paul/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Implement ansible-lint workflow
All checks were successful
Check / Lint Ansible Files (push) Successful in 1m41s
Details

Browse Source
This commit is contained in:
Paul Brinkmeier 2023-09-01 03:42:38 +02:00
parent abf3b919f0
commit d6fad43f9c
2 changed files with 1 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
.drone.yml
View File

@ -1,36 +0,0 @@
---
kind: pipeline
type: docker
name: Static Verification
steps:
- name: ansible-lint
image: python:3.10.6
commands:
# Make sure to update the ansible version below as well
- pip --disable-pip-version-check install ansible==7.2.0 ansible-lint==6.16.1 > /dev/null 2> /dev/null
- ansible-lint -c .ansible-lint ansible
---
kind: pipeline
type: docker
name: Check
steps:
- name: ansible-playbook --check
image: python:3.10.6
environment:
SSH_KEY:
from_secret: ssh_key
VAULT_PASSWORD:
from_secret: vault_password
commands:
- pip install ansible==7.2.0 > /dev/null 2> /dev/null
- mkdir "$HOME/.ssh"
- echo "$SSH_KEY" > "$HOME/.ssh/id"
- chmod 0600 ~/.ssh/id
- ssh-keyscan -p 2309 vmd98928.contaboserver.net > "$HOME/.ssh/known_hosts"
- echo "$VAULT_PASSWORD" > "$HOME/vault_password"
- cd ansible
- ansible-playbook --private-key "$HOME/.ssh/id" --vault-password-file "$HOME/vault_password" --check playbooks/misc-all.yaml

24
.gitea/workflows/check.yaml
View File

@ -12,26 +12,4 @@ jobs:
- run: python3 -m venv venv - run: python3 -m venv venv
- run: venv/bin/pip --disable-pip-version-check install ansible==7.2.0 ansible-lint==6.16.1 > /dev/null 2> /dev/null - run: venv/bin/pip --disable-pip-version-check install ansible==7.2.0 ansible-lint==6.16.1 > /dev/null 2> /dev/null
- run: venv/bin/ansible-lint -c .ansible-lint ansible - run: venv/bin/ansible-lint -c .ansible-lint ansible
"Run ansible-playbook --check": # TODO: Reimplement ansible-play --check step from old drone config
runs-on: ubuntu-22.04
steps:
- run: apt-get update
- run: apt-get install -y python3 python3-pip python3-venv
- run: python3 --version
- name: Check out repo
uses: actions/checkout@v3
- run: python3 -m venv venv
- run: venv/bin/pip install ansible==7.2.0 > /dev/null 2> /dev/null
- run: mkdir -p "$HOME/.ssh"
- run: echo "$SSH_KEY" > "$HOME/.ssh/id"
env:
SSH_KEY: ${{ secrets.ssh_key }}
- run: chmod 0600 ~/.ssh/id
- run: ssh-keyscan -p 2309 pbrinkmeier.de > "$HOME/.ssh/known_hosts"
- run: echo "$VAULT_PASSWORD" > "$HOME/vault_password"
env:
VAULT_PASSWORD: ${{ secrets.vault_password }}
# I've been having problems with ssh-keyscan -p 2309 vmd98928.contaboserver.net, which
# is the current inventory entry for misc. It's probably not a bad idea to remap that anyways.
- run: echo "[misc]\npbrinkmeier.de ansible_port=2309" > ansible/inventory
- run: 'cd ansible && venv/bin/ansible-playbook --private-key "$HOME/.ssh/id" --vault-password-file "$HOME/vault_password" --check playbooks/misc-all.yaml'