Added domain validator for web- apps and services for port-ui

2025-08-15 08:30:46 +02:00 · 2025-08-07 20:37:47 +02:00 · 2025-08-07 20:37:47 +02:00 · 4124e97aeb
commit 4124e97aeb
parent 7f0d40bdc3
2 changed files with 73 additions and 65 deletions
--- a/roles/web-app-port-ui/tasks/main.yml
+++ b/roles/web-app-port-ui/tasks/main.yml
@ -1,77 +1,67 @@
 ---
+- block:
+  - name: "Validate configuration"
+    include_tasks: "validate.yml"

- name: "include docker and reverse proxy for '{{ application_id }}'"
-  include_role: 
-    name: cmp-docker-proxy
-  when: run_once_docker_portfolio is not defined
+  - name: "include docker and reverse proxy for '{{ application_id }}'"
+    include_role: 
+      name: cmp-docker-proxy

- name: "Check if host-specific config.yaml exists in {{ config_inventory_path }}"
-  stat:
-    path: "{{ config_inventory_path }}"
-  delegate_to: localhost
-  become: false
-  register: config_file
-  when: run_once_docker_portfolio is not defined
+  - name: "Check if host-specific config.yaml exists in {{ config_inventory_path }}"
+    stat:
+      path: "{{ config_inventory_path }}"
+    delegate_to: localhost
+    become: false
+    register: config_file

- name: Load menu categories
-  include_vars:
-    file: "menu_categories.yml"
-  when: run_once_docker_portfolio is not defined
+  - name: Load menu categories
+    include_vars:
+      file: "menu_categories.yml"

- name: Load docker cards
-  set_fact:
-    portfolio_cards: "{{ lookup('docker_cards', 'roles') }}"
-  when: run_once_docker_portfolio is not defined
+  - name: Load docker cards
+    set_fact:
+      portfolio_cards: "{{ lookup('docker_cards', 'roles') }}"

- name: "Load images for applications feature simpleicons is enabled "
-  set_fact:
-    portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, WEB_PROTOCOL) }}"
-  when:
-    - (applications | get_app_conf(application_id, 'features.simpleicons', False))
-    - run_once_docker_portfolio is not defined
+  - name: "Load images for applications feature simpleicons is enabled "
+    set_fact:
+      portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, WEB_PROTOCOL) }}"
+    when:
+      - (applications | get_app_conf(application_id, 'features.simpleicons', False))

- name: Group docker cards
-  set_fact:
-    portfolio_menu_data: "{{ lookup('docker_cards_grouped', portfolio_cards, portfolio_menu_categories) }}"
-  when: run_once_docker_portfolio is not defined
+  - name: Group docker cards
+    set_fact:
+      portfolio_menu_data: "{{ lookup('docker_cards_grouped', portfolio_cards, portfolio_menu_categories) }}"

- name: Debug portfolio data
-  debug:
-    msg:
-      portfolio_cards:            "{{ portfolio_cards }}"
-      portfolio_menu_categories:  "{{ portfolio_menu_categories}}"
-      portfolio_menu_data:        "{{ portfolio_menu_data }}"
-      service_provider:           "{{ service_provider }}"
-  when:
-    - enable_debug | bool
-    - run_once_docker_portfolio is not defined
+  - name: Debug portfolio data
+    debug:
+      msg:
+        portfolio_cards:            "{{ portfolio_cards }}"
+        portfolio_menu_categories:  "{{ portfolio_menu_categories}}"
+        portfolio_menu_data:        "{{ portfolio_menu_data }}"
+        service_provider:           "{{ service_provider }}"
+    when: enable_debug | bool

- name: Copy host-specific config.yaml if it exists
-  template:
-    src: "{{ config_inventory_path }}"
-    dest: "{{docker_repository_path}}/app/config.yaml"
-  notify: docker compose up
-  when:
-    - run_once_docker_portfolio is not defined
-    - config_file.stat.exists
+  - name: Copy host-specific config.yaml if it exists
+    template:
+      src: "{{ config_inventory_path }}"
+      dest: "{{docker_repository_path}}/app/config.yaml"
+    notify: docker compose up
+    when: config_file.stat.exists

- name: Copy default config.yaml from the role template if host-specific file does not exist
-  template:
-    src: "config.yaml.j2"
-    dest: "{{docker_repository_path}}/app/config.yaml"
-  notify: docker compose up
-  when:
-    - run_once_docker_portfolio is not defined
-    - not config_file.stat.exists
+  - name: Copy default config.yaml from the role template if host-specific file does not exist
+    template:
+      src: "config.yaml.j2"
+      dest: "{{docker_repository_path}}/app/config.yaml"
+    notify: docker compose up
+    when: not config_file.stat.exists

- name: add docker-compose.yml
-  template:
-    src:  docker-compose.yml.j2 
-    dest: "{docker_compose.directories.instance}}docker-compose.yml"
-  notify: docker compose up
-  when: run_once_docker_portfolio is not defined
-
- name: run the portfolio tasks once
-  set_fact:
-    run_once_docker_portfolio: true
+  - name: add docker-compose.yml
+    template:
+      src:  docker-compose.yml.j2 
+      dest: "{docker_compose.directories.instance}}docker-compose.yml"
+    notify: docker compose up
+  
+  - name: run the portfolio tasks once
+    set_fact:
+      run_once_docker_portfolio: true
  when: run_once_docker_portfolio is not defined
--- a/roles/web-app-port-ui/tasks/validate.yml
+++ b/roles/web-app-port-ui/tasks/validate.yml
@ -0,0 +1,18 @@
+- name: Assert that each web-app- or web-svc- port-ui-desktop app uses the correct domain suffix
+  assert:
+    that:
+      - >
+        (
+          not (item.value.features['port-ui-desktop'] | default(false) | bool)
+        )
+        or (domains | get_domain(item.key)).endswith(domains | get_domain('web-app-port-ui'))
+    fail_msg: >
+      Application {{ item.key }}
+      has domain {{ domains | get_domain(item.key) }}
+      but it does not end with {{ domains | get_domain('web-app-port-ui') }}!
+  loop: "{{ applications 
+             | dict2items 
+             | selectattr('key', 'match', '^(web-app-|web-svc-)') 
+             | list }}"
+  loop_control:
+    label: "{{ item.key }}"