diff --git a/patchday.yml b/patchday.yml index dbdae36..20f5e74 100644 --- a/patchday.yml +++ b/patchday.yml @@ -102,33 +102,36 @@ name: postgresql state: started + # wait_for cannot be used anymore due to enabled SSL encryption for postgres connections in DEV-382 - name: "Smardigo Patchday: check if postgres is listing on net internal ip address" - ansible.builtin.wait_for: - delay: 15 - timeout: 180 + become: no + community.postgresql.postgresql_ping: port: 5432 - host: '{{ stage_private_server_ip }}' + ssl_mode: require + login_host: '{{ stage_private_server_ip }}' register: check_postgres + ignore_errors: yes - - name: "Smardigo Patchday: restart postgres and check listing on net internal ip address again" + - name: "Smardigo Patchday: error-handling - ensure postgres started and check listing on net internal ip address" block: - - name: "Smardigo Patchday: stop service(s)" + - name: "Smardigo Patchday: error-handling - ensure service(s) started" ansible.builtin.systemd: name: postgresql - state: restarted + state: started - - name: "Smardigo Patchday: check if postgres is listing on net internal ip address" - ansible.builtin.wait_for: - delay: 15 - timeout: 180 + - name: "Smardigo Patchday: error-handling - check if postgres is listing on net internal ip address" + become: no + community.postgresql.postgresql_ping: port: 5432 - host: '{{ stage_private_server_ip }}' - register: check_postgres - failed_when: check_postgres_again.failed + ssl_mode: require + login_host: '{{ stage_private_server_ip }}' + register: check_postgres_again + retries: 5 + failed_when: not check_postgres_again.is_available rescue: - - name: send mail to DEVOPS-DL + - name: "Smardigo Patchday: error-handling - send mail to DEVOPS-DL" delegate_to: '{{ stage }}-mail-01' community.general.mail: host: localhost @@ -147,7 +150,7 @@ your automation-bofh when: - - check_postgres.failed + - not check_postgres.is_available - hosts: all,!elastic,!postgres,!k8s_cluster serial: 10