From 5d36a806ff47a0b63404c71be2167637d03eb071 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 12 Aug 2025 13:20:30 +0200 Subject: [PATCH] svc-db-postgres: add retry mechanism to all PostgreSQL tasks and fix condition handling - Added register, until, retries, and delay to all PostgreSQL-related tasks in 02_init.yml to handle transient 'tuple concurrently updated' and similar errors. - Changed 'when: "{{ postgres_init }}"' to 'when: postgres_init | bool' in main.yml for correct boolean evaluation. - Switched 'role' to 'roles' in postgresql_privs tasks for forward compatibility. - Added postgres_retry_retries and postgres_retry_delay defaults in vars/main.yml to centralize retry configuration. https://chatgpt.com/share/689b2360-a8a4-800f-9acb-6d88d6aa5cb7 --- roles/svc-db-postgres/tasks/02_init.yml | 36 +++++++++++++++++++++++-- roles/svc-db-postgres/tasks/main.yml | 2 +- roles/svc-db-postgres/vars/main.yml | 4 ++- 3 files changed, 38 insertions(+), 4 deletions(-) diff --git a/roles/svc-db-postgres/tasks/02_init.yml b/roles/svc-db-postgres/tasks/02_init.yml index 47abdfec..319de1ea 100644 --- a/roles/svc-db-postgres/tasks/02_init.yml +++ b/roles/svc-db-postgres/tasks/02_init.yml @@ -16,6 +16,10 @@ login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}" login_host: "{{ postgres_local_host }}" login_port: "{{ postgres_port }}" + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 2) Create the database user (with password) - name: "Create database user: {{ database_username }}" @@ -28,6 +32,10 @@ login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}" login_host: "{{ postgres_local_host }}" login_port: "{{ postgres_port }}" + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 3) Enable LOGIN for the role (removes NOLOGIN) - name: "Enable login for role {{ database_username }}" @@ -40,12 +48,16 @@ query: | ALTER ROLE "{{ database_username }}" WITH LOGIN; + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 4) Grant ALL privileges on all tables in the public schema - name: "Grant ALL privileges on tables in public schema to {{ database_username }}" community.postgresql.postgresql_privs: db: "{{ database_name }}" - role: "{{ database_username }}" + roles: "{{ database_username }}" objs: ALL_IN_SCHEMA privs: ALL type: table @@ -55,12 +67,16 @@ login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}" login_host: "{{ postgres_local_host }}" login_port: "{{ postgres_port }}" + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 5) Grant ALL privileges at the database level - name: "Grant all privileges on database {{ database_name }} to {{ database_username }}" community.postgresql.postgresql_privs: db: "{{ database_name }}" - role: "{{ database_username }}" + roles: "{{ database_username }}" type: database privs: ALL state: present @@ -68,6 +84,10 @@ login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}" login_host: "{{ postgres_local_host }}" login_port: "{{ postgres_port }}" + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 6) Grant USAGE/CREATE on schema and set default privileges - name: "Set comprehensive schema privileges for {{ database_username }}" @@ -82,6 +102,10 @@ GRANT CREATE ON SCHEMA public TO "{{ database_username }}"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO "{{ database_username }}"; + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 7) Ensure PostGIS and related extensions are installed (if enabled) - name: "Ensure PostGIS-related extensions are installed" @@ -98,6 +122,10 @@ - pg_trgm - unaccent when: postgres_gis_enabled | bool + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" # 8) Ensure pgvector (vector) extension is installed (for Discourse‑AI, pgvector, …) - name: "Ensure pgvector (vector) extension is installed" @@ -109,3 +137,7 @@ login_password: "{{ applications | get_app_conf(application_id, 'credentials.postgres_password', True) }}" login_host: "{{ postgres_local_host }}" login_port: "{{ postgres_port }}" + register: postgresql_result + until: postgresql_result is succeeded + retries: "{{ postgres_retry_retries }}" + delay: "{{ postgres_retry_delay }}" diff --git a/roles/svc-db-postgres/tasks/main.yml b/roles/svc-db-postgres/tasks/main.yml index 33acb3ec..b84ad421 100644 --- a/roles/svc-db-postgres/tasks/main.yml +++ b/roles/svc-db-postgres/tasks/main.yml @@ -10,4 +10,4 @@ - name: "Initialize database for '{{ database_name }}'" include_tasks: 02_init.yml - when: "{{ postgres_init }}" \ No newline at end of file + when: postgres_init | bool \ No newline at end of file diff --git a/roles/svc-db-postgres/vars/main.yml b/roles/svc-db-postgres/vars/main.yml index aa97cc89..711b21ce 100644 --- a/roles/svc-db-postgres/vars/main.yml +++ b/roles/svc-db-postgres/vars/main.yml @@ -20,4 +20,6 @@ postgres_init: "{{ database_username is defined and database_pa postgres_expose_local: True # Exposes the db to localhost, almost everytime neccessary postgres_custom_image_name: "postgres_custom" postgres_local_host: "127.0.0.1" -postgres_pg_vector_enabled: True # Required by discourse, propably in a later step it makes sense to define this as a configuration option in config/main.yml \ No newline at end of file +postgres_pg_vector_enabled: True # Required by discourse, propably in a later step it makes sense to define this as a configuration option in config/main.yml +postgres_retry_retries: 5 +postgres_retry_delay: 2 \ No newline at end of file