name: Deploy (manual) on: workflow_dispatch: inputs: target: description: "Target host (e.g. helsinki-a, london-b, all)" required: true type: string playbook: description: "Ansible playbook to run (e.g. site.yml, update.yml)" required: true type: string dry_run: description: "Dry run (--check mode)" required: false type: boolean default: true jobs: prepare: name: Prepare matrix runs-on: ubuntu-latest outputs: hosts: ${{ steps.prepare.outputs.hosts }} steps: - uses: actions/checkout@v6 - name: Build host matrix id: prepare run: | ALL_HOSTS=$(grep 'ansible_host=' ansible/inventory/hosts.ini | awk '{print $1}' | jq -R . | jq -cs .) TARGET="${{ inputs.target }}" if [ "$TARGET" = "all" ]; then echo "hosts=$ALL_HOSTS" >> "$GITHUB_OUTPUT" else JSON=$(echo "$TARGET" | tr ',' '\n' | tr -d ' ' | grep -v '^$' | jq -R . | jq -cs .) echo "hosts=$JSON" >> "$GITHUB_OUTPUT" fi deploy: needs: prepare strategy: matrix: host: ${{ fromJson(needs.prepare.outputs.hosts) }} fail-fast: false permissions: id-token: write uses: ./.github/workflows/_deploy-core.yml with: host: ${{ matrix.host }} playbook: ${{ inputs.playbook }} dry_run: ${{ inputs.dry_run }} secrets: inherit