diff --git a/roles/close_deployment/tasks/main.yml b/roles/close_deployment/tasks/main.yml deleted file mode 100644 index eb87df66..00000000 --- a/roles/close_deployment/tasks/main.yml +++ /dev/null @@ -1,20 +0,0 @@ -### -# Closes a successful GitHub deployment, depends on deployment variable -# registered by create_deployment task -### - -- name: Close GitHub deployment as a success. - run_once: true - tags: - - gh_deploy - uri: - url: "{{ deployment.json.url }}/statuses" - body_format: json - method: POST - status_code: 201 - body: - state: "success" - description: "Deployment succeeded" - headers: - Authorization: "token {{ github_token }}" - # no rescue because if this fails, closing an errored deploy will too! diff --git a/roles/deploy/README.md b/roles/deploy/README.md new file mode 100644 index 00000000..8e21c891 --- /dev/null +++ b/roles/deploy/README.md @@ -0,0 +1,39 @@ +Role Name +========= + +Role that deploys CDH applications + +Requirements +------------ + +GitHub Organization with API deployment set up + +Role Variables +-------------- + +```yaml +github_token: "your_token" +``` +Dependencies +------------ + +No dependencies + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +Apache2 + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/deploy/defaults/main.yml b/roles/deploy/defaults/main.yml new file mode 100644 index 00000000..685c6268 --- /dev/null +++ b/roles/deploy/defaults/main.yml @@ -0,0 +1,2 @@ +--- +# defaults file for roles/deploy diff --git a/roles/deploy/handlers/main.yml b/roles/deploy/handlers/main.yml new file mode 100644 index 00000000..597d67e6 --- /dev/null +++ b/roles/deploy/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for roles/deploy diff --git a/roles/deploy/meta/main.yml b/roles/deploy/meta/main.yml new file mode 100644 index 00000000..98dc307c --- /dev/null +++ b/roles/deploy/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + role_name: deploy + company: Princeton University Library + description: deploy + author: cdh + + license: Apache2 + + min_ansible_version: 2.2 + + platforms: + - name: Ubuntu + versions: + - jammy +dependencies: [] diff --git a/roles/deploy/molecule/default/converge.yml b/roles/deploy/molecule/default/converge.yml new file mode 100644 index 00000000..ca60ebcc --- /dev/null +++ b/roles/deploy/molecule/default/converge.yml @@ -0,0 +1,15 @@ +--- +- name: Converge + hosts: all + vars: + - running_on_server: false + become: true + pre_tasks: + - name: Update cache + ansible.builtin.apt: + update_cache: true + cache_valid_time: 600 + tasks: + - name: "Include example" + ansible.builtin.include_role: + name: deploy diff --git a/roles/deploy/molecule/default/molecule.yml b/roles/deploy/molecule/default/molecule.yml new file mode 100644 index 00000000..fc1de4ae --- /dev/null +++ b/roles/deploy/molecule/default/molecule.yml @@ -0,0 +1,22 @@ +--- +scenario: + name: default +driver: + name: docker +lint: | + set -e + yamllint . + ansible-lint +platforms: + - name: instance + image: "ghcr.io/pulibrary/pul_containers:jammy_multi" + command: "sleep infinity" + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true +provisioner: + name: ansible + log: true +verifier: + name: ansible diff --git a/roles/deploy/molecule/default/verify.yml b/roles/deploy/molecule/default/verify.yml new file mode 100644 index 00000000..adf2afdd --- /dev/null +++ b/roles/deploy/molecule/default/verify.yml @@ -0,0 +1,52 @@ +--- +- name: Verify + hosts: localhost + connection: local + gather_facts: false + vars: + deployments_endpoint: "https://api.github.com/repos/Princeton-CDH/cdh-ansible/deployments" + gitref: "main" + runtime_env: "production" + deploy_description: "Test deployment" + deploy_contexts: [] + github_token: "your-github-token" + + tasks: + - name: Include the role + ansible.builtin.include_role: + name: deploy + + - name: Assert deployment was created + ansible.builtin.assert: + that: + - deployment is defined + - deployment.status == 201 + + - name: Assert deployment status is pending + ansible.builtin.uri: + url: "{{ deployment.json.url }}" + headers: + Authorization: "token {{ github_token }}" + register: deployment_status + + - name: Assert deployment status is pending + ansible.builtin.assert: + that: + - deployment_status.json.state == "pending" + + - name: Run close_deployment task + ansible.builtin.include_tasks: + file: roles/deploy/tasks/main.yml + tags: gh_deploy + + - name: Assert deployment status is success + ansible.builtin.uri: + url: "{{ deployment.json.url }}" + headers: + Authorization: "token {{ github_token }}" + register: deployment_status + + - name: Assert deployment status is success + ansible.builtin.assert: + that: + - deployment_status.json.state == "success" diff --git a/roles/create_deployment/tasks/fail.yml b/roles/deploy/tasks/fail.yml similarity index 80% rename from roles/create_deployment/tasks/fail.yml rename to roles/deploy/tasks/fail.yml index 9535b3dd..dd6761a5 100644 --- a/roles/create_deployment/tasks/fail.yml +++ b/roles/deploy/tasks/fail.yml @@ -1,5 +1,6 @@ -- name: Close a deploy as a failure - uri: +--- +- name: Deploy | close a deploy as a failure + ansible.builtin.uri: url: '{{ deployment.json.url }}/statuses' body_format: json method: POST @@ -10,6 +11,7 @@ headers: Authorization: "token {{ github_token }}" when: deployment is defined + - name: Force an unhandled failure to stop deploy - fail: + ansible.builtin.fail: msg: "Deploy did not complete successfully." diff --git a/roles/create_deployment/tasks/main.yml b/roles/deploy/tasks/main.yml similarity index 57% rename from roles/create_deployment/tasks/main.yml rename to roles/deploy/tasks/main.yml index 6148d507..f6ce473e 100644 --- a/roles/create_deployment/tasks/main.yml +++ b/roles/deploy/tasks/main.yml @@ -1,19 +1,19 @@ +--- +# tasks file for roles/deploy ### # Create a GitHub deployment for project and set its status to pending. # Requires close_deployment task to be added also to close deployment as # a success. ### -- name: Create a GitHub deployment - tags: - - gh_deploy - run_once: true +- name: Deploy | create a GitHub deployment block: - - name: Check for GitHub token, and fail if not present - fail: + - name: Deploy | check for GitHub token, and fail if not present + ansible.builtin.fail: msg: "Pass a GitHub API token to -e github_token or set in environment as ANSIBLE_GITHUB_TOKEN" when: github_token == "" - - name: Create a deployment - uri: + + - name: Deploy | create a deployment + ansible.builtin.uri: url: "{{ deployments_endpoint }}" body_format: json method: POST @@ -29,8 +29,9 @@ X-GitHub-Api-Version: "2022-11-28" return_content: true register: deployment - - name: Set status to in progress - uri: + + - name: Deploy | set status to in progress + ansible.builtin.uri: url: "{{ deployment.json.url }}/statuses" body_format: json method: POST @@ -40,5 +41,28 @@ description: "Deployment in progress" headers: Authorization: "token {{ github_token }}" + tags: + - gh_deploy + run_once: true # No rescue because again, if either of these fail, the error status will -# likely also fail out. + # likely also fail out. +### +# Closes a successful GitHub deployment, depends on deployment variable +# registered by create_deployment task +### + +- name: Deploy | close GitHub deployment as a success. + ansible.builtin.uri: + url: "{{ deployment.json.url }}/statuses" + body_format: json + method: POST + status_code: 201 + body: + state: "success" + description: "Deployment succeeded" + headers: + Authorization: "token {{ github_token }}" + run_once: true + tags: + - gh_deploy + # no rescue because if this fails, closing an errored deploy will too! diff --git a/roles/deploy/vars/main.yml b/roles/deploy/vars/main.yml new file mode 100644 index 00000000..2d3a87a9 --- /dev/null +++ b/roles/deploy/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for roles/deploy