first commit
This commit is contained in:
commit
e251055dd7
15
.woodpecker.yml
Normal file
15
.woodpecker.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
pipeline:
|
||||
molecule:
|
||||
image: docker:stable-dind
|
||||
pull: true
|
||||
commands:
|
||||
- apk add --no-cache python3 python3-dev py3-pip gcc git curl build-base
|
||||
autoconf automake py3-cryptography linux-headers musl-dev libffi-dev
|
||||
openssl-dev openssh
|
||||
- docker info
|
||||
- python3 --version
|
||||
- python3 -m pip install ansible molecule[docker]
|
||||
- ansible --version
|
||||
- molecule --version
|
||||
- molecule test
|
42
README.md
Normal file
42
README.md
Normal file
@ -0,0 +1,42 @@
|
||||
# Ansible Role: woodpecker
|
||||
|
||||
Installs woodpecker-ci server and agent as containers.
|
||||
|
||||
All known versioning tools can be configured.
|
||||
|
||||
Currently only Let's Encrypt certificates are supported and no self-created or self-signed certificates.
|
||||
|
||||
## Requirements
|
||||
|
||||
* [Docker Community Collection](https://galaxy.ansible.com/community/docker)
|
||||
|
||||
* [Docker](https://github.com/geerlingguy/ansible-role-docker)
|
||||
* [pip](https://github.com/geerlingguy/ansible-role-pip)
|
||||
|
||||
## Role Variables
|
||||
|
||||
Available variables are listed in `defaults/main.yml` and `templates/server.env.j2`. A lot of variables omitted by default.
|
||||
|
||||
## Dependencies
|
||||
|
||||
None.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```YAML
|
||||
- hosts: server
|
||||
become: true
|
||||
roles:
|
||||
- rhiz0et.woodpecker
|
||||
vars:
|
||||
woodpecker_admins: myadmin
|
||||
woodpecker_host: https://ci.myhost.de
|
||||
```
|
||||
|
||||
## License
|
||||
|
||||
GPL-3.0-or-later
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2021 by [rhiz0et](https://codeberg.org/rhiz0et).
|
73
defaults/main.yml
Normal file
73
defaults/main.yml
Normal file
@ -0,0 +1,73 @@
|
||||
---
|
||||
# Define the root directory for woodpecker files
|
||||
woodpecker_rootdir: /opt/woodpecker
|
||||
|
||||
# Define the container version of woodpecker
|
||||
woodpecker_version: latest-alpine
|
||||
|
||||
# Set to true to enable registration to all users in an organization
|
||||
woodpecker_open_registration: true
|
||||
|
||||
# Define the organizations which should run pipelines
|
||||
# woodpecker_allowed_organizations: org1,org2
|
||||
|
||||
# Define the admins for woodpecker
|
||||
woodpecker_admins: user1,user2
|
||||
|
||||
# Define which repos should be synced. Especially for github
|
||||
# woodpecker_repo_owners: repo1,repo2
|
||||
|
||||
# Define the woodpecker domain
|
||||
woodpecker_host: https://ci.example.com
|
||||
|
||||
# Define the agent secret for the server and the agent: `pwgen 64 1`
|
||||
woodpecker_agent_secret: "zueThahchohwee7ohvooqueSh8Pah8choodeibouyaing0mo5ang4xee0ong9bai"
|
||||
# Define maximal processes for the agent
|
||||
woodpecker_agent_max_procs: "2"
|
||||
|
||||
# Define another database as sqlite3. You can choose between MySQL/MariaDB and PostgreSQL.
|
||||
# Set this to `mysql` or `postgres`
|
||||
# woodpecker_database_driver: postgres
|
||||
# Define the datasource for the matching driver.
|
||||
# More information: https://woodpecker-ci.org/docs/administration/database
|
||||
# woodpecker_database_datasource: postgres://root:password@1.2.3.4:5432/postgres?sslmode=disable
|
||||
|
||||
# Define your own docker config
|
||||
# woodpecker_docker_config_path: /home/user/.docker/config.json
|
||||
|
||||
# Define github
|
||||
woodpecker_github: false
|
||||
woodpecker_github_url: https://github.com
|
||||
woodpecker_github_client: 95c0282573633eb25e82
|
||||
woodpecker_github_secret: 30f5064039e6b359e075
|
||||
|
||||
# Define gitea
|
||||
woodpecker_gitea: true
|
||||
woodpecker_gitea_url: https://codeberg.org
|
||||
woodpecker_gitea_client: 95c0282573633eb25e82
|
||||
woodpecker_gitea_secret: 30f5064039e6b359e075
|
||||
|
||||
# Define gitlab
|
||||
woodpecker_gitlab: false
|
||||
woodpecker_gitlab_url: http://gitlab.mycompany.com
|
||||
woodpecker_gitlab_client: 95c0282573633eb25e82
|
||||
woodpecker_gitlab_secret: 30f5064039e6b359e075
|
||||
|
||||
# Define bitbucket
|
||||
woodpecker_bitbucket: false
|
||||
woodpecker_bitbucket_client: 95c0282573633eb25e82
|
||||
woodpecker_bitbucket_secret: 30f5064039e6b359e075
|
||||
|
||||
# Define bitbucket server
|
||||
woodpecker_bitbucket_server: false
|
||||
woodpecker_bitbucket_server_url: http://stash.mycompany.com
|
||||
woodpecker_bitbucket_server_consumer_key: 95c0282573633eb25e82
|
||||
woodpecker_bitbucket_server_consumer_rsa: /etc/bitbucket/key.pem
|
||||
woodpecker_bitbucket_server_git_username: foo
|
||||
woodpecker_bitbucket_server_git_password: bar
|
||||
|
||||
# Enable or disable watchtower for automatic updates of the containers
|
||||
woodpecker_watchtower: true
|
||||
# Define the schedule when watchtower should pull for new images and update the containers.
|
||||
# "0 0 3 * * *" means every day at 3:00.
|
||||
woodpecker_watchtower_schedule: "0 0 3 * * *"
|
21
meta/main.yml
Normal file
21
meta/main.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
dependencies: []
|
||||
|
||||
galaxy_info:
|
||||
role_name: woodpecker
|
||||
author: rhiz0et
|
||||
description: Woodpecker-CI Server and Agent for most version control systems.
|
||||
license: "license (GPL-3.0-or-later)"
|
||||
min_ansible_version: 2.10
|
||||
platforms:
|
||||
- name: Debian
|
||||
versions:
|
||||
- all
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- all
|
||||
galaxy_tags:
|
||||
- automation
|
||||
- networking
|
||||
- system
|
||||
- ci
|
19
molecule/default/converge.yml
Normal file
19
molecule/default/converge.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
|
||||
pre_tasks:
|
||||
- name: Update the apt cache
|
||||
apt:
|
||||
update_cache: true
|
||||
|
||||
roles:
|
||||
- role: geerlingguy.pip
|
||||
vars:
|
||||
pip_install_packages:
|
||||
- name: docker
|
||||
- role: geerlingguy.docker
|
||||
vars:
|
||||
- docker_install_compose: false
|
||||
- role: rhiz0et.woodpecker
|
17
molecule/default/molecule.yml
Normal file
17
molecule/default/molecule.yml
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: instance
|
||||
image: "docker.io/geerlingguy/docker-debian11-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
playbooks:
|
||||
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
|
3
molecule/default/requirements.yml
Normal file
3
molecule/default/requirements.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
- src: geerlingguy.pip
|
||||
- src: geerlingguy.docker
|
71
tasks/main.yml
Normal file
71
tasks/main.yml
Normal file
@ -0,0 +1,71 @@
|
||||
---
|
||||
- name: Create rootdir
|
||||
ansible.builtin.file:
|
||||
path: "{{ woodpecker_rootdir }}"
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: Template server.env-file
|
||||
ansible.builtin.template:
|
||||
src: server.env.j2
|
||||
dest: "{{ woodpecker_rootdir }}/server.env"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: Create the woodpecker network
|
||||
community.docker.docker_network:
|
||||
name: woodpecker-net
|
||||
|
||||
- name: Create and start the woodpecker-server container
|
||||
community.docker.docker_container:
|
||||
name: woodpecker-server
|
||||
restart_policy: always
|
||||
pull: true
|
||||
cap_drop: all
|
||||
networks:
|
||||
- name: woodpecker-net
|
||||
published_ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
volumes:
|
||||
- "{{ woodpecker_rootdir }}/data:/var/lib/woodpecker"
|
||||
env_file: "{{ woodpecker_rootdir }}/server.env"
|
||||
image: "woodpeckerci/woodpecker-server:{{ woodpecker_version }}"
|
||||
|
||||
- name: Create and start the woodpecker-agent container
|
||||
community.docker.docker_container:
|
||||
name: woodpecker-agent
|
||||
restart_policy: always
|
||||
pull: true
|
||||
cap_drop: all
|
||||
networks:
|
||||
- name: woodpecker-net
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
env:
|
||||
WOODPECKER_SERVER: woodpecker-server:9000
|
||||
WOODPECKER_AGENT_SECRET: "{{ woodpecker_agent_secret }}"
|
||||
WOODPECKER_MAX_PROCS: "{{ woodpecker_agent_max_procs }}"
|
||||
image: "woodpeckerci/woodpecker-agent:{{ woodpecker_version }}"
|
||||
|
||||
- name: Create and start the watchtower container if wanted
|
||||
docker_container:
|
||||
name: watchtower
|
||||
restart_policy: always
|
||||
pull: true
|
||||
networks:
|
||||
- name: woodpecker-net
|
||||
userns_mode: host
|
||||
privileged: true
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
env:
|
||||
WATCHTOWER_CLEANUP: "true"
|
||||
WATCHTOWER_SCHEDULE: "{{ woodpecker_watchtower_schedule }}"
|
||||
WATCHTOWER_NO_STARTUP_MESSAGE: "true"
|
||||
TZ: Europe/Berlin
|
||||
image: containrrr/watchtower:latest
|
||||
when: woodpecker_watchtower | bool
|
72
templates/server.env.j2
Normal file
72
templates/server.env.j2
Normal file
@ -0,0 +1,72 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
WOODPECKER_OPEN={{ woodpecker_open_registration }}
|
||||
WOODPECKER_ORGS={{ woodpecker_allowed_organizations | default(None) }}
|
||||
WOODPECKER_LETS_ENCRYPT=true
|
||||
WOODPECKER_ADMIN={{ woodpecker_admins }}
|
||||
WOODPECKER_REPO_OWNERS={{ woodpecker_repo_owners | default(None) }}
|
||||
WOODPECKER_HOST={{ woodpecker_host }}
|
||||
WOODPECKER_AGENT_SECRET={{ woodpecker_agent_secret }}
|
||||
|
||||
{%- if woodpecker_database_driver is defined -%}
|
||||
WOODPECKER_DATABASE_DRIVER={{ woodpecker_database_driver }}
|
||||
WOODPECKER_DATABASE_DATASOURCE={{ woodpecker_database_datasource }}
|
||||
{% endif %}
|
||||
|
||||
{%- if woodpecker_docker_config_path is defined -%}
|
||||
WOODPECKER_DOCKER_CONFIG={{ woodpecker_docker_config_path }}
|
||||
{% endif %}
|
||||
|
||||
{% if woodpecker_github %}
|
||||
WOODPECKER_GITHUB=true
|
||||
WOODPECKER_GITHUB_URL={{ woodpecker_github_url }}
|
||||
WOODPECKER_GITHUB_CLIENT={{ woodpecker_github_client }}
|
||||
WOODPECKER_GITHUB_SECRET={{ woodpecker_github_secret }}
|
||||
WOODPECKER_GITHUB_SCOPE={{ woodpecker_github_scope | default(None) }}
|
||||
WOODPECKER_GITHUB_GIT_USERNAME={{ woodpecker_github_git_username | default(None) }}
|
||||
WOODPECKER_GITHUB_GIT_PASSWORD={{ woodpecker_github_git_password | default(None) }}
|
||||
WOODPECKER_GITHUB_PRIVATE_MODE={{ woodpecker_github_private_mode | default(None) }}
|
||||
WOODPECKER_GITHUB_MERGE_REF={{ woodpecker_github_merge_ref | default(None) }}
|
||||
WOODPECKER_GITHUB_CONTEXT={{ woodpecker_github_context | default(None) }}
|
||||
WOODPECKER_GITHUB_SKIP_VERIFY={{ woodpecker_github_skip_verify | default(None) }}
|
||||
{% endif %}
|
||||
|
||||
{% if woodpecker_gitea %}
|
||||
WOODPECKER_GITEA=true
|
||||
WOODPECKER_GITEA_URL={{ woodpecker_gitea_url }}
|
||||
WOODPECKER_GITEA_CLIENT={{ woodpecker_gitea_client }}
|
||||
WOODPECKER_GITEA_SECRET={{ woodpecker_gitea_secret }}
|
||||
WOODPECKER_GITEA_CONTEXT={{ woodpecker_gitea_context | default(None) }}
|
||||
WOODPECKER_GITEA_GIT_USERNAME={{ woodpecker_gitea_git_username | default(None) }}
|
||||
WOODPECKER_GITEA_GIT_PASSWORD={{ woodpecker_gitea_git_password | default(None) }}
|
||||
WOODPECKER_GITEA_PRIVATE_MODE={{ woodpecker_gitea_private_mode | default(None) }}
|
||||
WOODPECKER_GITEA_SKIP_VERIFY={{ woodpecker_gitea_skip_verify | default(None) }}
|
||||
{% endif %}
|
||||
|
||||
{% if woodpecker_gitlab %}
|
||||
WOODPECKER_GITLAB=true
|
||||
WOODPECKER_GITLAB_URL={{ woodpecker_gitlab_url }}
|
||||
WOODPECKER_GITLAB_CLIENT={{ woodpecker_gitlab_client }}
|
||||
WOODPECKER_GITLAB_SECRET={{ woodpecker_gitlab_secret }}
|
||||
WOODPECKER_GITLAB_CONTEXT={{ woodpecker_gitlab_context | default(None) }}
|
||||
WOODPECKER_GITLAB_GIT_USERNAME={{ woodpecker_gitlab_git_username | default(None) }}
|
||||
WOODPECKER_GITLAB_GIT_PASSWORD={{ woodpecker_gitlab_git_password | default(None) }}
|
||||
WOODPECKER_GITLAB_PRIVATE_MODE={{ woodpecker_gitlab_private_mode | default(None) }}
|
||||
WOODPECKER_GITLAB_SKIP_VERIFY={{ woodpecker_gitlab_skip_verify | default(None) }}
|
||||
{% endif %}
|
||||
|
||||
{% if woodpecker_bitbucket %}
|
||||
WOODPECKER_BITBUCKET=true
|
||||
WOODPECKER_BITBUCKET_CLIENT={{ woodpecker_bitbucket_client }}
|
||||
WOODPECKER_BITBUCKET_SECRET={{ woodpecker_bitbucket_secret }}
|
||||
{% endif %}
|
||||
|
||||
{% if woodpecker_bitbucket_server %}
|
||||
WOODPECKER_STASH=true
|
||||
WOODPECKER_STASH_URL={{ woodpecker_bitbucket_server_url }}
|
||||
WOODPECKER_STASH_CONSUMER_KEY={{ woodpecker_bitbucket_server_consumer_key }}
|
||||
WOODPECKER_STASH_CONSUMER_RSA={{ woodpecker_bitbucket_server_consumer_rsa }}
|
||||
WOODPECKER_STASH_CONSUMER_RSA_STRING={{ woodpecker_bitbucket_server_consumer_rsa_string | default(None) }}
|
||||
WOODPECKER_STASH_GIT_USERNAME={{ woodpecker_bitbucket_server_git_username }}
|
||||
WOODPECKER_STASH_GIT_PASSWORD={{ woodpecker_bitbucket_server_git_password }}
|
||||
{% endif %}
|
Loading…
Reference in New Issue
Block a user