test

ansible/playbooks/drift-check.yml

@@ -21,94 +21,75 @@
       set_fact:
         drift_detected: false
         drifted_items: []
-        drift_items_result: []
-        synced_count: 0
 
     # ─────────────────────────────────────────────────────────────────────
-    # TASK 2: Read local files from repo
+    # TASK 2: Check drift for each configured file
+    # Loops through deploy_items and compares local vs server files
     # ─────────────────────────────────────────────────────────────────────
-    - name: Read local files from repository
+    - name: Check drift for each file
-      slurp:
+      block:
-        src: "{{ playbook_dir }}/{{ '../../' + item.src }}"
+        # Read local file from repo
-      delegate_to: localhost
+        - name: Read local file
-      register: local_files
+          slurp:
-      loop: "{{ deploy_items }}"
+            src: "{{ playbook_dir }}/{{ '../../' + item.src }}"
-      loop_control:
+          delegate_to: localhost
-        loop_var: item
+          register: local_file_content
-        label: "{{ item.name }}"
+          failed_when: false
-      failed_when: false
 
-    # ─────────────────────────────────────────────────────────────────────
+        # Read file from server
-    # TASK 3: Read files from server
+        - name: Read server file
-    # ─────────────────────────────────────────────────────────────────────
+          slurp:
-    - name: Read files from servers
+            src: "{{ item.dest }}"
-      slurp:
+          register: server_file_content
-        src: "{{ item.dest }}"
+          failed_when: false
-      register: server_files
+
-      loop: "{{ deploy_items }}"
+        # Build drift info if file is missing
-      loop_control:
+        - name: Add to drifted items if missing
-        loop_var: item
+          set_fact:
-        label: "{{ item.name }}"
+            drifted_items: "{{ drifted_items + [drift_info] }}"
-      failed_when: false
+          vars:
+            drift_info:
+              name: "{{ item.name }}"
+              destination: "{{ item.dest }}"
+              status: "MISSING"
+              reason: "File not found on server"
+          when: server_file_content.rc != 0
+
+        # Build drift info if file content differs
+        - name: Add to drifted items if content differs
+          set_fact:
+            drifted_items: "{{ drifted_items + [drift_info] }}"
+          vars:
+            drift_info:
+              name: "{{ item.name }}"
+              destination: "{{ item.dest }}"
+              status: "CONTENT_DIFFERS"
+              reason: "File content differs from repository"
+          when:
+            - server_file_content.rc == 0
+            - local_file_content.content | b64decode != server_file_content.content | b64decode
 
-    # ─────────────────────────────────────────────────────────────────────
-    # TASK 4: Detect drift for each file
-    # Compares local (repo) vs server file, detects missing or content diff
-    # ─────────────────────────────────────────────────────────────────────
-    - name: Detect drift for each file
-      set_fact:
-        drift_items_result: "{{ drift_items_result | default([]) + [file_drift_info] }}"
-      vars:
-        local_file: "{{ local_files.results[index] }}"
-        server_file: "{{ server_files.results[index] }}"
-        index: "{{ loop_index0 }}"
-        file_drift_info: |
-          {%- if server_file.rc != 0 -%}
-          {
-            "name": "{{ item.name }}",
-            "destination": "{{ item.dest }}",
-            "status": "MISSING",
-            "reason": "File not found on server"
-          }
-          {%- elif local_file.content | b64decode != server_file.content | b64decode -%}
-          {
-            "name": "{{ item.name }}",
-            "destination": "{{ item.dest }}",
-            "status": "CONTENT_DIFFERS",
-            "reason": "File content differs from repository"
-          }
-          {%- else -%}
-          {}
-          {%- endif -%}
       loop: "{{ deploy_items }}"
       loop_control:
         loop_var: item
         label: "{{ item.name }}"
 
     # ─────────────────────────────────────────────────────────────────────
-    # TASK 5: Filter drifted files
+    # TASK 3: Update drift detection flag
-    # ─────────────────────────────────────────────────────────────────────
-    - name: Extract drifted files
-      set_fact:
-        drifted_items: "{{ drift_items_result | map('from_json') | selectattr('status', 'defined') | list }}"
-        synced_count: "{{ drift_items_result | map('from_json') | rejectattr('status', 'defined') | list | length }}"
-
-    # ─────────────────────────────────────────────────────────────────────
-    # TASK 6: Update drift detection flag
     # ─────────────────────────────────────────────────────────────────────
     - name: Set drift_detected flag
       set_fact:
         drift_detected: "{{ drifted_items | length > 0 }}"
 
     # ─────────────────────────────────────────────────────────────────────
-    # TASK 7: Generate JSON report with drift details
+    # TASK 4: Generate JSON report with drift details
     # ─────────────────────────────────────────────────────────────────────
     - name: Generate drift detection JSON report
       set_fact:
         drifted_files_json: "{{ drifted_items | to_nice_json }}"
 
     # ─────────────────────────────────────────────────────────────────────
-    # TASK 8: Save drift report to file for script consumption
+    # TASK 5: Save drift report to file for script consumption
     # ─────────────────────────────────────────────────────────────────────
     - name: Save drift report to file
       copy:
@@ -120,13 +101,13 @@
       delegate_to: localhost
 
     # ─────────────────────────────────────────────────────────────────────
-    # TASK 9: Output status summary
+    # TASK 6: Output status summary
     # ─────────────────────────────────────────────────────────────────────
     - name: Output SYNCED status
       debug:
         msg: |
           ✓ All files are in sync
-          Synced files: {{ synced_count }}
+          Total files monitored: {{ deploy_items | length }}
       when: not drift_detected
 
     - name: Output OUT_OF_SYNC status with details
@@ -138,7 +119,7 @@
       when: drift_detected
 
     # ─────────────────────────────────────────────────────────────────────
-    # TASK 10: Fail if drift detected (for CI/CD pipeline)
+    # TASK 7: Fail if drift detected (for CI/CD pipeline)
     # ─────────────────────────────────────────────────────────────────────
     - name: Fail if drift detected
       fail:

update-gitops-status.sh

@@ -59,10 +59,11 @@ DRIFTED_FILES="[]"
 
 # ─────────────────────────────────────────────────────────────────────────
 # Extract deployed files from deploy-config.yml
+# Only extract active items (lines starting with "  - name:"), not comments
 # ─────────────────────────────────────────────────────────────────────────
 echo "==> Extracting deployed files from deploy-config.yml..."
-DEPLOYED_FILES=$(grep -A1 "name:" "$DEPLOY_CONFIG" | grep "name:" | \
+DEPLOYED_FILES=$(grep "^  - name:" "$DEPLOY_CONFIG" | \
-    sed "s/.*name: \"\([^\"]*\)\".*/\1/" | \
+    sed 's/.*name: "\([^"]*\)".*/\1/' | \
     jq -R -s 'split("\n") | map(select(length > 0) | {name: .})')
 
 if [[ "$DEPLOYED_FILES" == "[]" ]] || [[ -z "$DEPLOYED_FILES" ]]; then