Don't test systemd on Debian in Github Actions

The Docker images for Debian don't include systemd and, even when using an image that comes with support with systemd [1], we're getting a warning when starting Puma (the following error takes place when we skip the "Enable systemd access" step, since that step also raises an error in Debian): > Warning: : daemon-reload failed, but target is a chroot or systemd > is offline. > Continuing. Error was: 1 / Failed to connect to bus: No such file or > directory > Warning: : Target is a chroot or systemd is offline. This can > lead to false positives or prevent the init system tools from working. So Puma isn't started in this case. So now Debian support is uncertain, since we aren't able to test that Puma starts correctly and the web is accessible. We're at least testing that the rest of the installation process runs correctly. [1] https://github.com/trfore/docker-debian11-systemd/blob/main/Dockerfile
consuldemocracy · Nov 20, 2023 · e45f72b · e45f72b
1 parent ef36afc
commit e45f72b
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 58 deletions.
diff --git a/roles/puma/tasks/main.yml b/roles/puma/tasks/main.yml
@@ -17,37 +17,43 @@
     src: "{{ playbook_dir }}/roles/puma/templates/puma.service"
     dest: "{{ home_dir }}/.config/systemd/user/{{ puma_service_unit_name }}.service"
 
-- name: Check if user has access to systemd while running ansible tasks
-  stat:
-    path: "/var/lib/systemd/linger/{{ deploy_user }}"
-  register: linger_enabled
-
-- name: Enable systemd access if needed
-  command: "loginctl enable-linger {{ deploy_user }}"
-  when: not linger_enabled.stat.exists
-
-- name: Get user UID
-  shell: "id -u"
-  register: current_uid
-
-- name: Start puma
-  systemd:
-    name: "{{ puma_service_unit_name }}"
-    daemon_reload: true
-    enabled: true
-    state: started
-    scope: user
-  environment:
-    XDG_RUNTIME_DIR: "/run/user/{{ current_uid.stdout }}"
-
-- name: Wait until Puma has created the socket
-  wait_for:
-    path: "{{ release_dir }}/tmp/sockets/puma.sock"
-    state: present
-    msg: Puma socket is not available
-
-- name: Make sure Nginx has write access to the puma socket
-  shell: "chmod o+w tmp/sockets/*"
-  args:
-    chdir: "{{ release_dir }}"
-    executable: /bin/bash
+- name: Get distribution codename
+  shell: lsb_release -c --short
+  register: distro_codename
+
+- when: distro_codename.stdout == "focal" or distro_codename.stdout == "jammy" or not lookup("env", "CI")
+  block:
+    - name: Check if user has access to systemd while running ansible tasks
+      stat:
+        path: "/var/lib/systemd/linger/{{ deploy_user }}"
+      register: linger_enabled
+
+    - name: Enable systemd access if needed
+      command: "loginctl enable-linger {{ deploy_user }}"
+      when: not linger_enabled.stat.exists
+
+    - name: Get user UID
+      shell: "id -u"
+      register: current_uid
+
+    - name: Start puma
+      systemd:
+        name: "{{ puma_service_unit_name }}"
+        daemon_reload: true
+        enabled: true
+        state: started
+        scope: user
+      environment:
+        XDG_RUNTIME_DIR: "/run/user/{{ current_uid.stdout }}"
+
+    - name: Wait until Puma has created the socket
+      wait_for:
+        path: "{{ release_dir }}/tmp/sockets/puma.sock"
+        state: present
+        msg: Puma socket is not available
+
+    - name: Make sure Nginx has write access to the puma socket
+      shell: "chmod o+w tmp/sockets/*"
+      args:
+        chdir: "{{ release_dir }}"
+        executable: /bin/bash
diff --git a/roles/specs/tasks/main.yml b/roles/specs/tasks/main.yml
@@ -1,34 +1,36 @@
 ---
-- when: domain is defined
+- when: distro_codename.stdout == "focal" or distro_codename.stdout == "jammy" or not lookup("env", "CI")
   block:
-    - action: uri url=https://{{ server_hostname }} return_content=yes validate_certs=False
-      register: webpage_https_with_domain
+    - when: domain is defined
+      block:
+        - action: uri url=https://{{ server_hostname }} return_content=yes validate_certs=False
+          register: webpage_https_with_domain
 
-    - fail:
-        msg: "service is not happy {{ webpage_https_with_domain.content }}"
-      when: "'CONSUL' not in webpage_https_with_domain.content"
+        - fail:
+            msg: "service is not happy {{ webpage_https_with_domain.content }}"
+          when: "'CONSUL' not in webpage_https_with_domain.content"
 
-    - name: Redirect to https
-      uri:
-        url: http://{{ server_hostname }}
-        follow_redirects: no
-        validate_certs: yes
-        status_code: 301
+        - name: Redirect to https
+          uri:
+            url: http://{{ server_hostname }}
+            follow_redirects: no
+            validate_certs: yes
+            status_code: 301
 
-- when: domain is not defined
-  block:
-    - action: uri url=http://127.0.0.1 return_content=yes validate_certs=False
-      register: webpage_https
+    - when: domain is not defined
+      block:
+        - action: uri url=http://127.0.0.1 return_content=yes validate_certs=False
+          register: webpage_https
 
-    - fail:
-        msg: "service is not happy {{ webpage_https.content }}"
-      when: "'CONSUL' not in webpage_https.content"
+        - fail:
+            msg: "service is not happy {{ webpage_https.content }}"
+          when: "'CONSUL' not in webpage_https.content"
 
-    - name: Do not redirect to https
-      uri:
-        url: http://{{ server_hostname }}
-        follow_redirects: no
-        status_code: 200
+        - name: Do not redirect to https
+          uri:
+            url: http://{{ server_hostname }}
+            follow_redirects: no
+            status_code: 200
 
 - name: Get running delayed job processes
   shell: "ps -ef | grep -v grep | grep -w delayed_job | awk '{print $2}'"