/provision-macos

Automatically provision a local machine running macOS Monterey 12.4 or higher with Ansible.

Primary LanguageShellMIT LicenseMIT

provision-macos

Build Status

Automatically provision a local machine running macOS Monterey 12.4 or higher with Ansible.

Requirements

  • macOS Monterey 12.4 or higher

Usage

Clone or download this repository to a local machine:

git clone https://github.com/cbracco/provision-macos.git

Create the Ansible Vault passphrase file in the proper location and make sure it contains the correct Ansible Vault passphrase:

mkdir /path/to/this/repository/.ansible
touch /path/to/this/repository/.ansible/vault_password
echo '[REPLACE WITH ANSIBLE VAULT PASSPHRASE]' > /path/to/this/repository/.ansible/vault_password

NOTE: The ssh role copies a private SSH key file that has been previously encrypted using Ansible Vault. The command above must be run before the provision script in order for Ansible to complete this particular task successfully. An annoying but necessary evil until a better solution comes along.

Finally, execute the included shell script by running the following command(s):

cd /path/to/this/repository
./bin/provision

It does the following:

Testing

This project is continuously tested by Travis-CI, which runs a “test” version of the included provision script. It is triggered by passing the -t flag:

./bin/provision -t

This runs a syntax check on the included Ansible playbook, and a slightly modified “test” version of the included Ansible playbook which installs only the packages necessary in order for tests to pass (this speeds up test builds a bit).

Syntax Check

In addition, you can check the syntax of the included Ansible playbook by running the following command(s):

cd /path/to/directory
ansible-playbook playbook.yml --syntax-check

Check Mode

You can also perform a “dry run” of the included Ansible playbook by running the following command(s):

cd /path/to/directory
ansible-playbook playbook.yml --check

Learn more about “Check Mode” in Ansible.

Check Mode w/ Tags

You can also perform a “dry run” of specific roles in the included Ansible playbook by running the following command(s):

cd /path/to/directory
ansible-playbook playbook.yml --check --tags=homebrew,pip

This can be useful when working on tasks in a particular role and you only want to check those tasks. Learn more about Tags in Ansible.

Exclude a task from “Test Mode”

If you are writing a new task that you do not want to run in “test mode”, you can exclude it using when so the task will only run if test_mode variable is defined:

- name: task that should not run during tests
  shell: echo 'do not run me during tests'
  when: not test_mode

This is a technique borrowed from Jeff Geerling. Thanks Jeff!

Credits

“If I have seen further it is by standing on ye sholders of Giants.”Issac Newton

provision-macos is a project by @cbracco and its contributors. It is influenced by the following organizations, projects, articles, and individuals: