infrastructure/.drone.yml
Tobias Manske e6255c76e3
Some checks failed
continuous-integration/drone/push Build is failing
Per Device SSH-Keys
2023-09-14 12:05:56 +02:00

70 lines
1.9 KiB
YAML

---
kind: pipeline
type: docker
name: Ansible-Playbook
trigger:
branch:
- main
event:
include:
- push
- custom
environment:
ANSIBLE_FORCE_COLOR: true
ANSIBLE_HOME: /drone/src/.ansible
SUMMON_PROVIDER: /drone/src/summon-wrapper
PASSAGE_DIR: /drone/src/.passage/store
PASSAGE_IDENTITIES_FILE: /drone/src/ssh_key
node:
ansible: "true"
steps:
- name: Prepare Secrets
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
environment:
SSH_KEY:
from_secret: ssh_key
GIT_SSH_COMMAND: ssh -i /drone/src/ssh_key -o StrictHostKeyChecking=no
commands:
- echo $${SSH_KEY} | base64 -d > /drone/src/ssh_key
- chmod 600 /drone/src/ssh_key
- git clone ssh://git@git.tobiasmanske.de:7779/tobias/infrastructure-vault.git $${PASSAGE_DIR}
- name: Prepare Runner
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
commands:
- cd ansible
- mkdir $ANSIBLE_HOME
- ansible-galaxy install -r requirements.yaml
- summon ansible-playbook --inventory=inventory.yaml runner-pre.yaml
- name: Run Terraform
image: registry.tobiasmanske.de/terraform-runner:latest
pull: always
commands:
- cd tf-stage-1
- summon terraform init -input=false
- summon terraform apply -auto-approve -input=false
- name: Run Ansible
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
commands:
- cd ansible
- summon ansible-playbook --inventory=inventory.yaml playbook.yaml
- name: Validate Ansible
image: registry.tobiasmanske.de/ansible-runner:latest
pull: always
environment:
ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"
ANSIBLE_FORCE_COLOR: "true"
commands:
- cd ansible
- ansible-galaxy install -r requirements.yaml
- summon ansible-playbook --check --inventory=inventory.yaml playbook.yaml
image_pull_secrets:
- registry