cicd: add playbook

playbook.yml

@@ -0,0 +1,15 @@
+- hosts: localhost
+  connection: local
+  vars_files:
+  - vars/aws.yml
+
+  environment:
+    AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
+    AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
+    AWS_DEFAULT_REGION: "{{ aws_region }}"
+    AWS_ACCOUNT_ID: "{{ aws_account_id }}"
+
+  tasks:
+    - name: Include main tasks
+      include_tasks: tasks/main.yml
+      

tasks/main.yml

@@ -0,0 +1,29 @@
+- name: Authenticate Docker to ECR
+  shell: >
+    aws ecr get-login-password --region {{ aws_region }} | podman login --username AWS --password-stdin {{ aws_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com
+
+- name: Pull image from ECR for crm-client
+  shell: >
+    podman pull {{ aws_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com/prod/crm-client:latest
+
+- name: Pull image from ECR for crm-server
+  containers.podman.podman_image:
+    name: "{{ aws_account_id }}.dkr.ecr.{{ aws_region }}.amazonaws.com/prod/crm-server"
+    state: present
+  register: pulled_image_crm_server_result
+
+- name: Copy crm-server.container file if image was pulled
+  ansible.builtin.copy:
+    src: containers/crm-server.container
+    dest: "{{ ansible_env.HOME }}/.config/containers/systemd/crm-server.container"
+  when: pulled_image_crm_server_result.changed
+  register: copy_crm_server_container_file_result
+
+- name: Restart crm-server systemd service if container file was copied
+  ansible.builtin.systemd:
+    name: crm-server
+    state: restarted
+    scope: user
+    daemon_reload: yes
+  when: copy_crm_server_container_file_result.changed
+