140 lines
3.7 KiB
YAML
140 lines
3.7 KiB
YAML
name: Ansible Minecraft CI/CD
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main ]
|
|
|
|
jobs:
|
|
lint:
|
|
runs-on: ubuntu-latest
|
|
name: Ansible Lint
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ansible ansible-lint yamllint
|
|
|
|
- name: Lint YAML files
|
|
run: |
|
|
yamllint .
|
|
continue-on-error: true
|
|
|
|
- name: Lint Ansible playbooks
|
|
run: |
|
|
ansible-lint site.yml roles/
|
|
continue-on-error: true
|
|
|
|
syntax-check:
|
|
runs-on: ubuntu-latest
|
|
name: Syntax Check
|
|
needs: lint
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Install Ansible
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ansible
|
|
|
|
- name: Install collections
|
|
run: |
|
|
ansible-galaxy collection install -r requirements.yml
|
|
|
|
- name: Check syntax
|
|
run: |
|
|
ansible-playbook --syntax-check site.yml -i inventories/staging/hosts.yml
|
|
|
|
deploy-staging:
|
|
runs-on: ubuntu-latest
|
|
name: Deploy to Staging
|
|
needs: [lint, syntax-check]
|
|
if: github.ref == 'refs/heads/develop'
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Install Ansible
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ansible
|
|
|
|
- name: Install collections
|
|
run: |
|
|
ansible-galaxy collection install -r requirements.yml
|
|
|
|
- name: Setup SSH key
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
echo "${{ secrets.ANSIBLE_SSH_PRIVATE_KEY }}" | base64 -d > ~/.ssh/id_rsa
|
|
chmod 600 ~/.ssh/id_rsa
|
|
ssh-keyscan -H ${{ secrets.STAGING_HOST }} >> ~/.ssh/known_hosts
|
|
|
|
- name: Deploy to staging
|
|
run: |
|
|
ansible-playbook site.yml -i inventories/staging/hosts.yml --check --diff
|
|
env:
|
|
MINECRAFT_RCON_PASSWORD: ${{ secrets.MINECRAFT_RCON_PASSWORD }}
|
|
ANSIBLE_HOST_KEY_CHECKING: 'false'
|
|
|
|
deploy-production:
|
|
runs-on: ubuntu-latest
|
|
name: Deploy to Production
|
|
needs: [lint, syntax-check]
|
|
if: github.ref == 'refs/heads/main'
|
|
environment: production
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup Python
|
|
uses: actions/setup-python@v4
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Install Ansible
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ansible
|
|
|
|
- name: Install collections
|
|
run: |
|
|
ansible-galaxy collection install -r requirements.yml
|
|
|
|
- name: Setup SSH key
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
echo "${{ secrets.ANSIBLE_SSH_PRIVATE_KEY }}" | base64 -d > ~/.ssh/id_rsa
|
|
chmod 600 ~/.ssh/id_rsa
|
|
ssh-keyscan -H ${{ secrets.PRODUCTION_HOST }} >> ~/.ssh/known_hosts
|
|
|
|
- name: Deploy to production
|
|
run: |
|
|
ansible-playbook site.yml -i inventories/production/hosts.yml
|
|
env:
|
|
MINECRAFT_RCON_PASSWORD: ${{ secrets.MINECRAFT_RCON_PASSWORD }}
|
|
ANSIBLE_HOST_KEY_CHECKING: 'false' |