mirror of
https://bitbucket.org/atlassian/dc-deployments-automation.git
synced 2025-12-14 00:43:06 -06:00
Merged in DCD-802-create-shared-home-with-product-user-ownership (pull request #48)
DCD-802 create shared home with product user ownership Approved-by: Adam Brokes
This commit is contained in:
Ben Partridge
@@ -2,10 +2,74 @@
|
|||||||
- name: Converge
|
- name: Converge
|
||||||
hosts: all
|
hosts: all
|
||||||
vars:
|
vars:
|
||||||
atl_backup_manifest_url: 's3://dcd-slingshot-test/dummy_manifest.json'
|
atl_backup_home_dest: "{{ test_archive }}"
|
||||||
atl_product_user: 'jira'
|
|
||||||
atl_backup_home_restore_canary_path: '/tmp/canary.tmp'
|
atl_backup_home_restore_canary_path: '/tmp/canary.tmp'
|
||||||
|
atl_backup_id: 'test-backup'
|
||||||
|
atl_backup_manifest_url: 'fake_manifest'
|
||||||
|
|
||||||
|
atl_product_edition: 'jira-software'
|
||||||
|
atl_product_home_shared: '/media/atl/jira/shared'
|
||||||
|
atl_product_user: 'jira'
|
||||||
|
atl_product_user_uid: '2001'
|
||||||
|
atl_product_version_cache: "{{ atl_product_home_shared }}/{{ atl_product_edition }}.version"
|
||||||
|
|
||||||
|
test_archive: '/tmp/hello.tar.gz'
|
||||||
|
test_archive_file: 'hello.txt'
|
||||||
|
test_archive_source: '/tmp/hello'
|
||||||
|
test_pre_step_prefix: '[PRE-TEST]'
|
||||||
|
test_product_version_file: "/tmp/{{ atl_product_edition }}.version"
|
||||||
|
|
||||||
|
pre_tasks:
|
||||||
|
- name: "{{ test_pre_step_prefix }} Install tar"
|
||||||
|
package:
|
||||||
|
state: present
|
||||||
|
name: tar
|
||||||
|
|
||||||
|
- name: "{{ test_pre_step_prefix }} Install useradd and groupadd binaries"
|
||||||
|
package:
|
||||||
|
state: present
|
||||||
|
name: shadow-utils
|
||||||
|
|
||||||
|
- name: "{{ test_pre_step_prefix }} Create application group"
|
||||||
|
group:
|
||||||
|
name: "{{ atl_product_user }}"
|
||||||
|
gid: "{{ atl_product_user_uid }}"
|
||||||
|
|
||||||
|
- name: "{{ test_pre_step_prefix }} Create application user"
|
||||||
|
user:
|
||||||
|
name: "{{ atl_product_user }}"
|
||||||
|
uid: "{{ atl_product_user_uid }}"
|
||||||
|
group: "{{ atl_product_user }}"
|
||||||
|
|
||||||
|
- block:
|
||||||
|
- name: "{{ test_pre_step_prefix }} Create a directory for the shared home archive"
|
||||||
|
file:
|
||||||
|
path: "{{ test_archive_source }}"
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
- name: "{{ test_pre_step_prefix }} Create a file in the shared home"
|
||||||
|
lineinfile:
|
||||||
|
create: yes
|
||||||
|
line: 'Hello, world!'
|
||||||
|
path: "{{ test_archive_source }}/{{ test_archive_file }}"
|
||||||
|
mode: 0640
|
||||||
|
- name: "{{ test_pre_step_prefix }} Create the version file in the shared home"
|
||||||
|
lineinfile:
|
||||||
|
create: yes
|
||||||
|
line: '8.5'
|
||||||
|
path: "{{ test_product_version_file }}"
|
||||||
|
mode: 0640
|
||||||
|
- name: "{{ test_pre_step_prefix }} Archive the shared home"
|
||||||
|
archive:
|
||||||
|
path:
|
||||||
|
- "{{ test_archive_source }}"
|
||||||
|
- "{{ test_product_version_file }}"
|
||||||
|
dest: "{{ test_archive }}"
|
||||||
|
owner: "{{ atl_product_user }}"
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Install distro-specific restore support packages
|
- name: Install distro-specific restore support packages
|
||||||
include_tasks: "../../tasks/{{ ansible_distribution|lower }}.yml"
|
include_tasks: "../../tasks/{{ ansible_distribution|lower }}.yml"
|
||||||
|
|
||||||
|
- name: Restore shared home
|
||||||
|
include_tasks: "../../tasks/home_restore.yml"
|
||||||
|
|||||||
@@ -18,3 +18,22 @@ def test_postgresql_amazon_linux_extras_exes(host, exe):
|
|||||||
def test_postgresql_version(host):
|
def test_postgresql_version(host):
|
||||||
pg_dump_version_output = host.check_output('pg_dump --version')
|
pg_dump_version_output = host.check_output('pg_dump --version')
|
||||||
assert '(PostgreSQL) 9.6' in pg_dump_version_output
|
assert '(PostgreSQL) 9.6' in pg_dump_version_output
|
||||||
|
|
||||||
|
@pytest.mark.parametrize('file', [
|
||||||
|
'/media/atl/jira/shared',
|
||||||
|
'/media/atl/jira/shared/hello',
|
||||||
|
'/media/atl/jira/shared/hello/hello.txt'
|
||||||
|
])
|
||||||
|
def test_shared_home_owner(host, file):
|
||||||
|
assert host.file(file).exists
|
||||||
|
assert host.file(file).user == 'jira'
|
||||||
|
assert host.file(file).group == 'jira'
|
||||||
|
|
||||||
|
def test_file_modes(host):
|
||||||
|
assert host.file('/media/atl/jira/shared/hello').mode == 0o755
|
||||||
|
assert host.file('/media/atl/jira/shared/hello/hello.txt').mode == 0o640
|
||||||
|
|
||||||
|
def test_version_file_owned_by_root(host):
|
||||||
|
assert host.file('/media/atl/jira/shared/jira-software.version').exists
|
||||||
|
assert host.file('/media/atl/jira/shared/jira-software.version').user == 'root'
|
||||||
|
assert host.file('/media/atl/jira/shared/jira-software.version').group == 'root'
|
||||||
44
roles/restore_backups/tasks/home_restore.yml
Normal file
44
roles/restore_backups/tasks/home_restore.yml
Normal file
@@ -0,0 +1,44 @@
|
|||||||
|
---
|
||||||
|
- name: Check for the restore canary file
|
||||||
|
stat:
|
||||||
|
path: "{{ atl_backup_home_restore_canary_path }}"
|
||||||
|
register: restore_canary
|
||||||
|
|
||||||
|
- block:
|
||||||
|
- name: Create shared home if necessary
|
||||||
|
file:
|
||||||
|
path: "{{ atl_product_home_shared }}"
|
||||||
|
state: directory
|
||||||
|
mode: 0750
|
||||||
|
owner: "{{ atl_product_user }}"
|
||||||
|
group: "{{ atl_product_user }}"
|
||||||
|
|
||||||
|
- name: Restore the shared-home backup
|
||||||
|
unarchive:
|
||||||
|
src: "{{ atl_backup_home_dest }}"
|
||||||
|
remote_src: yes
|
||||||
|
dest: "{{ atl_product_home_shared }}"
|
||||||
|
|
||||||
|
- name: Set shared home owner and group to application user
|
||||||
|
file:
|
||||||
|
path: "{{ atl_product_home_shared }}"
|
||||||
|
recurse: yes
|
||||||
|
group: "{{ atl_product_user }}"
|
||||||
|
owner: "{{ atl_product_user }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Set version file owner and group to root
|
||||||
|
file:
|
||||||
|
path: "{{ atl_product_version_cache }}"
|
||||||
|
group: root
|
||||||
|
owner: root
|
||||||
|
state: file
|
||||||
|
# Ignore the error in case there is no product version file in the backup
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- name: Create restore-canary if necessary
|
||||||
|
copy:
|
||||||
|
dest: "{{ atl_backup_home_restore_canary_path }}"
|
||||||
|
content: "{{ atl_backup_id }}"
|
||||||
|
|
||||||
|
when: not restore_canary.stat.exists
|
||||||
@@ -108,34 +108,8 @@
|
|||||||
when: db_created.changed and atl_backup_db_dest is defined
|
when: db_created.changed and atl_backup_db_dest is defined
|
||||||
|
|
||||||
|
|
||||||
- name: Check for the restore canary file
|
- name: Restore shared home
|
||||||
stat:
|
include_tasks: "home_restore.yml"
|
||||||
path: "{{ atl_backup_home_restore_canary_path }}"
|
|
||||||
register: restore_canary
|
|
||||||
|
|
||||||
- block:
|
|
||||||
|
|
||||||
- name: Create shared home if necessary
|
|
||||||
file:
|
|
||||||
path: "{{ atl_product_home_shared }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0750
|
|
||||||
owner: "{{ atl_product_user }}"
|
|
||||||
group: "{{ atl_product_user }}"
|
|
||||||
|
|
||||||
- name: Restore the shared-home backup
|
|
||||||
unarchive:
|
|
||||||
src: "{{ atl_backup_home_dest }}"
|
|
||||||
dest: "{{ atl_product_home_shared }}"
|
|
||||||
owner: "{{ atl_product_user }}"
|
|
||||||
group: "{{ atl_product_user }}"
|
|
||||||
|
|
||||||
- name: Create restore-canary if necessary
|
|
||||||
copy:
|
|
||||||
dest: "{{ atl_backup_home_restore_canary_path }}"
|
|
||||||
content: "{{ atl_backup_id }}"
|
|
||||||
|
|
||||||
when: not restore_canary.stat.exists
|
|
||||||
|
|
||||||
|
|
||||||
when: atl_restore_required
|
when: atl_restore_required
|
||||||
|
|||||||
Reference in New Issue
Block a user