@@ -3,68 +3,19 @@ name: Ansible Deployment
33on :
44 push :
55 branches : [master, lab06]
6- paths :
7- - ' ansible/**'
8- - ' !ansible/docs/**'
9- - ' .github/workflows/ansible-deploy.yml'
10- pull_request :
11- branches : [master]
12- paths :
13- - ' ansible/**'
14- - ' .github/workflows/ansible-deploy.yml'
156
167jobs :
178 lint :
189 name : Ansible Lint
1910 runs-on : ubuntu-latest
2011 steps :
2112 - uses : actions/checkout@v4
22-
2313 - uses : actions/setup-python@v5
2414 with :
2515 python-version : ' 3.12'
26-
2716 - name : Install Ansible and ansible-lint
2817 run : pip install ansible ansible-lint
29-
3018 - name : Run ansible-lint
31- env :
32- ANSIBLE_VAULT_PASSWORD_FILE : " "
3319 run : |
3420 cd ansible
35- # Remove vault_password_file from cfg for lint
36- sed -i '/vault_password_file/d' ansible.cfg
3721 ansible-lint playbooks/provision.yml playbooks/deploy.yml playbooks/site.yml
38-
39- deploy :
40- name : Deploy Application
41- needs : lint
42- runs-on : ubuntu-latest
43- if : github.event_name == 'push' && github.ref == 'refs/heads/master'
44- steps :
45- - uses : actions/checkout@v4
46- - uses : actions/setup-python@v5
47- with :
48- python-version : ' 3.12'
49- - name : Install Ansible
50- run : pip install ansible
51- - name : Install collections
52- run : ansible-galaxy collection install community.docker community.general
53- - name : Configure SSH
54- run : |
55- mkdir -p ~/.ssh
56- printf '%s' "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
57- chmod 600 ~/.ssh/id_rsa
58- ssh-keyscan -H "${{ secrets.VM_HOST }}" >> ~/.ssh/known_hosts
59- name : Deploy
60- env :
61- VAULT_PASS : ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
62- run : |
63- printf '%s' "$VAULT_PASS" > /tmp/vault_pass
64- cd ansible
65- ansible-playbook playbooks/deploy.yml --vault-password-file /tmp/vault_pass
66- name : Cleanup
67- if : always()
68- run : rm -f /tmp/vault_pass
69- - name : Verify health
70- run : sleep 10 && curl -f "http://${{ secrets.VM_HOST }}:5000/health"
0 commit comments