runner

Ansible role that deployes services on my runner machine

6 KB•YML

harbor.yml

6 KB • 194 lines • yaml

1---
2# ========================================
3# HARBOR CONTAINER REGISTRY DEPLOYMENT
4# ========================================
5# Idempotent deployment for Harbor registry using official installer.
6# Uses a version marker file (.harbor_version) to skip reinstallation
7# when the target version is already deployed.
8
9- name: "Display Harbor deployment information"
10  ansible.builtin.debug:
11    msg:
12      - "Deploying Harbor Container Registry"
13      - "Target Version: v{{ harbor_version }}"
14      - "Config Directory: {{ harbor_config_dir }}"
15      - "NFS Storage: {{ runner_nfs_mount_dir }}/harbor"
16      - "Registry Domain: {{ harbor_hostname | default('registry.local') }}"
17  tags: [harbor, info]
18
19- name: "Create Harbor configuration directory"
20  ansible.builtin.file:
21    path: "{{ harbor_config_dir }}"
22    state: directory
23    owner: "{{ runner_user }}"
24    group: "{{ runner_group }}"
25    mode: "2775"
26  tags: [harbor, setup]
27
28- name: "Check installed Harbor version"
29  ansible.builtin.slurp:
30    src: "{{ harbor_config_dir }}/.harbor_version"
31  register: harbor_installed_version_file
32  failed_when: false
33  changed_when: false
34  tags: [harbor, setup]
35
36- name: "Determine if Harbor install is needed"
37  ansible.builtin.set_fact:
38    harbor_install_needed: >-
39      {{
40        harbor_installed_version_file.content is not defined
41        or (harbor_installed_version_file.content | b64decode | trim) != harbor_version
42      }}
43  tags: [harbor, setup]
44
45- name: "Display install decision"
46  ansible.builtin.debug:
47    msg: >-
48      Harbor install {{ 'NEEDED' if harbor_install_needed else 'SKIPPED' }}
49      â installed: {{ (harbor_installed_version_file.content | b64decode | trim) if harbor_installed_version_file.content is defined else 'none' }},
50      target: {{ harbor_version }}
51  tags: [harbor, info]
52
53# ---- Config template (always applied, idempotent) ----
54
55- name: "Create Harbor configuration template"
56  ansible.builtin.template:
57    src: harbor.yml.j2
58    dest: "{{ harbor_config_dir }}/harbor.yml"
59    owner: "{{ runner_user }}"
60    group: "{{ runner_group }}"
61    mode: "0644"
62  register: harbor_config_changed
63  tags: [harbor, config]
64
65- name: "Set install needed if config changed"
66  ansible.builtin.set_fact:
67    harbor_install_needed: true
68  when: harbor_config_changed is changed
69  tags: [harbor, config]
70
71- name: "Stop Harbor before reinstall"
72  ansible.builtin.command:
73    cmd: docker compose down
74    chdir: "{{ harbor_config_dir }}"
75  ignore_errors: yes
76  when: harbor_install_needed and not ansible_check_mode
77  tags: [harbor, setup]
78
79# ---- Install flow (only when version differs or config changed) ----
80
81- name: "Download Harbor offline installer"
82  ansible.builtin.get_url:
83    url: "https://github.com/goharbor/harbor/releases/download/v{{ harbor_version }}/harbor-offline-installer-v{{ harbor_version }}.tgz"
84    dest: "/tmp/harbor-offline-installer-v{{ harbor_version }}.tgz"
85    timeout: 300
86  when: harbor_install_needed
87  tags: [harbor, download]
88  check_mode: no
89
90- name: "Extract Harbor installer"
91  ansible.builtin.unarchive:
92    src: "/tmp/harbor-offline-installer-v{{ harbor_version }}.tgz"
93    dest: "/tmp"
94    remote_src: yes
95  when: harbor_install_needed
96  tags: [harbor, extract]
97  check_mode: no
98
99- name: "Copy Harbor installer files to config directory"
100  ansible.builtin.copy:
101    src: "/tmp/harbor/"
102    dest: "{{ harbor_config_dir }}"
103    owner: "{{ runner_user }}"
104    group: "{{ runner_group }}"
105    mode: "0755"
106    remote_src: yes
107  when: harbor_install_needed
108  tags: [harbor, setup]
109  check_mode: no
110
111- name: "Run Harbor installer with sudo"
112  ansible.builtin.command:
113    cmd: sudo ./install.sh
114    chdir: "{{ harbor_config_dir }}"
115  environment:
116    HARBOR_CONFIG: "{{ harbor_config_dir }}/harbor.yml"
117  when: harbor_install_needed and not ansible_check_mode
118  tags: [harbor, install]
119
120- name: "Stop Harbor services after installation"
121  ansible.builtin.command:
122    cmd: docker compose down
123    chdir: "{{ harbor_config_dir }}"
124  ignore_errors: yes
125  when: harbor_install_needed and not ansible_check_mode
126  tags: [harbor, setup]
127
128- name: "Write Harbor version marker"
129  ansible.builtin.copy:
130    content: "{{ harbor_version }}\n"
131    dest: "{{ harbor_config_dir }}/.harbor_version"
132    owner: "{{ runner_user }}"
133    group: "{{ runner_group }}"
134    mode: "0644"
135  when: harbor_install_needed
136  tags: [harbor, setup]
137
138- name: "Clean up installer tarball"
139  ansible.builtin.file:
140    path: "/tmp/harbor-offline-installer-v{{ harbor_version }}.tgz"
141    state: absent
142  when: harbor_install_needed
143  tags: [harbor, cleanup]
144
145- name: "Clean up extracted installer"
146  ansible.builtin.file:
147    path: "/tmp/harbor"
148    state: absent
149  when: harbor_install_needed
150  tags: [harbor, cleanup]
151
152# ---- Start Harbor (always) ----
153
154- name: "Stop Harbor services before start"
155  ansible.builtin.command:
156    cmd: docker compose down
157    chdir: "{{ harbor_config_dir }}"
158  ignore_errors: yes
159  when: not ansible_check_mode
160  tags: [harbor, services]
161
162- name: "Start Harbor services"
163  community.docker.docker_compose_v2:
164    project_src: "{{ harbor_config_dir }}"
165    state: present
166  tags: [harbor, services]
167  check_mode: no
168
169- name: "Wait for Harbor to be ready"
170  ansible.builtin.wait_for:
171    port: "{{ harbor_http_port | default(8080) }}"
172    host: "{{ ansible_default_ipv4.address }}"
173    delay: 10
174    timeout: 120
175  tags: [harbor, verification]
176
177- name: "Verify Harbor container is running"
178  community.docker.docker_container_info:
179    name: harbor-core
180  register: harbor_container_status
181  tags: [harbor, verify]
182
183- name: "Display Harbor deployment status"
184  ansible.builtin.debug:
185    msg:
186      - "Harbor Container Registry deployed successfully"
187      - "Version: v{{ harbor_version }}"
188      - "Install performed: {{ harbor_install_needed }}"
189      - "Status: {{ harbor_container_status.container.State.Status | default('unknown') }}"
190      - "Web UI: http://{{ ansible_default_ipv4.address }}:{{ harbor_http_port | default(8080) }}"
191      - "Admin User: admin"
192      - "Registry: {{ ansible_default_ipv4.address }}:{{ harbor_registry_port | default(5000) }}"
193  tags: [harbor, info]
194

1--- 2# ======================================== 3# HARBOR CONTAINER REGISTRY DEPLOYMENT 4# ======================================== 5# Idempotent deployment for Harbor registry using official installer. 6# Uses a version marker file (.harbor_version) to skip reinstallation 7# when the target version is already deployed. 8 9- name: "Display Harbor deployment information" 10 ansible.builtin.debug: 11 msg: 12 - "Deploying Harbor Container Registry" 13 - "Target Version: v{{ harbor_version }}" 14 - "Config Directory: {{ harbor_config_dir }}" 15 - "NFS Storage: {{ runner_nfs_mount_dir }}/harbor" 16 - "Registry Domain: {{ harbor_hostname | default('registry.local') }}" 17 tags: [harbor, info] 18 19- name: "Create Harbor configuration directory" 20 ansible.builtin.file: 21 path: "{{ harbor_config_dir }}" 22 state: directory 23 owner: "{{ runner_user }}" 24 group: "{{ runner_group }}" 25 mode: "2775" 26 tags: [harbor, setup] 27 28- name: "Check installed Harbor version" 29 ansible.builtin.slurp: 30 src: "{{ harbor_config_dir }}/.harbor_version" 31 register: harbor_installed_version_file 32 failed_when: false 33 changed_when: false 34 tags: [harbor, setup] 35 36- name: "Determine if Harbor install is needed" 37 ansible.builtin.set_fact: 38 harbor_install_needed: >- 39 {{ 40 harbor_installed_version_file.content is not defined 41 or (harbor_installed_version_file.content | b64decode | trim) != harbor_version 42 }} 43 tags: [harbor, setup] 44 45- name: "Display install decision" 46 ansible.builtin.debug: 47 msg: >- 48 Harbor install {{ 'NEEDED' if harbor_install_needed else 'SKIPPED' }} 49 â installed: {{ (harbor_installed_version_file.content | b64decode | trim) if harbor_installed_version_file.content is defined else 'none' }}, 50 target: {{ harbor_version }} 51 tags: [harbor, info] 52 53# ---- Config template (always applied, idempotent) ---- 54 55- name: "Create Harbor configuration template" 56 ansible.builtin.template: 57 src: harbor.yml.j2 58 dest: "{{ harbor_config_dir }}/harbor.yml" 59 owner: "{{ runner_user }}" 60 group: "{{ runner_group }}" 61 mode: "0644" 62 register: harbor_config_changed 63 tags: [harbor, config] 64 65- name: "Set install needed if config changed" 66 ansible.builtin.set_fact: 67 harbor_install_needed: true 68 when: harbor_config_changed is changed 69 tags: [harbor, config] 70 71- name: "Stop Harbor before reinstall" 72 ansible.builtin.command: 73 cmd: docker compose down 74 chdir: "{{ harbor_config_dir }}" 75 ignore_errors: yes 76 when: harbor_install_needed and not ansible_check_mode 77 tags: [harbor, setup] 78 79# ---- Install flow (only when version differs or config changed) ---- 80 81- name: "Download Harbor offline installer" 82 ansible.builtin.get_url: 83 url: "https://github.com/goharbor/harbor/releases/download/v{{ harbor_version }}/harbor-offline-installer-v{{ harbor_version }}.tgz" 84 dest: "/tmp/harbor-offline-installer-v{{ harbor_version }}.tgz" 85 timeout: 300 86 when: harbor_install_needed 87 tags: [harbor, download] 88 check_mode: no 89 90- name: "Extract Harbor installer" 91 ansible.builtin.unarchive: 92 src: "/tmp/harbor-offline-installer-v{{ harbor_version }}.tgz" 93 dest: "/tmp" 94 remote_src: yes 95 when: harbor_install_needed 96 tags: [harbor, extract] 97 check_mode: no 98 99- name: "Copy Harbor installer files to config directory" 100 ansible.builtin.copy: 101 src: "/tmp/harbor/" 102 dest: "{{ harbor_config_dir }}" 103 owner: "{{ runner_user }}" 104 group: "{{ runner_group }}" 105 mode: "0755" 106 remote_src: yes 107 when: harbor_install_needed 108 tags: [harbor, setup] 109 check_mode: no 110 111- name: "Run Harbor installer with sudo" 112 ansible.builtin.command: 113 cmd: sudo ./install.sh 114 chdir: "{{ harbor_config_dir }}" 115 environment: 116 HARBOR_CONFIG: "{{ harbor_config_dir }}/harbor.yml" 117 when: harbor_install_needed and not ansible_check_mode 118 tags: [harbor, install] 119 120- name: "Stop Harbor services after installation" 121 ansible.builtin.command: 122 cmd: docker compose down 123 chdir: "{{ harbor_config_dir }}" 124 ignore_errors: yes 125 when: harbor_install_needed and not ansible_check_mode 126 tags: [harbor, setup] 127 128- name: "Write Harbor version marker" 129 ansible.builtin.copy: 130 content: "{{ harbor_version }}\n" 131 dest: "{{ harbor_config_dir }}/.harbor_version" 132 owner: "{{ runner_user }}" 133 group: "{{ runner_group }}" 134 mode: "0644" 135 when: harbor_install_needed 136 tags: [harbor, setup] 137 138- name: "Clean up installer tarball" 139 ansible.builtin.file: 140 path: "/tmp/harbor-offline-installer-v{{ harbor_version }}.tgz" 141 state: absent 142 when: harbor_install_needed 143 tags: [harbor, cleanup] 144 145- name: "Clean up extracted installer" 146 ansible.builtin.file: 147 path: "/tmp/harbor" 148 state: absent 149 when: harbor_install_needed 150 tags: [harbor, cleanup] 151 152# ---- Start Harbor (always) ---- 153 154- name: "Stop Harbor services before start" 155 ansible.builtin.command: 156 cmd: docker compose down 157 chdir: "{{ harbor_config_dir }}" 158 ignore_errors: yes 159 when: not ansible_check_mode 160 tags: [harbor, services] 161 162- name: "Start Harbor services" 163 community.docker.docker_compose_v2: 164 project_src: "{{ harbor_config_dir }}" 165 state: present 166 tags: [harbor, services] 167 check_mode: no 168 169- name: "Wait for Harbor to be ready" 170 ansible.builtin.wait_for: 171 port: "{{ harbor_http_port | default(8080) }}" 172 host: "{{ ansible_default_ipv4.address }}" 173 delay: 10 174 timeout: 120 175 tags: [harbor, verification] 176 177- name: "Verify Harbor container is running" 178 community.docker.docker_container_info: 179 name: harbor-core 180 register: harbor_container_status 181 tags: [harbor, verify] 182 183- name: "Display Harbor deployment status" 184 ansible.builtin.debug: 185 msg: 186 - "Harbor Container Registry deployed successfully" 187 - "Version: v{{ harbor_version }}" 188 - "Install performed: {{ harbor_install_needed }}" 189 - "Status: {{ harbor_container_status.container.State.Status | default('unknown') }}" 190 - "Web UI: http://{{ ansible_default_ipv4.address }}:{{ harbor_http_port | default(8080) }}" 191 - "Admin User: admin" 192 - "Registry: {{ ansible_default_ipv4.address }}:{{ harbor_registry_port | default(5000) }}" 193 tags: [harbor, info] 194