-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsynchronize.yaml
50 lines (50 loc) · 1.73 KB
/
synchronize.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
---
- name: Synchronize Ops repository with server
become: true
hosts: all
tasks:
- name: Install continuous deployment tools
ansible.builtin.apt:
name: [git, python3-pip]
state: present
- name: Install Python venv
ansible.builtin.apt:
name: python3-venv
state: present
- name: Create a virtual environment
ansible.builtin.command:
cmd: python3 -m venv /opt/venv
creates: /opt/venv
- name: Install ansible in the virtual environment
ansible.builtin.pip:
name: ansible
virtualenv: /opt/venv
- name: Clone application repository
ansible.builtin.git:
repo: "{{ ops.repository }}"
dest: /opt/mes-aides/
update: true
clone: true
single_branch: true
version: "{{ ops.branch }}"
when: ops.repository is defined
- name: Set deployment variables
ansible.builtin.set_fact:
deploy_command: /opt/mes-aides/scripts/update_ops.sh {{ inventory_file | basename | splitext | first }}
deploy_access_rules: no-pty,no-port-forwarding,no-agent-forwarding
- name: Add SSH deployment key
ansible.posix.authorized_key:
user: "{{ ansible_ssh_user }}"
state: present
comment: "# Key for deployment"
exclusive: true
key: "{{ ops.update_key }}"
key_options: command="{{ deploy_command }}",{{ deploy_access_rules }}"
when: ops.update_key is defined
- name: Set authorized_keys for listed github users
ansible.posix.authorized_key:
user: "{{ ansible_ssh_user }}"
state: present
comment: "# User key for {{ item }}"
key: https://github.com/{{ item }}.keys
with_items: "{{ github_users }}"