From 9815f44b8467338e118922503d09bf390691ab11 Mon Sep 17 00:00:00 2001 From: "Rasmus \"Pez\" Wejlgaard" Date: Thu, 4 Jun 2026 18:41:24 +0100 Subject: [PATCH] fix: stop masking failed service deploys; trim dead config (#119) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The docker_services and systemd_services roles ran their "start the service" tasks with `failed_when: false`, so a container or unit that failed to come up still reported the deploy as green. Drop it from both start tasks so a broken deploy actually fails CI. The compose/unit *copy* tasks keep `failed_when: false` — that's load-bearing for the `item is not failed` filter that skips services without a compose/unit file. Also: - Remove a duplicate "Template service .env files" task in docker_services (second copy used a hardcoded path and didn't register; first one is the one the start task reads). - Don't trigger a full fleet deploy on docs/markdown/workflow-only pushes to main — add docs/**, **/*.md and .github/** to paths-ignore. - Drop the dangling `update-freebsd` Make target (playbook doesn't exist; fleet has no FreeBSD hosts). --- .github/workflows/deploy-on-merge.yml | 3 +++ ansible/Makefile | 6 +----- ansible/roles/docker_services/tasks/main.yml | 12 ------------ ansible/roles/systemd_services/tasks/main.yml | 1 - 4 files changed, 4 insertions(+), 18 deletions(-) diff --git a/.github/workflows/deploy-on-merge.yml b/.github/workflows/deploy-on-merge.yml index 953f952..6d94e09 100644 --- a/.github/workflows/deploy-on-merge.yml +++ b/.github/workflows/deploy-on-merge.yml @@ -6,6 +6,9 @@ on: - main paths-ignore: - "terraform/**" + - "docs/**" + - "**/*.md" + - ".github/**" # Serialize fleet deploys so two quick merges can't run Ansible against the # same hosts at once. Don't cancel an in-flight deploy mid-run — queue it. diff --git a/ansible/Makefile b/ansible/Makefile index d3a0048..dd3ce8e 100644 --- a/ansible/Makefile +++ b/ansible/Makefile @@ -1,4 +1,4 @@ -.PHONY: deploy deploy-check deploy-host update-all update-linux update-freebsd docker-status reboot ping deps +.PHONY: deploy deploy-check deploy-host update-all update-linux docker-status reboot ping deps # Full fleet deploy deploy: @@ -20,10 +20,6 @@ update-all: update-linux: ansible-playbook playbooks/update-linux.yml -# Update FreeBSD hosts only (pkg) -update-freebsd: - ansible-playbook playbooks/update-freebsd.yml - # Show Docker container status docker-status: ansible-playbook playbooks/docker-status.yml diff --git a/ansible/roles/docker_services/tasks/main.yml b/ansible/roles/docker_services/tasks/main.yml index c5fbd8c..60c0dbf 100644 --- a/ansible/roles/docker_services/tasks/main.yml +++ b/ansible/roles/docker_services/tasks/main.yml @@ -17,7 +17,6 @@ loop: "{{ docker_services | default([]) }}" when: lookup('ansible.builtin.fileglob', (docker_services_dir | default(playbook_dir + '/services')) + '/' + item + '/.env.j2') | length > 0 no_log: true - failed_when: false register: docker_services_env_files - name: Copy docker-compose files @@ -41,16 +40,6 @@ loop: "{{ docker_services | default([]) }}" failed_when: false -- name: Template service .env files - ansible.builtin.template: - src: "{{ playbook_dir }}/services/{{ item }}/.env.j2" - dest: "/opt/docker/{{ item }}/.env" - mode: '0600' - loop: "{{ docker_services | default([]) }}" - when: lookup('ansible.builtin.fileglob', playbook_dir + '/services/' + item + '/.env.j2') | length > 0 - no_log: true - failed_when: false - - name: Start/update docker compose services community.docker.docker_compose_v2: project_src: "/opt/docker/{{ item.item }}" @@ -62,4 +51,3 @@ (docker_services_env_files.results | default([]) | selectattr('item', 'equalto', item.item) | selectattr('changed', 'equalto', true) | list | length > 0) - failed_when: false diff --git a/ansible/roles/systemd_services/tasks/main.yml b/ansible/roles/systemd_services/tasks/main.yml index bbb1b6c..27b8a28 100644 --- a/ansible/roles/systemd_services/tasks/main.yml +++ b/ansible/roles/systemd_services/tasks/main.yml @@ -19,4 +19,3 @@ enabled: true loop: "{{ systemd_services_unit_files.results | default([]) }}" when: item is not failed - failed_when: false