From efc5d22374a87551fb3eef1055313df25a988108 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 14 Apr 2023 14:30:38 +0200 Subject: [PATCH 01/15] Fixing linting so CI can work. --- .ansible-lint | 10 +++++++--- roles/cache_clear/cache_clear-opcache/tasks/main.yml | 8 ++++---- roles/cli/cachetool/tasks/main.yml | 7 +++---- .../database_apply-drupal7/tasks/ctools.yml | 2 +- .../database_apply-drupal7/tasks/features.yml | 2 +- .../database_backup-mysql/tasks/deploy-dump.yml | 2 +- .../database_backup-mysql/tasks/deploy-rolling.yml | 2 +- .../database_backup-mysql/tasks/revert-dump.yml | 2 +- roles/deploy_code/tasks/cleanup.yml | 2 +- .../database_sync/database_sync-mysql/tasks/sync.yml | 4 ++-- 10 files changed, 22 insertions(+), 19 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index 7a9eb05b..c9e7b608 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,4 +1,8 @@ skip_list: - - '204' - - '301' - - '701' + - '204' # Lines should be no longer than 160 chars + - '301' # Commands should not change things if nothing needs doing + - '701' # 701 No 'galaxy_info' found + - unnamed-task + - risky-file-permissions + - no-jinja-nesting + - command-instead-of-shell # some Drupal 7 drush commands require shell diff --git a/roles/cache_clear/cache_clear-opcache/tasks/main.yml b/roles/cache_clear/cache_clear-opcache/tasks/main.yml index 428e9053..8f3b4bf6 100644 --- a/roles/cache_clear/cache_clear-opcache/tasks/main.yml +++ b/roles/cache_clear/cache_clear-opcache/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Get latest php installed ansible.builtin.shell: - cmd: 'ls -1 /etc/php/ | while read ver; do if [ -d "/etc/php/$ver/fpm" ]; then echo "$ver"; fi; done | tail -1' + cmd: 'set -o pipefail && ls -1 /etc/php/ | while read ver; do if [ -d "/etc/php/$ver/fpm" ]; then echo "$ver"; fi; done | tail -1' register: _php_version - name: Set cachetool adapter. @@ -9,16 +9,16 @@ _cachetool_adapter: "{{ cache_clear_opcache.adapter | default('--fcgi=127.0.0.1:90' + _php_version.stdout | replace('.','')) }}" - name: Clear opcache. - command: + ansible.builtin.command: cmd: "{{ cachetool_bin }} {{ _cachetool_adapter }} -n opcache:reset" when: cache_clear_opcache.clear_opcache - name: Clear apcu. - command: + ansible.builtin.command: cmd: "{{ cachetool_bin }} {{ _cachetool_adapter }} -n apcu:cache:clear" when: cache_clear_opcache.clear_apcu - name: Clear stats. - command: + ansible.builtin.command: cmd: "{{ cachetool_bin }} {{ _cachetool_adapter }} -n stat:clear" when: cache_clear_opcache.clear_stat diff --git a/roles/cli/cachetool/tasks/main.yml b/roles/cli/cachetool/tasks/main.yml index 2e2a49d1..591e2309 100644 --- a/roles/cli/cachetool/tasks/main.yml +++ b/roles/cli/cachetool/tasks/main.yml @@ -14,6 +14,9 @@ - deploy_operation == 'deploy' - name: Download cachetool depending on latest php version installed. # If not specified manually, according to https://github.com/gordalina/cachetool#compatibility + when: + - deploy_operation == 'deploy' + - cachetool.version | length == 0 block: - name: Get latest php installed ansible.builtin.shell: @@ -69,10 +72,6 @@ when: - _php_version_str.stdout | int < 71 - when: - - deploy_operation == 'deploy' - - cachetool.version | length == 0 - - name: "Download the specified {{ cachetool.version }} cachetool version installer." ansible.builtin.get_url: url: "http://gordalina.github.io/cachetool/downloads/cachetool-{{ cachetool.version }}.phar" diff --git a/roles/database_apply/database_apply-drupal7/tasks/ctools.yml b/roles/database_apply/database_apply-drupal7/tasks/ctools.yml index 8102d3d6..4dcbcfff 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/ctools.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/ctools.yml @@ -2,7 +2,7 @@ # For some reason D7 drush doesn't respect 'chdir' with command, using shell instead. - name: Check if Ctools module is enabled. ansible.builtin.shell: - cmd: "{{ drush_bin }} pm-info ctools | grep ': enabled' | wc -l" + cmd: "set -o pipefail && {{ drush_bin }} pm-info ctools | grep ': enabled' | wc -l" chdir: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" register: ctools_enabled diff --git a/roles/database_apply/database_apply-drupal7/tasks/features.yml b/roles/database_apply/database_apply-drupal7/tasks/features.yml index f55795dc..c3597bec 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/features.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/features.yml @@ -1,7 +1,7 @@ --- # For some reason D7 drush doesn't respect 'chdir' with command, using shell instead. - name: Check if Features module is enabled. - ansible.builtin.shell: "cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ drush_bin }} -l {{ site.folder }} pm-info features | grep ': enabled' | wc -l" + ansible.builtin.shell: "set -o pipefail && cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ drush_bin }} -l {{ site.folder }} pm-info features | grep ': enabled' | wc -l" register: features_enabled - name: Revert Drupal configuration from Features. diff --git a/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml b/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml index 80a6e5ef..333a768b 100644 --- a/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml +++ b/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml @@ -23,6 +23,6 @@ run_once: true - name: Take a database dump. - ansible.builtin.shell: "mysqldump --defaults-extra-file={{ database.credentials_file }} {{ mysql_backup.mysqldump_params }} {{ database.database }} | bzip2 > {{ mysql_backup.dumps_directory }}/{{ _mysql_host }}/{{ database.database }}-{{ previous_build_number }}.sql.bz2" + ansible.builtin.shell: "set -o pipefail && mysqldump --defaults-extra-file={{ database.credentials_file }} {{ mysql_backup.mysqldump_params }} {{ database.database }} | bzip2 > {{ mysql_backup.dumps_directory }}/{{ _mysql_host }}/{{ database.database }}-{{ previous_build_number }}.sql.bz2" when: previous_build_number > 0 run_once: true diff --git a/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml b/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml index f7f109bc..815213ed 100644 --- a/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml +++ b/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml @@ -22,6 +22,6 @@ # run_once: true - name: Populate new database. - ansible.builtin.shell: "mysqldump --defaults-extra-file={{ database.credentials_file }} {{ mysql_backup.mysqldump_params }} {{ _mysql_previous_build_database_name }} | mysql --defaults-extra-file={{ database.credentials_file }} {{ _mysql_build_database_name }}" + ansible.builtin.shell: "set -o pipefail && mysqldump --defaults-extra-file={{ database.credentials_file }} {{ mysql_backup.mysqldump_params }} {{ _mysql_previous_build_database_name }} | mysql --defaults-extra-file={{ database.credentials_file }} {{ _mysql_build_database_name }}" when: previous_build_number > 0 run_once: true diff --git a/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml b/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml index f914ee78..2b57d911 100644 --- a/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml +++ b/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml @@ -1,5 +1,5 @@ --- - name: Revert database from dump. - ansible.builtin.shell: "bzcat {{ mysql_backup.dumps_directory }}/{{ _mysql_host }}/{{ database.database }}-{{ previous_build_number }}.sql.bz2 | mysql --defaults-extra-file={{ database.credentials_file }} {{ database.database }}" + ansible.builtin.shell: "set -o pipefail && bzcat {{ mysql_backup.dumps_directory }}/{{ _mysql_host }}/{{ database.database }}-{{ previous_build_number }}.sql.bz2 | mysql --defaults-extra-file={{ database.credentials_file }} {{ database.database }}" when: previous_build_number > 0 run_once: true diff --git a/roles/deploy_code/tasks/cleanup.yml b/roles/deploy_code/tasks/cleanup.yml index 27878342..6dbbc0fe 100644 --- a/roles/deploy_code/tasks/cleanup.yml +++ b/roles/deploy_code/tasks/cleanup.yml @@ -127,7 +127,7 @@ - name: Check if we have a mount already. ansible.builtin.shell: - cmd: "mount | grep {{ deploy_base_path }}" + cmd: "set -o pipefail && mount | grep {{ deploy_base_path }}" failed_when: false register: _deploy_code_mount_check when: diff --git a/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml b/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml index 29100ab5..142e857a 100644 --- a/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml +++ b/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml @@ -61,7 +61,7 @@ when: not database.source.type == 'rolling' - name: Take a dump from source database. - ansible.builtin.shell: "mysqldump --defaults-extra-file={{ database.source.credentials_file }} {{ mysql_sync.mysqldump_params }} {{ mysql_sync_source_database }} | bzip2 > {{ mysql_sync_source_dump_path }}" + ansible.builtin.shell: "set -o pipefail && mysqldump --defaults-extra-file={{ database.source.credentials_file }} {{ mysql_sync.mysqldump_params }} {{ mysql_sync_source_database }} | bzip2 > {{ mysql_sync_source_dump_path }}" delegate_to: "{{ database.source.host }}" when: - database.source.fresh_db @@ -133,7 +133,7 @@ cmd: "mysql --defaults-extra-file={{ database.target.credentials_file }} -e 'create database {{ mysql_sync_target_database }};'" - name: Repopulate database from dump. - ansible.builtin.shell: "bzcat {{ mysql_sync_target_dump_path }} | mysql --defaults-extra-file={{ database.target.credentials_file }} {{ mysql_sync_target_database }}" + ansible.builtin.shell: "set -o pipefail && bzcat {{ mysql_sync_target_dump_path }} | mysql --defaults-extra-file={{ database.target.credentials_file }} {{ mysql_sync_target_database }}" - name: Remove tmp dump file. ansible.builtin.file: From 1cb5a6df03eb326ac2f9e2a9046f0e1ab979b365 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 14 Apr 2023 14:38:57 +0200 Subject: [PATCH 02/15] More linting fixes. --- .ansible-lint | 1 + roles/cli/drush/tasks/main.yml | 2 +- .../database_apply-drupal7/tasks/main.yml | 6 ++++-- .../database_apply-drupal8/tasks/main.yml | 14 ++++++++------ 4 files changed, 14 insertions(+), 9 deletions(-) diff --git a/.ansible-lint b/.ansible-lint index c9e7b608..b6256e0b 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -6,3 +6,4 @@ skip_list: - risky-file-permissions - no-jinja-nesting - command-instead-of-shell # some Drupal 7 drush commands require shell + - command-instead-of-module diff --git a/roles/cli/drush/tasks/main.yml b/roles/cli/drush/tasks/main.yml index 5c73be51..af5a5d10 100644 --- a/roles/cli/drush/tasks/main.yml +++ b/roles/cli/drush/tasks/main.yml @@ -16,7 +16,7 @@ register: drush_global_directory - name: Check if installed Drush version match. - ansible.builtin.shell: "{{ drush_bin }} --version | grep -o '[0-9]\\.[0-9]\\.[0-9]'" + ansible.builtin.shell: "set -o pipefail && {{ drush_bin }} --version | grep -o '[0-9]\\.[0-9]\\.[0-9]'" register: drush_global_version when: - deploy_operation == 'deploy' diff --git a/roles/database_apply/database_apply-drupal7/tasks/main.yml b/roles/database_apply/database_apply-drupal7/tasks/main.yml index 6b745c3b..d64364c4 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/main.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/main.yml @@ -12,8 +12,10 @@ when: previous_build_number == 0 or (site.force_install is defined and site.force_install) - name: Fix permissions on Drupal directory. - ansible.builtin.shell: - cmd: "chmod 755 {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" + ansible.builtin.file: + path: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" + state: directory + mode: '0755' with_items: "{{ drupal.sites }}" loop_control: loop_var: site diff --git a/roles/database_apply/database_apply-drupal8/tasks/main.yml b/roles/database_apply/database_apply-drupal8/tasks/main.yml index 16f0417b..4dc66a3a 100644 --- a/roles/database_apply/database_apply-drupal8/tasks/main.yml +++ b/roles/database_apply/database_apply-drupal8/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Fix file permissions for settings.php. - file: + ansible.builtin.file: state: file path: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/settings.php" owner: "{{ www_user }}" @@ -14,7 +14,7 @@ - previous_build_number == 0 - name: Install Drupal. - command: + ansible.builtin.command: cmd: "{{ drush_bin }} -l {{ site.folder }} {{ site.install_command }}" chdir: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" become: "{{ 'no' if www_user == deploy_user else 'yes' }}" @@ -25,8 +25,10 @@ when: (previous_build_number == 0) or (site.force_install is defined and site.force_install) - name: Fix permissions on Drupal directory. - shell: - cmd: "chmod 755 {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" + ansible.builtin.file: + path: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" + state: directory + mode: '0755' with_items: "{{ drupal.sites }}" loop_control: loop_var: site @@ -48,7 +50,7 @@ when: previous_build_number > 0 - name: Apply Drupal database updates. - command: + ansible.builtin.command: cmd: "{{ drush_bin }} -l {{ site.folder }} -y updb" chdir: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" become: "{{ 'no' if www_user == deploy_user else 'yes' }}" @@ -59,7 +61,7 @@ when: site.config_import_command != 'deploy' - name: Import configuration. - command: + ansible.builtin.command: cmd: "{{ drush_bin }} -l {{ site.folder }} -y {{ site.config_import_command }}" chdir: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" become: "{{ 'no' if www_user == deploy_user else 'yes' }}" From 7d9463d3b2d4c3ad9dd17b0c84622a73bed6055d Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 14 Apr 2023 15:14:24 +0200 Subject: [PATCH 03/15] Downgrading Ubuntu due to Docker issues with ce-dev and latest. --- .github/workflows/ce-deploy-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ce-deploy-test.yml b/.github/workflows/ce-deploy-test.yml index 141fc8e7..c6429842 100644 --- a/.github/workflows/ce-deploy-test.yml +++ b/.github/workflows/ce-deploy-test.yml @@ -10,7 +10,7 @@ jobs: # Name the Job name: Run tests against Ansible code base # Set the type of machine to run on - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: # Checks out a copy of your repository on the ubuntu-latest machine From da0bb084bc42df85831cd48c8e765af20dee7d11 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 14 Apr 2023 15:16:18 +0200 Subject: [PATCH 04/15] Making pipefail shell commands use /bin/bash. --- roles/cache_clear/cache_clear-opcache/tasks/main.yml | 2 ++ roles/database_apply/database_apply-drupal7/tasks/ctools.yml | 2 ++ .../database_apply/database_apply-drupal7/tasks/features.yml | 2 ++ .../database_backup-mysql/tasks/deploy-dump.yml | 2 ++ .../database_backup-mysql/tasks/deploy-rolling.yml | 2 ++ .../database_backup-mysql/tasks/revert-dump.yml | 2 ++ roles/deploy_code/tasks/cleanup.yml | 2 ++ roles/sync/database_sync/database_sync-mysql/tasks/sync.yml | 4 ++++ 8 files changed, 18 insertions(+) diff --git a/roles/cache_clear/cache_clear-opcache/tasks/main.yml b/roles/cache_clear/cache_clear-opcache/tasks/main.yml index 8f3b4bf6..97f91ed4 100644 --- a/roles/cache_clear/cache_clear-opcache/tasks/main.yml +++ b/roles/cache_clear/cache_clear-opcache/tasks/main.yml @@ -2,6 +2,8 @@ - name: Get latest php installed ansible.builtin.shell: cmd: 'set -o pipefail && ls -1 /etc/php/ | while read ver; do if [ -d "/etc/php/$ver/fpm" ]; then echo "$ver"; fi; done | tail -1' + args: + executable: /bin/bash register: _php_version - name: Set cachetool adapter. diff --git a/roles/database_apply/database_apply-drupal7/tasks/ctools.yml b/roles/database_apply/database_apply-drupal7/tasks/ctools.yml index 4dcbcfff..518996ab 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/ctools.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/ctools.yml @@ -4,6 +4,8 @@ ansible.builtin.shell: cmd: "set -o pipefail && {{ drush_bin }} pm-info ctools | grep ': enabled' | wc -l" chdir: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" + args: + executable: /bin/bash register: ctools_enabled - name: Revert Drupal configuration from Ctools. diff --git a/roles/database_apply/database_apply-drupal7/tasks/features.yml b/roles/database_apply/database_apply-drupal7/tasks/features.yml index c3597bec..2b4357eb 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/features.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/features.yml @@ -2,6 +2,8 @@ # For some reason D7 drush doesn't respect 'chdir' with command, using shell instead. - name: Check if Features module is enabled. ansible.builtin.shell: "set -o pipefail && cd {{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }} && {{ drush_bin }} -l {{ site.folder }} pm-info features | grep ': enabled' | wc -l" + args: + executable: /bin/bash register: features_enabled - name: Revert Drupal configuration from Features. diff --git a/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml b/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml index 333a768b..9f6f6959 100644 --- a/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml +++ b/roles/database_backup/database_backup-mysql/tasks/deploy-dump.yml @@ -24,5 +24,7 @@ - name: Take a database dump. ansible.builtin.shell: "set -o pipefail && mysqldump --defaults-extra-file={{ database.credentials_file }} {{ mysql_backup.mysqldump_params }} {{ database.database }} | bzip2 > {{ mysql_backup.dumps_directory }}/{{ _mysql_host }}/{{ database.database }}-{{ previous_build_number }}.sql.bz2" + args: + executable: /bin/bash when: previous_build_number > 0 run_once: true diff --git a/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml b/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml index 815213ed..aec45596 100644 --- a/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml +++ b/roles/database_backup/database_backup-mysql/tasks/deploy-rolling.yml @@ -23,5 +23,7 @@ - name: Populate new database. ansible.builtin.shell: "set -o pipefail && mysqldump --defaults-extra-file={{ database.credentials_file }} {{ mysql_backup.mysqldump_params }} {{ _mysql_previous_build_database_name }} | mysql --defaults-extra-file={{ database.credentials_file }} {{ _mysql_build_database_name }}" + args: + executable: /bin/bash when: previous_build_number > 0 run_once: true diff --git a/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml b/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml index 2b57d911..80898e7d 100644 --- a/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml +++ b/roles/database_backup/database_backup-mysql/tasks/revert-dump.yml @@ -1,5 +1,7 @@ --- - name: Revert database from dump. ansible.builtin.shell: "set -o pipefail && bzcat {{ mysql_backup.dumps_directory }}/{{ _mysql_host }}/{{ database.database }}-{{ previous_build_number }}.sql.bz2 | mysql --defaults-extra-file={{ database.credentials_file }} {{ database.database }}" + args: + executable: /bin/bash when: previous_build_number > 0 run_once: true diff --git a/roles/deploy_code/tasks/cleanup.yml b/roles/deploy_code/tasks/cleanup.yml index 6dbbc0fe..db2bb9bb 100644 --- a/roles/deploy_code/tasks/cleanup.yml +++ b/roles/deploy_code/tasks/cleanup.yml @@ -128,6 +128,8 @@ - name: Check if we have a mount already. ansible.builtin.shell: cmd: "set -o pipefail && mount | grep {{ deploy_base_path }}" + args: + executable: /bin/bash failed_when: false register: _deploy_code_mount_check when: diff --git a/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml b/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml index 142e857a..c695982c 100644 --- a/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml +++ b/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml @@ -62,6 +62,8 @@ - name: Take a dump from source database. ansible.builtin.shell: "set -o pipefail && mysqldump --defaults-extra-file={{ database.source.credentials_file }} {{ mysql_sync.mysqldump_params }} {{ mysql_sync_source_database }} | bzip2 > {{ mysql_sync_source_dump_path }}" + args: + executable: /bin/bash delegate_to: "{{ database.source.host }}" when: - database.source.fresh_db @@ -134,6 +136,8 @@ - name: Repopulate database from dump. ansible.builtin.shell: "set -o pipefail && bzcat {{ mysql_sync_target_dump_path }} | mysql --defaults-extra-file={{ database.target.credentials_file }} {{ mysql_sync_target_database }}" + args: + executable: /bin/bash - name: Remove tmp dump file. ansible.builtin.file: From c24f6a373bec0e589a72f59370ad296d0b5a6763 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 14 Apr 2023 15:20:29 +0200 Subject: [PATCH 05/15] Adding pipefail code to cachetool installer block. --- roles/cli/cachetool/tasks/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/cli/cachetool/tasks/main.yml b/roles/cli/cachetool/tasks/main.yml index 591e2309..c0cbce61 100644 --- a/roles/cli/cachetool/tasks/main.yml +++ b/roles/cli/cachetool/tasks/main.yml @@ -20,7 +20,9 @@ block: - name: Get latest php installed ansible.builtin.shell: - cmd: 'ls -1 /etc/php/ | while read ver; do if [ -d "/etc/php/$ver/fpm" ]; then echo "$ver"; fi; done | tail -1 | sed -e "s/\\.//g"' + cmd: 'set -o pipefail && ls -1 /etc/php/ | while read ver; do if [ -d "/etc/php/$ver/fpm" ]; then echo "$ver"; fi; done | tail -1 | sed -e "s/\\.//g"' + args: + executable: /bin/bash register: _php_version_str - name: Download latest cachetool installer if PHP is 8.1 or newer. From d69de84aa3b26e5028869e05bc4dadc90407748a Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 14 Apr 2023 19:12:43 +0200 Subject: [PATCH 06/15] Adding executable for drush install checker. --- roles/cli/drush/tasks/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/cli/drush/tasks/main.yml b/roles/cli/drush/tasks/main.yml index af5a5d10..0836c91f 100644 --- a/roles/cli/drush/tasks/main.yml +++ b/roles/cli/drush/tasks/main.yml @@ -17,6 +17,8 @@ - name: Check if installed Drush version match. ansible.builtin.shell: "set -o pipefail && {{ drush_bin }} --version | grep -o '[0-9]\\.[0-9]\\.[0-9]'" + args: + executable: /bin/bash register: drush_global_version when: - deploy_operation == 'deploy' From 92107be571ed7777f09edead77e4bbb23c573d8c Mon Sep 17 00:00:00 2001 From: gregharvey Date: Wed, 19 Apr 2023 19:21:38 +0200 Subject: [PATCH 07/15] Fixing D7 ctools behaviour to match features handling. --- docs/roles/_init.md | 5 +++++ roles/_init/README.md | 5 +++++ roles/_init/defaults/main.yml | 2 +- roles/database_apply/database_apply-drupal7/tasks/ctools.yml | 2 +- roles/database_apply/database_apply-drupal7/tasks/main.yml | 3 ++- 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/docs/roles/_init.md b/docs/roles/_init.md index 1c7e835e..9cb9e024 100644 --- a/docs/roles/_init.md +++ b/docs/roles/_init.md @@ -12,6 +12,7 @@ These variables **must** be set in the `deploy/common.yml` file, at least. # this will ensure defaults to other roles too. # If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable deploy_user: "deploy" +# for MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here _mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table" drupal: sites: @@ -23,6 +24,7 @@ drupal: # End Drupal 8 variables # Drupal 7 variables revert_features_command: "" # i.e. "fra" + revert_ctools_command: "ctools-export-revert --all" # End Drupal 7 variables sanitize_command: "sql-sanitize" base_url: https://www.example.com @@ -35,6 +37,9 @@ mautic: image_path: "media/images" force_install: false bin_directory: "/home/{{ deploy_user }}/.bin" +# Number of dumps/db to look up for cleanup. +cleanup_history_depth: 50 + ``` diff --git a/roles/_init/README.md b/roles/_init/README.md index 1c7e835e..9cb9e024 100644 --- a/roles/_init/README.md +++ b/roles/_init/README.md @@ -12,6 +12,7 @@ These variables **must** be set in the `deploy/common.yml` file, at least. # this will ensure defaults to other roles too. # If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable deploy_user: "deploy" +# for MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here _mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table" drupal: sites: @@ -23,6 +24,7 @@ drupal: # End Drupal 8 variables # Drupal 7 variables revert_features_command: "" # i.e. "fra" + revert_ctools_command: "ctools-export-revert --all" # End Drupal 7 variables sanitize_command: "sql-sanitize" base_url: https://www.example.com @@ -35,6 +37,9 @@ mautic: image_path: "media/images" force_install: false bin_directory: "/home/{{ deploy_user }}/.bin" +# Number of dumps/db to look up for cleanup. +cleanup_history_depth: 50 + ``` diff --git a/roles/_init/defaults/main.yml b/roles/_init/defaults/main.yml index 2602afd2..9a955f3e 100644 --- a/roles/_init/defaults/main.yml +++ b/roles/_init/defaults/main.yml @@ -15,7 +15,7 @@ drupal: # End Drupal 8 variables # Drupal 7 variables revert_features_command: "" # i.e. "fra" - revert_ctools: true + revert_ctools_command: "ctools-export-revert --all" # End Drupal 7 variables sanitize_command: "sql-sanitize" base_url: https://www.example.com diff --git a/roles/database_apply/database_apply-drupal7/tasks/ctools.yml b/roles/database_apply/database_apply-drupal7/tasks/ctools.yml index 518996ab..608e1a2f 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/ctools.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/ctools.yml @@ -10,6 +10,6 @@ - name: Revert Drupal configuration from Ctools. ansible.builtin.shell: - cmd: "{{ drush_bin }} -y ctools-export-revert --all" + cmd: "{{ drush_bin }} -y {{ site.revert_ctools_command }}" chdir: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}" when: ctools_enabled.stdout == "1" diff --git a/roles/database_apply/database_apply-drupal7/tasks/main.yml b/roles/database_apply/database_apply-drupal7/tasks/main.yml index d64364c4..4f476253 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/main.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/main.yml @@ -54,4 +54,5 @@ loop_control: loop_var: site when: - - site.revert_ctools + - previous_build_number > 0 + - site.revert_ctools_command | length > 0 From bb65b1212a7a1224d030c35b6aac9580e3d604cc Mon Sep 17 00:00:00 2001 From: gregharvey Date: Wed, 26 Apr 2023 09:51:45 +0200 Subject: [PATCH 08/15] Jinja2 template looking for settings.php using wrong path. --- .../config_generate/config_generate-drupal7/tasks/settings.yml | 2 +- .../config_generate/config_generate-drupal8/tasks/settings.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/config_generate/config_generate-drupal7/tasks/settings.yml b/roles/config_generate/config_generate-drupal7/tasks/settings.yml index f8e3b55e..c49d2d63 100644 --- a/roles/config_generate/config_generate-drupal7/tasks/settings.yml +++ b/roles/config_generate/config_generate-drupal7/tasks/settings.yml @@ -19,6 +19,6 @@ src: "{{ item }}" dest: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/settings.php" with_first_found: - - "{{ playbook_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" + - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php" - "settings.php.j2" diff --git a/roles/config_generate/config_generate-drupal8/tasks/settings.yml b/roles/config_generate/config_generate-drupal8/tasks/settings.yml index ebf182e8..aeb4f56d 100644 --- a/roles/config_generate/config_generate-drupal8/tasks/settings.yml +++ b/roles/config_generate/config_generate-drupal8/tasks/settings.yml @@ -23,6 +23,6 @@ src: "{{ item }}" dest: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/settings.php" with_first_found: - - "{{ playbook_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" + - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php" - "settings.php.j2" From 0b26394cbf8ed340771f0383f8f24e29175e5a42 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Thu, 11 May 2023 10:27:45 +0200 Subject: [PATCH 09/15] Fixing config_generate for Drupal. --- docs/roles/sync/database_sync/database_sync-mysql.md | 1 + .../config_generate/config_generate-drupal7/tasks/settings.yml | 2 +- .../config_generate/config_generate-drupal8/tasks/settings.yml | 2 +- roles/sync/database_sync/database_sync-mysql/README.md | 1 + 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/roles/sync/database_sync/database_sync-mysql.md b/docs/roles/sync/database_sync/database_sync-mysql.md index cf7e5311..cbe1a353 100644 --- a/docs/roles/sync/database_sync/database_sync-mysql.md +++ b/docs/roles/sync/database_sync/database_sync-mysql.md @@ -6,6 +6,7 @@ Sync MySQL databases between environments. --- mysql_sync: mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here + cleanup: true # if false leaves tmp database dump on deploy server for debugging purposes databases: - source: # Name of the database to take a dump from. diff --git a/roles/config_generate/config_generate-drupal7/tasks/settings.yml b/roles/config_generate/config_generate-drupal7/tasks/settings.yml index c49d2d63..55d9dee7 100644 --- a/roles/config_generate/config_generate-drupal7/tasks/settings.yml +++ b/roles/config_generate/config_generate-drupal7/tasks/settings.yml @@ -19,6 +19,6 @@ src: "{{ item }}" dest: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/settings.php" with_first_found: - - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" + - "{{ playbook_dir }}/{{ site.folder }}/{{ build_type }}.settings.php.j2" - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php" - "settings.php.j2" diff --git a/roles/config_generate/config_generate-drupal8/tasks/settings.yml b/roles/config_generate/config_generate-drupal8/tasks/settings.yml index aeb4f56d..ebf182e8 100644 --- a/roles/config_generate/config_generate-drupal8/tasks/settings.yml +++ b/roles/config_generate/config_generate-drupal8/tasks/settings.yml @@ -23,6 +23,6 @@ src: "{{ item }}" dest: "{{ deploy_path }}/{{ webroot }}/sites/{{ site.folder }}/settings.php" with_first_found: - - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" + - "{{ playbook_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php.j2" - "{{ _ce_deploy_build_dir }}/{{ webroot }}/sites/{{ site.folder }}/{{ build_type }}.settings.php" - "settings.php.j2" diff --git a/roles/sync/database_sync/database_sync-mysql/README.md b/roles/sync/database_sync/database_sync-mysql/README.md index cf7e5311..cbe1a353 100644 --- a/roles/sync/database_sync/database_sync-mysql/README.md +++ b/roles/sync/database_sync/database_sync-mysql/README.md @@ -6,6 +6,7 @@ Sync MySQL databases between environments. --- mysql_sync: mysqldump_params: "{{ _mysqldump_params }}" # set in _init but you can override here + cleanup: true # if false leaves tmp database dump on deploy server for debugging purposes databases: - source: # Name of the database to take a dump from. From 00331c2a94a291ef7a15d9a1f3bcc2df56b7ff4f Mon Sep 17 00:00:00 2001 From: gregharvey Date: Thu, 11 May 2023 10:27:57 +0200 Subject: [PATCH 10/15] Making host checking more robust. --- scripts/_common.sh | 6 +++--- scripts/build.sh | 11 +++++++++-- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 63e89bb9..74ba9a60 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -156,9 +156,6 @@ ansible_host_check(){ if [ -n "$TARGET_DEPLOY_HOST" ]; then ANSIBLE_BIN=$(command -v ansible-playbook) ANSIBLE_CMD="$ANSIBLE_BIN $OWN_DIR/scripts/host-check.yml" - if [ "$DRY_RUN" = "yes" ]; then - ANSIBLE_CMD="$ANSIBLE_CMD --check" - fi if [ "$VERBOSE" = "yes" ]; then ANSIBLE_CMD="$ANSIBLE_CMD -vvvv" fi @@ -167,6 +164,9 @@ ansible_host_check(){ fi $ANSIBLE_CMD --extra-vars "{_deploy_host: $TARGET_DEPLOY_HOST}" --extra-vars "$ANSIBLE_DEFAULT_EXTRA_VARS" --extra-vars "$ANSIBLE_EXTRA_VARS" return $? + # No host to check provided, just return a clean exit code. + else + return 0 fi } diff --git a/scripts/build.sh b/scripts/build.sh index 233ca764..fa9a1211 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -95,8 +95,15 @@ fi # Get Ansible defaults. get_ansible_defaults_vars -# Optionally carry out a host check. +# Optionally carry out a host check if --host is provided. +ANSIBLE_HOST_CHECK_RESULT=1 ansible_host_check +ANSIBLE_HOST_CHECK_RESULT=$? +# Exit early if host not found. +if [ -n "$ANSIBLE_HOST_CHECK_RESULT" ] && [ "$ANSIBLE_HOST_CHECK_RESULT" != 0 ]; then + echo "ce-deploy failed to find the host. Aborting." + exit 1 +fi # From this point on, we want to trigger the "revert" if anything fails. ANSIBLE_BUILD_RESULT=1 @@ -113,5 +120,5 @@ if [ -n "$ANSIBLE_BUILD_RESULT" ] && [ "$ANSIBLE_BUILD_RESULT" = 0 ]; then exit 0 fi # Failed somehow. Normally unreachable in strict mode. -echo "Something went wrong. Please fill a bug report against ce-deploy." +echo "Something went unexpectedly wrong with ce-deploy. Please file a bug report - https://github.com/codeenigma/ce-deploy/issues/new" exit 1 \ No newline at end of file From 2bbb925bd1029e84fabba1ada016f22b4be13ab0 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Thu, 11 May 2023 10:53:18 +0200 Subject: [PATCH 11/15] Removing variable declaration that will break host check. --- scripts/build.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/build.sh b/scripts/build.sh index fa9a1211..93f36887 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -96,7 +96,6 @@ fi get_ansible_defaults_vars # Optionally carry out a host check if --host is provided. -ANSIBLE_HOST_CHECK_RESULT=1 ansible_host_check ANSIBLE_HOST_CHECK_RESULT=$? # Exit early if host not found. From 0f7a89deecd1a823163bae0739bc858c447b6b08 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Thu, 11 May 2023 13:57:55 +0200 Subject: [PATCH 12/15] Allow us to use deploy_code with a completely custom build and do nothing. --- roles/deploy_code/deploy_code-custom/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 roles/deploy_code/deploy_code-custom/tasks/main.yml diff --git a/roles/deploy_code/deploy_code-custom/tasks/main.yml b/roles/deploy_code/deploy_code-custom/tasks/main.yml new file mode 100644 index 00000000..6f34c92f --- /dev/null +++ b/roles/deploy_code/deploy_code-custom/tasks/main.yml @@ -0,0 +1,3 @@ +--- + +# Nothing to do here. \ No newline at end of file From f23a77b3952b11dc17261be52b08da82973bd26a Mon Sep 17 00:00:00 2001 From: gregharvey Date: Fri, 12 May 2023 14:46:33 +0200 Subject: [PATCH 13/15] Make PHP cachetool install optional. --- docs/roles/_init.md | 1 + roles/_init/README.md | 1 + roles/_init/defaults/main.yml | 1 + roles/_init/tasks/main.yml | 1 + 4 files changed, 4 insertions(+) diff --git a/docs/roles/_init.md b/docs/roles/_init.md index 9cb9e024..08ffe301 100644 --- a/docs/roles/_init.md +++ b/docs/roles/_init.md @@ -39,6 +39,7 @@ mautic: bin_directory: "/home/{{ deploy_user }}/.bin" # Number of dumps/db to look up for cleanup. cleanup_history_depth: 50 +install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app ``` diff --git a/roles/_init/README.md b/roles/_init/README.md index 9cb9e024..08ffe301 100644 --- a/roles/_init/README.md +++ b/roles/_init/README.md @@ -39,6 +39,7 @@ mautic: bin_directory: "/home/{{ deploy_user }}/.bin" # Number of dumps/db to look up for cleanup. cleanup_history_depth: 50 +install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app ``` diff --git a/roles/_init/defaults/main.yml b/roles/_init/defaults/main.yml index 9a955f3e..ac06e2a7 100644 --- a/roles/_init/defaults/main.yml +++ b/roles/_init/defaults/main.yml @@ -30,3 +30,4 @@ mautic: bin_directory: "/home/{{ deploy_user }}/.bin" # Number of dumps/db to look up for cleanup. cleanup_history_depth: 50 +install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app diff --git a/roles/_init/tasks/main.yml b/roles/_init/tasks/main.yml index a0d90571..c054e8fb 100644 --- a/roles/_init/tasks/main.yml +++ b/roles/_init/tasks/main.yml @@ -124,3 +124,4 @@ - name: Ensure we have a cachetool binary. ansible.builtin.import_role: name: cli/cachetool + when: install_php_cachetool From b9557495000aa7c6e44fff6910cd087600614d8c Mon Sep 17 00:00:00 2001 From: gregharvey Date: Wed, 17 May 2023 15:43:40 +0200 Subject: [PATCH 14/15] Fixing bug introduced by failed_when - need to check for return code on mount points. --- roles/deploy_code/tasks/cleanup.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/deploy_code/tasks/cleanup.yml b/roles/deploy_code/tasks/cleanup.yml index db2bb9bb..b3a4f132 100644 --- a/roles/deploy_code/tasks/cleanup.yml +++ b/roles/deploy_code/tasks/cleanup.yml @@ -150,7 +150,7 @@ - deploy_code.mount_sync is defined - deploy_code.mount_sync | length > 1 - deploy_code.mount_type == "squashfs" - - _deploy_code_mount_check is succeeded + - _deploy_code_mount_check.rc == 0 - deploy_code.services | length > 0 - name: Stop any services that might be keeping the loop device busy. @@ -166,7 +166,7 @@ - deploy_code.mount_sync is defined - deploy_code.mount_sync | length > 1 - deploy_code.mount_type == "squashfs" - - _deploy_code_mount_check is succeeded + - _deploy_code_mount_check.rc == 0 - deploy_code.services | length > 0 - name: Unmount existing SquashFS image. @@ -177,7 +177,7 @@ - deploy_code.mount_sync is defined - deploy_code.mount_sync | length > 1 - deploy_code.mount_type == "squashfs" - - _deploy_code_mount_check is succeeded + - _deploy_code_mount_check.rc == 0 - name: Mount new SquashFS image. ansible.builtin.command: From a54569c447fa6aa90994293f50dd95c5a166ace1 Mon Sep 17 00:00:00 2001 From: gregharvey Date: Thu, 25 May 2023 15:32:03 +0200 Subject: [PATCH 15/15] Moving where opcache clears get called so they can be excluded if necessary. --- roles/_meta/deploy-drupal8/tasks/main.yml | 4 ++-- roles/database_apply/database_apply-drupal7/tasks/main.yml | 5 ----- roles/database_apply/database_apply-drupal8/tasks/main.yml | 5 ----- 3 files changed, 2 insertions(+), 12 deletions(-) diff --git a/roles/_meta/deploy-drupal8/tasks/main.yml b/roles/_meta/deploy-drupal8/tasks/main.yml index 6ce31d4f..3e66875b 100644 --- a/roles/_meta/deploy-drupal8/tasks/main.yml +++ b/roles/_meta/deploy-drupal8/tasks/main.yml @@ -20,14 +20,14 @@ name: database_backup - import_role: name: config_generate +- import_role: + name: cache_clear/cache_clear-opcache - import_role: name: database_apply - import_role: name: sanitize/admin_creds - import_role: name: live_symlink -- import_role: - name: cache_clear/cache_clear-opcache - import_role: name: cache_clear/cache_clear-drupal8 - import_role: diff --git a/roles/database_apply/database_apply-drupal7/tasks/main.yml b/roles/database_apply/database_apply-drupal7/tasks/main.yml index 4f476253..3012032f 100644 --- a/roles/database_apply/database_apply-drupal7/tasks/main.yml +++ b/roles/database_apply/database_apply-drupal7/tasks/main.yml @@ -26,11 +26,6 @@ name: "cache_clear/cache_clear-{{ project_type }}" when: previous_build_number > 0 -- name: Clear the opcache. - ansible.builtin.include_role: - name: cache_clear/cache_clear-opcache - when: previous_build_number > 0 - - name: Apply Drupal database updates. ansible.builtin.shell: cmd: "{{ drush_bin }} -l {{ site.folder }} -y updb" diff --git a/roles/database_apply/database_apply-drupal8/tasks/main.yml b/roles/database_apply/database_apply-drupal8/tasks/main.yml index 4dc66a3a..c649826c 100644 --- a/roles/database_apply/database_apply-drupal8/tasks/main.yml +++ b/roles/database_apply/database_apply-drupal8/tasks/main.yml @@ -44,11 +44,6 @@ - previous_build_number > 0 - site.config_import_command != 'deploy' -- name: Clear the opcache. - ansible.builtin.include_role: - name: cache_clear/cache_clear-opcache - when: previous_build_number > 0 - - name: Apply Drupal database updates. ansible.builtin.command: cmd: "{{ drush_bin }} -l {{ site.folder }} -y updb"