infrastructure/.drone.yml

---
kind: pipeline
type: docker
name: Ansible-Playbook

trigger:
  branch:
    - main
  event:
    include:
      - push
      - custom

environment:
  ANSIBLE_FORCE_COLOR: true
  ANSIBLE_HOME: /drone/src/.ansible
  ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"

node:
  ansible: "true"

steps:
  - name: Prepare Secrets
    image: registry.tobiasmanske.de/ansible-runner:latest
    pull: always
    environment:
      VAULT_PASS:
        from_secret: vault_pass
      SSH_KEY:
        from_secret: ssh_key
    commands:
      - echo $${VAULT_PASS} > /drone/src/vault_pass
      - echo $${SSH_KEY} | base64 -d > /drone/src/ssh_key
      - chmod 600 /drone/src/ssh_key
      - chmod 600 /drone/src/vault_pass
  - name: Prepare Runner
    image: registry.tobiasmanske.de/ansible-runner:latest
    pull: always
    commands:
      - cd coreos-config
      - mkdir $ANSIBLE_HOME
      - ansible-galaxy install -r requirements.yaml
      - ansible-playbook --private-key ../ssh_key --inventory=inventory.yaml runner-pre.yaml
  - name: Run Ansible
    image: registry.tobiasmanske.de/ansible-runner:latest
    pull: always
    commands:
      - cd coreos-config
      - ansible-playbook --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml
  - name: Validate Ansible
    image: registry.tobiasmanske.de/ansible-runner:latest
    pull: always
    environment:
      ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"
      ANSIBLE_FORCE_COLOR: "true"
    commands:
      - cd coreos-config
      - ansible-galaxy install -r requirements.yaml
      - ansible-playbook --check --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml

image_pull_secrets:
  - registry
Add Discord Notification 2022-09-30 12:35:01 +02:00			`---`
Enable CD 2022-09-30 02:47:12 +02:00			`kind: pipeline`
			`type: docker`
Add Discord Notification 2022-09-30 12:35:01 +02:00			`name: Ansible-Playbook`
Enable CD 2022-09-30 02:47:12 +02:00
			`trigger:`
			`branch:`
			`- main`
			`event:`
			`include:`
			`- push`
			`- custom`

Drone: Set Ansible home 2023-09-13 05:42:56 +02:00			`environment:`
			`ANSIBLE_FORCE_COLOR: true`
			`ANSIBLE_HOME: /drone/src/.ansible`
			`ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"`

Add Discord Notification 2022-09-30 12:35:01 +02:00			`node:`
Drone config 2023-08-22 18:27:27 +02:00			`ansible: "true"`
Add Discord Notification 2022-09-30 12:35:01 +02:00
Enable CD 2022-09-30 02:47:12 +02:00			`steps:`
Drone CI: Add secret management 2023-03-30 19:18:27 +02:00			`- name: Prepare Secrets`
			`image: registry.tobiasmanske.de/ansible-runner:latest`
			`pull: always`
			`environment:`
			`VAULT_PASS:`
			`from_secret: vault_pass`
			`SSH_KEY:`
			`from_secret: ssh_key`
			`commands:`
			`- echo $${VAULT_PASS} > /drone/src/vault_pass`
			`- echo $${SSH_KEY} \| base64 -d > /drone/src/ssh_key`
			`- chmod 600 /drone/src/ssh_key`
			`- chmod 600 /drone/src/vault_pass`
Drone Runner: Prepare Runner via Ansible 2023-09-13 05:05:18 +02:00			`- name: Prepare Runner`
Enable CD 2022-09-30 02:47:12 +02:00			`image: registry.tobiasmanske.de/ansible-runner:latest`
			`pull: always`
			`commands:`
			`- cd coreos-config`
Drone: Set Ansible home 2023-09-13 05:42:56 +02:00			`- mkdir $ANSIBLE_HOME`
Drone CI: Install ansible requirements 2023-04-06 01:04:16 +02:00			`- ansible-galaxy install -r requirements.yaml`
Drone Runner: Prepare Runner via Ansible 2023-09-13 05:05:18 +02:00			`- ansible-playbook --private-key ../ssh_key --inventory=inventory.yaml runner-pre.yaml`
			`- name: Run Ansible`
			`image: registry.tobiasmanske.de/ansible-runner:latest`
			`pull: always`
			`commands:`
			`- cd coreos-config`
Drone: Remove ci_apply filter 2023-09-13 05:44:20 +02:00			`- ansible-playbook --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml`
CI: run ansible-playbook --check to assure idempotency 2022-09-30 22:27:04 +02:00			`- name: Validate Ansible`
			`image: registry.tobiasmanske.de/ansible-runner:latest`
			`pull: always`
Drone CI: Add secret management 2023-03-30 19:18:27 +02:00			`environment:`
			`ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"`
			`ANSIBLE_FORCE_COLOR: "true"`
CI: run ansible-playbook --check to assure idempotency 2022-09-30 22:27:04 +02:00			`commands:`
			`- cd coreos-config`
Drone CI: Install ansible requirements 2023-04-06 01:04:16 +02:00			`- ansible-galaxy install -r requirements.yaml`
Drone: Remove ci_apply filter 2023-09-13 05:44:20 +02:00			`- ansible-playbook --check --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml`
Enable CD 2022-09-30 02:47:12 +02:00
			`image_pull_secrets:`
			`- registry`