Merge pull request #347 from cradle8810/344_fix_systemd-resolved #25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Hayaworld Ansible Jobs (Deploy) | |
on: | |
push: | |
branches: | |
- 'master' | |
workflow_dispatch: | |
jobs: | |
Yamllint: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Run YAML Lint | |
run: yamllint --strict --format github . | |
AnsibleLint: | |
runs-on: self-hosted | |
container: | |
image: ghcr.io/ansible/community-ansible-dev-tools:latest | |
credentials: | |
username: "${{ secrets.GHCR_USERNAME }}" | |
password: "${{ secrets.GHCR_PASSWORD }}" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Restore Caches | |
uses: actions/cache/restore@v4 | |
with: | |
path: | | |
/github/home/.cache/ | |
/github/home/.ansible/ | |
key: cache-ansible-roles | |
- name: Prepare environments (ansible-galaxy install role) | |
run: | | |
ansible-galaxy role install -r requirements.yml --ignore-errors | |
- name: Prepare environments (ansible-galaxy install collection) | |
run: | | |
ansible-galaxy collection install -r requirements.yml --ignore-errors | |
- name: Run Ansible-lint | |
run: | | |
ansible-lint | |
- name: Save Caches | |
uses: actions/cache/save@v4 | |
with: | |
path: | | |
/github/home/.cache/ | |
/github/home/.ansible/ | |
key: cache-ansible-roles | |
Duplicate_Check: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Add exec flag to dupcheck.sh | |
run: "chmod +x ./dupcheck.sh" | |
- name: NXDOMAIN_Duplicate_Check | |
run: > | |
"./dupcheck.sh" | |
"inventories/host_vars/rui/NXDOMAIN.yml" | |
Dry_Run_ansible: | |
needs: | |
- Yamllint | |
- AnsibleLint | |
- Duplicate_Check | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
matrix: | |
vm: | |
- console | |
- jenkins | |
- rui | |
- runner03 | |
- skylark | |
- tm | |
environment: Production | |
container: | |
image: ghcr.io/ansible/community-ansible-dev-tools:latest | |
credentials: | |
username: "${{ secrets.GHCR_USERNAME }}" | |
password: "${{ secrets.GHCR_PASSWORD }}" | |
volumes: | |
- /home/runner/ansible-vault:/tmp:ro | |
- /home/runner/.ssh:/root/.ssh:ro | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Restore Caches | |
uses: actions/cache/restore@v4 | |
with: | |
path: | | |
/github/home/.cache/ | |
/github/home/.ansible/ | |
key: cache-ansible-roles | |
- name: "ansible-playbook -C" | |
env: | |
ANSIBLE_FORCE_COLOR: '1' | |
run: | | |
ansible-playbook \ | |
-i inventories \ | |
-C \ | |
--ssh-extra-args='-o StrictHostKeyChecking=no' \ | |
--vault-password-file /tmp/${{ secrets.VAULT_PASSWORD_FILE }} \ | |
--extra-vars "ansible_sudo_pass=${{ secrets.SUDO }}" \ | |
${{ matrix.vm }}.yml | |
Run_ansible: | |
if: "${{ github.ref == 'refs/heads/master'}}" | |
needs: | |
- Dry_Run_ansible | |
runs-on: self-hosted | |
strategy: | |
fail-fast: false | |
matrix: | |
vm: | |
- console | |
- jenkins | |
- rui | |
- skylark | |
- tm | |
environment: Production | |
container: | |
image: ghcr.io/ansible/community-ansible-dev-tools:latest | |
volumes: | |
- /home/runner/ansible-vault:/tmp:ro | |
- /home/runner/.ssh:/root/.ssh:ro | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Restore Caches | |
uses: actions/cache/restore@v4 | |
with: | |
path: | | |
/github/home/.cache/ | |
/github/home/.ansible/ | |
key: cache-ansible-roles | |
- name: "Run ansible-playbook" | |
env: | |
ANSIBLE_FORCE_COLOR: '1' | |
run: | | |
ansible-playbook \ | |
-i inventories \ | |
--ssh-extra-args='-o StrictHostKeyChecking=no' \ | |
--vault-password-file /tmp/${{ secrets.VAULT_PASSWORD_FILE }} \ | |
--extra-vars "ansible_sudo_pass=${{ secrets.SUDO }}" \ | |
${{ matrix.vm }}.yml |