92 lines
3.5 KiB
YAML
92 lines
3.5 KiB
YAML
name: Run Ansible
|
|
|
|
on:
|
|
push:
|
|
branches: [ "main" ]
|
|
pull_request:
|
|
branches: [ "main" ]
|
|
# Ermöglicht manuellen Start des Workflows über die GitHub UI
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
install_ansible:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
# - name: Konfiguriere SSH-Schlüssel in den Runner laden
|
|
# uses: webfactory/ssh-agent@v0.9.0
|
|
# with:
|
|
# ssh-private-key: ${{ secrets.SSHKEY }}
|
|
# - name: Deaktiviere StrictHostKeyChecking für Gitea Host
|
|
# run: |
|
|
# # Ersetze DEIN_GITEA_HOST durch den Hostnamen deines Gitea-Servers
|
|
# DEIN_GITEA_HOST="gitea.mod.home"
|
|
#
|
|
# # Erstelle oder editiere die globale SSH-Konfiguration
|
|
# mkdir -p ~/.ssh
|
|
# echo "Host $DEIN_GITEA_HOST" >> ~/.ssh/config
|
|
# echo " StrictHostKeyChecking no" >> ~/.ssh/config
|
|
# echo " UserKnownHostsFile /dev/null" >> ~/.ssh/config
|
|
#
|
|
# # Optional: Gib die Konfiguration aus, um sie zu prüfen
|
|
# cat ~/.ssh/config
|
|
- name: Setup SSH for submodules
|
|
run: |
|
|
echo "Key length: ${#SSH_PRIVATE_KEY}"
|
|
mkdir -p $HOME/.ssh
|
|
echo "$SSH_PRIVATE_KEY" | base64 -d > $HOME/.ssh/id_ed25519
|
|
chmod 600 $HOME/.ssh/id_ed25519
|
|
ls -laR
|
|
# ssh-keyscan -t rsa -p 2222 gitlab.mod.home > $HOME/.ssh/known_hosts
|
|
echo "Host *" >> ~/.ssh/config
|
|
echo " StrictHostKeyChecking no" >> ~/.ssh/config
|
|
echo " UserKnownHostsFile /dev/null" >> ~/.ssh/config
|
|
echo "Host gitea.mod.home" >> ~/.ssh/config
|
|
echo " port 2222" >> ~/.ssh/config
|
|
env:
|
|
SSH_PRIVATE_KEY: ${{ secrets.SSHKEY_B64 }}
|
|
- name: Checkout Repository
|
|
uses: actions/checkout@v4
|
|
submodules: recursive
|
|
fetch-depth: 0
|
|
# Python 3 installieren, was für pip und Ansible notwendig ist
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.x' # Wählt die neueste Python 3 Version
|
|
|
|
# Abhängigkeiten aktualisieren und Ansible über pip installieren
|
|
- name: Install Ansible via pip
|
|
run: |
|
|
python -m pip install --upgrade pip
|
|
pip install ansible
|
|
|
|
# vault file anlegen
|
|
- name: create vault file
|
|
run: echo "${{ secrets.ANSIBLE_VAULT_KEY }}" > .vault_pass.txt
|
|
- name: Manuelles Submodule Update
|
|
run: |
|
|
git submodule init
|
|
# Hier wird der SSH-Fehler wahrscheinlich auftreten
|
|
git submodule update --recursive --init --force
|
|
# Optional: Version prüfen, um die erfolgreiche Installation zu bestätigen
|
|
- name: Verify Ansible Installation
|
|
run: ansible --version
|
|
- name: Validate Ansible inventory
|
|
run: |
|
|
SUBMODULE_FOLDER="inventory"
|
|
ansible-inventory --graph
|
|
- name: list inventory directory
|
|
run: ls -R .
|
|
- name: Install Ansible roles
|
|
run: |
|
|
ansible-galaxy role install -r requirements.yml --roles-path ./roles
|
|
- name: Check Ansible roles exists
|
|
run: |
|
|
ansible-galaxy list
|
|
- name: Check Ansible Playbook Syntax
|
|
run: |
|
|
ansible-playbook --syntax-check playbooks/install_prometheus.yml.ansible
|
|
- name: Run Ansible Playbook
|
|
run: |
|
|
ansible-playbook -i inventory/raspberries.yaml playbooks/install_prometheus.yml.ansible --vault-password-file .vault_pass.txt |