ci: make Icinga deploy snapshots mandatory#313
Conversation
Fixes #311 by creating the controller snapshot directories before writing, allowing the trusted runner's ICINGA_API_USER/ICINGA_API_PASSWORD to satisfy snapshot credentials when mon's helper env has not been rendered yet, and making production apply fail if pre/post snapshot artifacts are missing.
PR Reviewer Guide 🔍Here are some key observations to aid the review process:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 695239ea92
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
PR Code Suggestions ✨Explore these optional code suggestions:
|
|
Addressed automated review feedback in 2c2287d:
Local validation: @codex review |
|
Codex Review: Didn't find any major issues. What shall we delve into next? Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
Summary
ICINGA_API_USER/ICINGA_API_PASSWORDto satisfy snapshot credentials when mon's helper env file is missingWhy
Fixes #311. The #312 deploy still produced no snapshot artifact because the snapshot copy task did not create
ansible/generated/snapshots/<phase>/, and mon currently lacks/etc/icinga2/scripts/.icinga-snapshot.env.Validation
scripts/ci/test-snapshot-bracket.shscripts/ci/render-all.sh