ci: deploy config on merge or push (#127)
Some checks failed
ci/woodpecker/push/gitleaks Pipeline was successful
ci/woodpecker/push/ansible-lint Pipeline failed
ci/woodpecker/push/ansible-playbook unknown status
ci/woodpecker/manual/gitleaks Pipeline was successful
ci/woodpecker/manual/ansible-lint Pipeline failed
ci/woodpecker/manual/ansible-playbook unknown status

Reviewed-on: #127
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2024-07-09 17:35:56 +02:00 committed by Michael Grote
parent 697f4ad89b
commit c2bc53c4db
5 changed files with 21 additions and 2 deletions

View file

@ -23,3 +23,4 @@ exclude_paths:
- roles/ansible-ufw - roles/ansible-ufw
- roles/ansible_role_gitea - roles/ansible_role_gitea
- roles/ansible-role-postgresql - roles/ansible-role-postgresql
- .woodpecker/

View file

@ -13,6 +13,6 @@ steps:
# https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands # https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands
secrets: [vaultpass] secrets: [vaultpass]
when: when:
- event: [push, pull_request, cron] - event: [push, pull_request, cron, pull_request_closed, tag, release, manual]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"' evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
... ...

View file

@ -0,0 +1,18 @@
---
depends_on:
- ansible-lint
steps:
ansible-playbook:
image: quay.io/ansible/creator-ee:v24.2.0
commands:
- ansible-lint --version
- echo $${VAULTPASS} > ./vault-pass.yml # nach des Secret in Großschreibung
- ansible-galaxy install -r requirements.yaml
- echo RUUUUUN! #ansible-playbook playbooks/2_all.yml playbooks/3_service/* --limit production
# https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands
secrets: [vaultpass]
when:
- event: [push, pull_request_closed]
branch: master
...

View file

@ -5,6 +5,6 @@ steps:
commands: commands:
- gitleaks detect --no-git --verbose --source $CI_WORKSPACE - gitleaks detect --no-git --verbose --source $CI_WORKSPACE
when: when:
- event: [push, pull_request, cron] - event: [push, pull_request, cron, pull_request_closed, tag, release, manual]
evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"' evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
... ...

Binary file not shown.

Before

Width:  |  Height:  |  Size: 7.2 KiB