diff --git a/playbooks/group_vars/webportals.yml b/playbooks/group_vars/webportals.yml index 3c65442a..b3375b59 100644 --- a/playbooks/group_vars/webportals.yml +++ b/playbooks/group_vars/webportals.yml @@ -264,7 +264,7 @@ webportal_server_config_defaults: server_uid: "{{ lookup('pipe','openssl rand -hex 8') }}" accounts_test_user_email: "{{ lookup('pipe','openssl rand -hex 8') }}@example.com" accounts_test_user_password: "{{ lookup('pipe','openssl rand -hex 8') }}" - accounts_test_user_api_key: "" + accounts_test_user_api_key: "not-defined" # TODO: move to role default vars # This variable sets default values for common/cluster settings if they are not diff --git a/playbooks/portals-setup-following.yml b/playbooks/portals-setup-following.yml index ce323592..1105cb1f 100644 --- a/playbooks/portals-setup-following.yml +++ b/playbooks/portals-setup-following.yml @@ -218,16 +218,6 @@ - name: Include deploying portal - start services include_tasks: tasks/portal-deploy-start-services.yml - # Prepare test user and API key when portal is not anonymous and Skynet API - # key was not yet set. - - name: Include preparing Accounts test user - include_tasks: tasks/portal-accounts-test-user-prepare.yml - vars: - api_key: "{{ webportal_server_config.accounts_test_user_api_key | default('') }}" - when: - - not portal_is_anonymous - - mongo_replicaset_initialized or api_key is none or api_key == '' - - name: Include deploying portal - run tests and enable loadbalancer include_tasks: tasks/portal-deploy-enable-loadbalancer.yml when: deploy_after_setup | default(False) diff --git a/playbooks/tasks/portal-accounts-test-user-prepare.yml b/playbooks/tasks/portal-accounts-test-user-prepare.yml index dee32e7a..1747a2a3 100644 --- a/playbooks/tasks/portal-accounts-test-user-prepare.yml +++ b/playbooks/tasks/portal-accounts-test-user-prepare.yml @@ -43,6 +43,14 @@ and create_user_result.skynet_token | length < 1000 ) + or + ( + create_user_result.status not in [200, 400] + ) + # Wait a bit till nginx is ready + until: create_user_result.status | default(-1) in [200, 400] + delay: 1 + retries: 60 # If the user was created above, we already have skynet JWT token, if the # user already existed and was not created, we need to login to get token. @@ -84,17 +92,28 @@ - name: Include getting MongoDB replicaset primary member include_tasks: tasks/portal-role-task-mongo-replicaset-get-primary.yml -- name: Include updating Accounts test user to the highest paid tier in MongoDB - include_tasks: tasks/portal-role-task-mongo-shell-eval-on-delegated-host.yml - vars: - mongodb_shell_delegated: - host: "{{ hostvars[inventory_hostname].mongo_primary_host }}" - db: "skynet" - eval: | - db.getCollection('users').updateOne({'email':'{{ hostvars[inventory_hostname].accounts_test_user_email }}'},{'$set':{'tier':{{ hostvars[inventory_hostname].accounts_test_user_tier | default(1) }} }}) - webportal_common_config: - skynet_db_user: "{{ mongodb_config.skynet_db_user }}" - skynet_db_pass: "{{ mongodb_config.skynet_db_pass }}" +# Handle lazy evaluation of Accounts test user variables, throttle so that +# variables do not clash during parallel execution. +- block: + - name: Handle lazy evaluation of variables on mongo primary host + set_fact: + accounts_test_user_email: "{{ accounts_test_user_email }}" + accounts_test_user_tier: "{{ accounts_test_user_tier | default(1) }}" + delegate_to: "{{ mongo_primary_host }}" + delegate_facts: True + + - name: Include updating Accounts test user to the highest paid tier in MongoDB + include_tasks: tasks/portal-role-task-mongo-shell-eval-on-delegated-host.yml + vars: + mongodb_shell_delegated: + host: "{{ hostvars[inventory_hostname].mongo_primary_host }}" + db: "skynet" + eval: | + db.getCollection('users').updateOne({'email':'{{ accounts_test_user_email }}'},{'$set':{'tier':{{ accounts_test_user_tier | default(1) }} }}) + webportal_common_config: + skynet_db_user: "{{ mongodb_config.skynet_db_user }}" + skynet_db_pass: "{{ mongodb_config.skynet_db_pass }}" + throttle: 1 - name: Include saving server config (incl. Skynet API key) to secrets storage include_tasks: tasks/portal-configs-save-server-config.yml diff --git a/playbooks/tasks/portal-docker-services-start.yml b/playbooks/tasks/portal-docker-services-start.yml index cb7559de..0f663b3b 100644 --- a/playbooks/tasks/portal-docker-services-start.yml +++ b/playbooks/tasks/portal-docker-services-start.yml @@ -50,6 +50,39 @@ debug: msg: "{{ inventory_hostname + ' docker services start: ' + lookup('pipe','date +%Y-%m-%dT%H:%M:%S') + ' UTC' }}" +# Prepare test user and its Skynet API key (if needed) otherwise health-check +# container keeps restarting. + +- name: Get API key is defined flag + ansible.builtin.set_fact: + api_key_defined: "{{ webportal_server_config.accounts_test_user_api_key | default('not-defined') != 'not-defined' }}" + +- block: + - name: Start accounts and nginx docker services (so we can prepare test user) + community.docker.docker_compose: + project_src: "{{ webportal_dir }}" + files: "{{ webportal_docker_compose_files_wanted }}" + services: + - "accounts" + - "nginx" + build: "{{ docker_compose_build }}" + remove_orphans: True + nocache: True + pull: True + state: present + become: True + become_user: "user" + + # Prepare test user and API key when portal is not anonymous and Skynet API + # key was not yet set. + - name: Include preparing Accounts test user + include_tasks: tasks/portal-accounts-test-user-prepare.yml + when: + - portal_action in ['portal-setup-and-deploy', 'portal-setup'] + - portal_accounts_on + - not portal_is_anonymous + - mongo_replicaset_initialized | default(False) or not api_key_defined + # Start the docker services (on deploy also build images) - name: Start the docker services (on deploy also build images) community.docker.docker_compose: