diff --git a/.gitea/workflows/playbooks.yml b/.gitea/workflows/playbooks.yml index e8c1597..f5f8868 100644 --- a/.gitea/workflows/playbooks.yml +++ b/.gitea/workflows/playbooks.yml @@ -1,64 +1,65 @@ -name: Run ansible playbooks +name: Ansible Operations on: schedule: - cron: "@daily" workflow_dispatch: +env: + REPO_PATH: /tmp/repo + jobs: - update-packages: + clone-repo: runs-on: ubuntu-latest - container: - image: alpine/ansible:2.18.6 + outputs: + repo-path: ${{ env.REPO_PATH }} steps: - - name: Setup environment - run: | - apk add git - git clone https://gitea.akshun-lab.cc/aggarwalakshun/ansible.git /mnt - echo -e "${{ secrets.ANSIBLE_PRIVATE_KEY }}" > /mnt/default-key && \ - echo "${{ secrets.ANSIBLE_BECOME_PASS }}" > /mnt/become-pass.txt && \ - chmod 600 /mnt/default-key - - name: Update packages - env: - ANSIBLE_HOST_KEY_CHECKING: 'False' - ANSIBLE_PYTHON_INTERPRETER: 'auto_silent' - run: | - ansible-playbook -i /mnt/inventory.yml --vault-pass-file /mnt/become-pass.txt --key-file /mnt/default-key /mnt/playbooks/update-packages.yml + - name: Checkout repository + uses: actions/checkout@v6 + with: + path: ${{ env.REPO_PATH }} - prune-images: + setup-environment: runs-on: ubuntu-latest - container: - image: alpine/ansible:2.18.6 + needs: clone-repo + outputs: + key-file: ${{ env.REPO_PATH }}/default-key + vault-file: ${{ env.REPO_PATH }}/become-pass.txt steps: - - name: Setup environment - run: | - apk add git - git clone https://gitea.akshun-lab.cc/aggarwalakshun/ansible.git /mnt - echo -e "${{ secrets.ANSIBLE_PRIVATE_KEY }}" > /mnt/default-key && \ - echo "${{ secrets.ANSIBLE_BECOME_PASS }}" > /mnt/become-pass.txt && \ - chmod 600 /mnt/default-key - - name: Prune ctr images + - name: Set up environment env: - ANSIBLE_HOST_KEY_CHECKING: 'False' - ANSIBLE_PYTHON_INTERPRETER: 'auto_silent' + ANSIBLE_PRIVATE_KEY: ${{ secrets.ANSIBLE_PRIVATE_KEY }} + ANSIBLE_BECOME_PASS: ${{ secrets.ANSIBLE_BECOME_PASS }} run: | - ansible-playbook -i /mnt/inventory.yml --vault-pass-file /mnt/become-pass.txt --key-file /mnt/default-key /mnt/playbooks/prune-k3s.yml + mkdir -p ${{ env.REPO_PATH }} + echo -e "$ANSIBLE_PRIVATE_KEY" > ${{ env.REPO_PATH }}/default-key + echo "$ANSIBLE_BECOME_PASS" > ${{ env.REPO_PATH }}/become-pass.txt + chmod 600 ${{ env.REPO_PATH }}/default-key - update-proxmox: + ansible-jobs: runs-on: ubuntu-latest - container: - image: alpine/ansible:2.18.6 + needs: setup-environment + strategy: + matrix: + playbook: + - name: update-packages + file: update-packages.yml + - name: prune-images + file: prune-k3s.yml + - name: update-proxmox + file: update-proxmox.yml steps: - - name: Setup environment - run: | - apk add git - git clone https://gitea.akshun-lab.cc/aggarwalakshun/ansible.git /mnt - echo -e "${{ secrets.ANSIBLE_PRIVATE_KEY }}" > /mnt/default-key && \ - echo "${{ secrets.ANSIBLE_BECOME_PASS }}" > /mnt/become-pass.txt && \ - chmod 600 /mnt/default-key - - name: Update proxmox nodes + - name: Run ${{ matrix.playbook.name }} + uses: addnab/docker-run-action@v3 + with: + image: gitea.akshun-lab.cc/aggarwalakshun/ansible:1.0.0 + options: -v ${{ env.REPO_PATH }}:/repo + run: | + ansible-playbook \ + -i /repo/inventory.yml \ + --vault-pass-file /repo/become-pass.txt \ + --key-file /repo/default-key \ + /repo/playbooks/${{ matrix.playbook.file }} env: ANSIBLE_HOST_KEY_CHECKING: 'False' ANSIBLE_PYTHON_INTERPRETER: 'auto_silent' - run: | - ansible-playbook -i /mnt/inventory.yml --vault-pass-file /mnt/become-pass.txt --key-file /mnt/default-key /mnt/playbooks/update-proxmox.yml