Last active
June 24, 2024 22:31
-
-
Save pythoninthegrass/383b6ae13ed8ef0f9bae3ed9037f1e4f to your computer and use it in GitHub Desktop.
Snippet from an env role to generate programmatic .env files via the `get_secrets.py` script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
... | |
@log_call | |
def file_exists(filename): | |
"""Check if a file exists.""" | |
fn = Path.cwd() / filename | |
if fn.exists(): | |
overwrite = input(f"File '{filename}' already exists. Do you want to overwrite it? (y/n): ") | |
match overwrite.lower(): | |
case "y" | "yes": | |
fn.touch(exist_ok=True) | |
case "n" | "no": | |
print("Exiting...") | |
sys.exit() | |
case _: | |
print("Invalid input. Exiting...") | |
sys.exit() | |
else: | |
fn.touch(exist_ok=True) | |
... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Install dependencies | |
ansible.builtin.pip: | |
name: | |
- eliot | |
- python-decouple | |
- requests | |
- requests-cache | |
state: present | |
# umask: "0022" | |
virtualenv: "{{ ansible_env.HOME }}/.venv" | |
virtualenv_command: python -m venv | |
environment: | |
PATH: "{{ ansible_env.HOME }}/.asdf/shims:{{ ansible_env.HOME }}/.asdf/bin:{{ ansible_env.PATH }}" | |
changed_when: false | |
become_method: su | |
become_user: "{{ local_user }}" | |
become_flags: '-s /bin/sh' | |
tags: pre | |
- name: Run get_secrets.py on target host | |
ansible.builtin.script: | |
cmd: "{{ tld }}/roles/create-env/files/get_secrets.py" | |
args: | |
chdir: "/tmp" | |
executable: "python" | |
environment: | |
PATH: "{{ ansible_env.HOME }}/.venv/bin:{{ ansible_env.PATH }}" | |
ENV: "prod" | |
ENV_FILE: ".env" | |
CLIENT_ID: "{{ client_id }}" | |
CLIENT_SECRET: "{{ client_secret }}" | |
tags: pre,qa |
Fixed the general deps issue. Now just back to square one with lines 21-33 hanging
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
PATH
is manipulated to use asdf's python runtime and install packagesglobally instead of in a virtual environment (hence theextra_args
passed to pip.)client_id
andclient_secret
are read from a local vault file exported before runningansible-playbook ...
Attempting to use eliot to figure out why the task is hanging with no stdout/stderr feedback. Incidentally that caused another deps error lmao