#!/usr/bin/python # -*- coding: utf-8 -*- # (c) 2012, Michael DeHaan # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see . DOCUMENTATION = ''' --- module: git author: Michael DeHaan version_added: "0.0.1" short_description: Deploy software (or files) from git checkouts description: - Manage I(git) checkouts of repositories to deploy files or software. options: repo: required: true aliases: [ name ] description: - git, SSH, or HTTP protocol address of the git repository. dest: required: true description: - Absolute path of where the repository should be checked out to. version: required: false default: "HEAD" description: - What version of the repository to check out. This can be the full 40-character I(SHA-1) hash, the literal string C(HEAD), a branch name, or a tag name. remote: required: false default: "origin" description: - Name of the remote. force: required: false default: "yes" choices: [ "yes", "no" ] version_added: "0.7" description: - If C(yes), any modified files in the working repository will be discarded. Prior to 0.7, this was always 'yes' and could not be disabled. depth: required: false default: null version_added: "1.2" description: - Create a shallow clone with a history truncated to the specified number or revisions. The minimum possible value is C(1), otherwise ignored. update: required: false default: "yes" choices: [ "yes", "no" ] version_added: "1.2" description: - If C(yes), repository will be updated using the supplied remote. Otherwise the repo will be left untouched. Prior to 1.2, this was always 'yes' and could not be disabled. executable: required: false default: null version_added: "1.4" description: - Path to git executable to use. If not supplied, the normal mechanism for resolving binary paths will be used. notes: - If the task seems to be hanging, first verify remote host is in C(known_hosts). SSH will prompt user to authorize the first contact with a remote host. One solution is to add C(StrictHostKeyChecking no) in C(.ssh/config) which will accept and authorize the connection on behalf of the user. However, if you run as a different user such as setting sudo to True), for example, root will not look at the user .ssh/config setting. ''' EXAMPLES = ''' # Example git checkout from Ansible Playbooks - git: repo=git://foosball.example.org/path/to/repo.git dest=/srv/checkout version=release-0.22 # Example read-write git checkout from github - git: repo=ssh://git@github.com/mylogin/hello.git dest=/home/mylogin/hello # Example just ensuring the repo checkout exists - git: repo=git://foosball.example.org/path/to/repo.git dest=/srv/checkout update=no ''' import re import tempfile def get_version(git_path, dest): ''' samples the version of the git repo ''' os.chdir(dest) cmd = "%s show" % (git_path,) sha = os.popen(cmd).read().split("\n") sha = sha[0].split()[1] return sha def clone(git_path, module, repo, dest, remote, depth, version): ''' makes a new git repo if it does not already exist ''' dest_dirname = os.path.dirname(dest) try: os.makedirs(dest_dirname) except: pass os.chdir(dest_dirname) cmd = [ git_path, 'clone', '-o', remote, '--recursive' ] if version and version != 'HEAD': cmd.extend([ '--branch', str(version) ]) if depth: cmd.extend([ '--depth', str(depth) ]) cmd.extend([ repo, dest ]) return module.run_command(cmd, check_rc=True) def has_local_mods(git_path, dest): os.chdir(dest) cmd = "%s status -s" % (git_path,) lines = os.popen(cmd).read().splitlines() lines = filter(lambda c: not re.search('^\\?\\?.*$', c), lines) return len(lines) > 0 def reset(git_path, module, dest, force): ''' Resets the index and working tree to HEAD. Discards any changes to tracked files in working tree since that commit. ''' os.chdir(dest) if not force and has_local_mods(git_path, dest): module.fail_json(msg="Local modifications exist in repository (force=no).") cmd = "%s reset --hard HEAD" % (git_path,) return module.run_command(cmd, check_rc=True) def get_remote_head(git_path, module, dest, version, remote): cmd = '' os.chdir(dest) if version == 'HEAD': version = get_head_branch(git_path, module, dest, remote) if is_remote_branch(git_path, module, dest, remote, version): cmd = '%s ls-remote %s -h refs/heads/%s' % (git_path, remote, version) elif is_remote_tag(git_path, module, dest, remote, version): cmd = '%s ls-remote %s -t refs/tags/%s' % (git_path, remote, version) else: # appears to be a sha1. return as-is since it appears # cannot check for a specific sha1 on remote return version (rc, out, err) = module.run_command(cmd, check_rc=True) if len(out) < 1: module.fail_json(msg="Could not determine remote revision for %s" % version) rev = out.split()[0] return rev def is_remote_tag(git_path, module, dest, remote, version): os.chdir(dest) cmd = '%s ls-remote %s -t refs/tags/%s' % (git_path, remote, version) (rc, out, err) = module.run_command(cmd) if version in out: return True else: return False def get_branches(git_path, module, dest): os.chdir(dest) branches = [] cmd = '%s branch -a' % (git_path,) (rc, out, err) = module.run_command(cmd) if rc != 0: module.fail_json(msg="Could not determine branch data - received %s" % out) for line in out.split('\n'): branches.append(line.strip()) return branches def is_remote_branch(git_path, module, dest, remote, branch): branches = get_branches(git_path, module, dest) rbranch = 'remotes/%s/%s' % (remote, branch) if rbranch in branches: return True else: return False def is_local_branch(git_path, module, dest, branch): branches = get_branches(git_path, module, dest) lbranch = '%s' % branch if lbranch in branches: return True elif '* %s' % branch in branches: return True else: return False def is_not_a_branch(git_path, module, dest): branches = get_branches(git_path, module, dest) for b in branches: if b.startswith('* ') and 'no branch' in b: return True return False def get_head_branch(git_path, module, dest, remote): ''' Determine what branch HEAD is associated with. This is partly taken from lib/ansible/utils/__init__.py. It finds the correct path to .git/HEAD and reads from that file the branch that HEAD is associated with. In the case of a detached HEAD, this will look up the branch in .git/refs/remotes//HEAD. ''' repo_path = os.path.join(dest, '.git') # Check if the .git is a file. If it is a file, it means that we are in a submodule structure. if os.path.isfile(repo_path): try: gitdir = yaml.safe_load(open(repo_path)).get('gitdir') # There is a posibility the .git file to have an absolute path. if os.path.isabs(gitdir): repo_path = gitdir else: repo_path = os.path.join(repo_path.split('.git')[0], gitdir) except (IOError, AttributeError): return '' # Read .git/HEAD for the name of the branch. # If we're in a detached HEAD state, look up the branch associated with # the remote HEAD in .git/refs/remotes//HEAD f = open(os.path.join(repo_path, "HEAD")) if is_not_a_branch(git_path, module, dest): f.close() f = open(os.path.join(repo_path, 'refs', 'remotes', remote, 'HEAD')) branch = f.readline().split('/')[-1].rstrip("\n") f.close() return branch def fetch(git_path, module, repo, dest, version, remote): ''' updates repo from remote sources ''' os.chdir(dest) (rc, out1, err1) = module.run_command("%s fetch %s" % (git_path, remote)) if rc != 0: module.fail_json(msg="Failed to download remote objects and refs") (rc, out2, err2) = module.run_command("%s fetch --tags %s" % (git_path, remote)) if rc != 0: module.fail_json(msg="Failed to download remote objects and refs") (rc, out3, err3) = submodule_update(git_path, module, dest) return (rc, out1 + out2 + out3, err1 + err2 + err3) def submodule_update(git_path, module, dest): ''' init and update any submodules ''' os.chdir(dest) # skip submodule commands if .gitmodules is not present if not os.path.exists(os.path.join(dest, '.gitmodules')): return (0, '', '') cmd = [ git_path, 'submodule', 'sync' ] (rc, out, err) = module.run_command(cmd, check_rc=True) cmd = [ git_path, 'submodule', 'update', '--init', '--recursive' ] (rc, out, err) = module.run_command(cmd) if rc != 0: module.fail_json(msg="Failed to init/update submodules") return (rc, out, err) def switch_version(git_path, module, dest, remote, version): ''' once pulled, switch to a particular SHA, tag, or branch ''' os.chdir(dest) cmd = '' if version != 'HEAD': if is_remote_branch(git_path, module, dest, remote, version): if not is_local_branch(git_path, module, dest, version): cmd = "%s checkout --track -b %s %s/%s" % (git_path, version, remote, version) else: (rc, out, err) = module.run_command("%s checkout --force %s" % (git_path, version)) if rc != 0: module.fail_json(msg="Failed to checkout branch %s" % version) cmd = "%s reset --hard %s/%s" % (git_path, remote, version) else: cmd = "%s checkout --force %s" % (git_path, version) else: branch = get_head_branch(git_path, module, dest, remote) (rc, out, err) = module.run_command("%s checkout --force %s" % (git_path, branch)) if rc != 0: module.fail_json(msg="Failed to checkout branch %s" % branch) cmd = "%s reset --hard %s" % (git_path, remote) (rc, out1, err1) = module.run_command(cmd) if rc != 0: if version != 'HEAD': module.fail_json(msg="Failed to checkout %s" % (version)) else: module.fail_json(msg="Failed to checkout branch %s" % (branch)) (rc, out2, err2) = submodule_update(git_path, module, dest) return (rc, out1 + out2, err1 + err2) # =========================================== def main(): module = AnsibleModule( argument_spec = dict( dest=dict(required=True), repo=dict(required=True, aliases=['name']), version=dict(default='HEAD'), remote=dict(default='origin'), force=dict(default='yes', type='bool'), depth=dict(default=None, type='int'), update=dict(default='yes', type='bool'), executable=dict(default=None), ), supports_check_mode=True ) dest = os.path.abspath(os.path.expanduser(module.params['dest'])) repo = module.params['repo'] version = module.params['version'] remote = module.params['remote'] force = module.params['force'] depth = module.params['depth'] update = module.params['update'] git_path = module.params['executable'] or module.get_bin_path('git', True) gitconfig = os.path.join(dest, '.git', 'config') rc, out, err, status = (0, None, None, None) # if there is no git configuration, do a clone operation # else pull and switch the version before = None local_mods = False if not os.path.exists(gitconfig): if module.check_mode: module.exit_json(changed=True) clone(git_path, module, repo, dest, remote, depth, version) elif not update: # Just return having found a repo already in the dest path # this does no checking that the repo is the actual repo # requested. before = get_version(git_path, dest) module.exit_json(changed=False, before=before, after=before) else: # else do a pull local_mods = has_local_mods(git_path, dest) before = get_version(git_path, dest) # if force, do a reset if local_mods and module.check_mode: module.exit_json(changed=True, msg='Local modifications exist') reset(git_path, module, dest, force) # exit if already at desired sha version if before == version: module.exit_json(changed=False) # check or get changes from remote remote_head = get_remote_head(git_path, module, dest, version, remote) if module.check_mode: changed = False if remote_head == version: # get_remote_head returned version as-is # were given a sha1 object, see if it is present (rc, out, err) = module.run_command("%s show %s" % (git_path, version)) if version in out: changed = False else: changed = True else: if before != remote_head: changed = True else: changed = False module.exit_json(changed=changed, before=before, after=remote_head) fetch(git_path, module, repo, dest, version, remote) # switch to version specified regardless of whether # we cloned or pulled switch_version(git_path, module, dest, remote, version) # determine if we changed anything after = get_version(git_path, dest) changed = False if before != after or local_mods: changed = True module.exit_json(changed=changed, before=before, after=after) # include magic from lib/ansible/module_common.py #<> main()