Merge pull request #3 from Diesel-Net/development

rotate secret

Author: tomdaley92

.ansible/inventory/production/group_vars/tools/config.yaml

@@ -0,0 +1,2 @@
+domain: ldap.diesel.net
+admin_password: "{{ lookup('env', 'LDAP_ADMIN_PASSWORD') }}"

.ansible/inventory/stable/hosts .ansible/inventory/production/hosts.ansible/inventory/stable/hosts renamed to .ansible/inventory/production/hosts

@@ -7,22 +7,43 @@ clone:
   depth: 1
 
 steps:
-  - name: deploy
+  - name: configure & deploy (development)
     image: plugins/ansible:3
     environment:
       ANSIBLE_CONFIG: .ansible/ansible.cfg
     settings:
+      inventory: .ansible/inventory/development/hosts
       playbook: .ansible/deploy.yaml
       galaxy: .ansible/roles/requirements.yaml
       private_key:
-        from_secret: ansible_private_key
+        from_secret: automation_id_rsa
       vault_password:
         from_secret: ansible_vault_password
-    commands:
-      # dynamically select inventory based on Git branch/tag
-      - version=$DRONE_BRANCH
-      - if [ ! -z $DRONE_TAG ]; then version=production; fi
-      - /bin/drone-ansible --inventory .ansible/inventory/$$version/hosts
+    when:
+      branch:
+        - development
+      event:
+        - push
+
+  - name: configure & deploy (production)
+    image: plugins/ansible:3
+    environment:
+      ANSIBLE_CONFIG: .ansible/ansible.cfg
+      LDAP_ADMIN_PASSWORD:
+        from_secret: ldap_admin_password
+    settings:
+      playbook: .ansible/deploy.yaml
+      inventory: .ansible/inventory/production/hosts
+      galaxy: .ansible/roles/requirements.yaml
+      private_key:
+        from_secret: automation_id_rsa
+      vault_password:
+        from_secret: ansible_vault_password
+    when:
+      branch:
+        - stable
+      event:
+        - push
 
 trigger:
   branch: