This commit is contained in:
=
parent
f1c1afa850
commit
6166c3f3ea
1 changed files with 39 additions and 0 deletions
39
.forgejo/workflows/ansible-ci.yml
Normal file
39
.forgejo/workflows/ansible-ci.yml
Normal file
|
|
@ -0,0 +1,39 @@
|
||||||
|
name: Ansible CI
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
pull_request:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
lint_and_vault_check:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Setup Python
|
||||||
|
uses: actions/setup-python@v4
|
||||||
|
with:
|
||||||
|
python-version: '3.x'
|
||||||
|
|
||||||
|
- name: Install ansible and ansible-lint
|
||||||
|
run: |
|
||||||
|
python -m pip install --upgrade pip
|
||||||
|
pip install ansible ansible-lint
|
||||||
|
|
||||||
|
- name: Run ansible-lint
|
||||||
|
run: ansible-lint
|
||||||
|
|
||||||
|
- name: Check if all inventory files are ansible-vault encrypted
|
||||||
|
run: |
|
||||||
|
set -e
|
||||||
|
INVENTORY_DIR="./inventory"
|
||||||
|
for file in $(find "$INVENTORY_DIR" -type f); do
|
||||||
|
if ! head -1 "$file" | grep -q '$ANSIBLE_VAULT'; then
|
||||||
|
echo "ERROR: Inventory file $file is NOT ansible-vault encrypted!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
done
|
||||||
Loading…
Add table
Reference in a new issue