Merge branch 'main' into qa

4 years ago · 64c2001924
parent c507859fb4 62e0a64f26
commit 64c2001924
6 changed files with 53 additions and 32 deletions
--- a/ansible.cfg
+++ b/ansible.cfg
@ -2,7 +2,7 @@
 pipelining = True
 host_key_checking = False
 inventory_plugins = ./inventory_plugins
-callback_whitelist = profile_tasks
+callbacks_enabled = profile_tasks
 interpreter_python = auto_silent
 log_path=last_ansible_run
 forks = 30
--- a/group_vars/all/plain.yml
+++ b/group_vars/all/plain.yml
@ -137,12 +137,13 @@ docker_compose_path: "/usr/bin/docker-compose"

 service_base_path: '/etc/smardigo'

-gitea_admin_email: "nso.devops@netgo.de"
-lets_encrypt_email: "nso.devops@netgo.de"
-connect_admin_email: "nso.devops@netgo.de"
-keycloak_admin_email: "nso.devops@netgo.de"
-pgadmin4_admin_email: "nso.devops@netgo.de"
-harbor_oidc_admin_email: "nso.devops@netgo.de"
+devops_email_address: "nso.devops@netgo.de"
+gitea_admin_email: '{{ devops_email_address }}'
+lets_encrypt_email: '{{ devops_email_address }}'
+connect_admin_email: '{{ devops_email_address }}'
+keycloak_admin_email: '{{ devops_email_address }}'
+pgadmin4_admin_email: '{{ devops_email_address }}'
+harbor_oidc_admin_email: '{{ devops_email_address }}'

 http_port: "80"
 https_port: "443"
--- a/patchday.yml
+++ b/patchday.yml
@ -107,7 +107,7 @@
        delay: 15
        timeout: 180
        port: 5432
-        host: '{{ stage_server_ip }}'
+        host: '{{ stage_private_server_ip }}'
      register: check_postgres

    - name: "Smardigo Patchday: restart postgres and check listing on net internal ip address again"
@ -123,10 +123,29 @@
          delay: 15
          timeout: 180
          port: 5432
-          host: '{{ stage_server_ip }}'
+          host: '{{ stage_private_server_ip }}'
          register: check_postgres
        failed_when: check_postgres_again.failed

+      rescue:
+        - name: send mail to DEVOPS-DL
+          delegate_to: '{{ stage }}-mail-01'
+          community.general.mail:
+            host: localhost
+            port: 25
+            to: '{{ devops_email_address }}'
+            subject: "patchday( {{ lookup('pipe','date +%Y-%m-%d_%H:%M') }} ) problem report for {{ inventory_hostname }}"
+            body: |
+              Dear Sir or Madam,
+
+              I have to inform you that {{ inventory_hostname }} isn'n listening on {{ stage_private_server_ip }} anymore.
+
+              Plz check what happened/ fix it little padawan ;)
+
+              kind regards,
+
+              your automation-bofh
+
      when:
        - check_postgres.failed

--- a/roles/harbor/tasks/install.yml
+++ b/roles/harbor/tasks/install.yml
@ -162,3 +162,4 @@
  systemd:
    name: harbor
    state: started
+    enabled: yes
--- a/roles/postgres/tasks/_create_backup.yml
+++ b/roles/postgres/tasks/_create_backup.yml
@ -13,6 +13,28 @@
    owner: postgres
    group: postgres

+- name: "Block: gpg stuff"
+  become: yes
+  become_user: postgres
+  block:
+    - name: Create temp dir
+      ansible.builtin.tempfile:
+        state: directory
+        suffix: gitcheckout
+        path: /tmp
+      register: tempdir
+
+    - name: "Checkout repo for gpg communication-keys"
+      ansible.builtin.git:
+        repo: 'https://{{ gituser | default("gitea-admin") | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ stage }}-gitea-01.{{ domain }}/gitea-admin/communication-keys.git'
+        dest: '{{ tempdir.path }}'
+        version: master
+
+# there is no ansible gpg module already in place
+# linting violation needs to be whitelisted
+    - name: "Importing stage specific automation gpg-key" # noqa command-instead-of-shell
+      shell: 'gpg --import {{ tempdir.path }}/smardigo_automation_{{ stage }}.gpg.pub'
+
 # there is no ansible module already in place for (pg_basebackup|gpg)
 # so using shell module
 - name: "Creating pg_basebackup ... + doing async check if successful or not"
--- a/roles/postgres/tasks/base-requirements.yml
+++ b/roles/postgres/tasks/base-requirements.yml
@ -134,25 +134,3 @@
 - name: "Delete prometheus_postgres_exporter init script"
  file: path="/tmp/prometheus_postgres_exporter.sql" state=absent
  when: "role_check.stdout == '0' and server_type == 'master'"
-
- name: "Block: gpg stuff"
-  become: yes
-  become_user: postgres
-  block:
-    - name: Create temp dir
-      ansible.builtin.tempfile:
-        state: directory
-        suffix: gitcheckout
-        path: /tmp
-      register: tempdir
-
-    - name: "Checkout repo for gpg communication-keys"
-      ansible.builtin.git:
-        repo: 'https://{{ gituser | default("gitea-admin") | urlencode }}:{{ gitea_admin_password | urlencode }}@{{ stage }}-gitea-01.smardigo.digital/gitea-admin/communication-keys.git'
-        dest: '{{ tempdir.path }}'
-        version: master
-
-# there is no ansible gpg module already in place
-# linting violation needs to be whitelisted
-    - name: "Importing stage specific automation gpg-key" # noqa command-instead-of-shell
-      shell: 'gpg --import {{ tempdir.path }}/smardigo_automation_{{ stage }}.gpg.pub'