#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2012, Michael DeHaan <michael.dehaan@gmail.com> # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see <http://www.gnu.org/licenses/>. DOCUMENTATION = ''' --- module: git author: Michael DeHaan version_added: "0.0.1" short_description: Deploy software (or files) from git checkouts description: - Manage I(git) checkouts of repositories to deploy files or software. options: repo: required: true aliases: [ name ] description: - git, SSH, or HTTP protocol address of the git repository. dest: required: true description: - Absolute path of where the repository should be checked out to. version: required: false default: "HEAD" description: - What version of the repository to check out. This can be the full 40-character I(SHA-1) hash, the literal string C(HEAD), a branch name, or a tag name. reference: required: false default: null version_added: "1.4" description: - Reference repository (see "git clone --reference ...") remote: required: false default: "origin" description: - Name of the remote. force: required: false default: "yes" choices: [ "yes", "no" ] version_added: "0.7" description: - If C(yes), any modified files in the working repository will be discarded. Prior to 0.7, this was always 'yes' and could not be disabled. depth: required: false default: null version_added: "1.2" description: - Create a shallow clone with a history truncated to the specified number or revisions. The minimum possible value is C(1), otherwise ignored. update: required: false default: "yes" choices: [ "yes", "no" ] version_added: "1.2" description: - If C(yes), repository will be updated using the supplied remote. Otherwise the repo will be left untouched. Prior to 1.2, this was always 'yes' and could not be disabled. executable: required: false default: null version_added: "1.4" description: - Path to git executable to use. If not supplied, the normal mechanism for resolving binary paths will be used. bare: required: false default: "no" choices: [ "yes", "no" ] version_added: "1.4" description: - if C(yes), repository will be created as a bare repo, otherwise it will be a standard repo with a workspace. notes: - "If the task seems to be hanging, first verify remote host is in C(known_hosts). SSH will prompt user to authorize the first contact with a remote host. To avoid this prompt, one solution is to add the remote host public key in C(/etc/ssh/ssh_known_hosts) before calling the git module, with the following command: ssh-keyscan remote_host.com >> /etc/ssh/ssh_known_hosts." ''' EXAMPLES = ''' # Example git checkout from Ansible Playbooks - git: repo=git://foosball.example.org/path/to/repo.git dest=/srv/checkout version=release-0.22 # Example read-write git checkout from github - git: repo=ssh://git@github.com/mylogin/hello.git dest=/home/mylogin/hello # Example just ensuring the repo checkout exists - git: repo=git://foosball.example.org/path/to/repo.git dest=/srv/checkout update=no ''' import re import tempfile def get_version(git_path, dest, ref="HEAD"): ''' samples the version of the git repo ''' os.chdir(dest) cmd = "%s rev-parse %s" % (git_path, ref) sha = os.popen(cmd).read().rstrip("\n") return sha def clone(git_path, module, repo, dest, remote, depth, version, bare, reference): ''' makes a new git repo if it does not already exist ''' dest_dirname = os.path.dirname(dest) try: os.makedirs(dest_dirname) except: pass os.chdir(dest_dirname) cmd = [ git_path, 'clone' ] if bare: cmd.append('--bare') else: cmd.extend([ '--origin', remote, '--recursive' ]) if is_remote_branch(git_path, module, dest, repo, version) \ or is_remote_tag(git_path, module, dest, repo, version): cmd.extend([ '--branch', version ]) if depth: cmd.extend([ '--depth', str(depth) ]) if reference: cmd.extend([ '--reference', str(reference) ]) cmd.extend([ repo, dest ]) module.run_command(cmd, check_rc=True) if bare: os.chdir(dest) if remote != 'origin': module.run_command([git_path, 'remote', 'add', remote, repo], check_rc=True) def has_local_mods(git_path, dest, bare): if bare: return False os.chdir(dest) cmd = "%s status -s" % (git_path,) lines = os.popen(cmd).read().splitlines() lines = filter(lambda c: not re.search('^\\?\\?.*$', c), lines) return len(lines) > 0 def reset(git_path, module, dest): ''' Resets the index and working tree to HEAD. Discards any changes to tracked files in working tree since that commit. ''' os.chdir(dest) cmd = "%s reset --hard HEAD" % (git_path,) return module.run_command(cmd, check_rc=True) def get_remote_head(git_path, module, dest, version, remote, bare): cloning = False if remote == module.params['repo']: cloning = True else: os.chdir(dest) if version == 'HEAD': if cloning: # cloning the repo, just get the remote's HEAD version cmd = '%s ls-remote %s -h HEAD' % (git_path, remote) else: head_branch = get_head_branch(git_path, module, dest, remote, bare) cmd = '%s ls-remote %s -h refs/heads/%s' % (git_path, remote, head_branch) elif is_remote_branch(git_path, module, dest, remote, version): cmd = '%s ls-remote %s -h refs/heads/%s' % (git_path, remote, version) elif is_remote_tag(git_path, module, dest, remote, version): cmd = '%s ls-remote %s -t refs/tags/%s' % (git_path, remote, version) else: # appears to be a sha1. return as-is since it appears # cannot check for a specific sha1 on remote return version (rc, out, err) = module.run_command(cmd, check_rc=True) if len(out) < 1: module.fail_json(msg="Could not determine remote revision for %s" % version) rev = out.split()[0] return rev def is_remote_tag(git_path, module, dest, remote, version): cmd = '%s ls-remote %s -t refs/tags/%s' % (git_path, remote, version) (rc, out, err) = module.run_command(cmd, check_rc=True) if version in out: return True else: return False def get_branches(git_path, module, dest): os.chdir(dest) branches = [] cmd = '%s branch -a' % (git_path,) (rc, out, err) = module.run_command(cmd) if rc != 0: module.fail_json(msg="Could not determine branch data - received %s" % out) for line in out.split('\n'): branches.append(line.strip()) return branches def is_remote_branch(git_path, module, dest, remote, version): cmd = '%s ls-remote %s -h refs/heads/%s' % (git_path, remote, version) (rc, out, err) = module.run_command(cmd, check_rc=True) if version in out: return True else: return False def is_local_branch(git_path, module, dest, branch): branches = get_branches(git_path, module, dest) lbranch = '%s' % branch if lbranch in branches: return True elif '* %s' % branch in branches: return True else: return False def is_not_a_branch(git_path, module, dest): branches = get_branches(git_path, module, dest) for b in branches: if b.startswith('* ') and 'no branch' in b: return True return False def get_head_branch(git_path, module, dest, remote, bare=False): ''' Determine what branch HEAD is associated with. This is partly taken from lib/ansible/utils/__init__.py. It finds the correct path to .git/HEAD and reads from that file the branch that HEAD is associated with. In the case of a detached HEAD, this will look up the branch in .git/refs/remotes/<remote>/HEAD. ''' if bare: repo_path = dest else: repo_path = os.path.join(dest, '.git') # Check if the .git is a file. If it is a file, it means that we are in a submodule structure. if os.path.isfile(repo_path): try: gitdir = yaml.safe_load(open(repo_path)).get('gitdir') # There is a posibility the .git file to have an absolute path. if os.path.isabs(gitdir): repo_path = gitdir else: repo_path = os.path.join(repo_path.split('.git')[0], gitdir) except (IOError, AttributeError): return '' # Read .git/HEAD for the name of the branch. # If we're in a detached HEAD state, look up the branch associated with # the remote HEAD in .git/refs/remotes/<remote>/HEAD f = open(os.path.join(repo_path, "HEAD")) if is_not_a_branch(git_path, module, dest): f.close() f = open(os.path.join(repo_path, 'refs', 'remotes', remote, 'HEAD')) branch = f.readline().split('/')[-1].rstrip("\n") f.close() return branch def fetch(git_path, module, repo, dest, version, remote, bare): ''' updates repo from remote sources ''' os.chdir(dest) if bare: (rc, out1, err1) = module.run_command([git_path, 'fetch', remote, '+refs/heads/*:refs/heads/*']) else: (rc, out1, err1) = module.run_command("%s fetch %s" % (git_path, remote)) if rc != 0: module.fail_json(msg="Failed to download remote objects and refs") if bare: (rc, out2, err2) = module.run_command([git_path, 'fetch', remote, '+refs/tags/*:refs/tags/*']) else: (rc, out2, err2) = module.run_command("%s fetch --tags %s" % (git_path, remote)) if rc != 0: module.fail_json(msg="Failed to download remote objects and refs") (rc, out3, err3) = submodule_update(git_path, module, dest) return (rc, out1 + out2 + out3, err1 + err2 + err3) def submodule_update(git_path, module, dest): ''' init and update any submodules ''' os.chdir(dest) # skip submodule commands if .gitmodules is not present if not os.path.exists(os.path.join(dest, '.gitmodules')): return (0, '', '') cmd = [ git_path, 'submodule', 'sync' ] (rc, out, err) = module.run_command(cmd, check_rc=True) cmd = [ git_path, 'submodule', 'update', '--init', '--recursive' ] (rc, out, err) = module.run_command(cmd) if rc != 0: module.fail_json(msg="Failed to init/update submodules") return (rc, out, err) def switch_version(git_path, module, dest, remote, version): ''' once pulled, switch to a particular SHA, tag, or branch ''' os.chdir(dest) cmd = '' if version != 'HEAD': if is_remote_branch(git_path, module, dest, remote, version): if not is_local_branch(git_path, module, dest, version): cmd = "%s checkout --track -b %s %s/%s" % (git_path, version, remote, version) else: (rc, out, err) = module.run_command("%s checkout --force %s" % (git_path, version)) if rc != 0: module.fail_json(msg="Failed to checkout branch %s" % version) cmd = "%s reset --hard %s/%s" % (git_path, remote, version) else: cmd = "%s checkout --force %s" % (git_path, version) else: branch = get_head_branch(git_path, module, dest, remote) (rc, out, err) = module.run_command("%s checkout --force %s" % (git_path, branch)) if rc != 0: module.fail_json(msg="Failed to checkout branch %s" % branch) cmd = "%s reset --hard %s" % (git_path, remote) (rc, out1, err1) = module.run_command(cmd) if rc != 0: if version != 'HEAD': module.fail_json(msg="Failed to checkout %s" % (version)) else: module.fail_json(msg="Failed to checkout branch %s" % (branch)) (rc, out2, err2) = submodule_update(git_path, module, dest) return (rc, out1 + out2, err1 + err2) # =========================================== def main(): module = AnsibleModule( argument_spec = dict( dest=dict(required=True), repo=dict(required=True, aliases=['name']), version=dict(default='HEAD'), remote=dict(default='origin'), reference=dict(default=None), force=dict(default='yes', type='bool'), depth=dict(default=None, type='int'), update=dict(default='yes', type='bool'), executable=dict(default=None), bare=dict(default='no', type='bool'), ), supports_check_mode=True ) dest = os.path.abspath(os.path.expanduser(module.params['dest'])) repo = module.params['repo'] version = module.params['version'] remote = module.params['remote'] force = module.params['force'] depth = module.params['depth'] update = module.params['update'] bare = module.params['bare'] reference = module.params['reference'] git_path = module.params['executable'] or module.get_bin_path('git', True) if bare: gitconfig = os.path.join(dest, 'config') else: gitconfig = os.path.join(dest, '.git', 'config') rc, out, err, status = (0, None, None, None) # if there is no git configuration, do a clone operation # else pull and switch the version before = None local_mods = False if not os.path.exists(gitconfig): if module.check_mode: remote_head = get_remote_head(git_path, module, dest, version, repo, bare) module.exit_json(changed=True, before=before, after=remote_head) clone(git_path, module, repo, dest, remote, depth, version, bare, reference) elif not update: # Just return having found a repo already in the dest path # this does no checking that the repo is the actual repo # requested. before = get_version(git_path, dest) module.exit_json(changed=False, before=before, after=before) else: # else do a pull local_mods = has_local_mods(git_path, dest, bare) before = get_version(git_path, dest) if local_mods: # failure should happen regardless of check mode if not force: module.fail_json(msg="Local modifications exist in repository (force=no).") # if force and in non-check mode, do a reset if not module.check_mode: reset(git_path, module, dest) # exit if already at desired sha version remote_head = get_remote_head(git_path, module, dest, version, remote, bare) if before == remote_head: if local_mods: module.exit_json(changed=True, before=before, after=remote_head, msg="Local modifications exist") else: module.exit_json(changed=False, before=before, after=remote_head) if module.check_mode: module.exit_json(changed=True, before=before, after=remote_head) fetch(git_path, module, repo, dest, version, remote, bare) # switch to version specified regardless of whether # we cloned or pulled if not bare: switch_version(git_path, module, dest, remote, version) # determine if we changed anything after = get_version(git_path, dest) changed = False if before != after or local_mods: changed = True module.exit_json(changed=changed, before=before, after=after) # include magic from lib/ansible/module_common.py #<<INCLUDE_ANSIBLE_MODULE_COMMON>> main()