This playbook uses two roles:
They setup a CI user and install and configure common tools used for OSX/iOS CI environment:
- Homebrew
- Node.js 10 LTS
- Java 8 - Jenkins requirement. By installing Java 8, the OSX machine can be easily become a Jenkins agent.
- fastlane
- CocoaPods
- Xcode
The default role inventory targets localhost
(found in inventory/main
). This means that the playbook should be executed on the machine that needs to be configured.
If you want to execute the playbook remotely, you will need to provide another Ansible inventory. You can find a detailed description of what an inventory is and how to use it in the Ansible documentation
The playbook requires Ansible to be installed on both the host and the target machine.
In the default setup, the host and target machine are one and the same.
You can find a configuration bash script in scripts/ansible_setup.sh
.
Running
sudo scripts/ansible_setup.sh
will install:
- Xcode Command Line Tools
- pip
- Ansible
Both roles come from Ansible Galaxy. In order to install them, you need to run:
ansible-galaxy install -r requirements.yml
The Xcode Command Line Tools and Xcode installations require a UI session. This means the user you are using to execute the playbook must be logged on to the OSX machine.
The playbook will need several variables in order to work correctly. Their default values can be found in group_vars/all.yml
.
ansible_user: admin
The default user name to use for installing and configuring the needed tooling.
ansible_become_pass
The privilege escalation password. It is highly recommended not to pass the password in plain text.
To encrypt it we will use Ansible Vault.
You can add the variable to group_vars/all.yml
and execute the following command:
ansible-vault encrypt group_vars/all.yml
You will be asked for a vault password. It will be later used to decrypt the file.
Once the operation is executed the file will be encrypted.
Then you can run ansible-playbook
with the --ask-vault-pass
flag. You will be asked for the vault password you used to encrypt the file.
Once the vault password is submitted the playbook will continue its execution.
More on Ansible Vault can be found here.
For information about the variables that osx-ci
and xcode
roles expect you can check their repositories:
None.
ansible-playbook site.yml -i inventory -e ansible_user=administrator -e xcode_xip_location='/Users/administrator/Downloads/Xcode_10.1.xip' -e xcode_major_version=10 -e ci_user_public_key_location='/tmp/ci_user.pub' --ask-vault-pass
This playbook was created in 2019 by MacStadium, Inc.