From a235b70b2e1111d2b4a46b61ba5c79d6fa4d0494 Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Wed, 1 Sep 2021 18:01:39 +0200 Subject: [PATCH] Fix the failure condition for HAproxy chgrp script Follows-up I4b40d73ab329dc219ee7a387201b0747a6233ed4 Do not fail if haproxy container UUID changes. Reasoning behind: at the time the chgrp&HUP block is executed, the new cert has already been deployed on the host, with the correct owner already set. So if the container_id changes at this time, it will pick up the new cert automatically. That means that by ignoring errors caused by mismatching UUID we'd skip an unnecessary consequent restart of the newly spawned container, ending up with the same result. So the safest path here would provide a sort of a cascading failure for the crasher->restarted->reloaded once again containers. Related rhbz#1973674 Closes-bug: #1940729 Signed-off-by: Bogdan Dobrelya Change-Id: Ib0dd1516592428413452b8a260182f36e42d5b3d --- deployment/haproxy/haproxy-public-tls-inject.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deployment/haproxy/haproxy-public-tls-inject.yaml b/deployment/haproxy/haproxy-public-tls-inject.yaml index 592c3ede6b..ed0d63e594 100644 --- a/deployment/haproxy/haproxy-public-tls-inject.yaml +++ b/deployment/haproxy/haproxy-public-tls-inject.yaml @@ -184,6 +184,7 @@ outputs: {{ container_cli }} kill --signal=HUP {{ item }} register: container_kill_result failed_when: + - container_kill_result.rc != 0 - ("no such container" not in container_kill_result.stderr) - ("container state improper" not in container_kill_result.stderr) with_items: "{{ container_id.stdout.split('\n') }}"