M .build.yml => .build.yml +11 -7
@@ 3,11 3,12 @@ packages:
- ansible
- ansible-lint
- python-hvac
+ - python-pip
- terraform
- yamllint
secrets:
- - 1bdb2e5e-045c-43d0-ba8b-997c25f31a43
- 333ce0ce-fd54-492d-a8b2-508d7deaa8f0
+ - b9d3386d-f3fb-41dc-9412-f5dfd7206c3c
sources:
- https://git.xenrox.net/~xenrox/ansible
environment:
@@ 31,12 32,15 @@ tasks:
cd ../terraform_keycloak
terraform init -backend=false
terraform validate
- - deploy: |
+ - prepare: |
mkdir -p ~/.ssh
cat ansible/ssh_host_keys/* > ~/.ssh/known_hosts
- set +x
- . ~/.vault-secret
- set -x
+ cat .ansible-secrets >> .buildenv
+ pip install ansible-runner
+ echo 'export PATH="$PATH:$HOME/.local/bin"' >> ~/.buildenv
+ - avalon: |
cd ansible
- ansible-playbook playbooks/avalon.yml
- ansible-playbook playbooks/fenrir.yml
+ python misc/run.py avalon
+ - fenrir: |
+ cd ansible
+ python misc/run.py fenrir
A misc/run.py => misc/run.py +32 -0
@@ 0,0 1,32 @@
+#!/usr/bin/python
+
+import sys
+from os import environ
+
+import ansible_runner
+from requests import post
+
+if len(sys.argv) != 2:
+ sys.exit("One playbook needs to be specified.")
+
+playbook_name = sys.argv[1]
+playbook = "playbooks/" + playbook_name + ".yml"
+r = ansible_runner.run(private_data_dir=".", playbook=playbook)
+
+changes = list(r.stats["changed"].values())[0]
+message = "[Playbook]({}) deployed with **{}** changes."
+build_url = environ["JOB_URL"]
+gotify_token = environ["GOTIFY_TOKEN"]
+
+if changes > 0:
+ post(
+ "https://gotify.xenrox.net/message?token=" + gotify_token,
+ json={
+ "message": message.format(build_url, changes),
+ "priority": 7,
+ "Title": playbook_name + " status",
+ "extras": {
+ "client::display": {"contentType": "text/markdown"},
+ },
+ },
+ )