name: Ansible on: workflow_run: workflows: ["Terraform"] types: - completed branches: - main workflow_dispatch: inputs: tags: description: 'Ansible tags to run' required: false default: '' env: ANSIBLE_VERSION: "2.16" jobs: deploy: name: Deploy Cluster runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' }} || github.event_name == 'workflow_dispatch' steps: - name: Checkout uses: actions/checkout@v4 - name: Download Terraform Outputs if: github.event_name != 'workflow_dispatch' uses: actions/download-artifact@v4 with: name: terraform-outputs path: outputs/ - name: Setup Python uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install Ansible run: | pip install ansible==${{ env.ANSIBLE_VERSION }}.* pip install jinja2 pyyaml kubernetes - name: Setup SSH Key run: | mkdir -p ~/.ssh echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -H ${{ secrets.CONTROL_PLANE_IP }} >> ~/.ssh/known_hosts 2>/dev/null || true - name: Generate Ansible Inventory working-directory: ansible run: | python3 generate_inventory.py env: TF_VAR_hcloud_token: ${{ secrets.HCLOUD_TOKEN }} - name: Run Ansible Playbook working-directory: ansible run: | ansible-playbook site.yml \ ${{ github.event.inputs.tags != '' && format('-t {0}', github.event.inputs.tags) || '' }} \ -e "hcloud_token=${{ secrets.HCLOUD_TOKEN }}" \ -e "cluster_name=k8s-cluster" env: ANSIBLE_HOST_KEY_CHECKING: "False" - name: Upload Kubeconfig uses: actions/upload-artifact@v4 with: name: kubeconfig path: outputs/kubeconfig verify: name: Verify Cluster runs-on: ubuntu-latest needs: deploy steps: - name: Download Kubeconfig uses: actions/download-artifact@v4 with: name: kubeconfig - name: Setup kubectl uses: azure/setup-kubectl@v3 with: version: 'v1.30.0' - name: Verify Cluster run: | export KUBECONFIG=$(pwd)/kubeconfig kubectl get nodes kubectl get pods -A