59 lines
1.9 KiB
YAML
59 lines
1.9 KiB
YAML
stages:
|
||
- lint
|
||
- test
|
||
- deploy
|
||
|
||
services:
|
||
- name: docker:dind
|
||
command: ["--tls=false"]
|
||
|
||
variables:
|
||
DOCKER_IMAGE: "hub.cism-ms.ru/ansible/ansible:latest"
|
||
DOCKER_TLS_CERTDIR: ""
|
||
ANSIBLE_FORCE_COLOR: "true"
|
||
|
||
before_script:
|
||
- echo "$CI_REGISTRY_PASSWORD" | docker login hub.cism-ms.ru -u "$CI_REGISTRY_USER" --password-stdin
|
||
- docker pull $DOCKER_IMAGE
|
||
- echo "Fixing directory permissions..."
|
||
- chmod o-w $CI_PROJECT_DIR
|
||
|
||
lint:
|
||
stage: lint
|
||
script:
|
||
- echo "Начинаем стейдж Lint"
|
||
- echo "Распаковываем секреты..."
|
||
- ansible-vault decrypt vars/secrets.yml --vault-password-file ./vault-password.txt
|
||
- echo "Запускаем ansible-lint..."
|
||
- ansible-lint roles/*
|
||
- echo "Упаковываем секреты..."
|
||
- ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
|
||
allow_failure: false
|
||
|
||
test:
|
||
stage: test
|
||
script:
|
||
- echo "Распаковываем секреты..."
|
||
- ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
|
||
- echo "Запускаем тесты через Молекулу..."
|
||
- molecule test --parallel
|
||
- echo "Упаковываем секреты..."
|
||
- ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
|
||
allow_failure: false
|
||
|
||
deploy:
|
||
stage: deploy
|
||
script:
|
||
- echo "Распаковываем секреты..."
|
||
- ansible-vault decrypt --vault-password-file ./vault-password.txt vars/secrets.yml
|
||
- echo "Все ок. Деплоим в прод..."
|
||
- ansible-playbook roles/deploy.yaml
|
||
- echo "Упаковываем секреты..."
|
||
- ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file ./vault-password.txt
|
||
only:
|
||
- /^cluster-.*$/
|
||
|
||
after_script:
|
||
- echo "Removing symlink..."
|
||
#- rm -rf /ansible
|