52 lines
1.3 KiB
YAML
52 lines
1.3 KiB
YAML
---
|
|
kind: pipeline
|
|
type: docker
|
|
name: Ansible-Playbook
|
|
|
|
trigger:
|
|
branch:
|
|
- main
|
|
event:
|
|
include:
|
|
- push
|
|
- custom
|
|
|
|
node:
|
|
ansible: true
|
|
|
|
steps:
|
|
- name: Prepare Secrets
|
|
image: registry.tobiasmanske.de/ansible-runner:latest
|
|
pull: always
|
|
environment:
|
|
VAULT_PASS:
|
|
from_secret: vault_pass
|
|
SSH_KEY:
|
|
from_secret: ssh_key
|
|
commands:
|
|
- echo $${VAULT_PASS} > /drone/src/vault_pass
|
|
- echo $${SSH_KEY} | base64 -d > /drone/src/ssh_key
|
|
- chmod 600 /drone/src/ssh_key
|
|
- chmod 600 /drone/src/vault_pass
|
|
- name: Run Ansible
|
|
image: registry.tobiasmanske.de/ansible-runner:latest
|
|
pull: always
|
|
environment:
|
|
ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"
|
|
ANSIBLE_FORCE_COLOR: "true"
|
|
commands:
|
|
- cd coreos-config
|
|
- ansible-playbook --limit ci_apply --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml
|
|
- name: Validate Ansible
|
|
image: registry.tobiasmanske.de/ansible-runner:latest
|
|
pull: always
|
|
environment:
|
|
ANSIBLE_VAULT_PASSWORD_FILE: "/drone/src/vault_pass"
|
|
ANSIBLE_FORCE_COLOR: "true"
|
|
commands:
|
|
- cd coreos-config
|
|
- ansible-playbook --limit ci_apply --check --private-key ../ssh_key --inventory=inventory.yaml playbook.yaml
|
|
|
|
image_pull_secrets:
|
|
- registry
|