gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

chore: cleanup/consolidation

Browse Source
feature/DEV-380
Sven Ketelsen 4 years ago
parent 9c782fa7cb
commit 484b60ae16
1 changed files with 90 additions and 88 deletions
Show Stats Download Patch File Download Diff File

168
.gitlab-ci.yml
Unescape Escape View File

@ -11,18 +11,18 @@ services:
alias: docker alias: docker
stages: stages:
- ansible-lint - lint
- ansible-builder - ansible-builder
- ansible-run-setup - run-setup
- ansible-run-kubernetes - run-kubernetes
- ansible-update-management - run-management-update
- ansible-patchday - run-patchday
ansible-lint-job: lint-job:
stage: ansible-lint stage: lint
script: script:
- echo "Running ansible-lint to check for linting violations" - echo "Running lint to check for linting violations"
- ansible-lint -c ansible-lint.cfg - lint -c lint.cfg
only: only:
- branches - branches
except: except:
@ -30,14 +30,14 @@ ansible-lint-job:
tags: tags:
- dind - dind
ansible-builder-job: builder-job:
# A resource group ensures a job is mutually exclusive across different pipelines for the same project. # A resource group ensures a job is mutually exclusive across different pipelines for the same project.
resource_group: deployment resource_group: dev
stage: ansible-builder stage: ansible-builder
before_script: before_script:
- cd ansible-builder - cd ansible-builder
script: script:
- echo "Running ansible-build to build awx execution environment" - echo "Running ansible-builder to build awx execution environment"
- ansible-builder build -v 3 --tag $AWX_EE_DOCKER_IMAGE_EXTERN:latest - ansible-builder build -v 3 --tag $AWX_EE_DOCKER_IMAGE_EXTERN:latest
- docker push $AWX_EE_DOCKER_IMAGE_EXTERN:latest - docker push $AWX_EE_DOCKER_IMAGE_EXTERN:latest
only: only:
@ -54,20 +54,20 @@ ansible-builder-job:
- harbor # 05.02.22 TODO some runners run into timeouts - harbor # 05.02.22 TODO some runners run into timeouts
######## ########
### https://patorjk.com/software/taag/#p=display&f=Doom&t=ansible%20-%20run ### http://patorjk.com/software/taag/#p=display&f=Doom&t=setup.yml
### ###
### _ _ _ _ _ ### _ _
### (_) | | | | | | | ### | | | |
### __ _ _ __ ___ _| |__ | | ___ ______ _ __ _ _ _ __ ______ ___ ___| |_ _ _ _ __ _ _ _ __ ___ | | ### ___ ___| |_ _ _ _ __ _ _ _ __ ___ | |
### / _` | '_ \/ __| | '_ \| |/ _ \ |______| | '__| | | | '_ \ |______| / __|/ _ \ __| | | | '_ \| | | | '_ ` _ \| | ### / __|/ _ \ __| | | | '_ \| | | | '_ ` _ \| |
### | (_| | | | \__ \ | |_) | | __/ | | | |_| | | | | \__ \ __/ |_| |_| | |_) | |_| | | | | | | | ### \__ \ __/ |_| |_| | |_) | |_| | | | | | | |
### \__,_|_| |_|___/_|_.__/|_|\___| |_| \__,_|_| |_| |___/\___|\__|\__,_| .__(_)__, |_| |_| |_|_| ### |___/\___|\__|\__,_| .__(_)__, |_| |_| |_|_|
### | | __/ | ### | | __/ |
### |_| |___/ ### |_| |___/
.ansible-run-setup: .run-setup:
image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest
stage: ansible-run-setup stage: run-setup
script: script:
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s) - eval $(ssh-agent -s)
@ -77,15 +77,16 @@ ansible-builder-job:
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >> ~/.ssh/config' - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >> ~/.ssh/config'
- ssh-add -L - ssh-add -L
- echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
- STAGE=dev && HETZNER_LABEL_SELECTOR="stage=${STAGE}" && ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml setup.yml --vault-password-file /tmp/vault-pass -t common -u gitlabci - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
- playbook -i stage-${STAGE}-netgo-hcloud.yml setup.yml --vault-password-file /tmp/vault-pass -t common -u gitlabci
after_script: after_script:
- rm /tmp/vault-pass - rm /tmp/vault-pass
tags: tags:
- dind - dind
- harbor # 05.02.22 TODO some runners run into timeouts - harbor # 05.02.22 TODO some runners run into timeouts
ansible-run-kubernetes-dev: run-kubernetes-dev:
extends: .ansible-run-setup extends: .run-setup
resource_group: dev resource_group: dev
before_script: before_script:
- export STAGE=dev - export STAGE=dev
@ -93,8 +94,8 @@ ansible-run-kubernetes-dev:
- main - main
- schedules - schedules
ansible-run-kubernetes-qa: run-kubernetes-qa:
extends: .ansible-run-setup extends: .run-setup
resource_group: qa resource_group: qa
before_script: before_script:
- export STAGE=qa - export STAGE=qa
@ -102,8 +103,8 @@ ansible-run-kubernetes-qa:
- qa - qa
- schedules - schedules
ansible-run-kubernetes-prodnso: run-kubernetes-prodnso:
extends: .ansible-run-setup extends: .run-setup
resource_group: prodnso resource_group: prodnso
before_script: before_script:
- export STAGE=prodnso - export STAGE=prodnso
@ -112,20 +113,20 @@ ansible-run-kubernetes-prodnso:
- schedules - schedules
######## ########
### https://patorjk.com/software/taag/#p=display&f=Doom&t=ansible%20-%20run ### This Page: http://patorjk.com/software/taag/#p=display&f=Doom&t=kubernetes.yml
### ###
### _ _ _ _ _ _ _ ### _ _ _ _
### (_) | | | | | | | | | | | ### | | | | | | | |
### __ _ _ __ ___ _| |__ | | ___ ______ _ __ _ _ _ __ ______ | | ___ _| |__ ___ _ __ _ __ ___| |_ ___ ___ _ _ _ __ ___ | | ### | | ___ _| |__ ___ _ __ _ __ ___| |_ ___ ___ _ _ _ __ ___ | |
### / _` | '_ \/ __| | '_ \| |/ _ \ |______| | '__| | | | '_ \ |______| | |/ / | | | '_ \ / _ \ '__| '_ \ / _ \ __/ _ \/ __|| | | | '_ ` _ \| | ### | |/ / | | | '_ \ / _ \ '__| '_ \ / _ \ __/ _ \/ __|| | | | '_ ` _ \| |
### | (_| | | | \__ \ | |_) | | __/ | | | |_| | | | | | <| |_| | |_) | __/ | | | | | __/ || __/\__ \| |_| | | | | | | | ### | <| |_| | |_) | __/ | | | | | __/ || __/\__ \| |_| | | | | | | |
### \__,_|_| |_|___/_|_.__/|_|\___| |_| \__,_|_| |_| |_|\_\\__,_|_.__/ \___|_| |_| |_|\___|\__\___||___(_)__, |_| |_| |_|_| ### |_|\_\\__,_|_.__/ \___|_| |_| |_|\___|\__\___||___(_)__, |_| |_| |_|_|
### __/ | ### __/ |
### |___/ ### |___/
.ansible-run-kubernetes: .run-kubernetes:
image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest
stage: ansible-run-kubernetes stage: run-kubernetes
script: script:
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s) - eval $(ssh-agent -s)
@ -135,25 +136,25 @@ ansible-run-kubernetes-prodnso:
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >> ~/.ssh/config' - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" >> ~/.ssh/config'
- ssh-add -L - ssh-add -L
- echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
- STAGE=dev && HETZNER_LABEL_SELECTOR="stage=${STAGE}" && ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml kubernetes.yml --vault-password-file /tmp/vault-pass -u gitlabci - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
- playbook -i stage-${STAGE}-netgo-hcloud.yml kubernetes.yml --vault-password-file /tmp/vault-pass -u gitlabci
after_script: after_script:
- rm /tmp/vault-pass - rm /tmp/vault-pass
tags: tags:
- dind - dind
- harbor # 05.02.22 TODO some runners run into timeouts - harbor # 05.02.22 TODO some runners run into timeouts
resource_group: dev
ansible-run-kubernetes-dev: run-kubernetes-dev:
extends: .ansible-run-kubernetes extends: .run-kubernetes
resource_group: deployment resource_group: dev
before_script: before_script:
- export STAGE=dev - export STAGE=dev
only: only:
- main - main
- schedules - schedules
ansible-run-kubernetes-qa: run-kubernetes-qa:
extends: .ansible-run-kubernetes extends: .run-kubernetes
resource_group: qa resource_group: qa
before_script: before_script:
- export STAGE=qa - export STAGE=qa
@ -161,8 +162,8 @@ ansible-run-kubernetes-qa:
- qa - qa
- schedules - schedules
ansible-run-kubernetes-prodnso: run-kubernetes-prodnso:
extends: .ansible-run-kubernetes extends: .run-kubernetes
resource_group: prodnso resource_group: prodnso
before_script: before_script:
- export STAGE=prodnso - export STAGE=prodnso
@ -171,20 +172,21 @@ ansible-run-kubernetes-prodnso:
- schedules - schedules
######## ########
### https://patorjk.com/software/taag/#p=display&f=Doom&t=management ### http://patorjk.com/software/taag/#p=display&f=Doom&t=smardigo.yml
### _ ###
### | | ### _ _ _
### _ __ ___ __ _ _ __ __ _ __ _ ___ _ __ ___ ___ _ __ | |_ ### | (_) | |
### | '_ ` _ \ / _` | '_ \ / _` |/ _` |/ _ \ '_ ` _ \ / _ \ '_ \| __| ### ___ _ __ ___ __ _ _ __ __| |_ __ _ ___ _ _ _ __ ___ | |
### | | | | | | (_| | | | | (_| | (_| | __/ | | | | | __/ | | | |_ ### / __| '_ ` _ \ / _` | '__/ _` | |/ _` |/ _ \| | | | '_ ` _ \| |
### |_| |_| |_|\__,_|_| |_|\__,_|\__, |\___|_| |_| |_|\___|_| |_|\__| ### \__ \ | | | | | (_| | | | (_| | | (_| | (_) | |_| | | | | | | |
### __/ | ### |___/_| |_| |_|\__,_|_| \__,_|_|\__, |\___(_)__, |_| |_| |_|_|
### |___/ ### __/ | __/ |
### |___/ |___/
.ansible-management: .management:
image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest
# A resource group ensures a job is mutually exclusive across different pipelines for the same project. # A resource group ensures a job is mutually exclusive across different pipelines for the same project.
stage: ansible-update-management stage: update-management
script: script:
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s) - eval $(ssh-agent -s)
@ -195,7 +197,7 @@ ansible-run-kubernetes-prodnso:
- ssh-add -L - ssh-add -L
- echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
- export HETZNER_LABEL_SELECTOR="stage=${STAGE}" - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
- ansible-playbook -i stage-$STAGE smardigo.yml --vault-password-file=/tmp/vault-pass -l management -t update_configurations -u gitlabci - playbook -i stage-$STAGE smardigo.yml --vault-password-file=/tmp/vault-pass -l management -t update_configurations -u gitlabci
only: only:
changes: changes:
- smardigo/**/* - smardigo/**/*
@ -204,17 +206,17 @@ ansible-run-kubernetes-prodnso:
tags: tags:
- dind - dind
ansible-management-dev: management-dev:
extends: .ansible-management extends: .management
resource_group: deployment resource_group: dev
before_script: before_script:
- export STAGE=dev - export STAGE=dev
only: only:
- main - main
- schedules - schedules
ansible-management-qa: management-qa:
extends: .ansible-management extends: .management
resource_group: qa resource_group: qa
before_script: before_script:
- export STAGE=qa - export STAGE=qa
@ -222,8 +224,8 @@ ansible-management-qa:
- qa - qa
- schedules - schedules
ansible-management-prodnso: management-prodnso:
extends: .ansible-management extends: .management
resource_group: prodnso resource_group: prodnso
before_script: before_script:
- export STAGE=prodnso - export STAGE=prodnso
@ -232,20 +234,20 @@ ansible-management-prodnso:
- schedules - schedules
######## ########
### https://patorjk.com/software/taag/#p=display&f=Doom&t=patchday ### http://patorjk.com/software/taag/#p=display&f=Doom&t=patchday.yml
### _ _ _
### | | | | | |
### _ __ __ _| |_ ___| |__ __| | __ _ _ _
### | '_ \ / _` | __/ __| '_ \ / _` |/ _` | | | |
### | |_) | (_| | || (__| | | | (_| | (_| | |_| |
### | .__/ \__,_|\__\___|_| |_|\__,_|\__,_|\__, |
### | | __/ |
### |_| |___/
### ###
### _ _ _ _
### | | | | | | | |
### _ __ __ _| |_ ___| |__ __| | __ _ _ _ _ _ _ __ ___ | |
### | '_ \ / _` | __/ __| '_ \ / _` |/ _` | | | || | | | '_ ` _ \| |
### | |_) | (_| | || (__| | | | (_| | (_| | |_| || |_| | | | | | | |
### | .__/ \__,_|\__\___|_| |_|\__,_|\__,_|\__, (_)__, |_| |_| |_|_|
### | | __/ | __/ |
### |_| |___/ |___/
.ansible-patchday: .patchday:
image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest image: $AWX_EE_DOCKER_IMAGE_EXTERN:latest
stage: ansible-patchday stage: patchday
script: script:
- 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )' - 'command -v ssh-agent >/dev/null || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s) - eval $(ssh-agent -s)
@ -256,7 +258,7 @@ ansible-management-prodnso:
- ssh-add -L - ssh-add -L
- echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass - echo "${ANSIBLE_VAULT_PASS_DEV}" > /tmp/vault-pass
- export HETZNER_LABEL_SELECTOR="stage=${STAGE}" - export HETZNER_LABEL_SELECTOR="stage=${STAGE}"
- ansible-playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci - playbook -i stage-${STAGE}-netgo-hcloud.yml patchday.yml patchday.yml --vault-password-file=/tmp/vault-pass -u gitlabci
after_script: after_script:
- rm /tmp/vault-pass - rm /tmp/vault-pass
when: manual when: manual
@ -266,8 +268,8 @@ ansible-management-prodnso:
- dind - dind
- harbor # 05.02.22 TODO some runners run into timeouts - harbor # 05.02.22 TODO some runners run into timeouts
ansible-patchday-dev: patchday-dev:
extends: .ansible-patchday extends: .patchday
resource_group: dev resource_group: dev
before_script: before_script:
- export STAGE=dev - export STAGE=dev
@ -275,8 +277,8 @@ ansible-patchday-dev:
- main - main
- schedules - schedules
ansible-patchday-qa: patchday-qa:
extends: .ansible-patchday extends: .patchday
resource_group: qa resource_group: qa
before_script: before_script:
- export STAGE=qa - export STAGE=qa
@ -284,8 +286,8 @@ ansible-patchday-qa:
- qa - qa
- schedules - schedules
ansible-patchday-prodnso: patchday-prodnso:
extends: .ansible-patchday extends: .patchday
resource_group: prodnso resource_group: prodnso
before_script: before_script:
- export STAGE=prodnso - export STAGE=prodnso

Write Preview
Loading…
Cancel
Save