[Devops] fix ansible run in the GH Action release workflow (#32)

Adjust action to use dynamic inventory.

I also created a test workflow, so we can test workflows without building binaries and updating the test environment.

.github/workflows/release.yml

@@ -53,11 +53,28 @@ jobs:
           sudo add-apt-repository --yes --update ppa:ansible/ansible
           sudo apt install ansible
 
+      - name: Install boto
+        run: |
+           pipx inject ansible-core boto3
+           pipx inject ansible-core botocore
+
+      - name: configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          audience: sts.amazonaws.com.
+          role-to-assume: arn:aws:iam::381491931967:role/GitHubAction-EC2-RO
+          role-session-name: deploy-role-session
+          aws-region: us-east-2
+
+
       - name: Run Ansible
         uses: dawidd6/action-ansible-playbook@v2
         with:
           playbook: glove.yml
           directory: devops/ansible
+          configuration: |
+            [defaults]
+            inventory = inventory_aws_ec2.yml
           key: ${{ secrets.SSH_PRIVATE_KEY }}
           options: |
-            --inventory hosts.ini
+            --inventory inventory_aws_ec2.yml

.github/workflows/test.yml

@@ -0,0 +1,64 @@
+---
+name: Test
+
+on:
+  push:
+    branch:
+      - "devops/fix*"
+
+permissions:
+  id-token: write
+  contents: read
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  Ansible:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Ansible
+        run: |
+          sudo apt update
+          sudo apt install software-properties-common
+          sudo add-apt-repository --yes --update ppa:ansible/ansible
+          sudo apt install ansible
+
+      - name: Install boto
+        run: |
+           pipx inject ansible-core boto3
+           pipx inject ansible-core botocore
+
+      - name: configure aws credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          audience: sts.amazonaws.com.
+          role-to-assume: arn:aws:iam::381491931967:role/GitHubAction-EC2-RO
+          role-session-name: deploy-role-session
+          aws-region: us-east-2
+
+            #      - name: Prepare ssh key
+            #        shell: bash
+            #        env:
+            #          SSH_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+            #        run: |
+            #          mkdir ~/.ssh
+            #          chmod 700 ~/.ssh
+            #          echo $SSH_KEY > ~/.ssh/glove.prv
+            #          chmod 600 ~/.ssh/glove.prv
+            #
+      - name: Run Ansible
+        uses: dawidd6/action-ansible-playbook@v2
+        with:
+          playbook: glove.yml
+          directory: devops/ansible
+          configuration: |
+            [defaults]
+            inventory = inventory_aws_ec2.yml
+          key: ${{ secrets.SSH_PRIVATE_KEY }}
+          options: |
+            --inventory inventory_aws_ec2.yml

devops/ansible/glove.yml

@@ -1,6 +1,6 @@
 ---
 - hosts: tag_Glove
   become: true
-#  user: ec2-user
+  gather_facts: true
   roles:
     - glove

devops/ansible/group_vars/all.yml

@@ -1,3 +1,2 @@
 ---
 ansible_user: ec2-user
-ansible_ssh_private_key_file: ~/.ssh/glove.prv

devops/ansible/inventory_aws_ec2.yml

@@ -12,5 +12,5 @@ hostnames:
 compose:
   ansible_host: public_ip_address
   ansible_user: ec2-user
-  ansible_ssh_private_key_file: ~/.ssh/glove.prv
-profile: glove-test
+  # Reminder for local deployment
+  # profile: glove-test