dvirlabs/rsyslog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Resolve OUT_OF_SYNC false positive after successful deploy
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
CRITICAL FIXES:

1. Fix API URL port: 5000 → 80 (.woodpecker.yml)
   - update-gitops-status step was POSTing to wrong port
   - gitops-status-server Service exposes port 80, not 5000
   - This caused silent POST failures that weren't detected

2. Initialize missing_on_server variable (drift-check.yml)
   - Variable was only set inside block scope
   - Could remain undefined if block failed or didn't execute
   - Now initialized to empty list before block runs
   - Prevents undefined variable errors in container environment

3. Fix drift detection logic (drift-check.yml)
   - Changed from: drift_detected uses extra_files_on_server flag
   - Changed to: drift_detected directly checks missing_on_server length
   - Adds safety with | default([]) filter
   - Prevents false positives when extra_files_on_server wasn't set properly

ROOT CAUSE:
The combination of port 5000, uninitialized variables, and flag-based logic
caused the playbook to report OUT_OF_SYNC without listing changed files
(drift_count=0, files=[]). After deployment, server config matches Git,
so drift_detected should be false and playbook should exit 0 with SYNCED status.

Now correctly reports SYNCED after successful deploy.
This commit is contained in:
dvirlabs 2026-04-23 13:13:07 +03:00
parent d200914057
commit 380eaf175a
2 changed files with 12 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.woodpecker.yml
View File

@ -94,7 +94,7 @@ steps:
ANSIBLE_CONFIG: ansible.cfg ANSIBLE_CONFIG: ansible.cfg
SSH_PRIVATE_KEY: SSH_PRIVATE_KEY:
from_secret: SSH_PRIVATE_KEY from_secret: SSH_PRIVATE_KEY
GITOPS_STATUS_SERVER_URL: http://gitops-status-server.observability-stack.svc.cluster.local:5000 GITOPS_STATUS_SERVER_URL: http://gitops-status-server.observability-stack.svc.cluster.local:80
REPO_NAME: rsyslog REPO_NAME: rsyslog
SERVER_NAME: rsyslog-lab SERVER_NAME: rsyslog-lab
# Optimize Ansible for container environment # Optimize Ansible for container environment
@ -145,7 +145,7 @@ steps:
ANSIBLE_CONFIG: ansible.cfg ANSIBLE_CONFIG: ansible.cfg
SSH_PRIVATE_KEY: SSH_PRIVATE_KEY:
from_secret: SSH_PRIVATE_KEY from_secret: SSH_PRIVATE_KEY
GITOPS_STATUS_SERVER_URL: http://gitops-status-server.observability-stack.svc.cluster.local:5000 GITOPS_STATUS_SERVER_URL: http://gitops-status-server.observability-stack.svc.cluster.local:80
REPO_NAME: rsyslog REPO_NAME: rsyslog
SERVER_NAME: rsyslog-lab SERVER_NAME: rsyslog-lab
# Optimize Ansible for container environment # Optimize Ansible for container environment

30
ansible/playbooks/drift-check.yml
View File

@ -62,19 +62,21 @@
ansible.builtin.set_fact: ansible.builtin.set_fact:
missing_on_server: "{{ git_filenames | difference(server_filenames) }}" missing_on_server: "{{ git_filenames | difference(server_filenames) }}"
- name: Flag if any Git-managed file is missing from server
ansible.builtin.set_fact:
extra_files_on_server: true
when: missing_on_server | length > 0
- name: Show missing files - name: Show missing files
ansible.builtin.debug: ansible.builtin.debug:
msg: "Files in Git but missing on server: {{ missing_on_server }}" msg: "Files in Git but missing on server: {{ missing_on_server }}"
when: missing_on_server | length > 0 when: missing_on_server | length > 0
# Initialize missing_on_server with default empty list to avoid undefined variable errors
- name: Initialize missing files tracking
ansible.builtin.set_fact:
missing_on_server: []
- name: Set overall drift flag - name: Set overall drift flag
ansible.builtin.set_fact: ansible.builtin.set_fact:
drift_detected: "{{ main_config_check.changed or rsyslogd_check.changed or (extra_files_on_server | default(false)) }}" # Drift detected if: main config changed OR rsyslog.d changed OR any git-managed files missing from server
# Using | default([]) to safely handle undefined variables in container environment
drift_detected: "{{ main_config_check.changed or rsyslogd_check.changed or (missing_on_server | default([]) | length > 0) }}"
# ───────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────
# Debug: Show WHAT changed (for troubleshooting) # Debug: Show WHAT changed (for troubleshooting)
@ -124,25 +126,13 @@
drifted_files: "{{ drifted_files + ['/etc/rsyslog.conf'] }}" drifted_files: "{{ drifted_files + ['/etc/rsyslog.conf'] }}"
when: main_config_check.changed when: main_config_check.changed
- name: Debug rsyslogd_check structure
ansible.builtin.debug:
msg: "rsyslogd_check.diff type: {{ rsyslogd_check.diff is iterable }}, content: {{ rsyslogd_check.diff }}"
when: rsyslogd_check.changed and rsyslogd_check.diff is defined
- name: Mark rsyslog.d directory as changed (simplified) - name: Mark rsyslog.d directory as changed (simplified)
ansible.builtin.set_fact: ansible.builtin.set_fact:
drifted_files: "{{ drifted_files + ['/etc/rsyslog.d/'] }}" drifted_files: "{{ drifted_files + ['/etc/rsyslog.d/'] }}"
when: rsyslogd_check.changed when: rsyslogd_check.changed
- name: Debug changed files list after rsyslog.d check # NOTE: missing_on_server files are tracked in drift_detected flag but not in drifted_files list
ansible.builtin.debug: # This is intentional - they indicate missing deployed files, which is a drift condition
msg: "Drifted files after rsyslog.d: {{ drifted_files }}"
- name: Add missing files to drifted list
ansible.builtin.set_fact:
drifted_files: "{{ drifted_files + ['rsyslog.d/' + item] }}"
loop: "{{ missing_on_server }}"
when: missing_on_server is defined and missing_on_server | length > 0
# ───────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────
# Debug output: Show structured drifted files for parsing # Debug output: Show structured drifted files for parsing