diff --git a/.gitea/workflows/deployment.yaml b/.gitea/workflows/deployment.yaml deleted file mode 100644 index bd27b51..0000000 --- a/.gitea/workflows/deployment.yaml +++ /dev/null @@ -1,66 +0,0 @@ ---- - -# generic -name: "Linting and Deployment" -on: # yamllint disable-line rule:truthy - push: - branches: - - "main" - -# jobs -jobs: - - # ansible linting - Linting: - runs-on: "ubuntu-latest" - container: - image: "cr.simoncor.net/siempie/ansible-deployment:latest" - credentials: - username: "${{ vars.REGISTER_USERNAME }}" - password: "${{ vars.REGISTER_PASSWORD }}" - - # steps - steps: - - # checkout code - - name: "Clone repo" - uses: "actions/checkout@v4" - - # run ansible linter - - name: "Run Ansible Lint" - run: | - ansible-lint . - - - # ansible deployment - Deployment: - runs-on: "ubuntu-latest" - needs: "Linting" - - # steps - steps: - - # ansible deployment - - name: "Ansible deployment" - uses: "appleboy/ssh-action@v1.2.0" - with: - - # bastion - proxy_host: "bastion.simoncor.net" - proxy_port: "22" - proxy_username: "${{ secrets.USERNAME }}" - proxy_key: "${{ secrets.SSHKEY }}" - - # ansible server - host: "ansible.siempie.internal" - port: "22" - username: "${{ secrets.USERNAME }}" - key: "${{ secrets.SSHKEY }}" - - # execute commands - script: | - sudo /usr/bin/git -C /etc/ansible/roles/common reset --hard HEAD --quiet - sudo /usr/bin/git -C /etc/ansible/roles/common clean -fd - sudo /usr/bin/git -C /etc/ansible/roles/common fetch --quiet - sudo /usr/bin/git -C /etc/ansible/roles/common pull origin main --quiet - sudo /usr/bin/git -C /etc/ansible/roles/common log -1 diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..5d82fc7 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,16 @@ +--- + +# gitLab ci stages +stages: + + # deployment + - "linting" + - "deployment" + + +# include jobs +include: + + # deployment + - local: ".gitlab/linting.yaml" + - local: ".gitlab/deployment.yaml" diff --git a/.gitlab/deployment.yaml b/.gitlab/deployment.yaml new file mode 100644 index 0000000..9694a79 --- /dev/null +++ b/.gitlab/deployment.yaml @@ -0,0 +1,43 @@ +--- + +# deploy ansible/roles/common code +deployment: + stage: "deployment" + image: + name: "cr.simoncor.net/siempie/ansible/roles/common-deployment:latest" + entrypoint: ["/bin/sh", "-c"] + rules: + - if: '$CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + + # prepare ssh + before_script: + + # prepare ssh + - | + # prepare ssh + mkdir -p ~/.ssh + chmod 700 ~/.ssh + echo "$SSH_CONFIG" > ~/.ssh/config + echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + + + # deployment commands + script: + + - | + # git cleanup + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common reset --hard HEAD --quiet" + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common clean -fx" + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common clean -fd" + + - | + # print deployment details + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "echo Deploying commit id $CI_COMMIT_SHORT_SHA with message: $CI_COMMIT_MESSAGE" + + - | + # download deployment + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common fetch --quiet" + ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible/roles/common checkout $CI_COMMIT_SHORT_SHA --quiet" diff --git a/.gitlab/linting.yaml b/.gitlab/linting.yaml new file mode 100644 index 0000000..d2efbab --- /dev/null +++ b/.gitlab/linting.yaml @@ -0,0 +1,15 @@ +--- + +# linting +linting: + stage: "linting" + image: + name: "cr.simoncor.net/siempie/ansible-deployment:latest" + entrypoint: ["/bin/sh", "-c"] + rules: + - if: '$CI_PIPELINE_SOURCE != "schedule" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' + - when: "never" + + # start linting + script: + - "ansible-lint -c .ansible-lint ."