diff --git a/.drone.jsonnet b/.drone.jsonnet
new file mode 100644
index 0000000..625ded7
--- /dev/null
+++ b/.drone.jsonnet
@@ -0,0 +1,115 @@
+local AnsibleVersions(version="latest", package="ansible") = {
+ name: "ansible-" + version,
+ image: "python:3.7",
+ pull: "always",
+ environment: {
+ PY_COLORS: 1
+ },
+ commands: [
+ "pip install " + package + " ansible-later~=0.2.0 -qq",
+ "git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy",
+ "ansible-later -c ~/policy/config.yml"
+ ],
+ depends_on: [
+ "clone",
+ ],
+};
+
+local PipelineLinting = {
+ kind: "pipeline",
+ name: "linting",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ steps: [
+ AnsibleVersions(version="latest", package="ansible"),
+ AnsibleVersions(version="master", package="git+https://github.com/ansible/ansible.git@devel"),
+ ],
+ trigger: {
+ ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
+ },
+};
+
+local PipelineDeployment = {
+ kind: "pipeline",
+ name: "deployment",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ workspace: {
+ base: "/drone/src",
+ path: "xoxys.nginx"
+ },
+ steps: [
+ {
+ name: "molecule",
+ image: "xoxys/molecule:ec2-linux-amd64",
+ pull: "always",
+ environment: {
+ ANSIBLE_ROLES_PATH: "/drone/src",
+ AWS_ACCESS_KEY_ID: { "from_secret": "aws_access_key_id" },
+ AWS_SECRET_ACCESS_KEY: { "from_secret": "aws_secret_access_key" },
+ AWS_REGION: "eu-central-1",
+ MOLECULE_CUSTOM_MODULES_REPO: "https://gitea.rknet.org/ansible/custom_modules",
+ MOLECULE_CUSTOM_FILTERS_REPO: "https://gitea.rknet.org/ansible/custom_filters",
+ PY_COLORS: 1
+ },
+ commands: [
+ "/bin/bash /docker-entrypoint.sh",
+ "molecule create --scenario-name ec2-centos-7",
+ "molecule converge --scenario-name ec2-centos-7",
+ "molecule verify --scenario-name ec2-centos-7",
+ "molecule destroy --scenario-name ec2-centos-7",
+ ],
+ },
+ ],
+ depends_on: [
+ "linting",
+ ],
+ trigger: {
+ ref: ["refs/heads/master", "refs/tags/**"],
+ },
+};
+
+local PipelineNotifications = {
+ kind: "pipeline",
+ name: "notifications",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ clone: {
+ disable: true,
+ },
+ steps: [
+ {
+ name: "matrix",
+ image: "plugins/matrix",
+ settings: {
+ homeserver: "https://matrix.rknet.org",
+ roomid: "MtidqQXWWAtQcByBhH:rknet.org",
+ template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}",
+ username: { "from_secret": "matrix_username" },
+ password: { "from_secret": "matrix_password" },
+ },
+ },
+ ],
+ // depends_on: [
+ // "deployment",
+ // ],
+ depends_on: [
+ "linting",
+ ],
+ trigger: {
+ status: [ "success", "failure" ],
+ ref: ["refs/heads/master", "refs/tags/**"],
+ },
+};
+
+[
+ PipelineLinting,
+ // PipelineDeployment,
+ PipelineNotifications,
+]
diff --git a/.drone.yml b/.drone.yml
index 53d816a..9b2e82e 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,42 +1,78 @@
---
kind: pipeline
-name: default
+name: linting
+
+platform:
+ os: linux
+ arch: amd64
steps:
- - name: ansible-latest
- image: python:2.7
- pull: always
- commands:
- - pip install ansible ansible-later -q
- - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
- - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
- depends_on:
- - clone
+- name: ansible-latest
+ pull: always
+ image: python:3.7
+ commands:
+ - pip install ansible ansible-later~=0.2.0 -qq
+ - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+ - ansible-later -c ~/policy/config.yml
+ environment:
+ PY_COLORS: 1
+ depends_on:
+ - clone
- - name: ansible-master
- image: python:2.7
- pull: always
- commands:
- - pip install ansible ansible-later -q
- - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
- - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
- depends_on:
- - clone
+- name: ansible-master
+ pull: always
+ image: python:3.7
+ commands:
+ - "pip install git+https://github.com/ansible/ansible.git@devel ansible-later~=0.2.0 -qq"
+ - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+ - ansible-later -c ~/policy/config.yml
+ environment:
+ PY_COLORS: 1
+ depends_on:
+ - clone
- - name: notify
- image: plugins/matrix
- settings:
- homeserver: https://matrix.rknet.org
- roomid: MtidqQXWWAtQcByBhH:rknet.org
- template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}"
- username:
- from_secret: matrix_username
- password:
- from_secret: matrix_password
- depends_on:
- - ansible-latest
- - ansible-master
- when:
- status:
- - success
- - failure
+trigger:
+ ref:
+ - refs/heads/master
+ - "refs/tags/**"
+ - "refs/pull/**"
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+ os: linux
+ arch: amd64
+
+clone:
+ disable: true
+
+steps:
+- name: matrix
+ image: plugins/matrix
+ settings:
+ homeserver: https://matrix.rknet.org
+ password:
+ from_secret: matrix_password
+ roomid: MtidqQXWWAtQcByBhH:rknet.org
+ template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}"
+ username:
+ from_secret: matrix_username
+
+trigger:
+ ref:
+ - refs/heads/master
+ - "refs/tags/**"
+ status:
+ - success
+ - failure
+
+depends_on:
+- linting
+
+---
+kind: signature
+hmac: 3b9b4bcbe58abbeab7b6d8562aa6b062ae884a3341eeca35c56bf4b1cfa408ae
+
+...
diff --git a/defaults/main.yml b/defaults/main.yml
index 383920c..d4d93f1 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,4 +1,5 @@
---
+yum_cron_enabled: False
yum_cron_custom_cronjob: False
yum_cron_apply_updates: no
yum_cron_download_updates: yes
@@ -14,6 +15,7 @@ yum_cron_emit_via: stdio
# gpgkey: "http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever/"
# enabled: True
+yum_upgrade_enabled: False
yum_packages_install: []
yum_packages_uninstall: []
yum_packages_extra_install: []
diff --git a/handlers/main.yml b/handlers/main.yml
index 8400860..2d7a233 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -5,6 +5,7 @@
name: "*"
state: latest
listen: __yum_upgrade
+ when: yum_upgrade_enabled | bool
- name: Restart yum-cron
service:
diff --git a/tasks/main.yml b/tasks/main.yml
index 6469e9e..699d9ca 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,4 +1,5 @@
---
- include_tasks: yum_cron.yml
+ when: yum_cron_enabled | bool
- include_tasks: repository.yml
- include_tasks: packages.yml