Commit 052ba100 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

Merge branch '17-use-reference-anchors' into 'master' 

feat: use gitlab-ci references to make deploy and cleaup jobs easier to modify

Closes #17

See merge request to-be-continuous/ansible!30
parents d364555e 03cac3c8

README.md

+27 −0
Original line number Diff line number Diff line
@@ -222,6 +222,33 @@ Deployment jobs also support _optional_ **hook scripts** from your project, loca 
* `pre-ansible-playbook.sh` is executed **before** running `ansible-playbook`, to perform specific environment pre-initialization such as generating a dynamic inventory

* `post-ansible-playbook.sh` is executed **after** running `ansible-playbook`, to perform specific environment post-initialization



### Ansible commands overrides



Instead of creating hook scripts, you can also override and/or decorate the Ansible commands 

using predefined `.ansible-commands` template block, referenced by the [`!reference` directive](https://docs.gitlab.com/ee/ci/yaml/#reference-tags).



By default, the `.ansible-commands`, block is composed as below: 



```yaml

.ansible-commands:

  deploy: 

    - !reference [ .ansible-commands, default, deploy ]

  cleanup: 

    - !reference [ .ansible-commands, default, cleanup ]

```



You can override it for example in the following way:



```yaml

.ansible-commands:

  deploy: 

    - source sandbox.env

    - !reference [ .ansible-commands, default, deploy ]

    - echo "I'm executed after the Ansible deploy command"

```



You can use this mechanism to source to the current shell your own environmental variables. 



#### Static vs. Dynamic environment URLs



The Ansible template supports two ways of defining your environments url:

templates/gitlab-ci-ansible.yml

+12 −2
Original line number Diff line number Diff line
@@ -443,6 +443,16 @@ stages: 


  # ENDSCRIPT



.ansible-commands:

  default:

    deploy: run_ansible "${ENV_INVENTORY:-${ANSIBLE_DEFAULT_INVENTORY}}" "${ENV_TAGS:-${ANSIBLE_DEFAULT_TAGS}}" "${ENV_EXTRA_ARGS:-${ANSIBLE_DEFAULT_EXTRA_ARGS}}" "${ENV_PLAYBOOK_FILE}" "${ENV_PRIVATE_KEY:-${ANSIBLE_PRIVATE_KEY}}" "${ENV_PUBLIC_KEY:-${ANSIBLE_PUBLIC_KEY}}" "${ENV_VAULT_PASSWORD:-${ANSIBLE_VAULT_PASSWORD}}"

    cleanup: run_ansible "${ENV_INVENTORY:-${ANSIBLE_DEFAULT_INVENTORY}}" "$ENV_CLEANUP_TAGS" "${ENV_EXTRA_ARGS:-${ANSIBLE_DEFAULT_EXTRA_ARGS}}" "${ENV_CLEANUP_PLAYBOOK_FILE:-${ENV_PLAYBOOK_FILE}}" "${ENV_PRIVATE_KEY:-${ANSIBLE_PRIVATE_KEY}}" "${ENV_PUBLIC_KEY:-${ANSIBLE_PUBLIC_KEY}}" "${ENV_VAULT_PASSWORD:-${ANSIBLE_VAULT_PASSWORD}}"

  deploy:

    - !reference [ .ansible-commands, default, deploy ]

  cleanup:

    - !reference [ .ansible-commands, default, cleanup ]





.ansible-base:

  services:

    - name: "$TBC_TRACKING_IMAGE"
@@ -556,7 +566,7 @@ ansible-lint-prod: 
    - assert_defined "${ENV_PLAYBOOK_FILE}" 'Missing required Ansible playbook'

    - chmod go-rwx .

  script:

    - run_ansible "${ENV_INVENTORY:-${ANSIBLE_DEFAULT_INVENTORY}}" "${ENV_TAGS:-${ANSIBLE_DEFAULT_TAGS}}" "${ENV_EXTRA_ARGS:-${ANSIBLE_DEFAULT_EXTRA_ARGS}}" "${ENV_PLAYBOOK_FILE}" "${ENV_PRIVATE_KEY:-${ANSIBLE_PRIVATE_KEY}}" "${ENV_PUBLIC_KEY:-${ANSIBLE_PUBLIC_KEY}}" "${ENV_VAULT_PASSWORD:-${ANSIBLE_VAULT_PASSWORD}}"

    - !reference [ .ansible-commands, deploy ]

  after_script:

    - *ansible-scripts

    - cleanup_secrets
@@ -593,7 +603,7 @@ ansible-lint-prod: 
    - assert_defined "$ENV_CLEANUP_TAGS" 'Missing required Ansible cleanup tags'

    - chmod go-rwx .

  script:

    - run_ansible "${ENV_INVENTORY:-${ANSIBLE_DEFAULT_INVENTORY}}" "$ENV_CLEANUP_TAGS" "${ENV_EXTRA_ARGS:-${ANSIBLE_DEFAULT_EXTRA_ARGS}}" "${ENV_CLEANUP_PLAYBOOK_FILE:-${ENV_PLAYBOOK_FILE}}" "${ENV_PRIVATE_KEY:-${ANSIBLE_PRIVATE_KEY}}" "${ENV_PUBLIC_KEY:-${ANSIBLE_PUBLIC_KEY}}" "${ENV_VAULT_PASSWORD:-${ANSIBLE_VAULT_PASSWORD}}"

    - !reference [ .ansible-commands, cleanup ]

  after_script:

    - *ansible-scripts

    - cleanup_secrets