{"id":20839169,"url":"https://github.com/timoa/cdkit.ansible","last_synced_at":"2025-05-08T21:35:19.755Z","repository":{"id":38185473,"uuid":"137520804","full_name":"timoa/cdkit.ansible","owner":"timoa","description":"Ansible Roles and Playbooks to manage Mac CI/CD agents installation \u0026 updates","archived":false,"fork":false,"pushed_at":"2024-09-17T18:31:30.000Z","size":174,"stargazers_count":5,"open_issues_count":11,"forks_count":0,"subscribers_count":3,"default_branch":"develop","last_synced_at":"2024-09-17T22:59:54.180Z","etag":null,"topics":["ansible","gocd","gocd-agent","gocd-server","linux","macos","managed-by-terraform"],"latest_commit_sha":null,"homepage":"https://cdkit.org","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/timoa.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-06-15T18:38:10.000Z","updated_at":"2024-08-14T22:01:23.000Z","dependencies_parsed_at":"2023-10-03T09:46:56.938Z","dependency_job_id":"ab60977b-efaf-4bff-8d47-5124d374466d","html_url":"https://github.com/timoa/cdkit.ansible","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/timoa%2Fcdkit.ansible","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/timoa%2Fcdkit.ansible/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/timoa%2Fcdkit.ansible/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/timoa%2Fcdkit.ansible/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/timoa","download_url":"https://codeload.github.com/timoa/cdkit.ansible/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225110511,"owners_count":17422412,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","gocd","gocd-agent","gocd-server","linux","macos","managed-by-terraform"],"created_at":"2024-11-18T01:12:33.867Z","updated_at":"2024-11-18T01:12:34.354Z","avatar_url":"https://github.com/timoa.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# [CDKit](https://github.com/timoa/cdkit): Ansible\n\n*[CDKit](https://github.com/timoa/cdkit) is a DevOps framework that helps to deploy mobile apps (iOS and Android) to the app stores (iTunes and Google Play).*\n\n## Getting started\n\n[Ansible](https://www.ansible.com/) is a configuration manager that let you run scripts (playbooks) on a small to large number of computers.\n\nIt's agentless and needs only a SSH connexion to the computers you want to update.\n\nWe will use Ansible to install and maintain the Android SDK, Java 8, Fastlane, SonarQube scanner, ImageMagick, etc. on the Go.CD agents\n\n## Prerequisites\n\nBefore you start, you need to have followed the steps to install the Go.CD server and agent(s)\n\n## Server\n\n### Install Ansible\n\n#### Linux\n\nPlease refer to this page to [install Ansible for your Linux distribution](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-the-control-machine)\n\n#### macOS\n\nIf you installed previously Homebrew, let's use it to install Ansible with this command:\n\n```bash\nbrew install ansible\n```\n\n### Configure Ansible\n\n#### Checkout this repo\n\nAfter you installed Ansible, you need to checkout this repository to the folder `/opt/ansible` (both Linux or macOS):\n\n```bash\n[sudo] mkdir /opt/ansible\ngit clone git@github.com:timoa/cdkit.ansible.git /opt/ansible\n```\n\n#### Configure your hosts\n\nIn case of the `hosts` file has not been packaged with your Ansible installation, you can use the template in this GIT repository or the folder `/opt/ansible/hosts`.\n\n```bash\n[sudo] cp /opt/ansible/hosts /etc/ansible/hosts\n```\n\n#### Create your Vault\n\nTo save securely your hosts credentials or any other sensitive information (API Keys, etc.), we will use an Ansible Vault.\n\nTo create one for the agents, just type this command:\n\n```bash\nansible-vault create /opt/ansible/vault_agents\n```\n\n```bash\nansible_become_pass: {agents user password}\nappc_username: {Appcelerator/Axway username (email address)}\nappc_password: {Appcelerator/Axway password}\nappc_org: {Appcelerator/Axway organisation ID}\n```\n\nYou can also create one for the GoCD server to apply automatic updates (set the same Vault password):\n\n```bash\nansible-vault create /opt/ansible/vault_gocd\n```\n\n```bash\nansible_become_pass: {gocd server user password}\n```\n\nFinally, we need to create a text file that will allow Ansible to programmatically open the Vault (ignored by Git)\n\n```bash\nvi /opt/ansible/.vaultpasswordfile\n```\n\n```bash\nmysupersecurepassword\n```\n\n#### Edit the Ansible configuration file\n\nNow, your need to open the `ansible.cfg` file to let Ansible knwo that we use a different location for our playbook, roles, etc.\n\n```bash\n[sudo] vi /etc/ansible/ansible.cfg\n```\n\n##### Roles\n\nChange the roles path to `/opt/ansible/roles`:\n\n```bash\n[...]\nroles_path    = /opt/ansible/roles\n[...]\n```\n\n##### Vault password file\n\nUncomment `vault_password_file` and add the `/opt/ansible/.vaultpasswordfile` path.\n\n```bash\n[...]\nvault_password_file = /opt/ansible/.vaultpasswordfile\n[...]\n```\n\n##### Hosts in GIT (optional)\n\nIf you want to keep the management of your hosts under a GIT repository, I will suggest that you fork this repository and change this line under your `/etc/ansible/ansible.cfg` file:\n\n```bash\n[...]\ninventory      = /opt/ansible/hosts\n[...]\n```\n\n\u003e If you don't fork this GIT repository and make any changes on the `hosts` file, these changes will be replace by a newer version the next time you update the project with the `git pull` command in the `/opt/ansible` folder!\n\n#### Test the connectivity to your hosts\n\nTo test if everything is ok, you can `ping` your hosts.\n\n```bash\nansible all -m ping\n```\n\nOutput:\n\n```bash\ngocd | SUCCESS =\u003e {\n    \"changed\": false,\n    \"ping\": \"pong\"\n}\nagent01 | SUCCESS =\u003e {\n    \"changed\": false,\n    \"ping\": \"pong\"\n}\nagent02 | SUCCESS =\u003e {\n    \"changed\": false,\n    \"ping\": \"pong\"\n}\nagent03 | SUCCESS =\u003e {\n    \"changed\": false,\n    \"ping\": \"pong\"\n}\n```\n\n#### Install the Ansible Playbook Roles\n\n\u003e The Xcode role DOESN'T download or update Xcode.\n\u003e You need to download and store the XPI file on a network drive (NFS, SMB, etc.)\n\u003e or temporary folder before running the following command.\n\nThe following command install all the necessary Ansible Roles from Galaxy:\n\n```bash\nansible-galaxy install -r /opt/ansible/requirements.yml\n```\n\n## Go.CD Agent(s)\n\n### Install Homebrew\n\n[Homebrew](https://brew.sh/) is the \"The missing package manager for macOS\" and it will helps to install some software automatically.\n\nYou need to run this command in a terminal on each of your Go.CD agents:\n\n```bash\n/usr/bin/ruby -e \"$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)\"\n```\n\n## Run the playbooks (from the server)\n\n### Run them manually\n\n#### Homebrew\n\n```bash\nansible-playbook /opt/ansible/playbooks/homebrew.yml\n```\n\n#### Android SDK\n\n##### Android SDK with API from 21 to 28\n\n```bash\nansible-playbook /opt/ansible/playbooks/android/sdkInstall.yml\n```\n\n##### Android SDK emulators (optional)\n\n```bash\nansible-playbook /opt/ansible/playbooks/android/emulatorsInstall.yml\n```\n\n#### Node.js (via nvm)\n\n```bash\nansible-playbook /opt/ansible/playbooks/nvm.yml\n```\n\n#### Titanium SDK\n\n```bash\nansible-playbook /opt/ansible/playbooks/titanium/sdkInstall.yml\n```\n\n#### Appium (for UI Automation)\n\n```bash\nansible-playbook /opt/ansible/playbooks/appium.yml\n```\n\n#### macOS Software Updates\n\n```bash\nansible-playbook /opt/ansible/playbooks/macos.yml\n```\n\n#### Automate the run with CRON\n\nIdeally, you Ansible playbooks need to be run automatically and nothing is simplier than a CRON job for that!\n\nUpdate the `crontab.txt` file to fill your own time preferences and run this command:\n\n```bash\ncrontab /opt/ansible/crontab.txt\n```\n\nContent of the `crontab.txt`:\n\n```bash\n# Ansible - Update Homebrew packages on all agents every day at 1:00 AM\n0 1 * * * echo -e \" \\n #################$(date)################# \\n\" \u003e\u003e /opt/ansible/logs/homebrew.log ; ansible-playbook /opt/ansible/playbooks/homebrew.yml \u003e\u003e /opt/ansible/logs/homebrew.log\n\n# Ansible - Update Android SDK packages on all agents every day at 2:00 AM\n0 2 * * * echo -e \" \\n #################$(date)################# \\n\" \u003e\u003e /opt/ansible/logs/androidSdkUpdate.log ; ansible-playbook /opt/ansible/playbooks/android/sdkUpdate.yml \u003e\u003e /opt/ansible/logs/androidSdkUpdate.log\n\n# Ansible - Update Titanium SDK packages on all agents every day at 3:00 AM\n0 3 * * * echo -e \" \\n #################$(date)################# \\n\" \u003e\u003e /opt/ansible/logs/titaniumSdkUpdate.log ; ansible-playbook /opt/ansible/playbooks/titanium/sdkUpdate.yml \u003e\u003e /opt/ansible/logs/titaniumSdkUpdate.log\n\n# Ansible - Update Appium package on all agents every Monday at 3:15 AM\n15 3 * * MON echo -e \" \\n #################$(date)################# \\n\" \u003e\u003e /opt/ansible/logs/appium.log ; ansible-playbook /opt/ansible/playbooks/appium.yml \u003e\u003e /opt/ansible/logs/appium.log\n\n# Ansible - Apply macOS Software updates on all agents every day at 3:30 AM\n30 3 * * * echo -e \" \\n #################$(date)################# \\n\" \u003e\u003e /opt/ansible/logs/macos.log ; ansible-playbook /opt/ansible/playbooks/macos.yml \u003e\u003e /opt/ansible/logs/macos.log\n\n# Ansible - Reboot all agents every day at 5:00 AM\n00 5 * * * echo -e \" \\n #################$(date)################# \\n\" \u003e\u003e /opt/ansible/logs/reboot.log ; ansible-playbook /opt/ansible/playbooks/reboot.yml \u003e\u003e /opt/ansible/logs/reboot.log\n```\n\n## TODO\n\n* Add instructions for the XCode install\n* Add the Terminal app into the macOS Accessibility permission (to launch XCode Organiser)\n* Prevent the macOS apps to reopen after a reboot\n* Create a script for the XCode update that remove the current version\n* Create an Ansible playbook to install/update Genymotion + default VMs\n* Create an Ansible playbook to install/update the Go.CD agent software\n* Create an Ansible playbook to install/update the Go.CD server software\n* Create an Ansible playbook to install/update a your Mac with the same settings as the agents\n* Create an Ansible role instead of multiple playbooks + a playbook that will configure what we want ot install/configure\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftimoa%2Fcdkit.ansible","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftimoa%2Fcdkit.ansible","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftimoa%2Fcdkit.ansible/lists"}