1.6 KiB
1.6 KiB
Gitlab CI
Import jobs
---
# gitLab ci stages
stages:
# deployment
- "gitleaks"
- "linting"
- "deployment"
# include jobs
include:
# deployment
- local: ".gitlab/gitleaks.yaml"
- local: ".gitlab/linting.yaml"
- local: ".gitlab/deployment.yaml"
Run a docker container
---
# linting
linting:
stage: "linting"
image:
name: "cr.simoncor.net/siempie/ansible-deployment:latest"
entrypoint: ["/bin/sh", "-c"]
rules:
# run only on push to default branch
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
- when: "never"
# start linting
script:
- "ansible-lint -c .ansible-lint ."
Run a SSH command
---
# deploy ansible code
deployment:
stage: "deployment"
image: "cr.simoncor.net/siempie/ssh-client:latest"
rules:
# run only on push to default branch
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH ==
$CI_DEFAULT_BRANCH'
- when: "never"
# prepare ssh
before_script:
- |
# prepare ssh
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "$SSH_CONFIG" > ~/.ssh/config
echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
# deployment commands
script:
- |
# git cleanup
ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible reset --hard HEAD --quiet"
ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fx --exclude=secret.key"
ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fd"