image: archlinux
packages:
  - ansible
  - ansible-lint
  - python-hvac
  - terraform
  - yamllint
secrets:
  - 1bdb2e5e-045c-43d0-ba8b-997c25f31a43
  - 333ce0ce-fd54-492d-a8b2-508d7deaa8f0
sources:
  - https://git.xenrox.net/~xenrox/ansible
environment:
  ANSIBLE_FORCE_COLOR: True
  PY_COLORS: 1
triggers:
  - action: email
    condition: failure
    to: Thorben Günther <admin@xenrox.net>
tasks:
  - ansible-lint: |
      cd ansible
      ansible-lint
  - terraform: |
      cd ansible/terraform_hetzner
      terraform init -backend=false
      terraform validate
      cd ../terraform_vault
      terraform init -backend=false
      terraform validate
      cd ../terraform_keycloak
      terraform init -backend=false
      terraform validate
  - deploy: |
      mkdir -p ~/.ssh
      cat ansible/ssh_host_keys/* > ~/.ssh/known_hosts
      set +x
      . ~/.vault-secret
      set -x
      cd ansible
      ansible-playbook playbooks/avalon.yml
      ansible-playbook playbooks/fenrir.yml