---
# A pipeline is composed of independent jobs that run scripts, grouped into stages.
# Stages run in sequential order, but jobs within stages run in parallel.
#
# For more information, see: https://docs.gitlab.com/ee/ci/yaml/index.html#stages
stages: # List of stages for jobs, and their order of execution
- test
variables:
# CI_DEBUG_TRACE: "true"
SCENARIO: "default"
ANSIBLE_FORCE_COLOR: 'true'
PY_COLORS: '1'
default:
before_script:
- source /opt/molecule/bin/activate
- ansible --version
- molecule --version
after_script:
- source /opt/molecule/bin/activate
- molecule destroy --scenario-name ${SCENARIO}
test-job:
stage: test
tags:
- "shell"
script:
# make sure that Ansible Vaults are present and can be decrypted
- echo "${VAULT_INSTALL_COMMON}" > ${CI_PROJECT_DIR}/molecule/${SCENARIO}/../../../lza_install_common.pass
- echo "${VAULT_ROSETTA_APP}" > ${CI_PROJECT_DIR}/molecule/${SCENARIO}/../../../lza_rosetta_app.pass
- export ANSIBLE_VAULT_IDENTITY_LIST="${CI_PROJECT_DIR}/molecule/${SCENARIO}/../../../lza_install_common.pass, ${CI_PROJECT_DIR}/molecule/${SCENARIO}/../../../lza_rosetta_app.pass"
- rm -rf ../ansible_vaults/
- rm -rf ../ansible_lza_install_common/
- git clone https://gitlab+deploy-token-25:${VAULT_ACCESS_TOKEN}@git.slub-dresden.de/slub-referat-2-3/ansible_vaults.git ../ansible_vaults/;
- git clone https://git.slub-dresden.de/digital-preservation/ansible_lza_install_common.git ../ansible_lza_install_common/;
# run Molecule tests
- molecule syntax --scenario-name ${SCENARIO}
# We cannot use `molecule lint` anymore because:
# - https://github.com/ansible-community/molecule/pull/3802 "Remove lint command"
# - https://github.com/ansible-community/molecule/discussions/3825#discussioncomment-4908366
- yamllint --strict --format colored ./
- ansible-lint --format full --profile production --strict --force-color ./
- molecule create --scenario-name ${SCENARIO}
- molecule converge --scenario-name ${SCENARIO}
- molecule idempotence --scenario-name ${SCENARIO}
# - molecule verify --scenario-name ${SCENARIO}