michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Add .env file check and environment variables for docker compose
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 30s
Details
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
Details
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Details
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m14s
Details
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 28s
Details
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
Details
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 13s
Details
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Details

Browse Source 
- Fix 'argument of type bool is not iterable' error in image pull task
- Check if .env file exists before docker compose up
- Create minimal .env file if it doesn't exist with required variables
- Load secrets from vault file if available
- Set database and MinIO variables from vault or defaults
- Pass environment variables to docker compose command
- Fixes missing MINIO_ROOT_USER, DB_USERNAME, DB_PASSWORD, SECRETS_DIR errors
This commit is contained in:
Michael Schiemer
2025-11-08 15:49:22 +01:00
parent 333dc04404
commit c1331ae7a7
1 changed files with 52 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
deployment/ansible/playbooks/deploy-image.yml
View File

@@ -21,6 +21,22 @@
deployment_environment: "{{ deployment_environment | default('production') }}" deployment_environment: "{{ deployment_environment | default('production') }}"
tasks: tasks:
- name: Check if vault file exists locally
stat:
path: "{{ playbook_dir }}/../secrets/{{ deployment_environment }}.vault.yml"
delegate_to: localhost
register: vault_file_stat
become: no
- name: Load secrets from vault file if exists
include_vars:
file: "{{ playbook_dir }}/../secrets/{{ deployment_environment }}.vault.yml"
when: vault_file_stat.stat.exists
no_log: yes
ignore_errors: yes
delegate_to: localhost
become: no
- name: Set app_name from provided value or default - name: Set app_name from provided value or default
ansible.builtin.set_fact: ansible.builtin.set_fact:
app_name: "{{ app_name if (app_name is defined and app_name != '') else app_name_default }}" app_name: "{{ app_name if (app_name is defined and app_name != '') else app_name_default }}"
@@ -29,6 +45,15 @@
ansible.builtin.set_fact: ansible.builtin.set_fact:
deploy_image: "{{ docker_registry }}/{{ app_name }}:{{ image_tag }}" deploy_image: "{{ docker_registry }}/{{ app_name }}:{{ image_tag }}"
- name: Set database and MinIO variables from vault or defaults
ansible.builtin.set_fact:
db_username: "{{ db_username | default(vault_db_user | default('postgres')) }}"
db_password: "{{ db_password | default(vault_db_password | default('')) }}"
minio_root_user: "{{ minio_root_user | default(vault_minio_root_user | default('minioadmin')) }}"
minio_root_password: "{{ minio_root_password | default(vault_minio_root_password | default('')) }}"
secrets_dir: "{{ secrets_dir | default('./secrets') }}"
no_log: yes
- name: Determine Docker registry password from vault or extra vars - name: Determine Docker registry password from vault or extra vars
ansible.builtin.set_fact: ansible.builtin.set_fact:
registry_password: >- registry_password: >-
@@ -79,7 +104,7 @@
name: "{{ deploy_image }}" name: "{{ deploy_image }}"
source: pull source: pull
pull: true pull: true
when: registry_accessible | bool when: registry_accessible is defined and registry_accessible | bool
register: image_pull_result register: image_pull_result
ignore_errors: yes ignore_errors: yes
failed_when: false failed_when: false
@@ -118,12 +143,38 @@
- app-internal - app-internal
ignore_errors: yes ignore_errors: yes
- name: Check if .env file exists
stat:
path: "{{ application_code_dest }}/.env"
register: env_file_exists
- name: Create minimal .env file if it doesn't exist
copy:
dest: "{{ application_code_dest }}/.env"
content: |
# Minimal .env file for Docker Compose
# This file should be properly configured by the application setup playbook
DB_USERNAME={{ db_username | default('postgres') }}
DB_PASSWORD={{ db_password | default('') }}
MINIO_ROOT_USER={{ minio_root_user | default('minioadmin') }}
MINIO_ROOT_PASSWORD={{ minio_root_password | default('') }}
SECRETS_DIR={{ secrets_dir | default('./secrets') }}
mode: '0600'
when: not env_file_exists.stat.exists
become: yes
- name: Deploy application stack with new image - name: Deploy application stack with new image
shell: | shell: |
cd {{ application_code_dest }} cd {{ application_code_dest }}
docker compose -f docker-compose.base.yml -f docker-compose.{{ application_compose_suffix }} up -d --pull missing --force-recreate --remove-orphans docker compose -f docker-compose.base.yml -f docker-compose.{{ application_compose_suffix }} up -d --pull missing --force-recreate --remove-orphans
register: compose_deploy_result register: compose_deploy_result
changed_when: true changed_when: true
environment:
DB_USERNAME: "{{ db_username | default('postgres') }}"
DB_PASSWORD: "{{ db_password | default('') }}"
MINIO_ROOT_USER: "{{ minio_root_user | default('minioadmin') }}"
MINIO_ROOT_PASSWORD: "{{ minio_root_password | default('') }}"
SECRETS_DIR: "{{ secrets_dir | default('./secrets') }}"
- name: Wait for containers to start - name: Wait for containers to start
ansible.builtin.pause: ansible.builtin.pause: