Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Have "Update pulsys user keys" job report failure on Tower if no hosts are found #5243

Open
1 of 4 tasks
maxkadel opened this issue Aug 12, 2024 · 2 comments
Open
1 of 4 tasks

Have "Update pulsys user keys" job report failure on Tower if no hosts are found #5243

maxkadel opened this issue Aug 12, 2024 · 2 comments
Assignees
@acozine
Labels
maintenance

Comments

@maxkadel
Copy link
Contributor

What maintenance needs to be done?

I'm not sure how possible this is, but I was recently trying to update the pulsys user keys on a box via Tower, and was misled because the job reported success even though it did not find any servers that matched my parameters. This isn't as much a problem when running from the command line, but it's easier to miss when running from Tower.

Level of urgency

  • High
  • Moderate
  • Low

Why is this maintenance needed?

  • The job to update the pulsys user keys is one that can often only be run from Tower. In this context, it can be easy to miss if it does not actually run on your host, since the output doesn't update without extra steps and the job reports success overall. It would be more intuitive if this particular job failed if it did not find any matching hosts.

Acceptance criteria

  • Ansible Tower reports a failure if "Update pulsys user keys" is run and doesn't match any hosts

Implementation notes, if any

I'm not sure if we would want to change the overall HOST_PATTERN_MISMATCH configuration, or whether it would be a way to configure it by playbook?
@acozine
Copy link
Contributor

acozine commented Sep 10, 2024
edited
Loading

I wonder if we can fix this with a fail pre-task - something like:

- name: Fail playbook when no hosts match
  ansible.builtin.fail:
     msg: The playbook did not add keys to any hosts, please try again.
  failed_when: "ansible_play_hosts is null"

@acozine
Copy link
Contributor

acozine commented Sep 11, 2024

Hm, thinking a bit more about this . . . the challenge with this particular playbook is that it has two plays - one runs on PUL-only and CDH-only boxes, installing the correct group of keys on each server; the other runs on "shared" boxes, installing both groups of keys on those servers. For a lot of servers and groups, I would expect one or the other play to return no hosts matched when the playbook is doing the right thing. For example, if we update keys on the postgresql boxes, the first play should return no hosts matched. So we don't want that to make the whole playbook error out unless we stop using --limit. I don't immediately know of a way to set a fail task at the playbook level, to force failure if BOTH plays returned no hosts matched.

@acozine acozine self-assigned this Oct 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@acozine acozine

Labels
maintenance
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@acozine @maxkadel