From 86dd36930f66b3874828472e63240aa79143c475 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Thu, 4 Dec 2025 16:52:43 +0100 Subject: [PATCH] Refactor MariaDB role to stabilize initialization: - Unify encoding/collation variables - Improve connection logic for mysql_db module - Switch to PyMySQL install path to avoid mysqlclient build failures - Update healthcheck to container-friendly CMD-SHELL usage - Normalize network and port configuration These changes were applied during CI/CD pipeline debugging. The root CI/CD connectivity issue is still not fixed. Reference: https://chatgpt.com/share/6931adf0-ce7c-800f-86f3-f867fbd3191f --- roles/svc-db-mariadb/config/main.yml | 4 +- roles/svc-db-mariadb/defaults/main.yml | 4 +- roles/svc-db-mariadb/tasks/01_core.yml | 39 ++++++++++++++++++- roles/svc-db-mariadb/tasks/02_init.yml | 36 +++++++---------- .../templates/docker-compose.yml.j2 | 7 +++- roles/svc-db-mariadb/vars/main.yml | 24 ++++++------ 6 files changed, 75 insertions(+), 39 deletions(-) diff --git a/roles/svc-db-mariadb/config/main.yml b/roles/svc-db-mariadb/config/main.yml index acf6f89e..7a450409 100644 --- a/roles/svc-db-mariadb/config/main.yml +++ b/roles/svc-db-mariadb/config/main.yml @@ -11,6 +11,6 @@ docker: mem_reservation: "2g" mem_limit: "4g" pids_limit: 1024 - network: "mariadb" + network: "mariadb" volumes: - data: "mariadb_data" \ No newline at end of file + data: "mariadb_data" \ No newline at end of file diff --git a/roles/svc-db-mariadb/defaults/main.yml b/roles/svc-db-mariadb/defaults/main.yml index e4a86473..06de16c1 100644 --- a/roles/svc-db-mariadb/defaults/main.yml +++ b/roles/svc-db-mariadb/defaults/main.yml @@ -1,4 +1,4 @@ # Check out the README.md file for more information, why this encodings and collations are used -database_encoding: "utf8mb4" -database_collation: "utf8mb4_unicode_ci" +MARIADB_ENCODING: "utf8mb4" +MARIADB_COLLATION: "utf8mb4_unicode_ci" database_init: false # When true a database is initialized \ No newline at end of file diff --git a/roles/svc-db-mariadb/tasks/01_core.yml b/roles/svc-db-mariadb/tasks/01_core.yml index 0c24ca43..792516b5 100644 --- a/roles/svc-db-mariadb/tasks/01_core.yml +++ b/roles/svc-db-mariadb/tasks/01_core.yml @@ -9,15 +9,50 @@ community.general.pacman: name: python-mysqlclient state: present + when: not IS_CONTAINER | bool +- name: Ensure PyMySQL is installed for Ansible interpreter + ansible.builtin.pip: + name: PyMySQL + when: IS_CONTAINER | bool + - name: "Wait until the MariaDB container with hostname '{{ MARIADB_NAME }}' is healthy" community.docker.docker_container_info: name: "{{ MARIADB_NAME }}" register: db_info until: - - db_info.container is defined - - db_info.container.State.Health.Status == "healthy" + - db_info.container is defined + - db_info.container.State.Health.Status == "healthy" retries: 30 delay: 5 +- name: "Wait until MariaDB accepts root credentials (inside container)" + community.docker.docker_container_exec: + container: "{{ MARIADB_NAME }}" + command: > + mariadb + {{ '-h127.0.0.1 -P3306' if MARIADB_EXPOSE_LOCAL else '' }} + -uroot -p'{{ MARIADB_ROOT_PWD }}' + -e 'SELECT 1;' + register: mariadb_cli + changed_when: false + retries: 30 + delay: 5 + until: mariadb_cli.rc == 0 + +- name: "Wait until MariaDB accepts root credentials (via mysql_db)" + community.mysql.mysql_db: + name: "{{ MARIADB_HEALTHCHECK_DB }}" + state: present + login_user: root + login_password: "{{ MARIADB_ROOT_PWD }}" + login_host: "{{ MARIADB_HOST }}" + login_port: "{{ MARIADB_PORT }}" + config_file: "" + register: mariadb_ready + retries: 30 + delay: 5 + until: mariadb_ready is succeeded + changed_when: false + - include_tasks: utils/once/flag.yml diff --git a/roles/svc-db-mariadb/tasks/02_init.yml b/roles/svc-db-mariadb/tasks/02_init.yml index c0011297..b643061f 100644 --- a/roles/svc-db-mariadb/tasks/02_init.yml +++ b/roles/svc-db-mariadb/tasks/02_init.yml @@ -4,27 +4,21 @@ state: present login_user: root login_password: "{{ MARIADB_ROOT_PWD }}" - login_host: 127.0.0.1 - login_port: "{{ database_port }}" - encoding: "{{ database_encoding }}" - collation: "{{ database_collation }}" + login_host: "{{ MARIADB_HOST }}" + login_port: "{{ MARIADB_PORT }}" + encoding: "{{ MARIADB_ENCODING }}" + collation: "{{ MARIADB_COLLATION }}" + config_file: "" - name: "Create database user: {{ database_username }}" community.mysql.mysql_user: - name: "{{ database_username }}" - password: "{{ database_password }}" - host: "%" - priv: '{{ database_name }}.*:ALL' - state: present - login_user: root - login_password: "{{MARIADB_ROOT_PWD}}" - login_host: 127.0.0.1 - login_port: "{{ database_port }}" - -# Deactivated due to https://chatgpt.com/share/683ba14b-0e74-800f-9ad1-a8979bc77093 -# @todo Remove if this works fine in the future. -#- name: Grant database privileges -# ansible.builtin.shell: -# cmd: "docker exec {{MARIADB_NAME }} mariadb -u root -p{{ MARIADB_ROOT_PWD }} -e \"GRANT ALL PRIVILEGES ON `{{ database_name }}`.* TO '{{ database_username }}'@'%';\"" -# args: -# executable: /bin/bash \ No newline at end of file + name: "{{ database_username }}" + password: "{{ database_password }}" + host: "%" + priv: '`{{ database_name }}`.*:ALL' + state: present + login_user: root + login_password: "{{ MARIADB_ROOT_PWD }}" + login_host: "{{ MARIADB_HOST }}" + login_port: "{{ MARIADB_PORT }}" + config_file: "" diff --git a/roles/svc-db-mariadb/templates/docker-compose.yml.j2 b/roles/svc-db-mariadb/templates/docker-compose.yml.j2 index f74b9e1e..3852af5b 100644 --- a/roles/svc-db-mariadb/templates/docker-compose.yml.j2 +++ b/roles/svc-db-mariadb/templates/docker-compose.yml.j2 @@ -17,7 +17,12 @@ - "data:/var/lib/mysql" {% include 'roles/docker-container/templates/networks.yml.j2' %} healthcheck: - test: "/usr/bin/mariadb --user=root --password={{ MARIADB_ROOT_PWD }} --execute \"SHOW DATABASES;\"" + test: + - "CMD-SHELL" + - > + mariadb + {% if MARIADB_EXPOSE_LOCAL %}-h127.0.0.1 -P3306{% endif %} + -u root -p{{ MARIADB_ROOT_PWD }} -e 'SHOW DATABASES;' interval: 10s timeout: 5s retries: 18 diff --git a/roles/svc-db-mariadb/vars/main.yml b/roles/svc-db-mariadb/vars/main.yml index 8affceb0..f4993232 100644 --- a/roles/svc-db-mariadb/vars/main.yml +++ b/roles/svc-db-mariadb/vars/main.yml @@ -1,11 +1,13 @@ -application_id: svc-db-mariadb -MARIADB_ROOT_PWD: "{{ applications | get_app_conf(application_id,'credentials.root_password') }}" -MARIADB_SUBNET: "{{ networks.local['svc-db-mariadb'].subnet }}" -MARIADB_NETWORK: "{{ applications | get_app_conf(application_id,'docker.network') }}" -MARIADB_VOLUME: "{{ applications | get_app_conf(application_id,'docker.volumes.data') }}" -MARIADB_IMAGE: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb') }}" -MARIADB_VERSION: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version') }}" -MARIADB_NAME: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.name') }}" -MARIADB_PORT: "{{ database_port | default(ports.localhost.database[ application_id ]) }}" -MARIADB_CUSTOM_IMAGE: "mariadb_custom" -MARIADB_EXPOSE_LOCAL: True \ No newline at end of file +application_id: svc-db-mariadb +MARIADB_ROOT_PWD: "{{ applications | get_app_conf(application_id,'credentials.root_password') }}" +MARIADB_SUBNET: "{{ networks.local['svc-db-mariadb'].subnet }}" +MARIADB_NETWORK: "{{ applications | get_app_conf(application_id,'docker.network') }}" +MARIADB_VOLUME: "{{ applications | get_app_conf(application_id,'docker.volumes.data') }}" +MARIADB_IMAGE: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb') }}" +MARIADB_VERSION: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version') }}" +MARIADB_NAME: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.name') }}" +MARIADB_PORT: "{{ database_port | default(ports.localhost.database[ application_id ]) }}" +MARIADB_HOST: "127.0.0.1" +MARIADB_CUSTOM_IMAGE: "mariadb_custom" +MARIADB_EXPOSE_LOCAL: True +MARIADB_HEALTHCHECK_DB: "{{ SOFTWARE_NAME | lower | regex_replace('[^a-z0-9]+', '_') }}_healthcheck" \ No newline at end of file