diff --git a/ci-ansible.cfg b/ci-ansible.cfg new file mode 100644 index 0000000000000000000000000000000000000000..5f591b3298a49157a04884625b39b8104518bd54 --- /dev/null +++ b/ci-ansible.cfg @@ -0,0 +1,79 @@ +###### +# +# ATTENTION! +# +# This file is needed to run the CI pipeline for the related project +# "slub-digitalpreservation/reparaturtool.git". +# It is NOT related to the CI pipeline of "ansible_lza_repair.git". +# Do NOT delete this file unless you are ABSOLUTELY POSITIVELY CERTAIN that it +# is not needed anymore over at the CI of "reparaturtool.git"! +# +###### + + + +[defaults] +# If set, configures the path to the Vault password file as an alternative to +# specifying --vault-password-file on the command line. +#vault_identity_list = ../lza_install_common.pass, ../lza_server_hardening.pass, ../lza_repair.pass, ../slub_osquery.pass + +# Path to default inventory file +# Administrators can override this by using the "-i <inventoryfile>" CLI +# argument. +inventory = ./inv.ini + +# Remote user name +# We DELIBERATELY set this to an non-existent non-root username to make sure +# the role can only be run if an Administrator knows the correct remote_user +# name and passes it as a CLI argument. +remote_user = non-root-user + +# By default, ansible will use the 'linear' strategy but you may want to try +# another one +strategy = free + +# Don't like cows? that's unfortunate. +# Set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1 +nocows = 1 + +# Custom role path that guarantees roles are always found, no matter where a +# user checks them out. +roles_path = /tmp/:./:../:~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles + +# Toggle to control displaying skipped task/host entries in a task in the +# default callback. +# https://docs.ansible.com/ansible/latest/reference_appendices/config.html#display-skipped-hosts +# DEFAULT: display_skipped_hosts = true +display_skipped_hosts = false + +use_persistent_connections=true + +# list all Ansible Callback Plugins: "ansible-doc -t callback -l" +# online documentation: https://docs.ansible.com/ansible/latest/plugins/callback.html +# run code profiling for performance analysis +# callbacks_enabled = profile_roles, profile_tasks, timer +# get formatted output +# callbacks_enabled = yaml +# get minimal output +# callbacks_enabled = dense + +# set default output callback plugin +stdout_callback = yaml + +# Setting a callback plugin for ad-hoc commands +bin_ansible_callbacks = True + +callbacks_enabled: yaml + +[inventory] +# Ignore these extensions when parsing a directory as inventory source. +ignore_extensions = .pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, ~, .orig, .ini, .cfg, .retry + +[ssh_connection] +# Enabling pipelining reduces the number of SSH operations required to +# execute a module on the remote server. This can result in a significant +# performance improvement when enabled, however when using "sudo:" you must +# first disable 'requiretty' in /etc/sudoers +# By default, this option is disabled to preserve compatibility with +# sudoers configurations that have requiretty (the default on many distros). +pipelining = True diff --git a/ci-playbook.yml b/ci-playbook.yml new file mode 100644 index 0000000000000000000000000000000000000000..2a7bc1965064ad9dee46cdeceea565adaf637e5f --- /dev/null +++ b/ci-playbook.yml @@ -0,0 +1,34 @@ +--- + +###### +# +# ATTENTION! +# +# This file is needed to run the CI pipeline for the related project +# "slub-digitalpreservation/reparaturtool.git". +# It is NOT related to the CI pipeline of "ansible_lza_repair.git". +# Do NOT delete this file unless you are ABSOLUTELY POSITIVELY CERTAIN that it +# is not needed anymore over at the CI of "reparaturtool.git"! +# +###### + +- hosts: "localhost" + connection: local + # Collect facts from remote system? Possible values: true, false + gather_facts: true + # any_error_fatal will mark all the hosts as failed if fails and immediately + # abort the playbook execution. Possible values: true, false + any_errors_fatal: false + # max_fail_percentage allows you to abort the play if certain threshold of + # failures have been reached. + max_fail_percentage: 30 + serial: 30 + # hide sensitive information in verbose/debugging output from others. + # Possible values: true, false + no_log: false + # execution strategy, possible values: debug, linear, serial, free + # https://docs.ansible.com/ansible/latest/user_guide/playbooks_strategies.html + strategy: linear + + roles: + - {role: ansible_lza_repair, become: true}