Refactor MariaDB role to stabilize initialization:

- Unify encoding/collation variables
- Improve connection logic for mysql_db module
- Switch to PyMySQL install path to avoid mysqlclient build failures
- Update healthcheck to container-friendly CMD-SHELL usage
- Normalize network and port configuration

These changes were applied during CI/CD pipeline debugging. The root CI/CD connectivity issue is still not fixed.

Reference: https://chatgpt.com/share/6931adf0-ce7c-800f-86f3-f867fbd3191f

roles/svc-db-mariadb/config/main.yml

@@ -11,6 +11,6 @@ docker:
       mem_reservation:    "2g"
       mem_limit:          "4g"
       pids_limit:         1024
-  network:              "mariadb"
+  network:                "mariadb"
   volumes:
-    data:               "mariadb_data"
+    data:                 "mariadb_data"

roles/svc-db-mariadb/defaults/main.yml

@@ -1,4 +1,4 @@
 # Check out the README.md file for more information, why this encodings and collations are used
-database_encoding:  "utf8mb4"
-database_collation: "utf8mb4_unicode_ci"
+MARIADB_ENCODING:  "utf8mb4"
+MARIADB_COLLATION: "utf8mb4_unicode_ci"
 database_init:      false # When true a database is initialized

roles/svc-db-mariadb/tasks/01_core.yml

@@ -9,15 +9,50 @@
   community.general.pacman: 
     name: python-mysqlclient
     state: present
+  when: not IS_CONTAINER | bool
 
+- name: Ensure PyMySQL is installed for Ansible interpreter
+  ansible.builtin.pip:
+    name: PyMySQL
+  when: IS_CONTAINER | bool
+    
 - name: "Wait until the MariaDB container with hostname '{{ MARIADB_NAME }}' is healthy"
   community.docker.docker_container_info:
     name: "{{ MARIADB_NAME }}"
   register: db_info
   until:
-  - db_info.container is defined
-  - db_info.container.State.Health.Status == "healthy"
+    - db_info.container is defined
+    - db_info.container.State.Health.Status == "healthy"
   retries: 30
   delay: 5
 
+- name: "Wait until MariaDB accepts root credentials (inside container)"
+  community.docker.docker_container_exec:
+    container: "{{ MARIADB_NAME }}"
+    command: >
+      mariadb
+      {{ '-h127.0.0.1 -P3306' if MARIADB_EXPOSE_LOCAL else '' }}
+      -uroot -p'{{ MARIADB_ROOT_PWD }}'
+      -e 'SELECT 1;'
+  register: mariadb_cli
+  changed_when: false
+  retries: 30
+  delay: 5
+  until: mariadb_cli.rc == 0
+
+- name: "Wait until MariaDB accepts root credentials (via mysql_db)"
+  community.mysql.mysql_db:
+    name: "{{ MARIADB_HEALTHCHECK_DB }}"
+    state: present
+    login_user: root
+    login_password: "{{ MARIADB_ROOT_PWD }}"
+    login_host: "{{ MARIADB_HOST }}"
+    login_port: "{{ MARIADB_PORT }}"
+    config_file: ""
+  register: mariadb_ready
+  retries: 30
+  delay: 5
+  until: mariadb_ready is succeeded
+  changed_when: false
+
 - include_tasks: utils/once/flag.yml

roles/svc-db-mariadb/tasks/02_init.yml

@@ -4,27 +4,21 @@
     state:          present
     login_user:     root
     login_password: "{{ MARIADB_ROOT_PWD }}"
-    login_host:     127.0.0.1
-    login_port:     "{{ database_port }}"
-    encoding:       "{{ database_encoding }}"
-    collation:      "{{ database_collation }}"
+    login_host:     "{{ MARIADB_HOST }}"
+    login_port:     "{{ MARIADB_PORT }}"
+    encoding:       "{{ MARIADB_ENCODING }}"
+    collation:      "{{ MARIADB_COLLATION }}"
+    config_file:    ""
 
 - name: "Create database user: {{ database_username }}"
   community.mysql.mysql_user:
-    name:     "{{ database_username }}"
-    password: "{{ database_password }}"
-    host: "%"
-    priv: '{{ database_name }}.*:ALL'
-    state: present
-    login_user: root
-    login_password: "{{MARIADB_ROOT_PWD}}"
-    login_host: 127.0.0.1
-    login_port: "{{ database_port }}"
-
-# Deactivated due to https://chatgpt.com/share/683ba14b-0e74-800f-9ad1-a8979bc77093
-# @todo Remove if this works fine in the future. 
-#- name: Grant database privileges
-#  ansible.builtin.shell:
-#    cmd: "docker exec {{MARIADB_NAME }} mariadb -u root -p{{ MARIADB_ROOT_PWD }} -e \"GRANT ALL PRIVILEGES ON `{{ database_name }}`.* TO '{{ database_username }}'@'%';\""
-#  args:
-#    executable: /bin/bash
+    name:           "{{ database_username }}"
+    password:       "{{ database_password }}"
+    host:           "%"
+    priv:           '`{{ database_name }}`.*:ALL'
+    state:          present
+    login_user:     root
+    login_password: "{{ MARIADB_ROOT_PWD }}"
+    login_host:     "{{ MARIADB_HOST }}"
+    login_port:     "{{ MARIADB_PORT }}"
+    config_file:    ""

roles/svc-db-mariadb/templates/docker-compose.yml.j2

@@ -17,7 +17,12 @@
       - "data:/var/lib/mysql"
 {% include 'roles/docker-container/templates/networks.yml.j2' %}
     healthcheck:
-      test: "/usr/bin/mariadb --user=root --password={{ MARIADB_ROOT_PWD }} --execute \"SHOW DATABASES;\""
+      test:
+        - "CMD-SHELL"
+        - >
+          mariadb
+          {% if MARIADB_EXPOSE_LOCAL %}-h127.0.0.1 -P3306{% endif %}
+          -u root -p{{ MARIADB_ROOT_PWD }} -e 'SHOW DATABASES;'
       interval: 10s
       timeout: 5s
       retries: 18

roles/svc-db-mariadb/vars/main.yml

@@ -1,11 +1,13 @@
-application_id:       svc-db-mariadb
-MARIADB_ROOT_PWD:     "{{ applications | get_app_conf(application_id,'credentials.root_password') }}"
-MARIADB_SUBNET:       "{{ networks.local['svc-db-mariadb'].subnet  }}"
-MARIADB_NETWORK:      "{{ applications | get_app_conf(application_id,'docker.network') }}"
-MARIADB_VOLUME:       "{{ applications | get_app_conf(application_id,'docker.volumes.data') }}"
-MARIADB_IMAGE:        "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb') }}"
-MARIADB_VERSION:      "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version') }}"
-MARIADB_NAME:         "{{ applications | get_app_conf(application_id,'docker.services.mariadb.name') }}"
-MARIADB_PORT:         "{{ database_port | default(ports.localhost.database[ application_id ]) }}"
-MARIADB_CUSTOM_IMAGE: "mariadb_custom"
-MARIADB_EXPOSE_LOCAL: True
+application_id:         svc-db-mariadb
+MARIADB_ROOT_PWD:       "{{ applications | get_app_conf(application_id,'credentials.root_password') }}"
+MARIADB_SUBNET:         "{{ networks.local['svc-db-mariadb'].subnet  }}"
+MARIADB_NETWORK:        "{{ applications | get_app_conf(application_id,'docker.network') }}"
+MARIADB_VOLUME:         "{{ applications | get_app_conf(application_id,'docker.volumes.data') }}"
+MARIADB_IMAGE:          "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb') }}"
+MARIADB_VERSION:        "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version') }}"
+MARIADB_NAME:           "{{ applications | get_app_conf(application_id,'docker.services.mariadb.name') }}"
+MARIADB_PORT:           "{{ database_port | default(ports.localhost.database[ application_id ]) }}"
+MARIADB_HOST:           "127.0.0.1"
+MARIADB_CUSTOM_IMAGE:   "mariadb_custom"
+MARIADB_EXPOSE_LOCAL:   True
+MARIADB_HEALTHCHECK_DB: "{{ SOFTWARE_NAME | lower | regex_replace('[^a-z0-9]+', '_') }}_healthcheck"