From 2ee98cc52c0ffc5010de4d61170627bbfe993f2f Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Wed, 3 Jan 2024 23:17:19 +0100 Subject: [PATCH] feat(preflight): add checks to ensure config directories are present before running --- playbooks/deploy.yml | 2 +- playbooks/group_vars/all.yml | 5 ++++ playbooks/load_vars.yml | 14 ----------- playbooks/preflight.yml | 45 ++++++++++++++++++++++++++++++++++++ 4 files changed, 51 insertions(+), 15 deletions(-) diff --git a/playbooks/deploy.yml b/playbooks/deploy.yml index e6f06bd..daf26fa 100644 --- a/playbooks/deploy.yml +++ b/playbooks/deploy.yml @@ -38,7 +38,7 @@ - name: "Write vault configuration to file" ansible.builtin.copy: content: "{{ _vault_init_secret.state | to_nice_yaml}}" - dest: "{{ configuration_directory }}/vault/vault_config" + dest: "{{ configuration_directory }}/vault_servers/vault_config" mode: '0644' when: _vault_init_secret.changed run_once: true diff --git a/playbooks/group_vars/all.yml b/playbooks/group_vars/all.yml index 07fad61..ad1e81f 100644 --- a/playbooks/group_vars/all.yml +++ b/playbooks/group_vars/all.yml @@ -12,6 +12,11 @@ api_interface: "eth0" api_interface_address: "{{ ansible_facts[api_interface]['ipv4']['address'] }}" configuration_directory: "{{ lookup('env', 'PWD') }}/etc/hashistack" +sub_configuration_directories: + nomad_servers: "{{ configuration_directory }}/nomad_servers" + vault_servers: "{{ configuration_directory }}/vault_servers " + consul_servers: "{{ configuration_directory }}/consul_servers" + configuration_global_vars_file: "globals.yml" default_container_extra_volumes: diff --git a/playbooks/load_vars.yml b/playbooks/load_vars.yml index 5ccda9b..c85e070 100644 --- a/playbooks/load_vars.yml +++ b/playbooks/load_vars.yml @@ -1,9 +1,5 @@ --- # hashistack variable injection playbook -- name: "Debug" - ansible.builtin.debug: - msg: "{{ vault_cluster_name }}" - - name: "Load global variables" block: - name: "Stat global configuration file" @@ -68,16 +64,6 @@ loop_var: item delegate_to: localhost - -- name: "Debug" - ansible.builtin.debug: - msg: "{{ group_names }}" - - name: "Debug" ansible.builtin.debug: msg: "{{ vault_cluster_name }}" -# - name: "Load host specific variables" -# ansible.builtin.include_vars: -# dir: "" -# files_matching: "" -- fail: diff --git a/playbooks/preflight.yml b/playbooks/preflight.yml index 840532d..045edbc 100644 --- a/playbooks/preflight.yml +++ b/playbooks/preflight.yml @@ -41,6 +41,51 @@ when: - enable_nomad | bool + - name: "Checking directory {{ configuration_directory }}" + delegate_to: localhost + block: + - name: "Stat directory {{ configuration_directory }}" + ansible.builtin.stat: + path: "{{ configuration_directory }}" + register: _stat_config_dir + + - name: "Stat nomad_servers config directory" + ansible.builtin.stat: + path: "{{ sub_configuration_directories.nomad_servers }}" + register: _stat_config_dir_nomad_servers + when: + - enable_nomad | bool + + - name: "Stat consul_servers config directory" + ansible.builtin.stat: + path: "{{ sub_configuration_directories.consul_servers }}" + register: _stat_config_dir_consul_servers + when: + - enable_consul | bool + + - name: "Stat vault_servers config directory" + ansible.builtin.stat: + path: "{{ sub_configuration_directories.vault_servers }}" + register: _stat_config_dir_vault_servers + when: + - enable_vault | bool + + - name: "Make sure required directories exist" + ansible.builtin.assert: + that: + - _stat_config_dir.stat.exists + - _stat_config_dir.stat.isdir + - _stat_config_dir.stat.writable + - _stat_config_dir_nomad_servers.stat.exists if enable_nomad + - _stat_config_dir_nomad_servers.stat.isdir if enable_nomad + - _stat_config_dir_nomad_servers.stat.writeable if enable_nomad + - _stat_config_dir_consul_servers.stat.exists if enable_consul + - _stat_config_dir_consul_servers.stat.isdir if enable_consul + - _stat_config_dir_consul_servers.stat.writeable if enable_consul + - _stat_config_dir_vault_servers.stat.exists if enable_vault + - _stat_config_dir_vault_servers.stat.isdir if enable_vault + - _stat_config_dir_vault_servers.stat.writeable if enable_vault + - name: "Checking host OS distribution" ansible.builtin.assert: that: