mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-05-07 03:26:04 +02:00
62f93478dc
We make almost no use of the dynamic properties of the hcloud inventory, so we can simplify this by declaring all cloud servers in the main hosts inventory. The main benefit of this change is that temporary and experimental cloud servers are not automatically included in the Ansible playbooks. In such cases it is usually incorrect to deploy changes to these unknown servers. A smaller side benefit is that Ansible will now use hostnames to connect to cloud servers, whereas the dynamic inventory provided IPv4 addresses. This results in more meaningful ~/.ssh/known_hosts entries.
28 lines
980 B
YAML
28 lines
980 B
YAML
image: "archlinux:latest"
|
|
|
|
ansible-lint:
|
|
before_script:
|
|
- pacman -Syu --needed --noconfirm ansible-lint ansible
|
|
script:
|
|
# Fix weird ansible bug: https://github.com/trailofbits/algo/issues/1637
|
|
# This probably happens due to gitlab-runner mounting the git repo into the container
|
|
- chmod o-w .
|
|
# Fix syntax-check rule (https://github.com/ansible-community/ansible-lint/issues/1350#issuecomment-778764110)
|
|
- sed "/^vault_identity_list/d" -i ansible.cfg
|
|
- sed "/misc\/vaults\/vault_/d" -i playbooks/*.yml
|
|
# Fix load-failure: Failed to load or parse file
|
|
- ansible-lint $(printf -- "--exclude %s " */*/vault_*)
|
|
|
|
terraform-validate:
|
|
before_script:
|
|
- pacman -Syu --needed --noconfirm terraform diffutils
|
|
script:
|
|
- cd tf-stage1
|
|
- terraform init -backend=false
|
|
- terraform validate
|
|
- terraform fmt --check
|
|
- cd ../tf-stage2
|
|
- terraform init -backend=false
|
|
- terraform validate
|
|
- terraform fmt --check --diff
|