michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Resolve recursive variable reference in Ansible playbooks

Browse Source 
- Fix infinite loop in docker_registry_username/docker_registry_password variables
- Use _default suffix variables in production.yml to avoid recursion
- Make docker registry login optional (ignore_errors) for cases where auth isn't needed
- Fix line endings in deploy.sh script
This commit is contained in:
Michael Schiemer
2025-10-31 11:31:43 +01:00
parent 957f43aac4
commit e66f98b84a
3 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
deployment/ansible/inventory/production.yml
View File

@@ -12,8 +12,9 @@ all:
docker_registry: git.michaelschiemer.de:5000 docker_registry: git.michaelschiemer.de:5000
docker_registry_url: git.michaelschiemer.de:5000 docker_registry_url: git.michaelschiemer.de:5000
# Registry credentials (can be overridden via -e or vault) # Registry credentials (can be overridden via -e or vault)
docker_registry_username: "{{ docker_registry_username | default('admin') }}" # Defaults are set here, can be overridden by extra vars or vault
docker_registry_password: "{{ docker_registry_password | default('registry-secure-password-2025') }}" docker_registry_username_default: 'admin'
docker_registry_password_default: 'registry-secure-password-2025'
# Application Configuration # Application Configuration
app_name: framework app_name: framework

8
deployment/ansible/playbooks/deploy-update.yml
View File

@@ -22,8 +22,8 @@
- name: Derive docker registry credentials from vault when not provided - name: Derive docker registry credentials from vault when not provided
set_fact: set_fact:
docker_registry_username: "{{ docker_registry_username | default(vault_docker_registry_username | default(omit)) }}" docker_registry_username: "{{ docker_registry_username | default(vault_docker_registry_username | default(docker_registry_username_default | default('admin'))) }}"
docker_registry_password: "{{ docker_registry_password | default(vault_docker_registry_password | default(omit)) }}" docker_registry_password: "{{ docker_registry_password | default(vault_docker_registry_password | default(docker_registry_password_default | default('registry-secure-password-2025'))) }}"
- name: Verify Docker is running - name: Verify Docker is running
systemd: systemd:
@@ -102,9 +102,13 @@
username: "{{ docker_registry_username }}" username: "{{ docker_registry_username }}"
password: "{{ docker_registry_password }}" password: "{{ docker_registry_password }}"
no_log: yes no_log: yes
ignore_errors: yes
when: when:
- docker_registry_username is defined - docker_registry_username is defined
- docker_registry_password is defined - docker_registry_password is defined
- docker_registry_username | length > 0
- docker_registry_password | length > 0
register: registry_login
- name: Pull new Docker image - name: Pull new Docker image
community.docker.docker_image: community.docker.docker_image:

4
deployment/ansible/playbooks/rollback.yml
View File

@@ -19,8 +19,8 @@
- name: Derive docker registry credentials from vault when not provided - name: Derive docker registry credentials from vault when not provided
set_fact: set_fact:
docker_registry_username: "{{ docker_registry_username | default(vault_docker_registry_username | default(omit)) }}" docker_registry_username: "{{ docker_registry_username | default(vault_docker_registry_username | default(docker_registry_username_default | default('admin'))) }}"
docker_registry_password: "{{ docker_registry_password | default(vault_docker_registry_password | default(omit)) }}" docker_registry_password: "{{ docker_registry_password | default(vault_docker_registry_password | default(docker_registry_password_default | default('registry-secure-password-2025'))) }}"
- name: Check Docker service - name: Check Docker service
systemd: systemd: