[ansible/xray] 10 minutes to ensure permissions are correct #460
Description
Issue: The following task takes 10 minutes to complete during upgrades. The file module may not be the best for this job.
TASK [jfrog.platform.xray : Ensure permissions are correct] ******************** 10:35:20 AM
changed: [xray node]
TASK [jfrog.platform.xray : Allow using crontab] ******************************* 10:44:02 AM
ok: [xray node]File: https://github.com/jfrog/JFrog-Cloud-Installers/blob/master/Ansible/ansible_collections/jfrog/platform/roles/xray/tasks/upgrade.yml
Task in question:
- name: Ensure permissions are correct
become: true
ansible.builtin.file:
path: "{{ jfrog_home_directory }}"
state: directory
owner: "{{ xray_user }}"
group: "{{ xray_group }}"
recurse: trueAlternative using find command but with idempotence:
- name: Find ownership mismatches under JFrog homedir
ansible.builtin.command: >-
find "{{ jfrog_home_directory }}" -xdev ( ! -user "{{ xray_user }}"
-o ! -group "{{ xray_group }}" ) -print -quit
register: __xray_chown_required
changed_when: false
failed_when: false
become: true
- name: Fix ownership mismatches under JFrog homedir
ansible.builtin.command: >-
find "{{ jfrog_home_directory }}" -xdev ( ! -user "{{ xray_user }}"
-o ! -group "{{ xray_group }}" ) -exec chown -h "{{ xray_user }}:{{ xray_group }}" {} +
register: __xray_chown_results
become: true
when:
- not ansible_check_mode
- __xray_chown_required is defined
- (__xray_chown_required.stdout | d('') | length > 0)
# - name: Restore SELinux contexts under JFrog homedir
# ansible.builtin.command: restorecon -Rv "{{ jfrog_home_directory }}"
# become: true
# when:
# - not ansible_check_mode
# - ansible_selinux is defined
# - ansible_selinux.status == 'enabled'
# - __xray_chown_results is defined and __xray_chown_results is changed