Refactor golden image role: update variable names and remove obsolete customize script
Signed-off-by: Stephen Simpson <ssimpson89@users.noreply.github.com>
This commit is contained in:
Stephen Simpson
@@ -1,4 +1,4 @@
|
||||
---
|
||||
# Paths (passed from playbook)
|
||||
golden_image_base_image_path: ""
|
||||
base_image_path: ""
|
||||
golden_image_path: ""
|
||||
|
||||
@@ -1,17 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
# Create user if it doesn't exist
|
||||
if ! id -u rocky >/dev/null 2>&1; then
|
||||
useradd -m rocky
|
||||
fi
|
||||
|
||||
# Set password
|
||||
echo "rocky:rockypass" | chpasswd
|
||||
|
||||
# Sudoers
|
||||
echo "rocky ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/rocky
|
||||
chmod 0440 /etc/sudoers.d/rocky
|
||||
|
||||
# Enable ssh
|
||||
systemctl enable sshd
|
||||
@@ -1,35 +1,38 @@
|
||||
---
|
||||
- name: Verify base image exists
|
||||
ansible.builtin.stat:
|
||||
path: "{{ golden_image_base_image_path }}"
|
||||
register: golden_image_base_image_stat
|
||||
failed_when: not golden_image_base_image_stat.stat.exists
|
||||
stat:
|
||||
path: "{{ base_image_path }}"
|
||||
register: base_image_stat
|
||||
failed_when: not base_image_stat.stat.exists
|
||||
|
||||
- name: Ensure golden image directory exists
|
||||
ansible.builtin.file:
|
||||
file:
|
||||
path: "{{ golden_image_path | dirname }}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
become: true
|
||||
|
||||
- name: Copy base image to golden image
|
||||
ansible.builtin.copy:
|
||||
src: "{{ golden_image_base_image_path }}"
|
||||
copy:
|
||||
src: "{{ base_image_path }}"
|
||||
dest: "{{ golden_image_path }}"
|
||||
remote_src: true
|
||||
mode: '0644'
|
||||
become: true
|
||||
|
||||
- name: Customize golden image
|
||||
ansible.builtin.command: >
|
||||
command: >
|
||||
virt-customize -a {{ golden_image_path }}
|
||||
--install perl,git,wget,tar,openssh-server,vim
|
||||
--run {{ role_path }}/tasks/customize.sh
|
||||
--run-command 'useradd -m rocky 2>/dev/null || true'
|
||||
--run-command 'echo "rocky:rockypass" | chpasswd'
|
||||
--run-command 'echo "rocky ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/rocky'
|
||||
--run-command 'chmod 0440 /etc/sudoers.d/rocky'
|
||||
--run-command 'systemctl enable sshd'
|
||||
--ssh-inject root:file:{{ ssh_public_key_path }}
|
||||
--ssh-inject rocky:file:{{ ssh_public_key_path }}
|
||||
--root-password password:{{ root_password }}
|
||||
--selinux-relabel
|
||||
changed_when: false
|
||||
environment:
|
||||
LIBGUESTFS_BACKEND: direct
|
||||
become: true
|
||||
|
||||
Reference in New Issue
Block a user