~xenrox/ansible

ref: 61f8805f46e3a209e9689af95ff76bc07480b9fe ansible/.build.yml -rw-r--r-- 958 bytes
61f8805fThorben Günther Move remaining file secrets to vault 2 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
image: archlinux
packages:
  - ansible
  - ansible-lint
  - python-hvac
  - terraform
  - yamllint
secrets:
  - 1bdb2e5e-045c-43d0-ba8b-997c25f31a43
  - 333ce0ce-fd54-492d-a8b2-508d7deaa8f0
sources:
  - https://git.xenrox.net/~xenrox/ansible
environment:
  ANSIBLE_FORCE_COLOR: True
  PY_COLORS: 1
triggers:
  - action: email
    condition: failure
    to: Thorben Günther <admin@xenrox.net>
tasks:
  - ansible-lint: |
      cd ansible
      ansible-lint
  - terraform: |
      cd ansible/terraform_hetzner
      terraform init -backend=false
      terraform validate
      cd ../terraform_vault
      terraform init -backend=false
      terraform validate
      cd ../terraform_keycloak
      terraform init -backend=false
      terraform validate
  - deploy: |
      mkdir -p ~/.ssh
      cp ansible/ssh_host_keys/xenrox.net ~/.ssh/known_hosts
      set +x
      . ~/.vault-secret
      set -x
      cd ansible
      ansible-playbook playbooks/avalon.yml