diff --git a/.github/workflows/main.yml b/.github/workflows/deploy.yml similarity index 71% rename from .github/workflows/main.yml rename to .github/workflows/deploy.yml index c0532cb..8dabbcc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/deploy.yml @@ -14,11 +14,8 @@ jobs: - name: Setup Python uses: actions/setup-python@v5.2.0 with: - # Version range or exact version of Python or PyPy to use, using SemVer's version range syntax. Reads from .python-version if unset. python-version: 3 - # Used to specify a package manager for caching in the default directory. Supported values: pip, pipenv, poetry. cache: pip - # Set this option if you want the action to check for the latest available version that satisfies the version spec. check-latest: true - name: Run ansible env: diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml new file mode 100644 index 0000000..4381810 --- /dev/null +++ b/.github/workflows/dry-run.yml @@ -0,0 +1,31 @@ +on: + workflow_dispatch: + pull_request: + +jobs: + ansible: + name: dry-run ansible + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Python + uses: actions/setup-python@v5.2.0 + with: + python-version: 3 + cache: pip + check-latest: true + - name: Run ansible + env: + DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }} + DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }} + DEPLOY_USERNAME: ${{ secrets.DEPLOY_USERNAME }} + ANSIBLE_INVENTORY: inventories/github.yaml + ANSIBLE_VAULT_PASSWORD_FILE: vault.pass + ANSIBLE_FORCE_COLOR: "true" + run: | + echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE + ls $ANSIBLE_VAULT_PASSWORD_FILE + export KEY_FILE=$(mktemp) + echo "${{ secrets.DEPLOY_KEY }}" > $KEY_FILE + ansible-playbook playbooks/all.yaml --check