From 24336dc995fa0c9256f3c85b7767a14355117c4f Mon Sep 17 00:00:00 2001
From: Varac <varac@varac.net>
Date: Wed, 24 Apr 2019 17:15:45 +0200
Subject: [PATCH] Pin git repos to specific versions (closes #120)

---
 ansible/group_vars/cluster/settings.yml.example | 5 +++++
 ansible/roles/setup/tasks/main.yml              | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/ansible/group_vars/cluster/settings.yml.example b/ansible/group_vars/cluster/settings.yml.example
index 6fce66e69..694a3ac46 100644
--- a/ansible/group_vars/cluster/settings.yml.example
+++ b/ansible/group_vars/cluster/settings.yml.example
@@ -17,3 +17,8 @@ nextcloud_password: "{{ lookup('password', './secrets/nextcloud_admin_password c
 # Note that LE's production server has stricter rate limits, so set this to
 # "true" when you are testing something.
 acme_staging: false
+
+# git repo versions
+git_helmfiles_version: '3c97c3f'
+git_charts_version: 'HEAD'
+git_local_storage_version: 'HEAD'
diff --git a/ansible/roles/setup/tasks/main.yml b/ansible/roles/setup/tasks/main.yml
index a4dabb938..e267e2b70 100644
--- a/ansible/roles/setup/tasks/main.yml
+++ b/ansible/roles/setup/tasks/main.yml
@@ -156,7 +156,7 @@
   git:
     repo: 'https://code.greenhost.net/openappstack/helmfiles'
     dest: '/oas/source/repos/helmfiles'
-    version: "master"
+    version: '{{ git_helmfiles_version }}'
 
 - name: Clone charts repo
   tags:
@@ -164,6 +164,7 @@
   git:
     repo: 'https://code.greenhost.net/openappstack/charts'
     dest: '/oas/source/repos/charts'
+    version: '{{ git_charts_version }}'
 
 - name: Clone local-storage repo
   tags:
@@ -171,6 +172,7 @@
   git:
     repo: 'https://code.greenhost.net/openappstack/local-storage'
     dest: '/oas/source/repos/local-storage'
+    version: '{{ git_local_storage_version }}'
 
 - name: Create OAS namespaces
   tags:
-- 
GitLab