46 lines
1.4 KiB
YAML
46 lines
1.4 KiB
YAML
name: Ansible Validate Playbook on Pull Request
|
|
on:
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- "ansible/playbook_*.yml"
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
jobs:
|
|
ansible-apply:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup environment
|
|
uses: ./.github/actions/setup-env
|
|
|
|
- name: Setup Ansible environment
|
|
uses: ./.github/actions/setup-ansible-env
|
|
with:
|
|
project-id: ${{ secrets.BW_PROJECT_ID }}
|
|
organization-id: ${{ secrets.BW_ORGANIZATION_ID }}
|
|
access-token: ${{ secrets.BW_ACCESS_TOKEN }}
|
|
ansible-user: ${{ secrets.ANSIBLE_USER }}
|
|
trusted-hosts: ${{ secrets.TRUSTED_HOSTS }}
|
|
|
|
- name: Apply the playbook that triggered the workflow
|
|
env:
|
|
BW_PROJECT_ID: ${{ secrets.BW_PROJECT_ID }}
|
|
BW_ORGANIZATION_ID: ${{ secrets.BW_ORGANIZATION_ID }}
|
|
BW_ACCESS_TOKEN: ${{ secrets.BW_ACCESS_TOKEN }}
|
|
ANSIBLE_USER: ${{ secrets.ANSIBLE_USER }}
|
|
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
|
|
run: |
|
|
cd ansible
|
|
for PLAYBOOK in $(echo $CHANGED_FILES | grep -oP 'playbook_\K\w+'); do
|
|
sectool -f ../sectool.json exec ansible-playbook -u $ANSIBLE_USER playbook_$PLAYBOOK.yml -CD
|
|
done
|