f

.gitea/workflows/ansible-lint.yaml

@@ -8,17 +8,20 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v3
 
-      - name: Run ansible-lint
+      - name: Debug
+        run: echo $${SSHKEY}
+
+      - name: write ssh-key
+        run: echo $${SSHKEY} > ./id_ed25519
+
+      - name: set ssh-key permissions
+        run: chmod 0400 ./id_ed25519
+
+      - name: write vault-pass
+        run: echo $${VAULTPASS} > ./vault-pass
+
+      - name: run ansible-lint
+        run: ansible-lint --force-color --format pep8 --show-relpath
         uses: docker://registry.mgrote.net/ansible-devspace:latest
-        run: |
-          # Secrets
-          echo $${SSHKEY} # debug
-          echo $${SSHKEY} > ./id_ed25519
-          chmod 0400 ./id_ed25519
-
-          echo $${VAULTPASS} > ./vault-pass
-
-          # Doing
-          ansible-lint --force-color --format pep8 --show-relpath
 
 # SSHKEY + VAULTPASS sind als Secrets auf Repo-Ebene angelegt

.woodpecker/ansible-lint.yml

@@ -1,20 +0,0 @@
----
-depends_on:
-  - gitleaks
-
-steps:
-  ansible-lint:
-    image: registry.mgrote.net/ansible-devspace:latest
-    commands:
-      # Secrets
-      - echo $${SSHKEY} | base64 -d > ./id_ed25519 # woodpecker verschluckt linebreaks, daher mit base64 -w0 "kodiert"
-      - echo $${VAULTPASS} | base64 -d > ./vault-pass # Name des Secrets in Großschreibung
-      - chmod 0400 ./id_ed25519
-      # Doing
-      - ansible-lint --force-color --format pep8 --show-relpath 
-    # https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands
-    secrets: [vaultpass]
-    when:
-      - event: [push, pull_request, cron, pull_request_closed, tag, release, manual]
-        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
-...