After corporate IT gives out a MacBook, we run a local-only Ansible script I wrote.
It sets .zshrc, .zshenv, and .zshenv-private for tokens etc.
It also uses Homebrew to install a bunch of packages, then creates various config files.
It works well. Developer setup time went from days to less than 2 hours (corporate VPN is slow)
Edited to add:
Workflow is:
1. Install homebrew, xcode command line tools, Ansible, and then git+credential helper.
2. Clone repo (which ensures the new dev has correct roles/groups to access the repo)
3. Run Ansible.
Snippet of the Ansible script:
---
- name: Configure dev macOS
hosts: localhost
vars_prompt:
- name: githubtoken
prompt: What is your github token?
private: false
tasks:
- name: Create variable from brew prefix
ansible.builtin.command: "brew --prefix"
register: brew_prefix
changed_when: false
- name: Update Homebrew
community.general.homebrew:
update_homebrew: true
- name: Install GNU Coreutils
community.general.homebrew:
name: coreutils
state: present
I've never used Ansible. Is it worth using for just this workflow? I'm asking coming from a baseline of just having a Git-versioned shell script which has lines like
You get the nice stuff that Ansible brings, like adding specific lines to .zshrc, templates, etc. I found it easier than my usually-beloved shell scripts because I didn't need to think about the mechanism, just the result.
For example, brew install coreutils would use the community.general.homebrew module: https://docs.ansible.com/ansible/latest/collections/communit... <-- you can see from that page that each module has lots of examples, which makes it pretty easy to go from requirements to Ansible script.
It sets .zshrc, .zshenv, and .zshenv-private for tokens etc.
It also uses Homebrew to install a bunch of packages, then creates various config files.
It works well. Developer setup time went from days to less than 2 hours (corporate VPN is slow)
Edited to add:
Workflow is:
Snippet of the Ansible script: