fix: Add .env file check and environment variables for docker compose
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 30s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m14s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 28s
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 13s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 30s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m14s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 28s
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 13s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Fix 'argument of type bool is not iterable' error in image pull task - Check if .env file exists before docker compose up - Create minimal .env file if it doesn't exist with required variables - Load secrets from vault file if available - Set database and MinIO variables from vault or defaults - Pass environment variables to docker compose command - Fixes missing MINIO_ROOT_USER, DB_USERNAME, DB_PASSWORD, SECRETS_DIR errors
This commit is contained in:
@@ -21,6 +21,22 @@
|
||||
deployment_environment: "{{ deployment_environment | default('production') }}"
|
||||
|
||||
tasks:
|
||||
- name: Check if vault file exists locally
|
||||
stat:
|
||||
path: "{{ playbook_dir }}/../secrets/{{ deployment_environment }}.vault.yml"
|
||||
delegate_to: localhost
|
||||
register: vault_file_stat
|
||||
become: no
|
||||
|
||||
- name: Load secrets from vault file if exists
|
||||
include_vars:
|
||||
file: "{{ playbook_dir }}/../secrets/{{ deployment_environment }}.vault.yml"
|
||||
when: vault_file_stat.stat.exists
|
||||
no_log: yes
|
||||
ignore_errors: yes
|
||||
delegate_to: localhost
|
||||
become: no
|
||||
|
||||
- name: Set app_name from provided value or default
|
||||
ansible.builtin.set_fact:
|
||||
app_name: "{{ app_name if (app_name is defined and app_name != '') else app_name_default }}"
|
||||
@@ -29,6 +45,15 @@
|
||||
ansible.builtin.set_fact:
|
||||
deploy_image: "{{ docker_registry }}/{{ app_name }}:{{ image_tag }}"
|
||||
|
||||
- name: Set database and MinIO variables from vault or defaults
|
||||
ansible.builtin.set_fact:
|
||||
db_username: "{{ db_username | default(vault_db_user | default('postgres')) }}"
|
||||
db_password: "{{ db_password | default(vault_db_password | default('')) }}"
|
||||
minio_root_user: "{{ minio_root_user | default(vault_minio_root_user | default('minioadmin')) }}"
|
||||
minio_root_password: "{{ minio_root_password | default(vault_minio_root_password | default('')) }}"
|
||||
secrets_dir: "{{ secrets_dir | default('./secrets') }}"
|
||||
no_log: yes
|
||||
|
||||
- name: Determine Docker registry password from vault or extra vars
|
||||
ansible.builtin.set_fact:
|
||||
registry_password: >-
|
||||
@@ -79,7 +104,7 @@
|
||||
name: "{{ deploy_image }}"
|
||||
source: pull
|
||||
pull: true
|
||||
when: registry_accessible | bool
|
||||
when: registry_accessible is defined and registry_accessible | bool
|
||||
register: image_pull_result
|
||||
ignore_errors: yes
|
||||
failed_when: false
|
||||
@@ -118,12 +143,38 @@
|
||||
- app-internal
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Check if .env file exists
|
||||
stat:
|
||||
path: "{{ application_code_dest }}/.env"
|
||||
register: env_file_exists
|
||||
|
||||
- name: Create minimal .env file if it doesn't exist
|
||||
copy:
|
||||
dest: "{{ application_code_dest }}/.env"
|
||||
content: |
|
||||
# Minimal .env file for Docker Compose
|
||||
# This file should be properly configured by the application setup playbook
|
||||
DB_USERNAME={{ db_username | default('postgres') }}
|
||||
DB_PASSWORD={{ db_password | default('') }}
|
||||
MINIO_ROOT_USER={{ minio_root_user | default('minioadmin') }}
|
||||
MINIO_ROOT_PASSWORD={{ minio_root_password | default('') }}
|
||||
SECRETS_DIR={{ secrets_dir | default('./secrets') }}
|
||||
mode: '0600'
|
||||
when: not env_file_exists.stat.exists
|
||||
become: yes
|
||||
|
||||
- name: Deploy application stack with new image
|
||||
shell: |
|
||||
cd {{ application_code_dest }}
|
||||
docker compose -f docker-compose.base.yml -f docker-compose.{{ application_compose_suffix }} up -d --pull missing --force-recreate --remove-orphans
|
||||
register: compose_deploy_result
|
||||
changed_when: true
|
||||
environment:
|
||||
DB_USERNAME: "{{ db_username | default('postgres') }}"
|
||||
DB_PASSWORD: "{{ db_password | default('') }}"
|
||||
MINIO_ROOT_USER: "{{ minio_root_user | default('minioadmin') }}"
|
||||
MINIO_ROOT_PASSWORD: "{{ minio_root_password | default('') }}"
|
||||
SECRETS_DIR: "{{ secrets_dir | default('./secrets') }}"
|
||||
|
||||
- name: Wait for containers to start
|
||||
ansible.builtin.pause:
|
||||
|
||||
Reference in New Issue
Block a user