Verified Commit 976a81f5 authored by Levente Polyak's avatar Levente Polyak 🚀
Browse files

security_tracker: update tracker to latest stable 0.9



- add python-sqlalchemy-continuum as new dependency
- call database upgrade target after each deploy
- outsource version identifier into a variable
Signed-off-by: Levente Polyak's avatarLevente Polyak <anthraxx@archlinux.org>
parent d60d1f52
...@@ -44,7 +44,7 @@ ...@@ -44,7 +44,7 @@
- { role: php-fpm, php_extensions: ['apcu', 'bcmath', 'curl', 'gd', 'iconv', 'intl', 'mysqli', 'pdo_pgsql', 'pgsql', 'sockets', 'zip'], zend_extensions: ['opcache'], tags: ["php-fpm"] } - { role: php-fpm, php_extensions: ['apcu', 'bcmath', 'curl', 'gd', 'iconv', 'intl', 'mysqli', 'pdo_pgsql', 'pgsql', 'sockets', 'zip'], zend_extensions: ['opcache'], tags: ["php-fpm"] }
- { role: memcached, tags: ['memcached'] } - { role: memcached, tags: ['memcached'] }
- { role: archweb, tags: ["archweb"] } - { role: archweb, tags: ["archweb"] }
- { role: security_tracker, security_tracker_domain: "security.archlinux.org", security_tracker_dir: "/srv/http/security-tracker", tags: ["security_tracker"] } - { role: security_tracker, security_tracker_domain: "security.archlinux.org", security_tracker_dir: "/srv/http/security-tracker", security_tracker_version: "cdaf519e7ecb6a12d6798f1773f6551cb58fee7e", tags: ["security_tracker"] }
- { role: flyspray, tags: ["flyspray"] } - { role: flyspray, tags: ["flyspray"] }
- { role: mailman, mailman_domain: "lists.archlinux.org", tags: ["mailman"] } - { role: mailman, mailman_domain: "lists.archlinux.org", tags: ["mailman"] }
- { role: patchwork, tags: ["patchwork"] } - { role: patchwork, tags: ["patchwork"] }
......
...@@ -7,6 +7,7 @@ ...@@ -7,6 +7,7 @@
- git - git
- python - python
- python-sqlalchemy - python-sqlalchemy
- python-sqlalchemy-continuum
- python-flask - python-flask
- python-flask-sqlalchemy - python-flask-sqlalchemy
- python-flask-wtf - python-flask-wtf
...@@ -27,7 +28,7 @@ ...@@ -27,7 +28,7 @@
file: state=directory owner=security group=security path="{{ security_tracker_dir }}" file: state=directory owner=security group=security path="{{ security_tracker_dir }}"
- name: clone security-tracker repo - name: clone security-tracker repo
git: repo=https://github.com/archlinux/arch-security-tracker.git version="fa5acdf20f30b070fe388340b464dae58d30e23f" dest="{{ security_tracker_dir }}" git: repo=https://github.com/archlinux/arch-security-tracker.git version="{{ security_tracker_version }}" dest="{{ security_tracker_dir }}"
become: true become: true
become_user: security become_user: security
register: release register: release
...@@ -63,6 +64,12 @@ ...@@ -63,6 +64,12 @@
- name: deploy security-tracker - name: deploy security-tracker
template: src=security-tracker.ini.j2 dest=/etc/uwsgi/vassals/security-tracker.ini owner=security group=http mode=0644 template: src=security-tracker.ini.j2 dest=/etc/uwsgi/vassals/security-tracker.ini owner=security group=http mode=0644
- name: database upgrade
become: true
become_user: security
command: /usr/bin/make db-upgrade chdir="{{ security_tracker_dir }}"
when: release.changed
- name: deploy new release - name: deploy new release
become: true become: true
become_user: security become_user: security
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment