Is done through Woodpecker-CI itself using the woodpecker ansible plugin.
On the main branch the "deployment" approach is used. This means that every run on the main branch will automatically check the changes and you can apply them by clicking the "deploy" button in the Woodpecker-CI UI.
For reproducibility, a Dockerfile is provided to run the ansible playbook locally.
- Save the ansible vault password under
vault-pass.secret - Run
docker build -t ansible . - Install dependencies:
./ansible.sh ansible-galaxy install -r requirements.yaml
- Run
./ansible.sh
Note
You can execute specific parts of the deployment by using a filter.
For example to only update woodpecker you could use: ./ansible.sh ansible-playbook playbooks/run.yaml --tags woodpecker
enter the environment:
nix develop -c $SHELLrun the playbook as usual:
ansible-playbook playbooks/run.yaml --tags woodpecker- Use
./ssh.sh. This will decrypt the local SSH key and connect to the server.
Note
Only works if you have the vault password stored in vault-pass.secret