dvirlabs/rsyslog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source
This commit is contained in:
dvirlabs 2026-04-24 02:14:46 +03:00
parent fa682da7a6
commit eddad9b770
2 changed files with 142 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.woodpecker.yml
View File

@ -97,6 +97,7 @@ steps:
GITOPS_STATUS_SERVER_URL: http://gitops-status-server.observability-stack.svc.cluster.local:5000 GITOPS_STATUS_SERVER_URL: http://gitops-status-server.observability-stack.svc.cluster.local:5000
REPO_NAME: rsyslog REPO_NAME: rsyslog
SERVER_NAME: rsyslog-lab SERVER_NAME: rsyslog-lab
MODE: post-deploy
# Optimize Ansible for container environment # Optimize Ansible for container environment
ANSIBLE_HOST_KEY_CHECKING: "False" ANSIBLE_HOST_KEY_CHECKING: "False"
ANSIBLE_FORCE_COLOR: "False" ANSIBLE_FORCE_COLOR: "False"
@ -108,8 +109,8 @@ steps:
# Increase file descriptor limit for Ansible (max safe value) # Increase file descriptor limit for Ansible (max safe value)
ulimit -n 65536 ulimit -n 65536
# Install dependencies: curl for HTTP requests, jq for JSON formatting # Install dependencies: git for detecting deployed files, curl for HTTP requests, jq for JSON formatting
apk add --no-cache curl jq > /dev/null 2>&1 apk add --no-cache git curl jq > /dev/null 2>&1
# Setup SSH key for Ansible # Setup SSH key for Ansible
mkdir -p ~/.ssh mkdir -p ~/.ssh

149
update-gitops-status.sh
View File

@ -49,73 +49,116 @@ REPO_NAME="${REPO_NAME:-rsyslog}"
SERVER_NAME="${SERVER_NAME:-rsyslog-lab}" SERVER_NAME="${SERVER_NAME:-rsyslog-lab}"
INVENTORY_FILE="ansible/inventory/hosts.yml" INVENTORY_FILE="ansible/inventory/hosts.yml"
PLAYBOOK="ansible/playbooks/drift-check.yml" PLAYBOOK="ansible/playbooks/drift-check.yml"
MODE="${MODE:-drift-check}" # drift-check or post-deploy
echo "═══════════════════════════════════════════════════════════════════════════════" echo "═══════════════════════════════════════════════════════════════════════════════"
echo " GitOps Status Update" echo " GitOps Status Update"
echo " Repository: $REPO_NAME | Server: $SERVER_NAME" echo " Repository: $REPO_NAME | Server: $SERVER_NAME"
echo " Target: $GITOPS_STATUS_SERVER_URL" echo " Target: $GITOPS_STATUS_SERVER_URL"
echo " Mode: $MODE"
echo "═══════════════════════════════════════════════════════════════════════════════" echo "═══════════════════════════════════════════════════════════════════════════════"
echo "" echo ""
# ───────────────────────────────────────────────────────────────────────────────── CHANGED_FILES=()
# Step 1: Run drift-check playbook DRIFT_COUNT=0
# ───────────────────────────────────────────────────────────────────────────────── SYNC_STATUS="SYNCED"
echo "Step 1/4: Running drift-check playbook..."
# Capture playbook output to a temp file for parsing # ─────────────────────────────────────────────────────────────────────────────────
PLAYBOOK_LOG=$(mktemp) # MODE 1: post-deploy - Report what files were deployed from Git
KEEP_LOG="${KEEP_PLAYBOOK_LOG:-false}" # ─────────────────────────────────────────────────────────────────────────────────
if [ "$KEEP_LOG" = "true" ]; then if [ "$MODE" = "post-deploy" ]; then
echo "Step 1/4: Analyzing Git changes (what was just deployed)..."
# Check what files changed in the last commit in files/ directory
if command -v git >/dev/null 2>&1 && [ -d .git ]; then
# Get list of changed files in files/ directory from last commit
CHANGED_FILE_PATHS=$(git diff-tree --no-commit-id --name-only -r HEAD -- files/ 2>/dev/null || echo "")
if [ -n "$CHANGED_FILE_PATHS" ]; then
echo " Files changed in last commit:"
while IFS= read -r filepath; do
if [ -n "$filepath" ]; then
# Strip "files/" prefix to get the config file name
filename="${filepath#files/}"
# Skip if it's just "files/" (directory change)
if [ "$filename" != "" ] && [ "$filename" != "files/" ]; then
CHANGED_FILES+=("$filename")
echo " - $filename"
fi
fi
done <<< "$CHANGED_FILE_PATHS"
DRIFT_COUNT=${#CHANGED_FILES[@]}
else
echo " No files changed in files/ directory"
fi
else
echo " Git not available, cannot determine deployed files"
fi
# Always SYNCED after successful deploy
SYNC_STATUS="SYNCED"
echo " ✓ Status: SYNCED - files were deployed successfully"
echo " Total deployed files: $DRIFT_COUNT"
echo ""
# ─────────────────────────────────────────────────────────────────────────────────
# MODE 2: drift-check - Check for manual changes on server (drift detection)
# ─────────────────────────────────────────────────────────────────────────────────
else
echo "Step 1/4: Running drift-check playbook..."
# Capture playbook output to a temp file for parsing
PLAYBOOK_LOG=$(mktemp)
KEEP_LOG="${KEEP_PLAYBOOK_LOG:-false}"
if [ "$KEEP_LOG" = "true" ]; then
PLAYBOOK_LOG="./drift-check-output.log" PLAYBOOK_LOG="./drift-check-output.log"
echo " Playbook output will be saved to: $PLAYBOOK_LOG" echo " Playbook output will be saved to: $PLAYBOOK_LOG"
fi fi
# Set up cleanup trap (will be updated later with RESPONSE_BODY) # Set up cleanup trap (will be updated later with RESPONSE_BODY)
trap "rm -f $PLAYBOOK_LOG" EXIT trap "rm -f $PLAYBOOK_LOG" EXIT
# Run playbook (no -v flag to avoid file descriptor exhaustion in containers) # Run playbook (no -v flag to avoid file descriptor exhaustion in containers)
# Exit code: 0 = synced, non-zero = drift detected (expected) # Exit code: 0 = synced, non-zero = drift detected (expected)
# Limit forks to 1 to reduce file descriptor usage # Limit forks to 1 to reduce file descriptor usage
set +e set +e
ANSIBLE_FORCE_COLOR=false \ ANSIBLE_FORCE_COLOR=false \
ANSIBLE_FORKS=1 \ ANSIBLE_FORKS=1 \
ansible-playbook \ ansible-playbook \
-i "$INVENTORY_FILE" \ -i "$INVENTORY_FILE" \
"$PLAYBOOK" \ "$PLAYBOOK" \
> "$PLAYBOOK_LOG" 2>&1 > "$PLAYBOOK_LOG" 2>&1
DRIFT_RC=$? DRIFT_RC=$?
set -e set -e
# Show playbook output for debugging (compact) # Show playbook output for debugging (compact)
echo "Playbook output (last 25 lines):" echo "Playbook output (last 25 lines):"
cat "$PLAYBOOK_LOG" | tail -25 cat "$PLAYBOOK_LOG" | tail -25
echo "" echo ""
echo "DEBUG: Full playbook output saved to: $PLAYBOOK_LOG" echo "DEBUG: Full playbook output saved to: $PLAYBOOK_LOG"
echo "" echo ""
# ───────────────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────────────
# Step 2: Determine sync status and collect changed files # Step 2: Determine sync status and collect changed files
# ───────────────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────────────
echo "Step 2/4: Analyzing drift detection results..." echo "Step 2/4: Analyzing drift detection results..."
CHANGED_FILES=() # Exit code 0 = synced (all tasks succeeded)
DRIFT_COUNT=0 # Exit code non-zero = drift detected (fail task was reached)
if [ "$DRIFT_RC" -eq 0 ]; then
# Exit code 0 = synced (all tasks succeeded)
# Exit code non-zero = drift detected (fail task was reached)
if [ "$DRIFT_RC" -eq 0 ]; then
SYNC_STATUS="SYNCED" SYNC_STATUS="SYNCED"
echo " ✓ Status: SYNCED - server configuration matches Git" echo " ✓ Status: SYNCED - server configuration matches Git"
else else
SYNC_STATUS="OUT_OF_SYNC" SYNC_STATUS="OUT_OF_SYNC"
echo " ✗ Status: OUT OF SYNC - configuration drift detected" echo " ✗ Status: OUT OF SYNC - configuration drift detected"
fi fi
# Extract structured drifted files from playbook output # Extract structured drifted files from playbook output
# The drift-check.yml playbook outputs: DRIFTED_FILES=file1,file2,file3 # The drift-check.yml playbook outputs: DRIFTED_FILES=file1,file2,file3
# With YAML callback, the output format is: msg: DRIFTED_FILES=... echo " DEBUG: Searching for DRIFTED_FILES in playbook output..."
echo " DEBUG: Searching for DRIFTED_FILES in playbook output..." if grep -q "DRIFTED_FILES=" "$PLAYBOOK_LOG"; then
if grep -q "DRIFTED_FILES=" "$PLAYBOOK_LOG"; then
echo " DEBUG: Found DRIFTED_FILES pattern" echo " DEBUG: Found DRIFTED_FILES pattern"
DRIFTED_FILES_LINE=$(grep "DRIFTED_FILES=" "$PLAYBOOK_LOG" | tail -1) DRIFTED_FILES_LINE=$(grep "DRIFTED_FILES=" "$PLAYBOOK_LOG" | tail -1)
echo " DEBUG: Raw line: $DRIFTED_FILES_LINE" echo " DEBUG: Raw line: $DRIFTED_FILES_LINE"
@ -152,25 +195,19 @@ if grep -q "DRIFTED_FILES=" "$PLAYBOOK_LOG"; then
else else
echo " DEBUG: DRIFTED_FILES is empty or []" echo " DEBUG: DRIFTED_FILES is empty or []"
fi fi
else else
echo " DEBUG: DRIFTED_FILES not found in playbook output" echo " DEBUG: DRIFTED_FILES not found in playbook output"
echo " DEBUG: Attempting to parse from changed task output..."
# Fallback: Look for "changed:" indicators in the playbook output
if grep -q "changed: \[" "$PLAYBOOK_LOG"; then
echo " DEBUG: Found changed tasks, but no structured DRIFTED_FILES output"
echo " DEBUG: This might indicate a playbook output format issue"
fi fi
fi
# Additional validation: If OUT_OF_SYNC but no files found, show warning # Additional validation: If OUT_OF_SYNC but no files found, show warning
if [ "$SYNC_STATUS" = "OUT_OF_SYNC" ] && [ "$DRIFT_COUNT" -eq 0 ]; then if [ "$SYNC_STATUS" = "OUT_OF_SYNC" ] && [ "$DRIFT_COUNT" -eq 0 ]; then
echo " ⚠️ WARNING: Status is OUT_OF_SYNC but no drifted files were extracted" echo " ⚠️ WARNING: Status is OUT_OF_SYNC but no drifted files were extracted"
echo " ⚠️ This might indicate a parsing issue. Check the playbook output above." echo " ⚠️ This might indicate a parsing issue. Check the playbook output above."
fi fi
echo " Total drift count: $DRIFT_COUNT" echo " Total drift count: $DRIFT_COUNT"
echo "" echo ""
fi
# ───────────────────────────────────────────────────────────────────────────────── # ─────────────────────────────────────────────────────────────────────────────────
# Step 3: Build JSON payload # Step 3: Build JSON payload