image: "archlinux:latest"

ansible-lint:
  before_script:
    - pacman -Syu --needed --noconfirm ansible-lint ansible python-jmespath
  script:
    # Fix weird ansible bug: https://github.com/trailofbits/algo/issues/1637
    # This probably happens due to gitlab-runner mounting the git repo into the container
    - chmod o-w .
    # Fix syntax-check rule (https://github.com/ansible-community/ansible-lint/issues/1350#issuecomment-778764110)
    - sed -i "/^vault_identity_list/d" ansible.cfg
    - sed -i -e "/vars_files:/d" -e "/misc\/vaults\/vault_/d" playbooks/*.yml
    # Fix load-failure: Failed to load or parse file
    - ansible-lint $(printf -- "--exclude %s " */*/vault_*)

terraform-validate:
  before_script:
    - pacman -Syu --needed --noconfirm terraform diffutils
  script:
    - cd tf-stage1
    - terraform init -backend=false
    - terraform validate
    - terraform fmt --check
    - cd ../tf-stage2
    - terraform init -backend=false
    - terraform validate
    - terraform fmt --check --diff