30 lines
851 B
YAML
30 lines
851 B
YAML
name: Production GitOps Engine
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
execute-ansible:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Code Extraction
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Initialize SSH Control Pipeline
|
|
run: |
|
|
mkdir -p ~/.ssh
|
|
echo "${{ secrets.MINIPC_SSH_KEY }}" > ~/.ssh/id_ed25519
|
|
chmod 600 ~/.ssh/id_ed25519
|
|
# Scan host signature to block manual interactive prompts
|
|
ssh-keyscan -H 10.0.10.68 >> ~/.ssh/known_hosts
|
|
|
|
- name: Bootstrap Ansible Runtime
|
|
run: |
|
|
apt-get update && apt-get install -y python3-pip sshpass
|
|
# Pull upstream Ansible to ensure Python 3.12+ compatibility
|
|
pip3 install ansible
|
|
|
|
- name: Run Orchestration Playbook
|
|
run: |
|
|
ansible-playbook -i inventory.ini site.yml |