From 2144c81b7099d909a3cd847568b7885f197087a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A1=D0=B5=D1=80=D0=B3=D0=B5=D0=B9=20=D0=90=D0=BD=D1=82?= =?UTF-8?q?=D1=80=D0=BE=D0=BF=D0=BE=D0=B2?= Date: Sat, 25 Oct 2025 17:36:53 +0300 Subject: [PATCH] =?UTF-8?q?fix:=20=D0=B8=D1=81=D0=BF=D1=80=D0=B0=D0=B2?= =?UTF-8?q?=D0=BB=D0=B5=D0=BD=D1=8B=20=D0=BF=D1=83=D1=82=D0=B8=20/ansible/?= =?UTF-8?q?=20=E2=86=92=20/workspace/=20=D0=B2=20converge.yml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Исправлены все пути с /ansible/ на /workspace/ - Исправлен путь к playbook на /workspace/molecule/default/site.yml - Обновлены пути для vault файлов - Обновлен ANSIBLE_ROLES_PATH Автор: Сергей Антропов Сайт: https://devops.org.ru --- molecule/default/converge.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 3f7baee..53140dd 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -8,10 +8,10 @@ # перечисли файлы/глобы, которые нужно временно расшифровать vault_targets: - - /ansible/vault/secrets.yml - - /ansible/files/playbooks/group_vars/*/vault.yml - - /ansible/files/playbooks/host_vars/*/vault.yml - - /ansible/roles/**/vars/vault.yml + - /workspace/vault/secrets.yml + - /workspace/files/playbooks/group_vars/*/vault.yml + - /workspace/files/playbooks/host_vars/*/vault.yml + - /workspace/roles/**/vars/vault.yml tasks: - name: Load preset configuration @@ -19,10 +19,10 @@ when: preset_file is file ignore_errors: true - - name: Install collections - community.docker.docker_container_exec: - container: ansible-controller - command: bash -lc "ansible-galaxy collection install -r /ansible/requirements.yml --force --no-deps --upgrade >/dev/null 2>&1 || true" +# - name: Install collections +# community.docker.docker_container_exec: +# container: ansible-controller +# command: bash -lc "ansible-galaxy collection install -r /workspace/requirements.yml --force --no-deps --upgrade >/dev/null 2>&1 || true" - name: Preflight vault — normalize state (encrypt if plaintext, then decrypt) community.docker.docker_container_exec: @@ -37,10 +37,10 @@ echo "[vault] already encrypted: $f"; else echo "[vault] plaintext -> encrypt: $f"; - ansible-vault encrypt --encrypt-vault-id default --vault-password-file /ansible/vault-password.txt "$f"; + ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault-password.txt "$f"; fi echo "[vault] decrypt for run: $f"; - ansible-vault decrypt --vault-password-file /ansible/vault-password.txt "$f"; + ansible-vault decrypt --vault-password-file /workspace/vault-password.txt "$f"; done done ' @@ -50,8 +50,8 @@ container: ansible-controller command: > bash -lc " - ANSIBLE_ROLES_PATH=/ansible/roles - ansible-playbook -i {{ lookup('env','MOLECULE_EPHEMERAL_DIRECTORY') }}/inventory/hosts.ini /ansible/files/playbooks/site.yml + ANSIBLE_ROLES_PATH=/workspace/roles + ansible-playbook -i {{ lookup('env','MOLECULE_EPHEMERAL_DIRECTORY') }}/inventory/hosts.ini /workspace/molecule/default/site.yml " - name: Post-run — re-encrypt secrets @@ -67,7 +67,7 @@ echo "[vault] ok (encrypted): $f"; else echo "[vault] encrypt back: $f"; - ansible-vault encrypt --encrypt-vault-id default --vault-password-file /ansible/vault-password.txt "$f" || true; + ansible-vault encrypt --encrypt-vault-id default --vault-password-file /workspace/vault-password.txt "$f" || true; fi done done