From c6bd67e1e9073414c0cb54cc4db637c2639a874f Mon Sep 17 00:00:00 2001
From: Matthew McKinnon <mmckinnon@comprofix.com>
Date: Sun, 6 Oct 2024 01:10:10 +1000
Subject: [PATCH] feat: add ansible workflow

---
 .gitea/workflows/deploy-containers.yml | 39 ++++++++++++++++++++++++++
 .gitea/workflows/deploy.sh             | 14 +++++++++
 2 files changed, 53 insertions(+)
 create mode 100644 .gitea/workflows/deploy-containers.yml
 create mode 100644 .gitea/workflows/deploy.sh

diff --git a/.gitea/workflows/deploy-containers.yml b/.gitea/workflows/deploy-containers.yml
new file mode 100644
index 0000000..741e2c4
--- /dev/null
+++ b/.gitea/workflows/deploy-containers.yml
@@ -0,0 +1,39 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  deploy:
+    name: Prepare Build
+    runs-on: homelab
+    container: alpine:latest
+    steps:
+      - name: Install dependencies
+        run: |
+          apk update
+          apk add --no-cache nodejs npm git bash openssh python3 py3-pip py3-passlib
+          python3 -m pip install --user ansible  --break-system-packages
+          export PATH="/root/.local/bin:$PATH"
+         
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      
+      - name: Deploy containers
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
+          chmod 644 ~/.ssh/known_hosts
+          eval $(ssh-agent -s)
+          ssh-add <(echo "${{ secrets.SSH_PRIVATE_KEY }}")
+          echo "HOST *" > ~/.ssh/config
+          echo "StrictHostKeyChecking no" >> ~/.ssh/config
+          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > ~/.vault_password.txt
+          echo "nameserver 10.10.10.1" > /etc/resolv.conf
+          ./.gitea/workflows/deploy.sh "${{ github.event.before }}" "${{ github.sha }}"
+
+          
\ No newline at end of file
diff --git a/.gitea/workflows/deploy.sh b/.gitea/workflows/deploy.sh
new file mode 100644
index 0000000..0bf6124
--- /dev/null
+++ b/.gitea/workflows/deploy.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+changed_tasks=($(git diff --name-only $1 $2 | grep '\.yml$'))
+if [ ! -z "$changed_tasks" ]; then
+    for task in "${changed_tasks[@]}"; do
+        tag=$(echo "$task" | awk -F/ '{print $2}')
+        if [[ "$tag" != "deploy-homelab.yml" && "$tag" != "main.yml" && "$tag" != "all.yml" && "$tag" != "all.example.yml" && "$tag" != "ISSUE_TEMPLATE" && "$tag" != "workflows"   ]] ; then
+           tag=${tag%.*}_install
+           /root/.local/bin/ansible-playbook main.yml --tags "$tag" --vault-password-file ~/.vault_password.txt          
+        fi
+    done
+else
+    echo "No changes detected in task files. Skipping Ansible playbook execution."
+fi
\ No newline at end of file