feat: initial commit

2025-05-30 18:37:57 +02:00 · 2025-05-30 18:37:57 +02:00 · 649f66fbf1
commit 649f66fbf1
19 changed files with 512 additions and 0 deletions
--- a/docs/gitlab/ci.md
+++ b/docs/gitlab/ci.md
@ -0,0 +1,82 @@
+# Gitlab CI
+
+## Import jobs
+
+```yaml
+---
+
+# gitLab ci stages
+stages:
+
+  # deployment
+  - "gitleaks"
+  - "linting"
+  - "deployment"
+
+# include jobs
+include:
+
+  # deployment
+  - local: ".gitlab/gitleaks.yaml"
+  - local: ".gitlab/linting.yaml"
+  - local: ".gitlab/deployment.yaml"
+```
+
+## Run a docker container
+
+```yaml
+---
+
+# linting
+linting:
+  stage: "linting"
+  image:
+    name: "cr.simoncor.net/siempie/ansible-deployment:latest"
+    entrypoint: ["/bin/sh", "-c"]
+  rules:
+
+    # run only on push to default branch
+    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
+    - when: "never"
+
+  # start linting
+  script:
+    - "ansible-lint -c .ansible-lint ."
+```
+
+## Run a SSH command
+
+```yaml
+---
+
+# deploy ansible code
+deployment:
+  stage: "deployment"
+  image: "cr.simoncor.net/siempie/ssh-client:latest"
+  rules:
+
+    # run only on push to default branch
+    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH ==
+           $CI_DEFAULT_BRANCH'
+    - when: "never"
+
+  # prepare ssh
+  before_script:
+
+    - |
+        # prepare ssh
+        mkdir -p ~/.ssh
+        chmod 700 ~/.ssh
+        echo "$SSH_CONFIG" > ~/.ssh/config
+        echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519
+        chmod 600 ~/.ssh/id_ed25519
+
+  # deployment commands
+  script:
+
+    - |
+        # git cleanup
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible reset --hard HEAD --quiet"
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fx --exclude=secret.key"
+        ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fd"
+```