create a new deploy role

roles/deploy/README.md

@@ -0,0 +1,39 @@
+Role Name
+=========
+
+Role that deploys CDH applications
+
+Requirements
+------------
+
+GitHub Organization with API deployment set up
+
+Role Variables
+--------------
+
+```yaml
+github_token: "your_token"
+```
+Dependencies
+------------
+
+No dependencies
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+Apache2
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

roles/deploy/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for roles/deploy

roles/deploy/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for roles/deploy

roles/deploy/meta/main.yml

@@ -0,0 +1,16 @@
+---
+galaxy_info:
+  role_name: deploy
+  company: Princeton University Library
+  description: deploy
+  author: cdh
+
+  license: Apache2
+
+  min_ansible_version: 2.2
+
+  platforms:
+    - name: Ubuntu
+      versions:
+        - jammy
+dependencies: []

roles/deploy/molecule/default/converge.yml

@@ -0,0 +1,15 @@
+---
+- name: Converge
+  hosts: all
+  vars:
+    - running_on_server: false
+  become: true
+  pre_tasks:
+    - name: Update cache
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 600
+  tasks:
+    - name: "Include example"
+      ansible.builtin.include_role:
+        name: deploy

roles/deploy/molecule/default/molecule.yml

@@ -0,0 +1,22 @@
+---
+scenario:
+  name: default
+driver:
+  name: docker
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+platforms:
+  - name: instance
+    image: "ghcr.io/pulibrary/pul_containers:jammy_multi"
+    command: "sleep infinity"
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  log: true
+verifier:
+  name: ansible

roles/deploy/molecule/default/verify.yml

@@ -0,0 +1,52 @@
+---
+- name: Verify
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  vars:
+    deployments_endpoint: "https://api.github.com/repos/Princeton-CDH/cdh-ansible/deployments"
+    gitref: "main"
+    runtime_env: "production"
+    deploy_description: "Test deployment"
+    deploy_contexts: []
+    github_token: "your-github-token"
+
+  tasks:
+    - name: Include the role
+      ansible.builtin.include_role:
+        name: deploy
+
+    - name: Assert deployment was created
+      ansible.builtin.assert:
+        that:
+          - deployment is defined
+          - deployment.status == 201
+
+    - name: Assert deployment status is pending
+      ansible.builtin.uri:
+        url: "{{ deployment.json.url }}"
+        headers:
+          Authorization: "token {{ github_token }}"
+      register: deployment_status
+
+    - name: Assert deployment status is pending
+      ansible.builtin.assert:
+        that:
+          - deployment_status.json.state == "pending"
+
+    - name: Run close_deployment task
+      ansible.builtin.include_tasks:
+        file: roles/deploy/tasks/main.yml
+        tags: gh_deploy
+
+    - name: Assert deployment status is success
+      ansible.builtin.uri:
+        url: "{{ deployment.json.url }}"
+        headers:
+          Authorization: "token {{ github_token }}"
+      register: deployment_status
+
+    - name: Assert deployment status is success
+      ansible.builtin.assert:
+        that:
+          - deployment_status.json.state == "success"

roles/create_deployment/tasks/fail.yml → roles/deploy/tasks/fail.yml

@@ -1,5 +1,6 @@
-- name: Close a deploy as a failure
-  uri:
+---
+- name: Deploy | close a deploy as a failure
+  ansible.builtin.uri:
       url: '{{ deployment.json.url }}/statuses'
       body_format: json
       method: POST
@@ -10,6 +11,7 @@
       headers:
           Authorization: "token {{ github_token }}"
   when: deployment is defined
+
 - name: Force an unhandled failure to stop deploy
-  fail:
+  ansible.builtin.fail:
       msg: "Deploy did not complete successfully."

roles/create_deployment/tasks/main.yml → roles/deploy/tasks/main.yml

@@ -1,19 +1,19 @@
+---
+# tasks file for roles/deploy
 ###
 # Create a GitHub deployment for project and set its status to pending.
 # Requires close_deployment task to be added also to close deployment as
 # a success.
 ###
-- name: Create a GitHub deployment
-  tags:
-    - gh_deploy
-  run_once: true
+- name: Deploy | create a GitHub deployment
   block:
-    - name: Check for GitHub token, and fail if not present
-      fail:
+    - name: Deploy | check for GitHub token, and fail if not present
+      ansible.builtin.fail:
         msg: "Pass a GitHub API token to -e github_token or set in environment as ANSIBLE_GITHUB_TOKEN"
       when: github_token == ""
-    - name: Create a deployment
-      uri:
+
+    - name: Deploy | create a deployment
+      ansible.builtin.uri:
         url: "{{ deployments_endpoint }}"
         body_format: json
         method: POST
@@ -29,8 +29,9 @@
           X-GitHub-Api-Version: "2022-11-28"
         return_content: true
       register: deployment
-    - name: Set status to in progress
-      uri:
+
+    - name: Deploy | set status to in progress
+      ansible.builtin.uri:
         url: "{{ deployment.json.url }}/statuses"
         body_format: json
         method: POST
@@ -40,5 +41,28 @@
           description: "Deployment in progress"
         headers:
           Authorization: "token {{ github_token }}"
+  tags:
+    - gh_deploy
+  run_once: true
 # No rescue because again, if either of these fail, the error status will
-# likely also fail out.
+  # likely also fail out.
+###
+# Closes a successful GitHub deployment, depends on deployment variable
+# registered by create_deployment task
+###
+
+- name: Deploy | close GitHub deployment as a success.
+  ansible.builtin.uri:
+    url: "{{ deployment.json.url }}/statuses"
+    body_format: json
+    method: POST
+    status_code: 201
+    body:
+      state: "success"
+      description: "Deployment succeeded"
+    headers:
+      Authorization: "token {{ github_token }}"
+  run_once: true
+  tags:
+    - gh_deploy
+  # no rescue because if this fails, closing an errored deploy will too!

roles/deploy/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for roles/deploy