roles/get_artifacts/tasks/binary.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244

---
##
# Handle different get_artifacts types
##
- name: value change for coherency
  set_fact:
    config: >-
      {{ config|combine({'get_artifacts': [] }) }}
  when: config.get_artifacts is not defined
- name: value change for coherency
  set_fact:
    config: >-
      {{ config|combine({'get_artifacts':
            [{ 'name': config.get_artifacts }] }) }}
  when: config.get_artifacts is string

- debug:
    var: config
    verbosity: 3
##
# Prepare a folder for
##

- name: set previous_artifacts_folder
  file:
    path: "{{ item }}"
    state: directory
  loop:
    - "{{ previous_artifacts_folder }}"
    - "{{ final_artifacts_folder }}"

- name: create dest folders for the jobs artifacts
  file:
    path: "{{ previous_artifacts_folder }}/{{ item.name }}"
    state: directory
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ item.name }}"

##
# Get all artifacts job ids
##
- name: loop on get_artifacts
  include_tasks: get_one_artifact.yml
  vars:
    artifact_job_name: "{{ item.name }}"
    artifact_in_pipeline: "{{ item.in_pipeline | default(true) }}"
  when: not (item.static_src | default(false))
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ artifact_job_name }}"

- name: download all job artifacts
  uri:
    url: >-
      {{ gitlab.api_url }}/projects/{{ lookup('env', 'CI_PROJECT_ID')
      }}/jobs/{{ artifact_job_ids[idx] }}/artifacts
    headers:
      PRIVATE-TOKEN: "{{ gitlab.private_token }}"
    status_code: 200
    dest: >-
      {{ previous_artifacts_folder }}/{{ item.name }}/artifacts.zip
  when: not (item.static_src | default(false))
  loop: "{{ config.get_artifacts }}"
  loop_control:
    index_var: idx
    label: "{{ item.name }}"

- name: download all static artifacts on public projects
  uri:
    url: >-
      {{ config.url }}/raw/{{ config.branch }}/{{
      config.path | default('') }}/config/artifacts/{{
      item.name }}.zip?inline=false
    status_code: 200
    dest: >-
      {{ previous_artifacts_folder }}/{{ item.name }}/artifacts.zip
  when: (item.static_src | default(false)) and (config.api is not defined)
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ item.name }}"

- name: download all static artifacts using api
  uri:
    url: >-
      {{ config.api }}/repository/files/{{
      [config.path | default('') , 'config/artifacts'] |
      filepath(item.name, '.zip')
      }}/raw?ref={{ config.branch }}
    headers:
      PRIVATE-TOKEN: "{{ gitlab.private_token }}"
    status_code: 200
    dest: >-
      {{ previous_artifacts_folder }}/{{ item.name }}/artifacts.zip
  when: (item.static_src | default(false)) and (config.api is defined)
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ item.name }}"

- name: unarchive all artifacts
  unarchive:
    src: "{{ previous_artifacts_folder }}/{{ item.name }}/artifacts.zip"
    dest: "{{ previous_artifacts_folder }}/{{ item.name }}/"
    remote_src: "yes"
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ item.name }}"

- name: remove all artifacts archives
  file:
    path: "{{ previous_artifacts_folder }}/{{ item.name }}/artifacts.zip"
    state: absent
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ item.name }}"

- name: create artifacts folders
  file:
    path: "{{ final_artifacts_folder }}/{{ item }}"
    state: directory
    recurse: true
    mode: 0775
  when: item[-1] == '/'
  with_items: "{{ vars['.artifacts_root'].paths }}"

- name: copy all files if no filters
  copy:
    decrypt: false
    src: "{{ previous_artifacts_folder }}/{{ item.name }}/"
    dest: "{{ final_artifacts_folder }}/"
  when: item.limit_to is not defined or item.limit_to == None
  loop: "{{ config.get_artifacts }}"
  loop_control:
    label: "{{ item.name }}"

- name: copy filtered files if filters
  include_tasks: limit_to.yml
  when: item.limit_to is defined
  loop: "{{ config.get_artifacts }}"
  vars:
    job_name: "{{ item.name }}"
    limit_to: "{{ item.limit_to }}"
  loop_control:
    label: "{{ item.name }}"

##
# get list of files to archive
##
- name: get list of files to encrypt
  find:
    paths: "{{ final_artifacts_folder }}"
    recurse: true
  register: artifacts_files

- name: set file list
  set_fact:
    files_list: "{{ artifacts_files.files | map(attribute='path')| list }}"

##
# If we encode file via ansible vault
##
- name: encrypt files
  shell: >
    ansible-vault encrypt --vault-password-file {{
    lookup( 'env', 'VAULT_FILE') }} {{ item }}
  register: res
  loop: "{{ files_list }}"
  failed_when:
    res.rc == 1 and res.stderr != "ERROR! input is already encrypted"
  when:
    config.get_encrypt is defined and (config.get_encrypt | bool)


##
# Add ssh_gateways file if needed
##

- name: get config step parameters
  set_fact:
    config_step: >-
      {{ gitlab.git_projects[
           hostvars[inventory_hostname].scenario_steps['config'].project] |
         combine(hostvars[inventory_hostname].scenario_steps['config']) }}

- name: get ssh gateways config
  uri:
    url: >-
      {{ config_step.api }}/repository/files/{{
      [config_step.path | default(''), 'config/ssh_gateways'] |
      filepath(config.ssh_access)
      }}?ref={{ config_step.branch }}
    headers:
      PRIVATE-TOKEN: "{{ gitlab.private_token }}"
    status_code: 200
    return_content: yes
  register: ssh_gw_get
  when: config.ssh_access is defined

- name: save ssh gateways config
  copy:
    content: "{{ ssh_gw_get.json.content | b64decode }}"
    dest: "{{ final_artifacts_folder }}/vars/ssh_gateways.yml"
    force: true
    mode: 0660
  when: config.ssh_access is defined

##
# get list of files and folders to archive
##
- name: set file list
  set_fact:
    arch_files:
      "{{ (arch_files | default([])) +
          [ final_artifacts_folder + '/' + item ] }}"
  loop: "{{ vars['.artifacts_root'].paths }}"

- name: Prepare artifact archive for binary transmission
  archive:
    path: "{{ arch_files }}"
    dest: "{{ playbook_dir }}/artifacts.zip"
    format: zip

##
# Set the artifact to send
##
- name: "Prepare artifact archive for binary transmission"
  slurp:
    src: artifacts.zip
  register: slurped_artifact

- name: Add artifacts bin if requested
  set_fact:
    artifacts_bin: "{{ slurped_artifact.content }}"

##
# Clean
##
- name: delete temporary folders
  file:
    path: "{{ item }}"
    state: absent
  loop:
    - "{{ previous_artifacts_folder }}"
    - "{{ final_artifacts_folder }}"