Ensure that deployment host cache is owned appropriately
When pulling the packaged venv to the deployment host, the creation of the local file on the deploy host is done using the user that is running ansible. If ansible is being run by a non-root user, then the folder that's created to store the files will not have the right permissions and the fetch will fail. As such, when acting on the deploy host we should always ensure that we provide the correct rights to the user running ansible. We do this by using a lookup to figure out which user is executing the playbook, then setting the ownership of the folder to that user. We also use a lookup to determine that user's home directory and default to using a subdirectory of that folder for the cache. Both lookups have options to fall back to in case the environment variables used are not available.
This commit is contained in:
parent
c9139b0b3a
commit
afafacfba5
|
@ -45,7 +45,10 @@ pip_install_options: ""
|
|||
|
||||
# The path where venvs are stored on the
|
||||
# deployment host
|
||||
venv_download_path: "/opt/cache/files"
|
||||
venv_download_path: "{{ lookup('env', 'HOME') | default('/opt', true) }}/cache/files"
|
||||
|
||||
# The owner of the venv_download_path
|
||||
venv_download_path_owner: "{{ lookup('env', 'USER') | default('root', true) }}"
|
||||
|
||||
# The path where venvs are extracted to
|
||||
# on the target host, for example:
|
||||
|
|
|
@ -48,6 +48,7 @@
|
|||
file:
|
||||
path: "{{ venv_download_path }}/{{ venv_destination_path | dirname }}"
|
||||
state: directory
|
||||
owner: "{{ venv_download_path_owner }}"
|
||||
delegate_to: localhost
|
||||
run_once: yes
|
||||
|
||||
|
|
Loading…
Reference in New Issue