From a7d197973fa4c4d00c9c1b57a85d2344a63d5a40 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Thu, 14 Jan 2021 21:57:00 +0200
Subject: [PATCH] Toolbox role and playbook.
Install Podman and Toolbox.
---
roles/toolbox/README.md | 17 +++++++++++
roles/toolbox/tasks/main.yml | 55 ++++++++++++++++++++++++++++++++++++
roles/toolbox/vars/main.yml | 15 ++++++++++
toolbox.yaml | 8 ++++++
4 files changed, 95 insertions(+)
create mode 100644 roles/toolbox/README.md
create mode 100644 roles/toolbox/tasks/main.yml
create mode 100644 roles/toolbox/vars/main.yml
create mode 100644 toolbox.yaml
diff --git a/roles/toolbox/README.md b/roles/toolbox/README.md
new file mode 100644
index 0000000..aa50307
--- /dev/null
+++ b/roles/toolbox/README.md
@@ -0,0 +1,17 @@
+# Toolbox
+
+Install Podman and Toolbox.
+
+## Supported distros
+
+- Debian Buster
+- Debian Bullseye
+- Debian Sid
+- Ubuntu Bionic
+- Ubuntu Focal
+- ElementaryOS Hera
+- ElementaryOS Odin
+
+Debian Bullseye and Sid have Podman in the Debian repos, the rest don't so the
+Kubic repos are used. Toolbox isn't packaged yet, so
+[toolbox-build](https://git.shore.co.il/shore/toolbox-build) is used.
diff --git a/roles/toolbox/tasks/main.yml b/roles/toolbox/tasks/main.yml
new file mode 100644
index 0000000..5104f2d
--- /dev/null
+++ b/roles/toolbox/tasks/main.yml
@@ -0,0 +1,55 @@
+---
+- name: Install Podman from the Kubic repository
+ # yamllint disable-line rule:line-length
+ when: ansible_distribution_release is in ["buster", "bionic", "focal", "hera", "odin"]
+ block:
+ - name: Assertions
+ assert:
+ that:
+ - toolbox_podman_repo_base_url is defined
+
+ - name: APT install prerequisites
+ apt:
+ cache_valid_time: 3600
+ name:
+ - apt-transport-https
+ state: present
+ update_cache: true
+
+ - name: Add the Podman repo key
+ apt_key:
+ state: present
+ url: |-
+ {{ toolbox_podman_repo_base_url }}/Release.key
+
+ - name: Add the Podman repo
+ apt_repository:
+ repo: |-
+ deb {{ toolbox_podman_repo_base_url }} /
+ state: present
+ update_cache: true
+
+ - name: Install newer libseccomp2 from the backports repository
+ when: ansible_distribution_release == "buster"
+ apt:
+ cache_valid_time: 3600
+ default_release: buster-backports
+ name:
+ - libseccomp2
+ state: present
+ update_cache: true
+
+- name: APT install Podman
+ apt:
+ cache_valid_time: 3600
+ name:
+ - podman
+ state: present
+ update_cache: true
+
+- name: Install Toolbox
+ unarchive:
+ dest: /
+ remote_src: true
+ # yamllint disable-line rule:line-length
+ src: https://git.shore.co.il/shore/toolbox-build/-/jobs/artifacts/master/raw/toolbox.tar.gz?job=build
diff --git a/roles/toolbox/vars/main.yml b/roles/toolbox/vars/main.yml
new file mode 100644
index 0000000..a1257de
--- /dev/null
+++ b/roles/toolbox/vars/main.yml
@@ -0,0 +1,15 @@
+---
+# Hera and Odin are ElementaryOS releases based on Ubuntu Bionic and Focal
+# respectively.
+toolbox_podman_repo_base_url_mapping:
+ # yamllint disable-line rule:line-length
+ bionic: &bionic https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_18.04/
+ # yamllint disable-line rule:line-length
+ buster: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/Debian_10/
+ # yamllint disable-line rule:line-length
+ focal: &focal https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/
+ hera: *bionic
+ odin: *focal
+
+toolbox_podman_repo_base_url: |-
+ {{ toolbox_podman_repo_base_url_mapping[ansible_distribution_release] }}
diff --git a/toolbox.yaml b/toolbox.yaml
new file mode 100644
index 0000000..933c425
--- /dev/null
+++ b/toolbox.yaml
@@ -0,0 +1,8 @@
+---
+- hosts:
+ - ns4
+ - localhost
+ roles:
+ - toolbox
+ become: true
+ become_user: root
--
GitLab