dvirlabs/rsyslog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Remove invalid block+loop structure in drift-check.yml

Browse Source 
- Replace block with individual looped tasks (Ansible doesn't support block+loop)
- Task 2: Read local files (looped)
- Task 3: Read server files (looped)
- Task 4: Compare using loop_index0 to correlate results
- Task 5+: Process and output drift results
- Maintains all functionality: JSON output, detailed drift reporting
- No more loop_index0 undefined errors
This commit is contained in:
dvirlabs 2026-06-09 18:24:10 +03:00
parent 0d0169c97d
commit fc8dc8df9c
1 changed files with 57 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
ansible/playbooks/drift-check.yml
View File

@ -23,73 +23,81 @@
drifted_items: []
# ─────────────────────────────────────────────────────────────────────
# TASK 2: Check drift for each configured file
# Loops through deploy_items and compares local vs server files
# TASK 2: Read local files from repository
# ─────────────────────────────────────────────────────────────────────
- name: Check drift for each file
block:
# Read local file from repo
- name: Read local file
slurp:
src: "{{ playbook_dir }}/{{ '../../' + item.src }}"
delegate_to: localhost
register: local_file_content
failed_when: false
- name: Read local files
slurp:
src: "{{ playbook_dir }}/{{ '../../' + item.src }}"
delegate_to: localhost
loop: "{{ deploy_items }}"
loop_control:
loop_var: item
label: "{{ item.name }}"
register: local_files
failed_when: false
# Read file from server
- name: Read server file
slurp:
src: "{{ item.dest }}"
register: server_file_content
failed_when: false
# Build drift info if file is missing
- name: Add to drifted items if missing
set_fact:
drifted_items: "{{ drifted_items + [drift_info] }}"
vars:
drift_info:
name: "{{ item.name }}"
destination: "{{ item.dest }}"
status: "MISSING"
reason: "File not found on server"
when: server_file_content.rc != 0
# Build drift info if file content differs
- name: Add to drifted items if content differs
set_fact:
drifted_items: "{{ drifted_items + [drift_info] }}"
vars:
drift_info:
name: "{{ item.name }}"
destination: "{{ item.dest }}"
status: "CONTENT_DIFFERS"
reason: "File content differs from repository"
when:
- server_file_content.rc == 0
- local_file_content.content | b64decode != server_file_content.content | b64decode
# ─────────────────────────────────────────────────────────────────────
# TASK 3: Read server files
# ─────────────────────────────────────────────────────────────────────
- name: Read server files
slurp:
src: "{{ item.dest }}"
loop: "{{ deploy_items }}"
loop_control:
loop_var: item
label: "{{ item.name }}"
register: server_files
failed_when: false
# ─────────────────────────────────────────────────────────────────────
# TASK 4: Compare files and detect drift
# Builds list of drifted files by comparing local vs server
# ─────────────────────────────────────────────────────────────────────
- name: Detect drift by comparing files
set_fact:
drifted_items: "{{ drifted_items | default([]) + [drift_item] }}"
vars:
local_result: "{{ local_files.results[item_index] }}"
server_result: "{{ server_files.results[item_index] }}"
item_index: "{{ loop_index0 }}"
drift_item: |
{%- if server_result.rc != 0 -%}
{
"name": "{{ item.name }}",
"destination": "{{ item.dest }}",
"status": "MISSING",
"reason": "File not found on server"
}
{%- elif local_result.content | b64decode != server_result.content | b64decode -%}
{
"name": "{{ item.name }}",
"destination": "{{ item.dest }}",
"status": "CONTENT_DIFFERS",
"reason": "File content differs from repository"
}
{%- endif -%}
loop: "{{ deploy_items }}"
loop_control:
loop_var: item
label: "{{ item.name }}"
# ─────────────────────────────────────────────────────────────────────
# TASK 3: Update drift detection flag
# TASK 5: Update drift detection flag and filter results
# ─────────────────────────────────────────────────────────────────────
- name: Set drift_detected flag
set_fact:
drift_detected: "{{ drifted_items | length > 0 }}"
drifted_items: "{{ drifted_items | map('from_json') | selectattr('status', 'defined') | list }}"
drift_detected: "{{ (drifted_items | map('from_json') | selectattr('status', 'defined') | list | length) > 0 }}"
# ─────────────────────────────────────────────────────────────────────
# TASK 4: Generate JSON report with drift details
# TASK 6: Generate JSON report with drift details
# ─────────────────────────────────────────────────────────────────────
- name: Generate drift detection JSON report
set_fact:
drifted_files_json: "{{ drifted_items | to_nice_json }}"
# ─────────────────────────────────────────────────────────────────────
# TASK 5: Save drift report to file for script consumption
# TASK 7: Save drift report to file for script consumption
# ─────────────────────────────────────────────────────────────────────
- name: Save drift report to file
copy:
@ -101,7 +109,7 @@
delegate_to: localhost
# ─────────────────────────────────────────────────────────────────────
# TASK 6: Output status summary
# TASK 8: Output status summary
# ─────────────────────────────────────────────────────────────────────
- name: Output SYNCED status
debug:
@ -119,7 +127,7 @@
when: drift_detected
# ─────────────────────────────────────────────────────────────────────
# TASK 7: Fail if drift detected (for CI/CD pipeline)
# TASK 9: Fail if drift detected (for CI/CD pipeline)
# ─────────────────────────────────────────────────────────────────────
- name: Fail if drift detected
fail: