diff --git a/.ansible/inventory/development/group_vars/all/main.yaml b/.ansible/inventory/development/group_vars/all/main.yaml index 5a4b950..7831b76 100644 --- a/.ansible/inventory/development/group_vars/all/main.yaml +++ b/.ansible/inventory/development/group_vars/all/main.yaml @@ -1 +1,2 @@ -env: "dev" +env: dev +auto_reboots: yes diff --git a/.ansible/inventory/production/group_vars/all/main.yaml b/.ansible/inventory/production/group_vars/all/main.yaml index 4e0c7e4..dc630db 100644 --- a/.ansible/inventory/production/group_vars/all/main.yaml +++ b/.ansible/inventory/production/group_vars/all/main.yaml @@ -1 +1,2 @@ -env: "prod" +env: prod +auto_reboots: no diff --git a/.ansible/inventory/stable/group_vars/all/main.yaml b/.ansible/inventory/stable/group_vars/all/main.yaml index a324a97..77a818a 100644 --- a/.ansible/inventory/stable/group_vars/all/main.yaml +++ b/.ansible/inventory/stable/group_vars/all/main.yaml @@ -1 +1,2 @@ -env: "test" +env: test +auto_reboots: yes diff --git a/.ansible/roles/requirements.update.yaml b/.ansible/roles/requirements.update.yaml new file mode 100644 index 0000000..9ce927b --- /dev/null +++ b/.ansible/roles/requirements.update.yaml @@ -0,0 +1,4 @@ +- name: ubuntu_base + scm: git + src: "git@github.com:Diesel-Net/ansible-role-ubuntu-base.git" + version: 1.2.0 diff --git a/.ansible/update.yaml b/.ansible/update.yaml new file mode 100644 index 0000000..38c9419 --- /dev/null +++ b/.ansible/update.yaml @@ -0,0 +1,10 @@ +# ansible-galaxy install -r .ansible/roles/requirements.update.yaml -p .ansible/roles --force +# ansible-playbook .ansible/update.yaml -i .ansible/inventory/development/hosts --vault-id ~/.tokens/master_id + +- hosts: all + strategy: free + tasks: + + - import_role: + name: ubuntu_base + tasks_from: update diff --git a/.drone.yaml b/.drone.yaml index 2e3dd22..9545436 100644 --- a/.drone.yaml +++ b/.drone.yaml @@ -1,7 +1,7 @@ --- kind: pipeline type: docker -name: development pipeline +name: main deployment pipeline clone: depth: 1 @@ -18,11 +18,16 @@ steps: settings: galaxy: .ansible/roles/requirements.ssh.yaml playbook: .ansible/configure_ssh.yaml - inventory: .ansible/inventory/development/hosts private_key: from_secret: ansible_private_key vault_password: - from_secret: ansible_vault_password + from_secret: ansible_vault_password + commands: + # dynamically select inventory based on Git branch/tag + - version=$DRONE_BRANCH + - if [ ! -z $DRONE_TAG ]; then version=production; fi + - /bin/drone-ansible --inventory .ansible/inventory/$$version/hosts + - name: deploy image: plugins/ansible:3 @@ -31,105 +36,76 @@ steps: settings: galaxy: .ansible/roles/requirements.deploy.yaml playbook: .ansible/deploy.yaml - inventory: .ansible/inventory/development/hosts private_key: from_secret: ansible_private_key vault_password: from_secret: ansible_vault_password + commands: + # dynamically select inventory based on Git branch/tag + - version=$DRONE_BRANCH + - if [ ! -z $DRONE_TAG ]; then version=production; fi + - /bin/drone-ansible --inventory .ansible/inventory/$$version/hosts trigger: branch: - development + - stable event: - push + - tag --- + kind: pipeline type: docker -name: test pipeline +name: daily updates pipeline clone: depth: 1 steps: - - name: configure ssh + - name: Update development server(s) image: plugins/ansible:3 environment: ANSIBLE_CONFIG: .ansible/ansible.cfg - SUPER_USER: - from_secret: super_user - SUPER_PASS: - from_secret: super_pass settings: - galaxy: .ansible/roles/requirements.ssh.yaml - playbook: .ansible/configure_ssh.yaml - inventory: .ansible/inventory/stable/hosts + galaxy: .ansible/roles/requirements.update.yaml + playbook: .ansible/update.yaml + inventory: .ansible/inventory/development private_key: from_secret: ansible_private_key vault_password: - from_secret: ansible_vault_password - - - name: deploy - image: plugins/ansible:3 - environment: - ANSIBLE_CONFIG: .ansible/ansible.cfg - settings: - galaxy: .ansible/roles/requirements.deploy.yaml - playbook: .ansible/deploy.yaml - inventory: .ansible/inventory/stable/hosts - private_key: - from_secret: ansible_private_key - vault_password: - from_secret: ansible_vault_password - - -trigger: - branch: - - stable - event: - - push - ---- -kind: pipeline -type: docker -name: production pipeline + from_secret: ansible_vault_password -clone: - depth: 1 - -steps: - - name: configure ssh + - name: Update test server(s) image: plugins/ansible:3 environment: ANSIBLE_CONFIG: .ansible/ansible.cfg - SUPER_USER: - from_secret: super_user - SUPER_PASS: - from_secret: super_pass settings: - galaxy: .ansible/roles/requirements.ssh.yaml - playbook: .ansible/configure_ssh.yaml - inventory: .ansible/inventory/production/hosts + galaxy: .ansible/roles/requirements.update.yaml + playbook: .ansible/update.yaml + inventory: .ansible/inventory/stable private_key: from_secret: ansible_private_key vault_password: - from_secret: ansible_vault_password + from_secret: ansible_vault_password - - name: deploy + - name: Update production server(s) image: plugins/ansible:3 environment: ANSIBLE_CONFIG: .ansible/ansible.cfg settings: - galaxy: .ansible/roles/requirements.deploy.yaml - playbook: .ansible/deploy.yaml - inventory: .ansible/inventory/production/hosts + galaxy: .ansible/roles/requirements.update.yaml + playbook: .ansible/update.yaml + inventory: .ansible/inventory/production private_key: from_secret: ansible_private_key vault_password: - from_secret: ansible_vault_password - + from_secret: ansible_vault_password trigger: event: - - tag + - cron + cron: + - daily-updates ...