From 9919fb2efcb3e891d2618ea418058fbf40a659f1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thorben=20G=C3=BCnther?= <admin@xenrox.net>
Date: Mon, 30 May 2022 02:12:51 +0200
Subject: [PATCH] CI: Run playbooks with ansible-runner

Allows to directly interface with ansible and have a nice human-readable
output while also being able to parse the results of the run. Those
results will be put into a gotify notification when changes have
occurred.
---
 .build.yml  | 18 +++++++++++-------
 misc/run.py | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 7 deletions(-)
 create mode 100755 misc/run.py

diff --git a/.build.yml b/.build.yml
index e0673c2..e2e2a79 100644
--- a/.build.yml
+++ b/.build.yml
@@ -3,11 +3,12 @@ packages:
   - ansible
   - ansible-lint
   - python-hvac
+  - python-pip
   - terraform
   - yamllint
 secrets:
-  - 1bdb2e5e-045c-43d0-ba8b-997c25f31a43
   - 333ce0ce-fd54-492d-a8b2-508d7deaa8f0
+  - b9d3386d-f3fb-41dc-9412-f5dfd7206c3c
 sources:
   - https://git.xenrox.net/~xenrox/ansible
 environment:
@@ -31,12 +32,15 @@ tasks:
       cd ../terraform_keycloak
       terraform init -backend=false
       terraform validate
-  - deploy: |
+  - prepare: |
       mkdir -p ~/.ssh
       cat ansible/ssh_host_keys/* > ~/.ssh/known_hosts
-      set +x
-      . ~/.vault-secret
-      set -x
+      cat .ansible-secrets >> .buildenv
+      pip install ansible-runner
+      echo 'export PATH="$PATH:$HOME/.local/bin"' >> ~/.buildenv
+  - avalon: |
       cd ansible
-      ansible-playbook playbooks/avalon.yml
-      ansible-playbook playbooks/fenrir.yml
+      python misc/run.py avalon
+  - fenrir: |
+      cd ansible
+      python misc/run.py fenrir
diff --git a/misc/run.py b/misc/run.py
new file mode 100755
index 0000000..3f311a1
--- /dev/null
+++ b/misc/run.py
@@ -0,0 +1,32 @@
+#!/usr/bin/python
+
+import sys
+from os import environ
+
+import ansible_runner
+from requests import post
+
+if len(sys.argv) != 2:
+    sys.exit("One playbook needs to be specified.")
+
+playbook_name = sys.argv[1]
+playbook = "playbooks/" + playbook_name + ".yml"
+r = ansible_runner.run(private_data_dir=".", playbook=playbook)
+
+changes = list(r.stats["changed"].values())[0]
+message = "[Playbook]({}) deployed with **{}** changes."
+build_url = environ["JOB_URL"]
+gotify_token = environ["GOTIFY_TOKEN"]
+
+if changes > 0:
+    post(
+        "https://gotify.xenrox.net/message?token=" + gotify_token,
+        json={
+            "message": message.format(build_url, changes),
+            "priority": 7,
+            "Title": playbook_name + " status",
+            "extras": {
+                "client::display": {"contentType": "text/markdown"},
+            },
+        },
+    )
-- 
2.44.0