Sonny Bakker
65e4f3bb80
- Fallback to variable for vault password as file variables get execute permission set
21 lines
620 B
YAML
21 lines
620 B
YAML
deploy:
|
|
stage: deploy
|
|
image: python:3.7
|
|
environment:
|
|
name: production
|
|
url: rss.fudiggity.nl
|
|
rules:
|
|
- if: $CI_COMMIT_TAG
|
|
before_script:
|
|
- pip install ansible --quiet
|
|
- git clone https://git.fudiggity.nl/sonny/ansible-playbooks.git deployment
|
|
- mkdir /root/.ssh && echo "$DEPLOY_HOST_KEY" > /root/.ssh/known_hosts
|
|
- echo $VAULT_PASSWORD > deployment/vault
|
|
script:
|
|
- >
|
|
ansible-playbook deployment/playbook.yml
|
|
--inventory deployment/apps.yml
|
|
--limit newsreader
|
|
--user ansible
|
|
--private-key "$DEPLOY_KEY"
|
|
--vault-password-file deployment/vault
|