I tried to automate the construction of Mac development environment with Ansible, so make a note of what I did and what I investigated.
I wanted to do something like Boxen with ansible. So I prepared two repositories, one like our-boxen (template) and one that I copied and customized.
--https://github.com/tell-k/blister-pack .... Basic setup contents --https://github.com/tell-k/blister-pack-mine ... Your personal setup
Please refer to README.rst for how to use blister-pack.
I did the following things.
--Automate Mac OS X development environment construction with ansible. Install required packages mainly with hombrew + homebrew-cask --Like Boxen, manage the construction contents (role) by dividing into common parts, individuals, and projects. --Test with Serverspec. --Run build / test on Travis CI
--Mainly most of ansible's hombrew module and hombrew-cask module Could be installed. --To execute ansible to the local environment, write the following in the inventory file.
[localhost]
127.0.0.1
[localhost:vars]
ansible_connection=local
--Like Boxen, the construction contents are managed separately for each common part / individual / project.
├── Makefile
├── README.rst
├── Rakefile
├── callback_plugins
├── hosts
├── playbook.yml
├── roles
│ ├── common # <-Commonly used role group
│ ├── people # <-Role group for each individual
│ └── projects # <-Role group for each project
└── spec
├── common
├── people
├── projects
└── spec_helper.rb
--Enabled to test the construction contents in Ansible with Serverspec. -envassert and ansible's assert module You also have the option of using -testing). --Spec files are also separated by common / people / projects. --Serverspec is convenient because most of what you want to do is written in Documentation.
--Travis CI provides an OS X environment as a build environment (http://docs.travis-ci.com/user/osx-ci-environment) --Build / test with it --When using OS X, just specify in .travis.yml --It seems that homebrew, xcode, etc. are included in advance. --Since it seems that sudo can be executed without a password, it is executed without the "-K" option of ansible.
language: objective-c
os:
- osx
before_install:
- brew update
- brew install python
- brew install ansible
- ansible-playbook -vv playbook.yml -i hosts
script:
- make test
TIPS
--homebrew update updates Formula and homebrew itself. --upgrade rebuilds / installs the target package. --The ansible homebrew module has options called "update_homebrew" and "upgrade_all". --Inventory has a variable so that this option can be changed as appropriate.
[localhost]
127.0.0.1
[localhost:vars]
homebrew_update=yes #Yes to always update. Set to no if you feel slow
homebrew_upgrade_all=no #Yes if all packages need to be updated
It just passes to the homebrew module
- name: Update homebrew
homebrew: update_homebrew={{ homebrew_update }} upgrade_all={{ homebrew_upgrade_all }}
--For homebrew etc., you can get the path with "hombrew --prefix" "homebrew --cellar" etc. ――How to pass this to ansible and serverspec. --In the case of Ansible You can refer to environment variables and shell execution results with the lookup plugin. --If you use it and define it in the inventory file, you can refer to it in the playbook.
[localhost]
127.0.0.1
[localhost:vars]
home_path={{ lookup('env','HOME') }}
homebrew_prefix={{ lookup('pipe','echo `brew --prefix`') }}
homebrew_cellar={{ lookup('pipe','echo `brew --cellar`') }}
Use this in the role as follows
- name: Copy dnsmaq.conf
copy: src=roles/common/dnsmasq/files/dnsmasq.conf dest="{{ homebrew_prefix }}/etc/dnsmasq.conf" backup=yes
In the case of Serverspec, I defined it in spec_helper.rb without thinking about anything.
require 'serverspec'
set :backend, :exec
def home_path
home_path = `echo ~/`
home_path.chomp
end
def homebrew_prefix
prefix = `brew --prefix`
prefix.chomp
end
def homebrew_cellar
cellar_path = `brew --cellar`
cellar_path.chomp
end
--Since it takes time to execute Ansible, I will notify you when it is finished. --Using Ansible's Callbacks Plugin, it is now displayed in the OS X Notification Center.
--The script is here
Travis will forcibly terminate the build under the following conditions.
--Forcibly terminated if it takes more than 50 minutes to build --It is forcibly terminated even if there is no standard output for a certain period of time.
For the time being, Travis skips items that take a long time to install.
――The feeling of falling over is amazing, so look for a better method.
--Ansible has an option to do --syntax-check by default --There is also a library called ansible-lint. -> I got an error with tarvis + I don't use it now because it doesn't check much --For serverspec, rubocop is used. It is good that the "--auto-correct" option automatically shapes it to some extent. -Define checkstyle in Makefile so that it can be checked
--For example, the role / spec group of a private project is set to gitignore under the directory "private". --Prepare YAML (private.yml) for private use and [Merge] playbook.yml and private.yml every time you execute ansible (https://github.com/tell-k/blister-pack-mine/) blob / master / Makefile # L9-L11).
--A private key is required to clone a github repository via SSH using ansible's git module on Travis CI --In that case, Set the deployment key in each repository or clone by HTTPS Need to be. Since it is troublesome, I usually use HTTPS.
Example:The repo of the git module is a URL that starts with https.
- name: Git clone tell-k/sphinxjp.themes.basicstrap
git: repo=https://github.com/tell-k/sphinxjp.themes.basicstrap.git dest=~/Work/python/sphinxjp.themes.basicstrap update=no
--I tried it with the same configuration for about half a year except for Travis CI, but there were no major problems. Ansible is great. --Checking with Serverspec + Travis gives you a sense of security. Writing tests with Serverspec is kind of fun. --Some of them are purchased via the App Store due to licenses, so it seems difficult to fully automate them. ――I wrote a story about each individual / project, but since it's a bocce, I've never shared it with anyone other than myself or had it used. --The strange name blister-pack was found in Boxen's TOP picture.
There are several other ideas / tools for building a Mac OS X environment using Ansible.
Initially, I tried to use these tools, but stopped for the following reasons.
――It seemed to be troublesome to remember something specific to tools other than Ansible. --There are wrapper commands like Boxen, but Ansible's plug-in mechanism seems to work as a substitute. --If it was just a wrapper as a shortcut, Makefile was enough.
-Introduction to Ansible ... A book that gives you a good idea of what Ansible can do -Python Professional Programming 2nd Edition ... There is an Ansible chapter (Stema) -Python engineer training reader ... Introduction Since the person in Ansible wrote about Ansible, I plan to buy it and read it. -Serverspec ... I haven't bought it yet, so don't buy it> I
-It is allowed until 2012 without using Boxen -What happens when you run Boxen -Memo where I was addicted to building with boxen -Story of introducing boxing -Mac setup using Boxen -It's almost 2014, but I'll try boxing by myself --Mac Setup with Boxen
-Stop Boxen and switch to Brewfile + homebrew-cask -List that can be inscored with brew cask -Memo for building environment after clean installation of Mac OSX -Apps installed with homebrew-cask cannot be called from Alfred -I made a Brewfile instead of writing down the apps and tools installed on my MacBook -Compare Homebrew vs Boxen and start brewproj -Impressions comparing Boxen and brew Bundle && Homebrew-cask
Recommended Posts