feat: implement new role layout

.gitlab-ci.yml

@@ -2,19 +2,14 @@
 
 # gitLab ci stages
 stages:
-
-  # deployment
   - "gitleaks"
   - "linting"
-  - "deployment"
-
 
 # include jobs
 include:
 
-  # deployment
+  # code plumbing
   - local: ".gitlab/gitleaks.yaml"
-  - local: ".gitlab/deployment.yaml"
 
   # linting
   - component: "$CI_SERVER_FQDN/components/ansible/linting@v3.0.3"

.gitlab/deployment.yaml

@@ -1,32 +0,0 @@
----
-# deploy ansible/roles/common code
-deployment:
-  stage: "deployment"
-  image:
-    name: "registry.gitlab.simoncor.net/oci/ssh-client:v25.06.03"
-    entrypoint: ["/bin/sh", "-c"]
-  rules:
-
-    # run only on push to default branch
-    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
-    - when: "never"
-
-  # prepare ssh
-  before_script:
-
-    # prepare ssh
-    - |
-        # prepare ssh
-        mkdir -p ~/.ssh
-        chmod 700 ~/.ssh
-        echo "$SSH_CONFIG" > ~/.ssh/config
-        echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519
-        chmod 600 ~/.ssh/id_ed25519
-
-  # deployment commands
-  script:
-
-    - |
-        # install ansible roles dependancies
-        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER \
-        "sudo /usr/local/bin/ansible-galaxy install -r /etc/ansible/roles/requirements.yaml --force"

playbook.yaml

@@ -5,7 +5,7 @@
   hosts: "all"
   serial: 2
   become: true
-  pre_tasks:
+  tasks:
 
     # due to semaphore bug we need to do this ourselves
     - name: "force-update requirements"
@@ -16,5 +16,7 @@
       changed_when: false
       failed_when: false
 
-  roles:
-    - role: "common"
+    # execute the role
+    - name: "execute role: common"
+      ansible.builtin.include_role:
+        name: "common"