diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7bd51d4..4c9dff6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -53,11 +53,28 @@ jobs: sudo add-apt-repository --yes --update ppa:ansible/ansible sudo apt install ansible + - name: Install boto + run: | + pipx inject ansible-core boto3 + pipx inject ansible-core botocore + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + audience: sts.amazonaws.com. + role-to-assume: arn:aws:iam::381491931967:role/GitHubAction-EC2-RO + role-session-name: deploy-role-session + aws-region: us-east-2 + + - name: Run Ansible uses: dawidd6/action-ansible-playbook@v2 with: playbook: glove.yml directory: devops/ansible + configuration: | + [defaults] + inventory = inventory_aws_ec2.yml key: ${{ secrets.SSH_PRIVATE_KEY }} options: | - --inventory hosts.ini + --inventory inventory_aws_ec2.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..c7ff458 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,64 @@ +--- +name: Test + +on: + push: + branch: + - "devops/fix*" + +permissions: + id-token: write + contents: read + +env: + CARGO_TERM_COLOR: always + +jobs: + Ansible: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install Ansible + run: | + sudo apt update + sudo apt install software-properties-common + sudo add-apt-repository --yes --update ppa:ansible/ansible + sudo apt install ansible + + - name: Install boto + run: | + pipx inject ansible-core boto3 + pipx inject ansible-core botocore + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + audience: sts.amazonaws.com. + role-to-assume: arn:aws:iam::381491931967:role/GitHubAction-EC2-RO + role-session-name: deploy-role-session + aws-region: us-east-2 + + # - name: Prepare ssh key + # shell: bash + # env: + # SSH_KEY: ${{ secrets.SSH_PRIVATE_KEY }} + # run: | + # mkdir ~/.ssh + # chmod 700 ~/.ssh + # echo $SSH_KEY > ~/.ssh/glove.prv + # chmod 600 ~/.ssh/glove.prv + # + - name: Run Ansible + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: glove.yml + directory: devops/ansible + configuration: | + [defaults] + inventory = inventory_aws_ec2.yml + key: ${{ secrets.SSH_PRIVATE_KEY }} + options: | + --inventory inventory_aws_ec2.yml diff --git a/devops/ansible/glove.yml b/devops/ansible/glove.yml index 2cbf852..5ff3018 100644 --- a/devops/ansible/glove.yml +++ b/devops/ansible/glove.yml @@ -1,6 +1,6 @@ --- - hosts: tag_Glove become: true -# user: ec2-user + gather_facts: true roles: - glove diff --git a/devops/ansible/group_vars/all.yml b/devops/ansible/group_vars/all.yml index a4f78ef..8802b2c 100644 --- a/devops/ansible/group_vars/all.yml +++ b/devops/ansible/group_vars/all.yml @@ -1,3 +1,2 @@ --- ansible_user: ec2-user -ansible_ssh_private_key_file: ~/.ssh/glove.prv diff --git a/devops/ansible/inventory_aws_ec2.yml b/devops/ansible/inventory_aws_ec2.yml index 09b578a..9613934 100644 --- a/devops/ansible/inventory_aws_ec2.yml +++ b/devops/ansible/inventory_aws_ec2.yml @@ -12,5 +12,5 @@ hostnames: compose: ansible_host: public_ip_address ansible_user: ec2-user - ansible_ssh_private_key_file: ~/.ssh/glove.prv -profile: glove-test + # Reminder for local deployment + # profile: glove-test