infrastructure/.drone.yml

70 lines
2.0 KiB
YAML
Raw Normal View History

2022-09-30 12:35:01 +02:00
---
2022-09-30 02:47:12 +02:00
kind: pipeline
type: docker
2022-09-30 12:35:01 +02:00
name: Ansible-Playbook
2022-09-30 02:47:12 +02:00
trigger:
branch:
- main
event:
include:
- push
- custom
2023-09-13 05:42:56 +02:00
environment:
ANSIBLE_FORCE_COLOR: true
ANSIBLE_HOME: /drone/src/.ansible
2023-09-14 07:09:02 +02:00
SUMMON_PROVIDER: /drone/src/summon-wrapper
PASSAGE_DIR: /drone/src/.passage/store
PASSAGE_IDENTITIES_FILE: /drone/src/ssh_key
2023-09-13 05:42:56 +02:00
2022-09-30 12:35:01 +02:00
node:
2023-08-22 18:27:27 +02:00
ansible: "true"
2022-09-30 12:35:01 +02:00
2022-09-30 02:47:12 +02:00
steps:
2023-03-30 19:18:27 +02:00
- name: Prepare Secrets
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
environment:
SSH_KEY:
from_secret: ssh_key
2023-09-14 07:09:02 +02:00
GIT_SSH_COMMAND: ssh -i /drone/src/ssh_key -o StrictHostKeyChecking=no
2023-03-30 19:18:27 +02:00
commands:
- echo $${SSH_KEY} | base64 -d > /drone/src/ssh_key
- chmod 600 /drone/src/ssh_key
2023-09-14 07:09:02 +02:00
- git clone ssh://git@git.tobiasmanske.de:7779/tobias/infrastructure-vault.git $${PASSAGE_DIR}
- name: Prepare Runner
2022-09-30 02:47:12 +02:00
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
commands:
2023-09-14 06:48:05 +02:00
- cd ansible
2023-09-13 05:42:56 +02:00
- mkdir $ANSIBLE_HOME
2023-04-06 01:04:16 +02:00
- ansible-galaxy install -r requirements.yaml
- summon ansible-playbook --private-key ../ssh_key --inventory=inventory.yaml runner-pre.yaml
2023-09-14 07:09:02 +02:00
- name: Run Terraform
image: registry.tobiasmanske.de/terraform-runner:latest
pull: always
commands:
- cd tf-stage-1
2023-09-14 07:27:12 +02:00
- summon terraform init -input=false
2023-09-14 07:39:42 +02:00
- summon terraform apply -auto-approve -input=false
- name: Run Ansible
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
commands:
2023-09-14 06:48:05 +02:00
- cd ansible
- summon ansible-playbook --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml
- name: Validate Ansible
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
2023-03-30 19:18:27 +02:00
environment:
ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"
ANSIBLE_FORCE_COLOR: "true"
commands:
2023-09-14 06:48:05 +02:00
- cd ansible
2023-04-06 01:04:16 +02:00
- ansible-galaxy install -r requirements.yaml
- summon ansible-playbook --check --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml
2022-09-30 02:47:12 +02:00
image_pull_secrets:
- registry