-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathtask
executable file
·379 lines (314 loc) · 12.4 KB
/
task
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
#!/bin/bash
function help() {
echo
echo "$1 <command> [options]"
echo
echo "commands:"
echo
cmd_width=23
opt_width=22
desc_width=70
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "Command" "Option" "Description"
echo "|$(printf '%*s' $((cmd_width + 2)) '' | tr ' ' '-')|$(printf '%*s' $((opt_width + 2)) '' | tr ' ' '-')|$(printf '%*s' $((desc_width + 2)) '' | tr ' ' '-')|"
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "generate-vault-password" "[vault_id] [password]" "Generate a password file for Ansible vault."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "convert-vault-file" "[vault_id] [path]" "Re-encrypt vault file as single strings."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "show-vault-file" "[vault_id] [path]" "Show content of encrypted strings or fully encrypted vault file."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "encrypt-string" "[vault_id] [key:value] -q" "Generate encrypted string with Ansible Vault."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "install" "" "Install Ansible and dependencies with uv."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "install-exo" "" "Install Exoscale CLI."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "upgrade" "" "Upgrade Ansible and dependencies with uv."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "update-with-llm" "[path][prompt]" "Feed role files with prompt to LLM and apply file changes."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "lint" "" "Lint Ansible roles and playbooks."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "build-galaxy" "" "Create tarball of collection."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "publish-galaxy" "" "Publish tarball to Ansible Galaxy."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "install-node" "" "Install build dependencies."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "dev-node" "" "Start vuepress development server."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "build-node" "" "Create vuepress build."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "serve-node-build" "" "Serve vuepress build."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "list-hosts" "[path]" "Lists all hosts of an inventory."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "version" "" "Show tool versions."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "source" "" "Source the Python virtual env."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "test-localhost" "[clean]" "Deploy to localhost. Pass option 'clean' to clean up."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "test-scripts" "[clean]" "Install and test scripts."
printf "| %-${cmd_width}s | %-${opt_width}s | %-${desc_width}s |\n" "show-passwordless-sudo" "[username]" "Give instructions to setup passwordless sudo."
echo
}
# Set env vars
GIT_BRANCH=$(git symbolic-ref --short -q HEAD)
LLM_MODEL=${LLM_MODEL:="deepseek-coder"}
if [[ -a ".env" ]]; then
export $(cat .env | sed 's/^#.*//g' | xargs)
fi
# Ansible Vault commands
function generate-vault-password() {
if test -z "$1"; then echo "\$1 is empty"; exit; fi
if test -z "$2"; then echo "\$1 is empty"; exit; fi
export VAULT_ID=$1
export VAULTPASSWORD=$2
echo "$VAULTPASSWORD" > ".vault_pass_$VAULT_ID"
chmod 600 ".vault_pass_$VAULT_ID"
echo "Password file ".vault_pass_$VAULT_ID" created."
}
function encrypt-string() {
if test -z "$1"; then echo "\$1 is empty"; exit; fi
if test -z "$2"; then echo "\$2 is empty"; exit; fi
# Split multiline
STRING_KEY=$(echo "$2" | cut -d ':' -f 1)
STRING_VALUE=$(echo "$2" | cut -d ':' -f 2 | sed 's/^ *//')
if [ "$3" != "-q" ]; then
echo "Found key: $STRING_KEY"
echo "Encrypting value: $STRING_VALUE"
fi
ansible-vault encrypt_string --encrypt-vault-id="$1" --name "$STRING_KEY" "$STRING_VALUE"
}
function convert-vault-file() {
if test -z "$1"; then echo "\$1 is empty"; exit; fi
if test -z "$2"; then echo "\$2 is empty"; exit; fi
VAULT_ID=$1
FILE_PATH=$2
TEMP_FILE=$(mktemp)
# Decrypt the vault file
ansible-vault decrypt --output="$FILE_PATH" "$FILE_PATH"
# Process each key-value pair
yq eval '.' "$FILE_PATH" | while IFS= read -r LINE; do
KEY=$(echo "$LINE" | cut -d':' -f1)
VALUE=$(echo "$LINE" | cut -d':' -f2-)
VALUE=$(echo "$VALUE" | sed 's/^[[:space:]"]*//;s/[[:space:]"]*$//')
# Re-encrypt the key-value pair
ENCYRPTED=$(ansible-vault encrypt_string --encrypt-vault-id="$VAULT_ID" --name "$KEY" "$VALUE" 2>/dev/null)
echo "$ENCYRPTED" >> "$TEMP_FILE"
done
# Move temp file to vault file
mv "$TEMP_FILE" "$FILE_PATH"
echo "Converted file saved as $FILE_PATH"
}
show-vault-file() {
if test -z "$1"; then echo "\$1 is empty"; exit 1; fi
if test -z "$2"; then echo "\$2 is empty"; exit 1; fi
VAULT_ID="$1"
FILE_PATH="$2"
TEMP_FILE=$(mktemp)
TEMP_PART_FILE=$(mktemp)
if head -n 1 "$FILE_PATH" | grep -q "^\$ANSIBLE_VAULT;1.2;AES256;$VAULT_ID"; then
ansible-vault decrypt --output="$TEMP_FILE" "$FILE_PATH"
else
WRITE_FINISHED=false
while IFS= read -r LINE; do
if [[ "$LINE" =~ "!vault" ]]; then
if [ "$WRITE_FINISHED" ] && [ -s "$TEMP_PART_FILE" ]; then
ansible-vault decrypt "$TEMP_PART_FILE"
KEY=$(echo "$LINE" | cut -d':' -f1)
VALUE=$(cat "$TEMP_PART_FILE")
echo "$KEY: $VALUE" >> "$TEMP_FILE"
fi
: > "$TEMP_PART_FILE"
WRITE_FINISHED=true
else
if [ "$WRITE_FINISHED" ]; then
echo "$LINE" | sed 's/^[[:space:]"]*//;s/[[:space:]"]*$//' >> "$TEMP_PART_FILE"
fi
fi
done < "$FILE_PATH"
fi
batcat --paging=always "$TEMP_FILE"
rm -f "$TEMP_FILE"
rm -f "$TEMP_PART_FILE"
}
# Environment commands
function init-venv() {
if [ ! -d "venv$GIT_BRANCH" ]; then
echo "Init venv$GIT_BRANCH with $(uv --version)."
uv venv "venv$GIT_BRANCH"
fi
}
function activate-venv() {
echo "Source virtualenv venv$GIT_BRANCH."
source "venv$GIT_BRANCH/bin/activate"
}
function install() {
echo "Setup Ansible log file"
sudo touch /var/log/ansible.log
sudo chown $USER: /var/log/ansible.log
init-venv
activate-venv
echo "Install Ansible and Python dependencies"
uv pip install -r requirements.txt
ansible-galaxy collection install community.general
}
function install-exo() {
curl -fsSL https://raw.githubusercontent.com/exoscale/cli/master/install-latest.sh | sh
}
function version() {
activate-venv
uv --version
ansible --version
}
function show-passwordless-sudo() {
USER=${1:-"$USERNAME"}
echo "echo \"$USER ALL=(ALL) NOPASSWD: ALL\" >> /etc/sudoers"
}
# Ansible commands
function upgrade() {
echo "Update Ansible"
uv pip install --upgrade ansible
}
# Ansible Invenotry commands
function list-hosts() {
if test -z "$1"; then echo "\$1 is empty"; exit; fi
activate-venv
ansible -i $1 all --list-hosts
}
# Ansible Galaxy commands
function build-galaxy() {
activate-venv
VERSION=$(yq eval '.version' galaxy.yml)
NAMESPACE=$(yq eval '.namespace' galaxy.yml)
NAME=$(yq eval '.name' galaxy.yml)
ansible-galaxy collection build
mv $NAMESPACE-$NAME-$VERSION.tar.gz tmp/
}
function publish-galaxy() {
activate-venv
VERSION=$(yq eval '.version' galaxy.yml)
NAMESPACE=$(yq eval '.namespace' galaxy.yml)
NAME=$(yq eval '.name' galaxy.yml)
ansible-galaxy collection publish tmp/$NAMESPACE-$NAME-$VERSION.tar.gz --token "$GALAXY_API_TOKEN"
}
# Test commands
function test-localhost() {
activate-venv
version
if [ "$1" = "clean" ]; then
echo "Cleanup localhost"
ansible-playbook -i test plays/clean.yml -t "odoo,odoo_data,odoo_volume,\
postgres,postgres_data,postgres_volume,\
meilisearch,meilisearch_data,meilisearch_volume,\
pgadmin,pgadmin_data,pgadmin_volume,\
n8n,n8n_data,n8n_volume,\
nginx,nginx_data,nginx_volume,\
metabase,metabase_data,metabase_volume,\
prometheus,prometheus_data,prometheus_volume,\
grafana,grafana_data,grafana_volume,\
loki,loki_data,loki_volume,\
promtail,promtail_data,promatil_volume"
else
echo "Setup localhost"
ansible-playbook -i test plays/localhost.yml --skip-tags check
fi
}
function test-scripts() {
set -e
activate-venv
if [ "$1" = "clean" ]; then
echo "Cleanup localhost"
ansible localhost -m ansible.builtin.cron -a 'name="test" state="absent"'
else
echo "Install cron scripts"
sudo ./roles/cron/files/install
# Add cron job
ansible localhost -m ansible.builtin.cron -a 'name="test" minute="0" hour="*/6" job="echo \"test\""'
# List cron job and compare output
[[ "$(cron-job-list)" == "0 */6 * * * test" ]]
fi
}
# LLM Commands
function update-with-llm() {
if test -z "$1"; then
echo "\$1 is empty.";
exit 1;
fi
# Get files from path
FILES=$(find "$1" -type f \( -name "*.md" -o -name "*.yml" -o -name "*.yaml" -o -name "*.conf" -o -name "*.nginx" \))
echo -e "Loaded these files into prompt:\n\n$FILES\n"
# Prompt task description
if [ -z "$2" ]; then
read -p "Enter the task description: " TASK_DESCRIPTION
else
TASK_DESCRIPTION="$2"
fi
# Prepare the files content for prompt
FILE_CONTENTS=""
for FILE in $FILES; do
FILE_CONTENTS+="<<<$FILE>>>
$(cat "$FILE")
"
done
# Define prompt content
PROMPT_FILE="tmp/llm_update"
echo -e "\nWrite prompt to $PROMPT_FILE."
cat << EOF > "$PROMPT_FILE"
Look at the code files below and do the following:
$TASK_DESCRIPTION
Output all files that you need to change in full again, including your changes.
In the same format as I provide the files below. Under no circumstances output any other text,
no additional infos, no code formatting chars. Only the code in the given format.
Here are the files:
$FILE_CONTENTS
EOF
# Run the llm command
echo -e "Send prompt and wait for the response of the $LLM_MODEL LLM."
RESULT=$(cat "$PROMPT_FILE" | llm -m "$LLM_MODEL")
# Check if result is empty
if [ -z "$RESULT" ]; then
echo "No response from the model. Exiting."
exit 1
fi
# Save the result to a file
RESULT_FILE="tmp/llm_update_result"
echo "$RESULT" > "$RESULT_FILE"
echo -e "Saved response to $RESULT_FILE.\n"
# Show a preview of result file
less "$RESULT_FILE"
# Ask for confirmation before updating files
read -p "Do you want to apply these updates to the files? (y/n): " CONFIRM
if [[ ! "$CONFIRM" =~ ^[Yy]$ ]]; then
exit 0
fi
# Parse the response from the file and update the files directly
echo -e "Parsing the response and updating files...\n"
CURRENT_FILE=""
while IFS= read -r LINE; do
if [[ $LINE =~ ^"<<<"(.*)">>>" ]]; then
CURRENT_FILE="${BASH_REMATCH[1]}"
echo "Update file $CURRENT_FILE."
> "$CURRENT_FILE"
elif [[ -n $CURRENT_FILE ]]; then
echo "$LINE" >> "$CURRENT_FILE"
fi
done < "$RESULT_FILE"
}
if declare -f "$1" > /dev/null; then
"$1" "${@:2}"
else
case "$1" in
help)
help task
exit 1
;;
install-node)
npm install
;;
dev-node)
npm run dev
;;
build-node)
npm run build
;;
serve-node-build)
cd .vuepress/dist
npx serve
;;
lint)
activate-venv
ansible-lint --write --offline roles/*
;;
source)
activate-venv
;;
*)
echo "Unknown command: $1"
help task
exit 1
;;
esac
fi