Ansible roles and playbooks for hanuman infrastructure.
  • Go 61.8%
  • Shell 23%
  • Jinja 8.2%
  • HCL 7%
Find a file
2026-05-09 15:54:28 +00:00
.forgejo ci(forgejo): use full URLs for Forgejo Action references 2026-05-09 05:22:30 -05:00
collections Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
forgejo docs(forgejo): add runner-recovery runbook 2026-05-09 05:22:30 -05:00
inventories Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
playbooks Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
roles Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
scripts Remove tracked sonar-* binary outputs from scripts/sonarqube/bin/ 2026-05-08 08:24:05 -05:00
vars Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
.gitignore Firm up .gitignore: cover ansible runtime, sonar-* binary outputs, common build/env 2026-05-08 08:23:52 -05:00
.gitlint ci: add branch-policy workflow and gitlint config 2026-05-08 20:57:39 -05:00
AGENTS.md Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
AI_CONTEXT.md Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
ansible.cfg Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
EVENTBUS_README.md Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
hanuman-module.json Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
MODULE_CONTRACT.md Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
README-sonarqube.md Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00
README.md Initial commit: A1 reorg materialization 2026-05-08 02:56:15 -05:00

Hanuman Automation

Ansible, bootstrap scripts, workstation provisioning, repo hydration, branch policy enforcement, runtime path wiring, and worker build automation for Hanuman environments.

All Ansible work is run from the control node leopard. Windows and Codex Desktop are only used to edit this repository.

Layout

  • ansible/playbooks/ — top-level playbooks
  • ansible/roles/ — reusable roles consumed by the playbooks
  • ansible/inventories/example/ — example inventory layout
  • ansible/inventories/local/ — local-loopback inventory (localhost)
  • ansible/collections/requirements.yml — required Ansible collections
  • ansible/scripts/ — post-run validation helpers
  • ansible/vars/ — workspace variable files

Playbooks

  • bootstrap-leopard.yml — bootstrap the leopard control node itself.
  • setup-local-admin-and-codex.yml — local admin user, passwordless sudo, Codex CLI.
  • setup-hanuman-repos.yml — clone and arrange the Hanuman repositories on the host.
  • setup-runtime-and-workers.yml — runtime path wiring and worker provisioning.
  • setup-worker-pipeline.yml — worker pipeline configuration.
  • hydrate-and-build-workers.yml — fetch dependencies and build worker binaries.
  • sonarqube.yml — install SonarQube Community Build (see README-sonarqube.md for the full SonarQube playbook guide).

Run a playbook from leopard:

cd /path/to/hanuman-automation/ansible
ansible-playbook -i inventories/<your-inventory>/hosts.ini playbooks/<playbook>.yml

Roles

The roles consumed by the playbooks above are under ansible/roles/:

codex-cli, common, docker, git, golang, hanuman-branch-policy, hanuman-repos, hanuman-runtime-paths, hanuman-worker-build, hanuman-worker-pipeline, hanuman-workspace, node, packages, passwordless-sudo, postgres-client, sonarqube.

Validation

After a runtime/worker provisioning run, validate on the target host with the helpers under ansible/scripts/:

  • validate-runtime-and-workers.sh
  • validate-worker-pipeline.sh
  • validate-worker-runtime.sh

SonarQube

For the SonarQube playbook specifically, see README-sonarqube.md — it covers collections, vault password setup, PostgreSQL modes, syntax check, run, and host-side validation.