fix path for ssh key #86
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Configure Image Factory VM | |
on: | |
push: | |
paths: | |
- ".github/workflows/ansible-configure-if-vm.yml" | |
- "ansible/**" | |
workflow_dispatch: | |
jobs: | |
configure-vm: | |
runs-on: ubuntu-latest | |
env: | |
# Tell GitHub which VM host to use (air-gapped or development) -> TODO: remove when devel env is no longer needed | |
VM_ENV: ${{ vars.VM_ENV }} | |
REGISTRY: ${{ secrets.REGISTRY }} | |
ACR_USERNAME: ${{ secrets.ACR_USERNAME }} | |
ACR_PASSWORD: ${{ secrets.ACR_PASSWORD }} | |
GH_PAT_TOKEN: ${{ secrets.GH_PAT_TOKEN }} | |
GH_OWNER: ${{ vars.GH_OWNER }} | |
GH_REPO: ${{ vars.GH_REPO }} | |
ACR_RUNNER_IMAGE_NAME: ${{ vars.ACR_RUNNER_IMAGE_NAME }} | |
ANSIBLE_VERSION: 2.17.4 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
# Development environment - VM host with internet access -> TODO: remove when devel env is no longer needed | |
- name: Template Ansible private key file for development environment | |
uses: cuchi/[email protected] | |
env: | |
SSH_KEY: ${{ secrets.AZURE_VM_SSH_KEY }} | |
if: env.VM_ENV == 'development' | |
with: | |
template: ansible/templates/ansible_ssh_key.j2 | |
output_file: ansible/ansible_ssh_key | |
- name: Template Ansible inventory for development environment | |
uses: cuchi/[email protected] | |
env: | |
RUNNER_HOST_IP: ${{ secrets.AZURE_IF_RUNNER_IP }} | |
if: env.VM_ENV == 'development' | |
with: | |
template: ansible/templates/inventory.ini.j2 | |
output_file: ansible/inventory.ini | |
# Air-gapped environment - VM host without internet access | |
- name: Template Ansible private key file for air-gapped environment | |
uses: cuchi/[email protected] | |
env: | |
SSH_KEY: ${{ secrets.SSH_KEY }} | |
if: env.VM_ENV == 'air-gapped' # -> TODO: remove condition when devel env is no longer needed | |
with: | |
template: ansible/templates/ansible_ssh_key.j2 | |
output_file: ansible/ansible_ssh_key | |
- name: Template Ansible inventory for air-gapped environment | |
uses: cuchi/[email protected] | |
env: | |
JUMPHOST_IP: ${{ secrets.JUMPHOST_IP }} | |
RUNNER_HOST_IP: ${{ secrets.RUNNER_HOST_IP }} | |
if: env.VM_ENV == 'air-gapped' # -> TODO: remove condition when devel env is no longer needed | |
with: | |
template: ansible/templates/inventory.ini.j2 | |
output_file: ansible/inventory.ini | |
- name: Template Ansible vars file | |
uses: cuchi/[email protected] | |
with: | |
template: ansible/templates/group_vars_all.yml.j2 | |
output_file: ansible/group_vars/all.yml | |
- name: Install Ansible and add SSH key for connection | |
run: | | |
pip3 install ansible | |
ansible-playbook --version | |
eval "$(ssh-agent -s)" | |
chmod 600 ansible/ansible_ssh_key | |
ssh-add ansible/ansible_ssh_key | |
- name: Test connection to air-gapped VM (needed populate known_hosts file) | |
if: env.VM_ENV == 'air-gapped' # -> TODO: remove condition when devel env is no longer needed | |
run: | | |
ssh_command="ssh -o StrictHostKeyChecking=no azureadmin@${JUMPHOST_IP} 'ssh -o StrictHostKeyChecking=no azureadmin@${RUNNER_HOST_IP} whoami'" | |
eval $ssh_command | |
- name: Configure VM with ansible | |
run: | | |
cd ansible | |
ansible-playbook configure-image-factory-vm.yml | |
# TODO: change devel VM vars here and on github | |
# # - name: Configure VM with ansible | |
# # run: | | |
# # cd ansible | |
# # cat inventory.ini | |
# # ssh-add ansible_ssh_key | |
# # ssh_command="ssh -o StrictHostKeyChecking=no azureadmin@${JUMPHOST_IP} 'ssh -o StrictHostKeyChecking=no azureadmin@${RUNNER_HOST_IP} whoami'" | |
# # eval $ssh_command | |
# # ansible-playbook configure-image-factory-vm.yml | |
# OLD | |
# - name: Install Ansible | |
# run: | | |
# pip3 install ansible | |
# ansible-playbook --version | |
# # - name: Configure VM with ansible | |
# # run: | | |
# # cd ansible | |
# # cat inventory.ini | |
# # eval "$(ssh-agent -s)" | |
# # chmod 600 ansible_ssh_key | |
# # ssh-add ansible_ssh_key | |
# # ssh_command="ssh -o StrictHostKeyChecking=no azureadmin@${JUMPHOST_IP} 'ssh -o StrictHostKeyChecking=no azureadmin@${RUNNER_HOST_IP} whoami'" | |
# # eval $ssh_command | |
# # ansible-playbook configure-image-factory-vm.yml |