82 lines
1.6 KiB
Markdown
82 lines
1.6 KiB
Markdown
# Gitlab CI
|
|
|
|
## Import jobs
|
|
|
|
```yaml
|
|
---
|
|
|
|
# gitLab ci stages
|
|
stages:
|
|
|
|
# deployment
|
|
- "gitleaks"
|
|
- "linting"
|
|
- "deployment"
|
|
|
|
# include jobs
|
|
include:
|
|
|
|
# deployment
|
|
- local: ".gitlab/gitleaks.yaml"
|
|
- local: ".gitlab/linting.yaml"
|
|
- local: ".gitlab/deployment.yaml"
|
|
```
|
|
|
|
## Run a docker container
|
|
|
|
```yaml
|
|
---
|
|
|
|
# linting
|
|
linting:
|
|
stage: "linting"
|
|
image:
|
|
name: "cr.simoncor.net/siempie/ansible-deployment:latest"
|
|
entrypoint: ["/bin/sh", "-c"]
|
|
rules:
|
|
|
|
# run only on push to default branch
|
|
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
|
|
- when: "never"
|
|
|
|
# start linting
|
|
script:
|
|
- "ansible-lint -c .ansible-lint ."
|
|
```
|
|
|
|
## Run a SSH command
|
|
|
|
```yaml
|
|
---
|
|
|
|
# deploy ansible code
|
|
deployment:
|
|
stage: "deployment"
|
|
image: "cr.simoncor.net/siempie/ssh-client:latest"
|
|
rules:
|
|
|
|
# run only on push to default branch
|
|
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH ==
|
|
$CI_DEFAULT_BRANCH'
|
|
- when: "never"
|
|
|
|
# prepare ssh
|
|
before_script:
|
|
|
|
- |
|
|
# prepare ssh
|
|
mkdir -p ~/.ssh
|
|
chmod 700 ~/.ssh
|
|
echo "$SSH_CONFIG" > ~/.ssh/config
|
|
echo "$SSH_DEPLOYMENT_KEY" > ~/.ssh/id_ed25519
|
|
chmod 600 ~/.ssh/id_ed25519
|
|
|
|
# deployment commands
|
|
script:
|
|
|
|
- |
|
|
# git cleanup
|
|
ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible reset --hard HEAD --quiet"
|
|
ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fx --exclude=secret.key"
|
|
ssh $SSH_DEPLOYMENT_USER@$ANSIBLE_SERVER "sudo /usr/bin/git -C /etc/ansible clean -fd"
|
|
```
|