name: Ansible Deploy
on: [push]
jobs:
  deploy:
    runs-on: ubuntu-latest
    env:
      RUNNER_TOOL_CACHE: /toolcache
    strategy:
      matrix:
        playbook:
          - Ansible/openssh.yml
          - Ansible/cloudflare-dns.yml
          - Ansible/heartbeat.yml
          - Ansible/debian.yml
    steps:
      - name: Copy SSH Key
        run: | 
          mkdir ~/.ssh/
          echo "Host *" > ~/.ssh/config
          echo "    StrictHostKeyChecking no" >> ~/.ssh/config
          echo '${{secrets.SSH_PRIVATE_KEY}}' > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa

      - uses: actions/checkout@v3
        with:
          submodules: recursive

      - name: Install Ansible
        run: |
          apt update -y
          apt install python3-pip -y
          python3 -m pip install ansible

      #- name: Install Ansible Galaxy requirements
      #  run: |
      #    ansible-galaxy install -r requirements.yaml

      - name: Run playbook
        uses: dawidd6/action-ansible-playbook@v2
        with:
          playbook: ${{ matrix.playbook }}
          directory: ./
          key: ${{secrets.SSH_PRIVATE_KEY}}
          vault_password: ${{secrets.VAULT_PASSWORD}}

          # requirements: requirements.yaml

          options: |
            --inventory Ansible/inventory.ini
            --extra-vars "@Ansible/homelab-vault/secrets.yml"