ilia
e897b1a027
Some checks failed
CI / lint-and-test (push) Successful in 1m16s
CI / ansible-validation (push) Successful in 5m49s
CI / secret-scanning (push) Successful in 1m33s
CI / dependency-scan (push) Successful in 2m48s
CI / sast-scan (push) Successful in 5m46s
CI / license-check (push) Successful in 1m11s
CI / vault-check (push) Failing after 5m25s
CI / playbook-test (push) Successful in 5m32s
CI / container-scan (push) Successful in 4m32s
CI / sonar-analysis (push) Successful in 6m53s
CI / workflow-summary (push) Successful in 1m6s
- Fix UFW firewall to allow outbound traffic (was blocking all outbound) - Add HOST parameter support to shell Makefile target - Fix all ansible-lint errors (trailing spaces, missing newlines, document starts) - Add changed_when: false to check commands - Fix variable naming (vault_devGPU -> vault_devgpu) - Update .ansible-lint config to exclude .gitea/ and allow strategy: free - Fix NodeSource repository GPG key handling in shell playbook - Add missing document starts to host_vars files - Clean up empty lines in datascience role files Reviewed-on: #2
67 lines
2.5 KiB
YAML
67 lines
2.5 KiB
YAML
---
|
|
- name: Set Ubuntu codename for Linux Mint
|
|
ansible.builtin.set_fact:
|
|
docker_ubuntu_codename: >
|
|
{{ 'jammy' if ansible_distribution_version is version('22', '>=') else
|
|
'focal' if ansible_distribution_version is version('21', '>=') else
|
|
'focal' if ansible_distribution_version is version('20', '>=') else
|
|
'bionic' }}
|
|
|
|
- name: Check if Docker repository exists and is correct
|
|
ansible.builtin.shell: |
|
|
if [ -f /etc/apt/sources.list.d/docker.list ]; then
|
|
if grep -q "deb \[arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg\] https://download.docker.com/linux/ubuntu" /etc/apt/sources.list.d/docker.list; then
|
|
echo "correct_config"
|
|
else
|
|
echo "wrong_config"
|
|
fi
|
|
else
|
|
echo "not_exists"
|
|
fi
|
|
register: docker_repo_check
|
|
failed_when: false
|
|
changed_when: false
|
|
|
|
- name: Remove incorrect Docker repository
|
|
ansible.builtin.file:
|
|
path: /etc/apt/sources.list.d/docker.list
|
|
state: absent
|
|
become: true
|
|
when: docker_repo_check.stdout == "wrong_config"
|
|
|
|
- name: Remove NodeSource repository completely before adding Docker repo
|
|
ansible.builtin.shell: |
|
|
# Remove NodeSource repository file
|
|
rm -f /etc/apt/sources.list.d/nodesource.list
|
|
# Remove NodeSource key file
|
|
rm -f /etc/apt/keyrings/nodesource.gpg
|
|
# Remove from sources.list if present
|
|
sed -i '/nodesource/d' /etc/apt/sources.list 2>/dev/null || true
|
|
# Remove any cached InRelease files
|
|
rm -f /var/lib/apt/lists/*nodesource* 2>/dev/null || true
|
|
rm -f /var/lib/apt/lists/partial/*nodesource* 2>/dev/null || true
|
|
become: true
|
|
ignore_errors: true
|
|
changed_when: false
|
|
|
|
- name: Add Docker repository for Linux Mint (using Ubuntu base) only if needed
|
|
ansible.builtin.apt_repository:
|
|
repo: "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu {{ docker_ubuntu_codename }} stable"
|
|
state: present
|
|
update_cache: false
|
|
when: docker_repo_check.stdout in ["not_exists", "wrong_config"]
|
|
|
|
- name: Update apt cache after adding Docker repository (ignore NodeSource errors)
|
|
ansible.builtin.shell: |
|
|
apt-get update 2>&1 | grep -v "nodesource\|NO_PUBKEY.*2F59B5F99B1BE0B4" || true
|
|
# Verify update succeeded for non-nodesource repos
|
|
if apt-get update 2>&1 | grep -q "E:"; then
|
|
# If there are real errors (not just nodesource), fail
|
|
if ! apt-get update 2>&1 | grep -q "nodesource"; then
|
|
exit 1
|
|
fi
|
|
fi
|
|
become: true
|
|
ignore_errors: true
|
|
when: docker_repo_check.stdout in ["not_exists", "wrong_config"]
|