fix

.gitlab-ci.yml

@@ -0,0 +1,57 @@
+stages:
+  - lint
+  - test
+  - deploy
+
+services:
+  - name: docker:dind
+    command: ["--tls=false"]
+
+variables:
+  DOCKER_IMAGE: "hub.cism-ms.ru/ansible/ansible:latest"
+  DOCKER_TLS_CERTDIR: ""
+
+before_script:
+  - echo "$CI_REGISTRY_PASSWORD" | docker login hub.cism-ms.ru -u "$CI_REGISTRY_USER" --password-stdin
+  - docker pull $DOCKER_IMAGE
+  - echo "Fixing directory permissions..."
+  - chmod o-w $CI_PROJECT_DIR
+
+lint:
+  stage: lint
+  script:
+    - echo "Начинаем стейдж Lint"
+    - echo "Распаковываем секреты..."
+    - ansible-vault decrypt vars/secrets.yml --vault-password-file ./vault-password.txt
+    - echo "Запускаем ansible-lint..."
+    - ansible-lint roles/*
+    - echo "Упаковываем секреты..."
+    - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
+  allow_failure: false
+
+test:
+  stage: test
+  script:
+    - echo "Распаковываем секреты..."
+    - ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
+    - echo "Запускаем тесты через Молекулу..."
+    - molecule test --parallel
+    - echo "Упаковываем секреты..."
+    - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
+  allow_failure: false
+
+deploy:
+  stage: deploy
+  script:
+    - echo "Распаковываем секреты..."
+    - ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
+    - echo "Все ок. Деплоим в прод..."
+    - ansible-playbook roles/deploy.yaml
+    - echo "Упаковываем секреты..."
+    - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
+  only:
+    - /^cluster-.*$/
+
+after_script:
+  - echo "Removing symlink..."
+  #- rm -rf /ansible

Makefile

@@ -29,13 +29,14 @@ view create edit show delete test lint deploy new init build rebuild prune relea
 ####################################################################################################
 init:
 	@echo "Шаг 1: Создание Docker-образа..."
-	@make docker rebuild
+	@make docker build
 	@echo "Шаг 2: Создание нового vault-файла с паролем..."
 	@read -p "Введите пароль для vault: " VAULT_PASSWORD; \
 	echo "$$VAULT_PASSWORD" > vault-password.txt; \
 	make vault create
 	@echo "Шаг 3: Создание нового брэнча в гите..."
 	@make git new
+
 	@echo "Шаг 4: Создание новой роли..."
 	@make role new
 

gitlab-ci.yml

@@ -12,23 +12,17 @@ variables:
   DOCKER_TLS_CERTDIR: ""
 
 before_script:
-  - rm -rf /ansible
   - echo "$CI_REGISTRY_PASSWORD" | docker login hub.cism-ms.ru -u "$CI_REGISTRY_USER" --password-stdin
   - docker pull $DOCKER_IMAGE
   - echo "Fixing directory permissions..."
   - chmod o-w $CI_PROJECT_DIR
-  #- mkdir -p /ansible
-  #- cp -rs "$CI_PROJECT_DIR"/* /ansible/
-  #- find "$CI_PROJECT_DIR" -mindepth 1 -exec ln -s {} /ansible \;
-  #- ln -s "$CI_PROJECT_DIR/vault-password.txt" /ansible/vault_password.txt
 
 lint:
   stage: lint
   script:
-    - echo "Сначала покажем содержимое каталога /ansible"
-    - ls -l /ansible
+    - echo "Начинаем стейдж Lint"
     - echo "Распаковываем секреты..."
-    - ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
+    - ansible-vault decrypt vars/secrets.yml --vault-password-file ./vault-password.txt
     - echo "Запускаем ansible-lint..."
     - ansible-lint roles/*
     - echo "Упаковываем секреты..."
@@ -52,7 +46,7 @@ deploy:
     - echo "Распаковываем секреты..."
     - ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
     - echo "Все ок. Деплоим в прод..."
-    - ansible-playbook /ansible/roles/deploy.yaml
+    - ansible-playbook roles/deploy.yaml
     - echo "Упаковываем секреты..."
     - ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
   only:
@@ -60,4 +54,4 @@ deploy:
 
 after_script:
   - echo "Removing symlink..."
-  - rm -rf /ansible
+  #- rm -rf /ansible