Last active
March 14, 2022 20:29
-
-
Save mattvonrocketstein/6aa3fce86cb1d700dc52a6ada498d20c to your computer and use it in GitHub Desktop.
Various reusable make boilerplate and targets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A placeholder to name the Gist |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Base vars | |
| SRC_ROOT := . | |
| ANSIBLE_USER := ubuntu | |
| ANSIBLE_KEY := key.pem | |
| ANSIBLE_ROOT := ${SRC_ROOT}/ansible | |
| ANSIBLE_ROLES_PATH := ${ANSIBLE_ROOT}/roles | |
| ANSIBLE_CONFIG := ${ANSIBLE_ROOT}/ansible.cfg | |
| ANSIBLE_VARS_BASE := ${ANSIBLE_ROOT}/vars.yml | |
| ANSIBLE_VAULT_PASSWORD_FILE := ${ANSIBLE_ROOT}/.vault_password | |
| export ANSIBLE_ROOT ANSIBLE_CONFIG ANSIBLE_ROLES_PATH | |
| export ANSIBLE_VAULT_PASSWORD_FILE ANSIBLE_VARS_BASE | |
| # An implicit guard target, used by other targets to ensure | |
| # that environment variables are set before beginning tasks | |
| assert-%: | |
| @if [ "${${*}}" = "" ]; then \ | |
| echo "Environment variable $* not set"; \ | |
| exit 1; \ | |
| fi | |
| provision: assert-host assert-playbook | |
| ansible-playbook \ | |
| --user ${ANSIBLE_USER} \ | |
| --vault-password-file=${ANSIBLE_VAULT_PASSWORD_FILE} \ | |
| --private-key ${ANSIBLE_KEY} \ | |
| --inventory $$host, \ | |
| ${ANSIBLE_ROOT}/$$playbook.yml | |
| # Helpers for some lightweight encryption with ansible-vault | |
| # More info: https://docs.ansible.com/ansible/2.4/vault.html | |
| encrypt: assert-path | |
| ansible-vault encrypt \ | |
| --vault-password-file=$$ANSIBLE_VAULT_PASSWORD_FILE $$path | |
| decrypt: assert-path | |
| ansible-vault decrypt \ | |
| --vault-password-file=$$ANSIBLE_VAULT_PASSWORD_FILE $$path | |
| secret-%: | |
| ansible-vault encrypt_string $* \ | |
| --vault-password-file $$ANSIBLE_VAULT_PASSWORD_FILE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # File for base boilerplate, meta-targets, and useful but dependency-free little helpers | |
| # | |
| MAKEFLAGS += --warn-undefined-variables | |
| SHELL := bash | |
| .SHELLFLAGS := -eu -o pipefail -c | |
| # An implicit guard target, used by other targets to ensure | |
| # that environment variables are set before beginning tasks | |
| assert-%: | |
| @if [ "${${*}}" = "" ]; then \ | |
| echo "Environment variable $* not set"; \ | |
| exit 1; \ | |
| fi | |
| # `json-wrapper` target for use with pipes. example usage: | |
| # | |
| # $ terraform output -json | wrapper=terraform make json-wrap | |
| # | |
| json-wrap: assert-wrapper | |
| @python -c "import os, sys, json; print json.dumps({ os.environ['wrapper']: json.loads(sys.stdin.read())})" | |
| # `json-to-yaml` target for use with pipes. example usage: | |
| # | |
| # $ terraform output -json | make json-to-yaml | |
| # | |
| # NB: the `default_flow_style` argument in the call to | |
| # yaml.safe_dump is there to prevent inlining of lists. | |
| json-to-yaml: | |
| @python -c 'import sys, json, yaml; print yaml.safe_dump(json.loads(sys.stdin.read()), default_flow_style=False)' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment