From 53677fce762602692614dd6fabb5851b39cd0073 Mon Sep 17 00:00:00 2001
From: Greg Harvey <greg.harvey@gmail.com>
Date: Mon, 6 Oct 2025 17:08:29 +0200
Subject: [PATCH 1/4] Trying an ansible-lint container for GitLab.

---
 .gitlab-ci.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 .gitlab-ci.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 000000000..1fb02f73f
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,12 @@
+---
+before_script:
+  - export $BASH_VARS
+
+stages:
+  - linting
+
+ansible-lint:
+  stage: linting
+  image: registry.gitlab.com/pipeline-components/ansible-lint:latest
+  script:
+    - ansible-lint --show-relpath roles

From 3400a4dd4df725506cd6e2ddf0b3b25fa2bcea10 Mon Sep 17 00:00:00 2001
From: Greg Harvey <greg.harvey@gmail.com>
Date: Mon, 6 Oct 2025 18:16:29 +0200
Subject: [PATCH 2/4] Preparing GitLab CI config for ce-provision tests.

---
 .gitlab-ci.yml | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1fb02f73f..db8a55b63 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,12 +1,70 @@
 ---
+variables:
+  FF_SCRIPT_SECTIONS: "true"
+
 before_script:
   - export $BASH_VARS
 
 stages:
   - linting
+  - builds
 
 ansible-lint:
   stage: linting
   image: registry.gitlab.com/pipeline-components/ansible-lint:latest
   script:
     - ansible-lint --show-relpath roles
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+      when: never
+
+yamllint:
+  stage: linting
+  image: registry.gitlab.com/pipeline-components/yamllint:latest
+  script:
+    - yamllint roles
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: never
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+      when: never
+
+webserver:
+  stage: builds
+  image: debian:bookworm
+  script:
+    - |
+      /usr/bin/apt-get update
+      /usr/bin/apt-get install -y curl sudo
+      /usr/bin/curl -LO ${CI_MERGE_REQUEST_SOURCE_PROJECT_URL}/-/raw/${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}/install.sh
+      /usr/bin/chmod +x ./install.sh
+      /usr/bin/sudo ./install.sh --version ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} --config-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} --docker --no-firewall
+      /usr/bin/git config --global --add safe.directory /home/controller/ce-provision
+      /usr/bin/git config --global --add safe.directory /home/controller/ce-provision/config
+      /usr/sbin/sshd&
+      /usr/bin/su - controller -c "cd /home/controller/ce-provision && /bin/sh /home/controller/ce-provision/scripts/provision.sh --python-interpreter /home/controller/ce-python/bin/python3 --repo dummy --branch dummy --workspace /home/controller/ce-provision/ce-dev/ansible --playbook plays/web/ci.yml --own-branch ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} --config-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} --force"
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+      when: always
+
+gitlabserver:
+  stage: builds
+  image: debian:bookworm
+  script:
+    - |
+      /usr/bin/apt-get update
+      /usr/bin/apt-get install -y curl sudo
+      /usr/bin/curl -LO ${CI_MERGE_REQUEST_SOURCE_PROJECT_URL}/-/raw/${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}/install.sh
+      /usr/bin/chmod +x ./install.sh
+      /usr/bin/sudo ./install.sh --version ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} --config-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} --docker --no-firewall
+      /usr/bin/git config --global --add safe.directory /home/controller/ce-provision
+      /usr/bin/git config --global --add safe.directory /home/controller/ce-provision/config
+      /usr/sbin/sshd&
+      /usr/bin/su - controller -c "cd /home/controller/ce-provision && /bin/sh /home/controller/ce-provision/scripts/provision.sh --python-interpreter /home/controller/ce-python/bin/python3 --repo dummy --branch dummy --workspace /home/controller/ce-provision/ce-dev/ansible --playbook plays/gitlab/ci.yml --own-branch ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} --config-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} --force"
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+      when: always

From 67a2ed8be9c6d58661195b28fa650b151bdbb21c Mon Sep 17 00:00:00 2001
From: Greg Harvey <greg.harvey@gmail.com>
Date: Mon, 6 Oct 2025 18:24:53 +0200
Subject: [PATCH 3/4] Run linters unless merging to 2.x.

---
 .gitlab-ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index db8a55b63..1cdf7f50c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -15,7 +15,7 @@ ansible-lint:
   script:
     - ansible-lint --show-relpath roles
   rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
       when: never
     - if: $CI_PIPELINE_SOURCE == "schedule"
       when: never
@@ -26,7 +26,7 @@ yamllint:
   script:
     - yamllint roles
   rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
       when: never
     - if: $CI_PIPELINE_SOURCE == "schedule"
       when: never

From 829e7ec6df554944a795b1a945d08608f32b3f1f Mon Sep 17 00:00:00 2001
From: Greg Harvey <greg.harvey@gmail.com>
Date: Mon, 6 Oct 2025 18:36:00 +0200
Subject: [PATCH 4/4] Fixed the CI rules for linting.

---
 .gitlab-ci.yml | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1cdf7f50c..906c01077 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -15,8 +15,7 @@ ansible-lint:
   script:
     - ansible-lint --show-relpath roles
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
-      when: never
+    - if: $CI_COMMIT_BRANCH != "$CI_DEFAULT_BRANCH"
     - if: $CI_PIPELINE_SOURCE == "schedule"
       when: never
 
@@ -26,8 +25,7 @@ yamllint:
   script:
     - yamllint roles
   rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
-      when: never
+    - if: $CI_COMMIT_BRANCH != "$CI_DEFAULT_BRANCH"
     - if: $CI_PIPELINE_SOURCE == "schedule"
       when: never
 
@@ -46,7 +44,7 @@ webserver:
       /usr/sbin/sshd&
       /usr/bin/su - controller -c "cd /home/controller/ce-provision && /bin/sh /home/controller/ce-provision/scripts/provision.sh --python-interpreter /home/controller/ce-python/bin/python3 --repo dummy --branch dummy --workspace /home/controller/ce-provision/ce-dev/ansible --playbook plays/web/ci.yml --own-branch ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} --config-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} --force"
   rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_PIPELINE_SOURCE == "schedule"
       when: always
 
@@ -65,6 +63,6 @@ gitlabserver:
       /usr/sbin/sshd&
       /usr/bin/su - controller -c "cd /home/controller/ce-provision && /bin/sh /home/controller/ce-provision/scripts/provision.sh --python-interpreter /home/controller/ce-python/bin/python3 --repo dummy --branch dummy --workspace /home/controller/ce-provision/ce-dev/ansible --playbook plays/gitlab/ci.yml --own-branch ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} --config-branch ${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} --force"
   rules:
-    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
     - if: $CI_PIPELINE_SOURCE == "schedule"
       when: always