dvirlabs/rsyslog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Ansible syntax error: remove block with loop in drift-check.yml

Browse Source
This commit is contained in:
dvirlabs 2026-06-09 17:48:18 +03:00
parent cf83072c38
commit 5e38581b97
1 changed files with 74 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
ansible/playbooks/drift-check.yml
View File

@ -21,87 +21,94 @@
set_fact: set_fact:
drift_detected: false drift_detected: false
drifted_items: [] drifted_items: []
synced_items: [] drift_items_result: []
synced_count: 0
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# TASK 2: Check each configured file for drift # TASK 2: Read local files from repo
# Compares local (repo) file with server file (content and existence)
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
- name: Check file drift for each configured file - name: Read local files from repository
block:
# Read local file from repo
- name: Read local file ({{ item.name }})
slurp: slurp:
src: "{{ playbook_dir }}/{{ '../../' + item.src }}" src: "{{ playbook_dir }}/{{ '../../' + item.src }}"
delegate_to: localhost delegate_to: localhost
register: local_file_content register: local_files
loop: "{{ deploy_items }}"
loop_control:
loop_var: item
label: "{{ item.name }}"
failed_when: false failed_when: false
# Try to read file from server # ─────────────────────────────────────────────────────────────────────
- name: Read server file ({{ item.name }}) # TASK 3: Read files from server
# ─────────────────────────────────────────────────────────────────────
- name: Read files from servers
slurp: slurp:
src: "{{ item.dest }}" src: "{{ item.dest }}"
register: server_file_content register: server_files
loop: "{{ deploy_items }}"
loop_control:
loop_var: item
label: "{{ item.name }}"
failed_when: false failed_when: false
# Compare contents and detect drift # ─────────────────────────────────────────────────────────────────────
- name: Analyze drift for {{ item.name }} # TASK 4: Detect drift for each file
# Compares local (repo) vs server file, detects missing or content diff
# ─────────────────────────────────────────────────────────────────────
- name: Detect drift for each file
set_fact: set_fact:
file_drift_status: "{{ {} }}" drift_items_result: "{{ drift_items_result | default([]) + [file_drift_info] }}"
file_has_drift: false vars:
local_file: "{{ local_files.results[index] }}"
- name: Check if server file is missing ({{ item.name }}) server_file: "{{ server_files.results[index] }}"
set_fact: index: "{{ loop_index0 }}"
file_has_drift: true file_drift_info: |
file_drift_status: | {%- if server_file.rc != 0 -%}
{ {
"name": "{{ item.name }}", "name": "{{ item.name }}",
"destination": "{{ item.dest }}", "destination": "{{ item.dest }}",
"status": "MISSING", "status": "MISSING",
"reason": "File not found on server" "reason": "File not found on server"
} }
when: server_file_content.rc != 0 {%- elif local_file.content | b64decode != server_file.content | b64decode -%}
- name: Check if file content differs ({{ item.name }})
set_fact:
file_has_drift: true
file_drift_status: |
{ {
"name": "{{ item.name }}", "name": "{{ item.name }}",
"destination": "{{ item.dest }}", "destination": "{{ item.dest }}",
"status": "CONTENT_DIFFERS", "status": "CONTENT_DIFFERS",
"reason": "File content differs from repository" "reason": "File content differs from repository"
} }
when: {%- else -%}
- server_file_content.rc == 0 {}
- local_file_content.content | b64decode != server_file_content.content | b64decode {%- endif -%}
# Track drifted and synced files
- name: Track drifted file ({{ item.name }})
set_fact:
drift_detected: true
drifted_items: "{{ drifted_items + [file_drift_status | from_json] }}"
when: file_has_drift
- name: Track synced file ({{ item.name }})
set_fact:
synced_items: "{{ synced_items + [{'name': item.name, 'destination': item.dest, 'status': 'SYNCED'}] }}"
when: not file_has_drift
loop: "{{ deploy_items }}" loop: "{{ deploy_items }}"
loop_control: loop_control:
loop_var: item loop_var: item
label: "{{ item.name }}" label: "{{ item.name }}"
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# TASK 3: Generate JSON report with drift details # TASK 5: Filter drifted files
# ─────────────────────────────────────────────────────────────────────
- name: Extract drifted files
set_fact:
drifted_items: "{{ drift_items_result | map('from_json') | selectattr('status', 'defined') | list }}"
synced_count: "{{ drift_items_result | map('from_json') | rejectattr('status', 'defined') | list | length }}"
# ─────────────────────────────────────────────────────────────────────
# TASK 6: Update drift detection flag
# ─────────────────────────────────────────────────────────────────────
- name: Set drift_detected flag
set_fact:
drift_detected: "{{ drifted_items | length > 0 }}"
# ─────────────────────────────────────────────────────────────────────
# TASK 7: Generate JSON report with drift details
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
- name: Generate drift detection JSON report - name: Generate drift detection JSON report
set_fact: set_fact:
drifted_files_json: "{{ drifted_items | to_nice_json }}" drifted_files_json: "{{ drifted_items | to_nice_json }}"
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# TASK 4: Save drift report to file for script consumption # TASK 8: Save drift report to file for script consumption
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
- name: Save drift report to file - name: Save drift report to file
copy: copy:
@ -113,13 +120,13 @@
delegate_to: localhost delegate_to: localhost
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# TASK 5: Output status summary # TASK 9: Output status summary
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
- name: Output SYNCED status - name: Output SYNCED status
debug: debug:
msg: | msg: |
✓ All files are in sync ✓ All files are in sync
Synced files: {{ synced_items | length }} Synced files: {{ synced_count }}
when: not drift_detected when: not drift_detected
- name: Output OUT_OF_SYNC status with details - name: Output OUT_OF_SYNC status with details
@ -131,7 +138,7 @@
when: drift_detected when: drift_detected
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
# TASK 6: Fail if drift detected (for CI/CD pipeline) # TASK 10: Fail if drift detected (for CI/CD pipeline)
# ───────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────
- name: Fail if drift detected - name: Fail if drift detected
fail: fail: