Ansible role: gpii-ci-worker
Minimal Ansible role to manage CentOS 7.3 worker nodes running CI/CD for the GPII. This includes:
- gitlab-runner via ansible-gitlab-runner
- Terraform and Terragrunt
- jq
- rvm and bundler
- git configuration for
gitlab-runner
user - ssh config (private key delivered out-of-band)
Requirements
- CentOS 7.x
- Ansible 2.x
- systemd
- ansible-gitlab-runner
Role Variables
# Docker Registry credentials are only active in production. Define these in
# vault.yml.
# gpii_ci_worker_docker_username: alice
# gpii_ci_worker_docker_password: secret
# gpii_ci_worker_docker_email: alice@example.com
# Passed to ansible-gitlab-runner
gpii_ci_worker_gitlab_runner_concurrent: 4
# Passed to ansible-gitlab-runner
gpii_ci_worker_gitlab_runner_registration_token: ""
# Passed to ansible-gitlab-runner
gpii_ci_worker_gitlab_runner_list: []
gpii_ci_worker_terraform_version: 0.9.5
# From e.g. https://releases.hashicorp.com/terraform/{{ gpii_ci_worker_terraform_version }}/terraform_{{ gpii_ci_worker_terraform_version }}_SHA256SUMS
gpii_ci_worker_terraform_checksum: sha256:0cbb5474c76d878fbc99e7705ce6117f4ea0838175c13b2663286a207e38d783
gpii_ci_worker_terragrunt_version: 0.12.6
gpii_ci_worker_kubectl_version: v1.7.2
gpii_ci_worker_kops_version: 1.6.2
gpii_ci_worker_jq_version: 1.5
gpii_ci_worker_ruby_version: 2.4.0
Example Playbook
- hosts: servers
roles:
- ansible-gpii-ci-worker
Tests
Use molecule to test this role.
Because this role depends on systemd and might one day need SELinux (as related role ansible-influxdb does), only a Vagrant provider is configured at the moment.
License
MIT
Author Information
Raising the Floor - US