v1.0.0

.ansible-lint-ignore

@@ -0,0 +1,2 @@
+# This file contains ignores rule violations for ansible-lint
+tasks/ssm.yaml var-naming[no-jinja]

.gitignore

@@ -0,0 +1,5 @@
+.idea
+.vscode
+tmp
+*.tmp
+

.lefthook.yaml

@@ -0,0 +1,13 @@
+---
+pre-commit:
+  parallel: true
+  scripts:
+    "license-checker.sh":
+      runner: bash
+  commands:
+    ansible-lint:
+      glob: "*.{yaml,yml}"
+      run: ansible-lint -q {staged_files}
+    typos:
+      glob: "*.{yaml,yml,md,sh}"
+      run: typos --write-changes {staged_files}

.lefthook/pre-commit/license-checker.sh

@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+# SPDX-FileCopyrightText: Copyright Boozt Fashion, AB
+# SPDX-License-Identifier: MIT
+
+set -eo pipefail
+
+LICENSE_HEADER=${LICENSE_HEADER:-""}
+EXCLUDE_FILES_EXT=${EXCLUDE_FILES_EXT:-"LICENSE|\\.yamllint|\\.ansible-lint-ignore|\\.lefthook.yaml|\\.md|\\.gitignore|\\.license-checker.txt|\\license-checker.sh|\\CODEOWNERS|\\.gitattributes|\\.editorconfig|\\.json|\\.lock|\\.toml"}
+STAGED_FILES=$(git diff --name-only --diff-filter=d --staged)
+
+# read .license-checker.txt file if exists in the root directory
+if [[ -f .license-checker.txt && -z "$LICENSE_HEADER" ]]; then
+  # read the file and set the LICENSE_HEADER variable
+  LICENSE_HEADER=$(cat .license-checker.txt)
+fi
+
+# error message function printing in red color
+# usage: error "message"
+error() {
+  local message=${1:-""}
+  echo -e "\033[0;31m${message}\033[0m"
+}
+
+# if the LICENSE_HEADER is empty, then exit
+if [ -z "$LICENSE_HEADER" ]; then
+  error "The LICENSE_HEADER environment variable is empty."
+  error "Either create .license-checker.txt file in the root directory or set the LICENSE_HEADER environment variable."
+  exit 1
+fi
+
+errorCount=0
+# Check if the staged files contains the license header.
+# Files may be wrapped in comment blocks i.e. /* ... */, #, <!-- ... -->, etc.
+for file in $STAGED_FILES; do
+  # filter out files that ends with the excluded file extensions
+  # which described in the EXCLUDE_FILES_EXT
+  if [[ $file =~ ${EXCLUDE_FILES_EXT}$ ]]; then
+    continue
+  fi
+
+  # check if the file contains the license header
+  # at the top of the file (first 5 lines of the file)
+  # from the variable of LICENSE_HEADER
+  if ! head -n 5 "$file" | grep -q "$LICENSE_HEADER"; then
+    error "The file $file does not contain the license header."
+    errorCount=$((errorCount + 1))
+  fi
+done
+
+if [ $errorCount -gt 0 ]; then
+  error "\nPlease add the license header to the file(s) above"
+  exit 1
+fi

.license-checker.txt

@@ -0,0 +1,2 @@
+SPDX-FileCopyrightText: Copyright Oleksii Samoliuk
+SPDX-License-Identifier: MIT

.yamllint

@@ -0,0 +1,15 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 160
+    level: warning
+  comments:
+    min-spaces-from-content: 1
+  comments-indentation: false
+  braces:
+    max-spaces-inside: 1
+  octal-values:
+    forbid-implicit-octal: true
+    forbid-explicit-octal: true

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Oleksii Samoliuk
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,59 @@
+# Collecting AWS SSM Parameters by prefix as Ansible Facts
+
+## Dependency:
+- [amazon.aws](https://galaxy.ansible.com/ui/repo/published/amazon/aws/) `ansible-galaxy collection install amazon.aws`
+
+## Install
+```yaml
+# requirements.yaml
+collections:
+  - name: amazon.aws
+    version: 8.2.1
+
+roles:
+  - name: aws_ssm_export
+    scm: git
+    src: [email protected]:YouSysAdmin/ansible_aws_ssm_export.git
+    version: v1.0.0
+```
+
+```shell
+ansible-galaxy install -r requirements.yaml
+```
+
+## Usage
+```yaml
+# Export all params by prefix /ci/production
+
+# AWS SSM params:
+# /ci/production/instance_type
+# /ci/production/instance_volume_size
+# /ci/production/instance_user
+
+# Result:
+# ci_prod_aws_ssm:
+#   instance_type: t3.medium
+#   instance_volume_size: 50
+#   instance_user: admin
+
+# Usage vars
+# vars:
+#  instance_type: "{{ ci_aws_ssm.instance_type }}"
+
+# Exporting values from the AWS SSM as global Ansible facts
+- hosts: all
+  gather_facts: False
+  run_once: true
+  vars:
+    ssm_prefixes:
+    - name: ci_prod
+      prefix: '/ci/production'
+  roles:
+    - aws_ssm_export
+  tags: [ "always" ]
+
+- name: other tasks
+  ...
+```
+
+

meta/main.yaml

@@ -0,0 +1,18 @@
+# SPDX-FileCopyrightText: Copyright Oleksii Samoliuk
+# SPDX-License-Identifier: MIT
+---
+collections: ["amazon.aws"]
+dependencies: []
+
+galaxy_info:
+  role_name: aws_ssm_export
+  author: yousysadmin
+  description: Collecting AWS SSM Parameters by prefix as Ansible Facts
+  company: ""
+  license: "license MIT"
+  min_ansible_version: "2.10"
+  platforms: []
+  galaxy_tags:
+    - aws
+    - ssm
+    - facts

tasks/main.yaml

@@ -0,0 +1,7 @@
+# SPDX-FileCopyrightText: Copyright Oleksii Samoliuk
+# SPDX-License-Identifier: MIT
+---
+- name: Collecting AWS SSM Parameters by prefix as Ansible Facts
+  ansible.builtin.include_tasks: ssm.yaml
+  loop: "{{ ssm_prefixes }}"
+  when: ssm_prefixes is defined

tasks/ssm.yaml

@@ -0,0 +1,13 @@
+# SPDX-FileCopyrightText: Copyright Oleksii Samoliuk
+# SPDX-License-Identifier: MIT
+---
+- name: "Checking correctness the ssm_prefixes.{{ item.name }}"
+  ansible.builtin.fail:
+    msg: "Value 'prefix' or 'name' is not defined for ssm_prefixes.{{ item }}"
+  when: item.prefix is not defined or item.name is not defined
+
+- name: "Gathering values from AWS SSM Parameters Store by prefix {{ item.prefix }}"
+  ansible.builtin.set_fact:
+    "{{ item.name }}_aws_ssm": "{{ lookup('amazon.aws.aws_ssm', '{{ item.prefix }}', shortnames=true, bypath=true, recursive=true) }}"
+  when: (item.prefix is defined and item.name is defined) and
+        (item.prefix | length>0 and item.name | length>0)