3 # COPYRIGHT NOTICE STARTS HERE
5 # Copyright 2018 © Samsung Electronics Co., Ltd.
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
19 # COPYRIGHT NOTICE ENDS HERE
24 script_path=$(readlink -f "$0")
25 script_name=$(basename "$script_path")
26 ANSIBLE_DIR=$(dirname "$script_path")
27 ANSIBLE_CHROOT="${ANSIBLE_DIR}/ansible_chroot"
28 ANSIBLE_LOG_PATH="/ansible/log/ansible-$(date +%Y.%m.%d-%H%M%S).log"
39 ${script_name} - wrapper for ansible-playbook command
42 Run ansible playbook (or other command if it is there) inside a docker
43 container or a chroot environment.
45 By default the chroot is used because it has less dependencies and no
46 service needs to be run (provided that chroot command is installed).
48 Docker support is kept for compatibility reasons.
50 To run ansible docker image you must set environment variable:
53 So this wrapper can know by which name you have built the included
54 Dockerfile and also to trigger this different behaviour.
57 ANSIBLE_DOCKER_IMAGE=ansible
63 ./${script_name} <args>
64 Run ansible-playbook command inside a chroot
66 ANSIBLE_DOCKER_IMAGE=<docker-image> ./${script_name} <args>
67 Run ansible-playbook command inside a docker container
70 For the optimal usage your system should support overlay mount. Which
71 should be available on any recent kernel at least couple of years back.
73 Another requirement is the 'unshare' utility which is part of 'util-linux'
74 package and also is part of system for couple of years already.
76 The last is 'chroot' command itself and that is also part of system
86 export ANSIBLE_LOG_PATH
88 # if no arg then print help and exit
95 if [ "$(id -u)" -ne 0 ] ; then
96 echo ERROR: "I need root privileges and you are not root: $(id -nu)" >&2
100 # if env var is set then run in docker
101 if [ -n "$ANSIBLE_DOCKER_IMAGE" ] ; then
102 exec docker run --rm \
103 -v "${HOME}"/.ssh:/root/.ssh:rw \
104 -v "$ANSIBLE_DIR:/ansible:ro" \
105 -v "$ANSIBLE_DIR/application:/ansible/application:rw" \
106 -v "$ANSIBLE_DIR/certs/:/ansible/certs:rw" \
107 -v "$ANSIBLE_DIR/log/:/ansible/log:rw" \
108 -e ANSIBLE_LOG_PATH \
109 -it "${ANSIBLE_DOCKER_IMAGE}" "$@"
112 # if not already there then unpack chroot
113 if ! [ -d "$ANSIBLE_CHROOT" ] ; then
114 if ! [ -f "$ANSIBLE_DIR"/docker/ansible_chroot.tgz ] ; then
115 echo ERROR: "Missing chroot archive: ${ANSIBLE_DIR}/ansible_chroot.tgz" >&2
119 echo INFO: "Unpacking chroot tar into: ${ANSIBLE_CHROOT}" >&2
120 if ! tar -C "$ANSIBLE_DIR" -xzf "$ANSIBLE_DIR"/docker/ansible_chroot.tgz ; then
121 echo ERROR: "Unpacking failed - ABORT" >&2
127 "$ANSIBLE_DIR"/docker/run_chroot.sh \
128 --mount rw:"${HOME}/.ssh":/root/.ssh \
129 --mount ro:"$ANSIBLE_DIR":/ansible \
130 --mount rw:"$ANSIBLE_DIR"/application:/ansible/application \
131 --mount rw:"$ANSIBLE_DIR"/log:/ansible/log \
132 --mount rw:"$ANSIBLE_DIR"/certs:/ansible/certs \
133 --mount ro:/etc/resolv.conf:/etc/resolv.conf \
134 --mount ro:/etc/hosts:/etc/hosts \
136 execute "$ANSIBLE_CHROOT" ansible-playbook "$@"