stages:
  - lint
  - deploy-test
  - deploy-prod

variables:
  GIT_SUBMODULE_STRATEGY: recursive

ansible-lint:
  image: willhallonline/ansible:2.9-ubuntu-20.04
  stage: lint
  before_script:
    - chmod 0755 /builds/mg/ansible
  script:
    - ansible-lint .
  interruptible: true
  allow_failure: true
  rules:
    - if: $CI_MERGE_REQUEST_ID

markdown-lint:
  stage: lint
  image: pipelinecomponents/markdownlint:latest
  script:
    - mdl --style all --warnings .
  interruptible: true
  allow_failure: true
  rules:
    - if: $CI_MERGE_REQUEST_ID

ansible-deploy-test:
  image: willhallonline/ansible:2.9-ubuntu-20.04
  stage: deploy-test
  interruptible: false
  before_script:
    - chmod 0755 /builds/mg/ansible
    - echo "$id_rsa_ansible_user" > /builds/mg/ansible/id_rsa_ansible_user
    - chmod 0400 /builds/mg/ansible/id_rsa_ansible_user
    - pip install 'pykeepass>3.2.0' --user
  script:
    - ansible-playbook playbooks/base/0_master.yml playbooks/service/* -i inventory --limit test --vault-password-file $ansible_vault_pass
  after_script:
    - rm /builds/mg/ansible/id_rsa_ansible_user
  rules:
    - if: $CI_MERGE_REQUEST_ID

ansible-deploy-prod:
  image: willhallonline/ansible:2.9-ubuntu-20.04
  stage: deploy-prod
  interruptible: false
  before_script:
    - chmod 0755 /builds/mg/ansible
    - echo "$id_rsa_ansible_user" > /builds/mg/ansible/id_rsa_ansible_user
    - chmod 0400 /builds/mg/ansible/id_rsa_ansible_user
    - pip install 'pykeepass>3.2.0' --user
  script:
    - ansible-playbook playbooks/base/0_master.yml playbooks/service/* -i inventory --limit production --vault-password-file $ansible_vault_pass
  after_script:
    - rm /builds/mg/ansible/id_rsa_ansible_user
  rules:
    - if: $CI_COMMIT_BRANCH == 'master'
  allow_failure: true

# GitLab-CI-Vars
# $ansible_vault_pass - Type: File
# $id_rsa_ansible_user - Type: Variable