SLEEP_FOR ?= 10 VENV ?= venv .PHONY: sleep sleep: sleep $(SLEEP_FOR) .PHONY: default default: check .PHONY: all all: cluster bootstrap-values apply .PHONY: cluster cluster: ansible-cluster # Ensures virtualenv is present $(VENV): python3 -m venv $(VENV) $(VENV)/bin/pip install -r requirements.txt # Installs pre-commit hooks .PHONY: install-hooks install-hooks: $(VENV) $(VENV)/bin/pre-commit install --install-hooks # Checks files for encryption .PHONY: check check: $(VENV) $(VENV)/bin/pre-commit run --all-files # Creates a new secrets baseline .secrets-baseline: $(VENV) $(VENV)/bin/detect-secrets scan --exclude-secrets '(\$${.*}|from_env|fake|!secret)' > .secrets-baseline # Audits secrets against baseline .PHONY: secrets-audit secrets-audit: $(VENV) .secrets-baseline $(VENV)/bin/detect-secrets audit .secrets-baseline # Updates secrets baseline .PHONY: secrets-update secrets-update: $(VENV) .secrets-baseline $(VENV)/bin/detect-secrets scan --baseline .secrets-baseline .PHONY: ansible_galaxy ansible_galaxy: ansible_galaxy/ansible_collections ansible_galaxy/roles ansible_galaxy/ansible_collections: $(VENV) ./ansible_galaxy/requirements.yml $(VENV)/bin/ansible-galaxy collection install -p ./ansible_galaxy -r ./ansible_galaxy/requirements.yml ansible_galaxy/roles: $(VENV) ./ansible_galaxy/requirements.yml $(VENV)/bin/ansible-galaxy install -p ./ansible_galaxy/roles -r ./ansible_galaxy/requirements.yml .PHONY: ansible-cluster ansible-cluster: $(VENV) ansible_galaxy env VIRTUAL_ENV=$(VENV) $(VENV)/bin/ansible-playbook -K -vv \ $(shell test -f vault-keys.json && echo '-e "@vault-keys.json"') \ ./ansible_playbooks/setup-cluster.yml .PHONY: bootstrap-values bootstrap-values: $(VENV) env NOMAD_ADDR=192.168.2.101 \ NOMAD_TOKEN=$(shell jq -r .SecretID nomad_bootstrap.json) \ $(VENV)/bin/python ./nomad_vars.py .PHONY: recover-nomad recover-nomad: $(VENV) $(VENV)/bin/ansible-playbook -K ./ansible_playbooks/recover-nomad.yaml .PHONY: stop-cluster stop-cluster: $(VENV) $(VENV)/bin/ansible-playbook -K ./ansible_playbooks/stop-cluster.yml .PHONY: init init: @terraform init .PHONY: plan plan: @terraform plan \ -var "nomad_secret_id=$(shell jq -r .SecretID nomad_bootstrap.json)" \ .PHONY: apply apply: @terraform apply \ -auto-approve \ -var "nomad_secret_id=$(shell jq -r .SecretID nomad_bootstrap.json)" \ .PHONY: clean clean: env VIRTUAL_ENV=$(VENV) $(VENV)/bin/ansible-playbook -vv \ ./ansible_playbooks/clear-data.yml find -name "*.tfstate" -exec rm '{}' \; rm -f ./vault-keys.json ./nomad_bootstrap.json