apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
  name: j7s-ansible-build
spec:
  workspaces:
  - name: source
  - name: ssh-directory
  params:
  - name: deploy
  - name: ansible-file-path
  steps:
  - image: harbor.internal.jpace121.net/k8s/ansible-podman:latest
    securityContext:
      privileged: true
    script: |
      #!/usr/bin/env bash
      set -ex
      cp -r $(workspaces.ssh-directory.path) ~/.ssh
      chmod 700 ~/.ssh
      chmod -R 400 ~/.ssh/*
      ssh-keyscan -H -p 2222 git.jpace121.net >> ~/.ssh/known_hosts
      ssh-keyscan -H         packages.jpace121.net >> ~/.ssh/known_hosts

      cd $(workspaces.source.path)
      ansible-playbook -vvvv --skip-tags deploy -i $(params.ansible-file-path)/inventory.yaml $(params.ansible-file-path)/build.yaml

      if [[ $(params.deploy) == "true" ]]; then
        ansible-playbook -vvvv --tags deploy -i $(params.ansible-file-path)/inventory.yaml $(params.ansible-file-path)/build.yaml
      fi