50 lines
1.6 KiB
YAML
50 lines
1.6 KiB
YAML
name: Ansible / Reboot Recovery Contract
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
paths:
|
|
- 'infra/ansible/**'
|
|
- 'ops/monitoring/**'
|
|
- 'ops/reboot-recovery/**'
|
|
- 'scripts/backup/**'
|
|
- 'scripts/ops/**'
|
|
- 'scripts/reboot-recovery/**'
|
|
- 'docs/**'
|
|
- '.gitea/workflows/**'
|
|
pull_request:
|
|
paths:
|
|
- 'infra/ansible/**'
|
|
- 'ops/monitoring/**'
|
|
- 'ops/reboot-recovery/**'
|
|
- 'scripts/backup/**'
|
|
- 'scripts/ops/**'
|
|
- 'scripts/reboot-recovery/**'
|
|
- 'docs/**'
|
|
- '.gitea/workflows/**'
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
validate:
|
|
runs-on: self-hosted
|
|
timeout-minutes: 15
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Bootstrap Ansible validation env
|
|
run: bash scripts/ops/bootstrap-ansible-validation-env.sh
|
|
|
|
- name: Run Ansible and reboot-recovery validation
|
|
run: |
|
|
set -euo pipefail
|
|
export PATH="${ANSIBLE_VALIDATION_VENV:-/tmp/awoooi-ansible-venv}/bin:$PATH"
|
|
bash scripts/ops/ansible-validate.sh
|
|
python3 scripts/ops/doc-secrets-sanity-check.py docs .gitea
|
|
python3 scripts/ops/backup-alert-label-contract-check.py
|
|
python3 scripts/ops/recovery-scorecard-contract-check.py
|
|
python3 -m py_compile scripts/ops/backup-alert-live-visibility-check.py
|
|
bash -n scripts/reboot-recovery/full-stack-recovery-scorecard.sh
|
|
bash -n scripts/reboot-recovery/dr-offsite-operator-checklist.sh
|
|
bash -n scripts/reboot-recovery/verify-cold-start-monitor-deploy.sh
|
|
bash scripts/reboot-recovery/reboot-recovery-readiness-audit.sh --no-color
|