From eb6c152143db8a04f029f66f87d38650fae5ca7c Mon Sep 17 00:00:00 2001
From: mg <michael.grote@posteo.de>
Date: Sat, 30 Jan 2021 11:49:18 +0100
Subject: [PATCH] Neue Pipeline

---
 .gitlab-ci.yml              | 19 ++++++++++---------
 .gitmodules                 |  2 +-
 group_vars/docker.yml       |  1 +
 group_vars/gitlabrunner.yml |  1 +
 4 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c736b332..c4d9822b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,7 +1,7 @@
 stages:
   - lint
-  - deploy-dry
-  - deploy
+  - deploy-test
+  - deploy-prod
 
 variables:
   GIT_SUBMODULE_STRATEGY: recursive
@@ -28,32 +28,33 @@ markdown-lint:
   rules:
     - if: $CI_MERGE_REQUEST_ID
 
-ansible-deploy-dry:
+ansible-deploy-test:
   image: willhallonline/ansible:2.9-ubuntu-20.04
-  stage: deploy-dry
+  stage: deploy-test
   interruptible: false
   before_script:
     - chmod 0755 /builds/mg/ansible
     - echo "$id_rsa_ansible_user" > /builds/mg/ansible/id_rsa_ansible_user
     - chmod 0400 /builds/mg/ansible/id_rsa_ansible_user
+    - pip install 'pykeepass>3.2.0' --user
   script:
-    - ansible-playbook playbooks/base/0_master.yml playbooks/service/* -i inventory --check --limit test --vault-password-file $ansible_vault_pass
+    - ansible-playbook playbooks/base/0_master.yml playbooks/service/* -i inventory --limit test --vault-password-file $ansible_vault_pass
   after_script:
     - rm /builds/mg/ansible/id_rsa_ansible_user
   rules:
     - if: $CI_MERGE_REQUEST_ID
-  allow_failure: true
 
-ansible-deploy:
+ansible-deploy-prod:
   image: willhallonline/ansible:2.9-ubuntu-20.04
-  stage: deploy
+  stage: deploy-prod
   interruptible: false
   before_script:
     - chmod 0755 /builds/mg/ansible
     - echo "$id_rsa_ansible_user" > /builds/mg/ansible/id_rsa_ansible_user
     - chmod 0400 /builds/mg/ansible/id_rsa_ansible_user
+    - pip install 'pykeepass>3.2.0' --user
   script:
-    - ansible-playbook playbooks/base/0_master.yml playbooks/service/* -i inventory --check --limit test --vault-password-file $ansible_vault_pass
+    - ansible-playbook playbooks/base/0_master.yml playbooks/service/* -i inventory --limit production --vault-password-file $ansible_vault_pass
   after_script:
     - rm /builds/mg/ansible/id_rsa_ansible_user
   rules:
diff --git a/.gitmodules b/.gitmodules
index 31d6d6f7..c5bf35f0 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -27,7 +27,7 @@
 	url = https://github.com/ryandaniels/ansible-role-create-users
 [submodule "roles/geerlingguy.dotfiles"]
 	path = roles/geerlingguy.dotfiles
-	url = https://git.mgrote.net/mg/geerlingguy.dotfiles
+	url = https://git.mgrote.net/mg/geerlingguy-dotfiles
 [submodule "roles/geerlingguy.jenkins"]
 	path = roles/geerlingguy.jenkins
 	url = https://github.com/geerlingguy/ansible-role-jenkins
diff --git a/group_vars/docker.yml b/group_vars/docker.yml
index 8380750d..6c4c0bd0 100644
--- a/group_vars/docker.yml
+++ b/group_vars/docker.yml
@@ -45,3 +45,4 @@
         /var/lib/docker/volumes/ocrmypdf-auto_scan_output/*
         # https://github.com/restic/restic/issues/1005
         # https://forum.restic.net/t/exclude-syntax-confusion/1531/12
+ 
diff --git a/group_vars/gitlabrunner.yml b/group_vars/gitlabrunner.yml
index c9e740ff..acdf1dfd 100644
--- a/group_vars/gitlabrunner.yml
+++ b/group_vars/gitlabrunner.yml
@@ -18,3 +18,4 @@
 #      docker_image: 'alpine'
 #      docker_volumes:
 #        - "/var/run/docker.sock:/var/run/docker.sock"
+