37 lines
1.3 KiB
YAML
37 lines
1.3 KiB
YAML
stages:
|
|
- lint
|
|
- test
|
|
- deploy
|
|
|
|
variables:
|
|
DOCKER_IMAGE: "hub.cism-ms.ru/ansible/ansible:latest"
|
|
RUN: "docker run -it --rm --name $(IMAGE) -v $(pwd):/ansible -v /var/run/docker.sock:/var/run/docker.sock -e ANSIBLE_VAULT_PASSWORD_FILE=/ansible/vault-password.txt --privileged --workdir /ansible $DOCKER_IMAGE"
|
|
|
|
before_script:
|
|
- docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
|
- docker pull $DOCKER_IMAGE
|
|
|
|
lint:
|
|
stage: lint
|
|
script:
|
|
- $(RUN) bash -c "ansible-vault decrypt --vault-password-file vault-password.txt vars/secrets.yml"
|
|
- $(RUN) bash -c "ansible-lint roles/*"
|
|
- $(RUN) bash -c "ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt"
|
|
allow_failure: false
|
|
|
|
test:
|
|
stage: test
|
|
script:
|
|
- $(RUN) bash -c "ansible-vault decrypt --vault-password-file vault-password.txt vars/secrets.yml"
|
|
- $(RUN) bash -c "molecule test --parallel"
|
|
- $(RUN) bash -c "ansible-vault encrypt vars/secrets.yml --encrypt-vault-id default --vault-password-file vault-password.txt"
|
|
allow_failure: false
|
|
|
|
deploy:
|
|
stage: deploy
|
|
script:
|
|
- echo "Deploying roles to production..."
|
|
- $(RUN) bash -c "ansible-playbook /ansible/roles/deploy.yaml"
|
|
only:
|
|
- /^cluster-.*$/
|