CI/CD Pipeline

Belangrijk: vereiste runner‑tag: Wildfire_CICD_Runner.

Stages:

• Build: bouwt/updated Ansible image (Dockerfile)
• Lint: inventories, playbooks, roles
• Test: container scanning, connectivity
• Deploy: frontend/backend naar staging of productie
• Cleanup: docker prune

Pipeline yaml (uittreksel)

workflow:
  name: $PIPELINE_TITLE
  rules:
    - if: $CI_COMMIT_BRANCH == "Staging"
      variables:
        PIPELINE_TITLE: 'Ansible: Staging Pipeline'
        DOCKER_EXECUTOR: 'Staging_Docker_Executor'
        SHELL_EXECUTOR: 'Staging_Shell_Executor'
    - if: $CI_COMMIT_BRANCH == "Production"
      variables:
        PIPELINE_TITLE: 'Ansible: Production Pipeline'
        DOCKER_EXECUTOR: 'Production_Docker_Executor'
        SHELL_EXECUTOR: 'Production_Shell_Executor'
    - if: $CI_COMMIT_BRANCH != "Development" && $CI_COMMIT_BRANCH != "Staging" && $CI_COMMIT_BRANCH != "Production"
      variables:
        ANSIBLE_IMAGE: $CI_REGISTRY_IMAGE/testing

Jobs gebruiken een helper echo.sh om logtitels te tonen. Lint jobs roepen scripts in ci/ aan:

bash ci/lintInventories.sh
bash ci/lintPlaybooks.sh
bash ci/lintRoles.sh

Connectivity checks:

ansible-playbook full.yml --tags "controlhost" -i inventory/staging/hosts.yml --vault-password-file /tmp/vaultpass
ansible all -m ansible.builtin.ping -i inventory/staging/hosts.yml --vault-password-file /tmp/vaultpass

Deploy jobs:

• Frontend/Backend Staging op branch Staging met env‑var COMPONENT
• Frontend/Backend Production op branch fix_ProxyRole (pas aan naar Production of main)

Cleanup (shell runner):

docker system prune -f
docker image prune -af
docker container prune -f
docker volume prune -af