[ci] feat: added linting and deployment steps

.gitea/workflows/deployment.yaml

@@ -1,66 +0,0 @@
----
-
-# generic
-name: "Linting and Deployment"
-on: # yamllint disable-line rule:truthy
-  push:
-    branches:
-      - "main"
-
-# jobs
-jobs:
-
-  # ansible linting
-  Linting:
-    runs-on: "ubuntu-latest"
-    container:
-      image: "cr.simoncor.net/siempie/ansible-deployment:latest"
-      credentials:
-        username: "${{ vars.REGISTER_USERNAME }}"
-        password: "${{ vars.REGISTER_PASSWORD }}"
-
-    # steps
-    steps:
-
-      # checkout code
-      - name: "Clone repo"
-        uses: "actions/checkout@v4"
-
-      # run ansible linter
-      - name: "Run Ansible Lint"
-        run: |
-          ansible-lint .
-
-
-  # ansible deployment
-  Deployment:
-    runs-on: "ubuntu-latest"
-    needs: "Linting"
-
-    # steps
-    steps:
-
-      # ansible deployment
-      - name: "Ansible deployment"
-        uses: "appleboy/ssh-action@v1.2.0"
-        with:
-
-          # bastion
-          proxy_host: "bastion.simoncor.net"
-          proxy_port: "22"
-          proxy_username: "${{ secrets.USERNAME }}"
-          proxy_key: "${{ secrets.SSHKEY }}"
-
-          # ansible server
-          host: "ansible.siempie.internal"
-          port: "22"
-          username: "${{ secrets.USERNAME }}"
-          key: "${{ secrets.SSHKEY }}"
-
-          # execute commands
-          script: |
-            sudo /usr/bin/git -C /etc/ansible/roles/common reset --hard HEAD --quiet
-            sudo /usr/bin/git -C /etc/ansible/roles/common clean -fd
-            sudo /usr/bin/git -C /etc/ansible/roles/common fetch --quiet
-            sudo /usr/bin/git -C /etc/ansible/roles/common pull origin main --quiet
-            sudo /usr/bin/git -C /etc/ansible/roles/common log -1

.gitlab-ci.yml

@@ -0,0 +1,16 @@
+---
+
+# gitLab ci stages
+stages:
+
+  # deployment
+  - "linting"
+  - "deployment"
+
+
+# include jobs
+include:
+
+  # deployment
+  - local: ".gitlab/linting.yaml"
+  - local: ".gitlab/deployment.yaml"

.gitlab/deployment.yaml

@@ -0,0 +1,43 @@
+---
+
+# deploy ansible/roles/common code
+deployment:
+  stage: "deployment"
+  image:
+    name: "cr.simoncor.net/siempie/ansible/roles/common-deployment:latest"
+    entrypoint: ["/bin/sh", "-c"]
+  rules:
+    - if: '$CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+    - when: "never"
+
+
+  # prepare ssh
+  before_script:
+
+    # prepare ssh
+    - |
+        # prepare ssh
+        mkdir -p ~/.ssh
+        chmod 700 ~/.ssh
+        echo "$SSH_CONFIG" > ~/.ssh/config
+        echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519
+        chmod 600 ~/.ssh/id_ed25519
+
+
+  # deployment commands
+  script:
+
+    - |
+        # git cleanup
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common reset --hard HEAD --quiet"
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common clean -fx"
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common clean -fd"
+
+    - |
+        # print deployment details
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "echo Deploying commit id $CI_COMMIT_SHORT_SHA with message: $CI_COMMIT_MESSAGE"
+
+    - |
+        # download deployment
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common fetch --quiet"
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common checkout $CI_COMMIT_SHORT_SHA --quiet"

.gitlab/linting.yaml

@@ -0,0 +1,15 @@
+---
+
+# linting
+linting:
+  stage: "linting"
+  image:
+    name: "cr.simoncor.net/siempie/ansible-deployment:latest"
+    entrypoint: ["/bin/sh", "-c"]
+  rules:
+    - if: '$CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+    - when: "never"
+
+  # start linting
+  script:
+    - "ansible-lint -c .ansible-lint ."