Merge pull request 'test new branch' (#2) from test into master
Reviewed-on: #2
This commit is contained in:
commit
ea7e1ee066
@ -1,8 +1,20 @@
|
|||||||
# =============================================================================
|
# =============================================================================
|
||||||
# Single pipeline – all event types handled via step-level when conditions:
|
# Single pipeline – all event types handled via step-level when conditions:
|
||||||
# pull_request → syntax-check, validate, drift-check
|
#
|
||||||
|
# pull_request → syntax-check, validate
|
||||||
|
# ONLY validates config correctness.
|
||||||
|
# Does NOT compare to the live server – a PR branch is
|
||||||
|
# expected to differ from the server (not yet deployed),
|
||||||
|
# so a drift-check here would always be OUT_OF_SYNC by
|
||||||
|
# design and is meaningless as a failure signal.
|
||||||
|
#
|
||||||
# push (master) → syntax-check, validate, deploy, update-sync-metric
|
# push (master) → syntax-check, validate, deploy, update-sync-metric
|
||||||
|
# Deploys to the server, then verifies sync and pushes metric.
|
||||||
|
#
|
||||||
# cron → gitops_sync_check (read-only drift check, no deploy)
|
# cron → gitops_sync_check (read-only drift check, no deploy)
|
||||||
|
# Continuously verifies that the live server still matches
|
||||||
|
# Git even when no push has happened. Detects manual edits
|
||||||
|
# made directly on the server.
|
||||||
#
|
#
|
||||||
# NOTE: Woodpecker does not support multiple YAML documents (---) in one file.
|
# NOTE: Woodpecker does not support multiple YAML documents (---) in one file.
|
||||||
# All pipelines must live in a single document with step-level filtering.
|
# All pipelines must live in a single document with step-level filtering.
|
||||||
@ -48,24 +60,6 @@ steps:
|
|||||||
- event: push
|
- event: push
|
||||||
branch: master
|
branch: master
|
||||||
|
|
||||||
# ---------------------------------------------------------------------------
|
|
||||||
# drift-check: Compare server config to Git – runs on pull_request only
|
|
||||||
# ---------------------------------------------------------------------------
|
|
||||||
drift-check:
|
|
||||||
image: alpine/ansible:latest
|
|
||||||
depends_on: [syntax-check]
|
|
||||||
environment:
|
|
||||||
ANSIBLE_CONFIG: ansible.cfg
|
|
||||||
SSH_PRIVATE_KEY:
|
|
||||||
from_secret: SSH_PRIVATE_KEY
|
|
||||||
commands:
|
|
||||||
- mkdir -p ~/.ssh
|
|
||||||
- printf '%s\n' "$${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa
|
|
||||||
- chmod 600 ~/.ssh/id_rsa
|
|
||||||
- ansible-playbook -i ansible/inventory/hosts.yml ansible/playbooks/drift-check.yml
|
|
||||||
when:
|
|
||||||
event: pull_request
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------------
|
# ---------------------------------------------------------------------------
|
||||||
# deploy: Apply Git configuration to server – runs on push to master only
|
# deploy: Apply Git configuration to server – runs on push to master only
|
||||||
# ---------------------------------------------------------------------------
|
# ---------------------------------------------------------------------------
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
#
|
#
|
||||||
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
|
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
|
||||||
|
|
||||||
# test
|
# test branch
|
||||||
#################
|
#################
|
||||||
#### MODULES ####
|
#### MODULES ####
|
||||||
#################
|
#################
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user