present version: "{{ az_devops_agent_version }}" diff --git a/tasks/main.yml b/tasks/main.yml index 4cd12b9..2c0b3f6 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Read platform-specific variables - include_vars: "{{ varfile }}" + ansible.builtin.include_vars: "{{ varfile }}" with_first_found: - files: - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" @@ -11,7 +11,7 @@ loop_control: loop_var: varfile -# - debug: +# - ansible.builtin.debug: # msg: # - "Dependency lookup variables are :" # - "ansible_distribution: {{ ansible_distribution }}" @@ -20,7 +20,7 @@ # - "ansible_system: {{ ansible_system }}" - name: Read platform-specific package list variables - include_vars: "{{ varfile }}" + ansible.builtin.include_vars: "{{ varfile }}" with_first_found: - files: - "dependencies-{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" @@ -33,11 +33,11 @@ loop_var: varfile - name: Read platform specific tasks - include_tasks: "{{ taskfile }}" + ansible.builtin.include_tasks: "{{ taskfile }}" with_first_found: - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml" - "{{ ansible_distribution }}.yml" - "{{ ansible_os_family }}.yml" - "{{ ansible_system }}.yml" loop_control: - loop_var: taskfile \ No newline at end of file + loop_var: taskfile diff --git a/vars/Darwin.yml b/vars/Darwin.yml index 6216612..9abb1ce 100644 --- a/vars/Darwin.yml +++ b/vars/Darwin.yml @@ -3,4 +3,4 @@ az_devops_default_work_folder: "/Users/{{ az_devops_agent_user }}/agent/_work" az_devops_launchagent_folder: "/Users/{{ az_devops_agent_user }}/Library/LaunchAgents" az_devops_default_agent_package_url: "https://vstsagentpackage.azureedge.net/agent/{{ az_devops_agent_version }}/vsts-agent-osx-x64-{{ az_devops_agent_version }}.tar.gz" az_devops_default_agent_local_package: "/Users/{{ az_devops_agent_user }}/vsts-agent-osx-x64-{{ az_devops_agent_version }}.tar.gz" -az_devops_default_agent_group: admin \ No newline at end of file +az_devops_default_agent_group: admin diff --git a/vars/dependencies-RedHat-7.yml b/vars/dependencies-RedHat-7.yml index e911977..0a74528 100644 --- a/vars/dependencies-RedHat-7.yml +++ b/vars/dependencies-RedHat-7.yml @@ -3,4 +3,4 @@ az_devops_agent_dependencies: - libicu - lttng-ust - openssl-libs - - zlib \ No newline at end of file + - zlib