ansible/ansible_role_forgeo_runner
1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_forgeo_runner.git synced 2024-08-16 10:29:50 +02:00
Code Releases Activity

Download and copy forgejo binary

Browse source
This commit is contained in:
L3D 2024-03-20 15:33:53 +01:00
parent f007a104f7
commit 1a3d04c235
Signed by: l3d
GPG key ID: CD08445BFF4313D1
6 changed files with 152 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
defaults/main.yml
View file

@ -1,8 +1,11 @@
--- ---
forgeo_runner__user: 'forgeo_runner' forgejo_runner__version: 'latest'
forgeo_runner__group: 'forgeo_runner' forgejo_runner__user: 'forgejo_runner'
# forgeo_runner__groups forgejo_runner__group: 'forgejo_runner'
forgeo_runner__user_home: '/var/lib/forgeo-runner' # forgejo_runner__groups
forgejo_runner__user_home: '/var/lib/forgejo-runner'
forgejo_runner__full_executable_path: '/usr/local/bin/forgejo_runner'
forgejo_runner__gpg_id: 'EB114F5E6C0DC2BCDD183550A4B61A2DC5923710'
# should we do a version check? (recomended) # should we do a version check? (recomended)
submodules_versioncheck: false submodules_versioncheck: false

16
tasks/create_user.yml
View file

@ -1,18 +1,18 @@
--- ---
- name: "Create Forgeo runner Group" - name: "Create Forgejo runner Group"
become: true become: true
ansible.builtin.group: ansible.builtin.group:
name: "{{ forgeo_runner__group }}" name: "{{ forgejo_runner__group }}"
system: true system: true
state: "present" state: "present"
- name: "Create Forgeo runner user" - name: "Create Forgejo runner user"
become: true become: true
ansible.builtin.user: ansible.builtin.user:
name: "{{ forgeo_runner__user }}" name: "{{ forgejo_runner__user }}"
comment: "Forgeo runner user" comment: "Forgejo runner user"
group: "{{ forgeo_runner__group }}" group: "{{ forgejo_runner__group }}"
groups: "{{ forgeo_runner__groups | default(omit) }}" groups: "{{ forgejo_runner__groups | default(omit) }}"
home: "{{ forgeo_runner__user_home }}" home: "{{ forgejo_runner__user_home }}"
shell: '/usr/sbin/nologin' shell: '/usr/sbin/nologin'
system: true system: true

69
tasks/install_runner.yml Normal file
View file

@ -0,0 +1,69 @@
---
- name: Install forgejo block
when: (not ansible_check_mode and (forgejo_runner__active_version.stdout[1:] != forgejo_runner__version_target))
become: true
block:
- name: Info what we do
ansible.builtin.debug:
msg: "Updating forgejo Runner {{ forgejo_runner__active_version.stdout[1:] }} to {{ forgejo_runner__version_target }}"
verbosity: 1
- name: Create temporary folder
ansible.builtin.tempfile:
state: directory
suffix: _runner
register: _runner_tmp
- name: Download forgejo-runner binary
get_url:
url: "{{ forgejo_runner__dl_url }}/{{ forgejo_runner__filename }}"
dest: "{{ _runner_tmp.path }}/{{ forgejo_runner__filename }}"
mode: "0755"
owner: "{{ forgejo_runner__user }}"
group: "{{ forgejo_runner__group }}"
- name: Download forgejo-runner.asc file
get_url:
url: "{{ forgejo_runner__dl_url }}/{{ forgejo_runner__filename }}.asc"
dest: "{{ _runner_tmp.path }}/{{ forgejo_runner__filename }}.asc"
mode: "0644"
owner: "{{ forgejo_runner__user }}"
group: "{{ forgejo_runner__group }}"
- name: Check forgejo runner gpg key
ansible.builtin.command: "gpg --list-keys 0x{{ forgejo_runner__gpg_id }}"
register: _forgejo_runner_gpg_key_status
changed_when: false
become: false
failed_when: _forgejo_runner_gpg_key_status.rc not in (0, 2)
- name: Print gpg key status on verbosity # noqa: H500
ansible.builtin.debug:
msg: "{{ _forgejo_runner_gpg_key_status.stdout }}"
verbosity: 1
- name: Import forgejo gpg key
ansible.builtin.command: "gpg --keyserver keys.openpgp.org --recv {{ forgejo_runner__gpg_id }}"
register: _forgejo_runner_import_key
changed_when: '"imported: 1" in _forgejo_runner_import_key.stderr'
when: '_forgejo_runner_gpg_key_status.rc != 0 or "expired" in _forgejo_runner_gpg_key_status.stdout'
- name: Check archive signature
ansible.builtin.command: "gpg --verify {{ _runner_tmp.path }}/{{ forgejo_runner__filename }}.asc {{ _runner_tmp.path }}/{{ forgejo_runner__filename }}"
changed_when: false
register: _runner_signature
- name: Copy verifyed forgejo runner binary
ansible.builtin.copy:
src: "{{ _runner_tmp.path }}/{{ forgejo_runner__filename }}"
dest: "{{ forgejo_runner__full_executable_path }}"
mode: "0755"
owner: "{{ forgejo_runner__user }}"
group: "{{ forgejo_runner__group }}"
remote_src: true
when: not _runner_signature.failed
- name: Verification Failed
ansible.builtin.fail:
msg: Signature verification of forgejo runner failed
when: _runner_signature.failed

10
tasks/main.yml
View file

@ -4,6 +4,14 @@
file: 'versioncheck.yml' file: 'versioncheck.yml'
when: submodules_versioncheck | bool when: submodules_versioncheck | bool
- name: Create User ans Group for forgeo runner - name: Create User ans Group for forgejo runner
ansible.builtin.include_tasks: ansible.builtin.include_tasks:
file: 'create_user.yml' file: 'create_user.yml'
- name: Set forgejo runner version
ansible.builtin.include_tasks:
file: 'set_runner_version.yml'
- name: Install forgejo runner binary
ansible.builtin.include_tasks:
file: 'install_runner.yml'

46
tasks/set_runner_version.yml Normal file
View file

@ -0,0 +1,46 @@
---
- name: "Check forgejo runner installed version"
ansible.builtin.shell: "set -eo pipefail; {{ forgejo_runner__full_executable_path }} --version | cut -d' ' -f 3"
args:
executable: /bin/bash
register: forgejo_runner__active_version
changed_when: false
failed_when: false
- name: "Determine 'latest' forgejo runner version release"
when: forgejo_runner__version == "latest"
block:
- name: "Get latest forgejo runner release metadata"
ansible.builtin.uri:
url: "{{ forgejo_runner__releases_latest }}"
return_content: true
register: forgejo_runner__remote_metadata
become: false
when: not ansible_check_mode
- name: "Fail if running in check mode without versions set."
ansible.builtin.fail:
msg: |
"You are running this playbook in check mode:
Please set the forgejo runner version with the variable 'forgejo_runner__version', because the URI module cannot detect the latest version in this mode."
when: ansible_check_mode and (forgejo_runner__version == 'latest')
- name: "Set fact latest forgejo runner release"
ansible.builtin.set_fact:
forgejo_runner__remote_version: "{{ forgejo_runner__remote_metadata.json.0.tag_name[1:] }}"
when: not ansible_check_mode
- name: "Set forgejo runner version target (latest)"
ansible.builtin.set_fact:
forgejo_runner__version_target: "{{ forgejo_runner__remote_version }}"
when: not ansible_check_mode
- name: "Set forgejo runner version target {{ forgejo_runner__version }}"
ansible.builtin.set_fact:
forgejo_runner__version_target: "{{ forgejo_runner__version }}"
when: forgejo_runner__version != "latest"
- name: "Generate forgejo runner download URL"
ansible.builtin.set_fact:
forgejo_runner__filename: "forgejo-runner-{{ forgejo_runner__version_target }}-linux-{{ forgejo_runner__arch }}"
forgejo_runner__dl_url: "{{ forgejo_runner__git_repo }}/releases/download/v{{ forgejo_runner__version_target }}"

14
vars/main.yml
View file

@ -1,4 +1,16 @@
--- ---
forgejo_runner__releases_latest: 'https://code.forgejo.org/api/v1/repos/forgejo/runner/releases?limit=1'
forgejo_runner__go_arch_map:
x86_64: 'amd64'
aarch64: 'arm64'
armv7l: 'armv7'
armv6l: 'armv6'
armv5l: 'armv5'
ppc64le: 'ppc64le'
s390x: 's390x'
forgejo_runner__arch: "{{ forgejo_runner__go_arch_map[ansible_architecture] | default(ansible_architecture) }}"
forgejo_runner__git_repo: 'https://code.forgejo.org/forgejo/runner'
# versionscheck # versionscheck
playbook_version_number: 03 # should be a integer playbook_version_number: 03 # should be a integer
playbook_version_path: 'role-l3d.git-forgeo_runner.version' playbook_version_path: 'role-l3d.git-forgejo_runner.version'