Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prefer ansible.builtin.include_role to a roles block #226

Merged
merged 5 commits into from
May 22, 2023
Merged
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 16 additions & 6 deletions src/aws.yml
Original file line number Diff line number Diff line change
@@ -3,11 +3,21 @@
name: AWS-specific roles
become: yes
become_method: sudo
roles:
- amazon_efs_utils
- amazon_ssm_agent
- chrony_aws
- cloudwatch_agent
tasks:
- name: Install Amazon EFS utilities
ansible.builtin.include_role:
name: amazon_efs_utils
- name: Install Amazon SSM Agent
ansible.builtin.include_role:
name: amazon_ssm_agent
- name: Install chrony and configure it for use within AWS
ansible.builtin.include_role:
name: chrony_aws
- name: Install and configure Amazon CloudWatch Agent
ansible.builtin.include_role:
name: cloudwatch_agent
# The instance types used for almost all the instances expose EBS
# volumes as NVMe block devices, so that's why we need nvme here.
- nvme
- name: Install prerequisites for working with NVMe block devices
ansible.builtin.include_role:
name: nvme
22 changes: 16 additions & 6 deletions src/base.yml
Original file line number Diff line number Diff line change
@@ -3,9 +3,19 @@
name: Setup base image
become: yes
become_method: sudo
roles:
- automated_security_updates
- banner
- clamav
- htop
- persist_journald
tasks:
- name: Install and configure automated security updates
ansible.builtin.include_role:
name: automated_security_updates
- name: Install and configure login banner
ansible.builtin.include_role:
name: banner
- name: Install and configure ClamAV
ansible.builtin.include_role:
name: clamav
- name: Install and configure htop
ansible.builtin.include_role:
name: htop
- name: Configure JournalD to preserve logs across reboots
ansible.builtin.include_role:
name: persist_journald
6 changes: 4 additions & 2 deletions src/example.yml
Original file line number Diff line number Diff line change
@@ -3,5 +3,7 @@
name: Project-specific roles
become: yes
become_method: sudo
roles:
- example
tasks:
- name: Install cisagov/example
mcdonnnj marked this conversation as resolved.
Show resolved Hide resolved
ansible.builtin.include_role:
name: example
14 changes: 10 additions & 4 deletions src/python.yml
Original file line number Diff line number Diff line change
@@ -3,7 +3,13 @@
name: Install pip3/python3 and remove pip2/python2
become: yes
become_method: sudo
roles:
- pip
- python
- remove_python2
tasks:
- name: Install pip3
ansible.builtin.include_role:
name: pip
- name: Install Python 3
ansible.builtin.include_role:
name: python
mcdonnnj marked this conversation as resolved.
Show resolved Hide resolved
- name: Uninstall Python 2
ansible.builtin.include_role:
name: remove_python2
60 changes: 30 additions & 30 deletions src/requirements.yml
Original file line number Diff line number Diff line change
@@ -1,31 +1,31 @@
---
- src: https://github.com/cisagov/ansible-role-amazon-efs-utils
name: amazon_efs_utils
- src: https://github.com/cisagov/ansible-role-amazon-ssm-agent
name: amazon_ssm_agent
- src: https://github.com/cisagov/ansible-role-automated-security-updates
name: automated_security_updates
- src: https://github.com/cisagov/ansible-role-banner
name: banner
- src: https://github.com/cisagov/ansible-role-chrony-aws
name: chrony_aws
- src: https://github.com/cisagov/ansible-role-clamav
name: clamav
- src: https://github.com/cisagov/ansible-role-cloudwatch-agent
name: cloudwatch_agent
- src: https://github.com/cisagov/skeleton-ansible-role
name: example
- src: https://github.com/cisagov/ansible-role-htop
name: htop
- src: https://github.com/cisagov/ansible-role-nvme
name: nvme
- src: https://github.com/cisagov/ansible-role-persist-journald
name: persist_journald
- src: https://github.com/cisagov/ansible-role-pip
name: pip
- src: https://github.com/cisagov/ansible-role-python
name: python
- src: https://github.com/cisagov/ansible-role-remove-python2
name: remove_python2
- src: https://github.com/cisagov/ansible-role-upgrade
name: upgrade
- name: amazon_efs_utils
src: https://github.com/cisagov/ansible-role-amazon-efs-utils
- name: amazon_ssm_agent
src: https://github.com/cisagov/ansible-role-amazon-ssm-agent
- name: automated_security_updates
src: https://github.com/cisagov/ansible-role-automated-security-updates
- name: banner
src: https://github.com/cisagov/ansible-role-banner
- name: chrony_aws
src: https://github.com/cisagov/ansible-role-chrony-aws
- name: clamav
src: https://github.com/cisagov/ansible-role-clamav
- name: cloudwatch_agent
src: https://github.com/cisagov/ansible-role-cloudwatch-agent
- name: example
src: https://github.com/cisagov/skeleton-ansible-role
- name: htop
src: https://github.com/cisagov/ansible-role-htop
- name: nvme
src: https://github.com/cisagov/ansible-role-nvme
- name: persist_journald
src: https://github.com/cisagov/ansible-role-persist-journald
- name: pip
src: https://github.com/cisagov/ansible-role-pip
- name: python
src: https://github.com/cisagov/ansible-role-python
- name: remove_python2
src: https://github.com/cisagov/ansible-role-remove-python2
- name: upgrade
src: https://github.com/cisagov/ansible-role-upgrade
6 changes: 4 additions & 2 deletions src/upgrade.yml
Original file line number Diff line number Diff line change
@@ -3,5 +3,7 @@
name: Upgrade base image
become: yes
become_method: sudo
roles:
- upgrade
tasks:
- name: Upgrade all packages
ansible.builtin.include_role:
name: upgrade