Merge branch 'master' into cloud

vitabaks · Feb 2, 2024 · 197bf92 · 197bf92
2 parents e9e0bc6 + 8c78432
commit 197bf92
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 27 deletions.
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -54,6 +54,10 @@
       ansible.builtin.set_fact:
         target: system # includes updates to Postgres, Patroni, and all system packages
 
+    - name: Add repository GPG key
+      ansible.builtin.command: "rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}"
+      when: ansible_distribution == "AlmaLinux"
+
     - name: Clean yum cache (molecule containers)
       ansible.builtin.command: yum clean all
       when:

diff --git a/molecule/pg_upgrade/converge.yml b/molecule/pg_upgrade/converge.yml
@@ -39,6 +39,10 @@
         pg_old_version: "14"
         pg_new_version: "16"
 
+    - name: Add repository GPG key
+      ansible.builtin.command: "rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux-{{ ansible_distribution_major_version }}"
+      when: ansible_distribution == "AlmaLinux"
+
     - name: Clean yum cache (molecule containers)
       ansible.builtin.command: yum clean all
       when:

diff --git a/roles/add-repository/tasks/main.yml b/roles/add-repository/tasks/main.yml
@@ -36,17 +36,6 @@
       when: yum_repository | length > 0
 
     # Install Epel Repository
-    - name: Remove epel-release package (if exists)
-      ansible.builtin.package:
-        name: epel-release
-        state: absent
-      register: package_status
-      until: package_status is success
-      delay: 5
-      retries: 3
-      when: install_epel_repo|bool
-      tags: install_epel_repo
-
     - name: Get epel-release-latest rpm package
       ansible.builtin.get_url:
         url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm"

diff --git a/roles/etcd/templates/etcd.conf.j2 b/roles/etcd/templates/etcd.conf.j2
@@ -10,3 +10,4 @@ ETCD_DATA_DIR="{{ etcd_data_dir }}"
 ETCD_ELECTION_TIMEOUT="5000"
 ETCD_HEARTBEAT_INTERVAL="1000"
 ETCD_INITIAL_ELECTION_TICK_ADVANCE="false"
+ETCD_AUTO_COMPACTION_RETENTION="1"
diff --git a/roles/pgbouncer/config/tasks/main.yml b/roles/pgbouncer/config/tasks/main.yml
@@ -52,26 +52,33 @@
   tags: pgbouncer, pgbouncer_conf, pgbouncer_generate_userlist
 
 # if pgbouncer_auth_user is 'true'
-- name: "Create function 'user_search' for pgbouncer 'auth_query' option in all databases"
-  become: true
-  become_user: postgres
-  ansible.builtin.shell: |
-    for db in $({{ postgresql_bin_dir }}/psql -p {{ postgresql_port }} -U {{ patroni_superuser_username }} -d postgres -tAXc \
-    "select datname from pg_catalog.pg_database where datname <> 'template0'"); do
-      {{ postgresql_bin_dir }}/psql -p {{ postgresql_port }} -U {{ patroni_superuser_username }} -d "$db" -tAXc '
-        CREATE OR REPLACE FUNCTION user_search(uname TEXT) RETURNS TABLE (usename name, passwd text) AS
+- block:
+    - name: "Check if 'user_search' function exists"
+      become: true
+      become_user: postgres
+      ansible.builtin.command: >-
+        {{ postgresql_bin_dir }}/psql -p {{ postgresql_port }} -U {{ patroni_superuser_username }} -d {{ pgbouncer_auth_dbname }} -tAXc
+        "select exists(select proname from pg_proc where proname='user_search')"
+      register: exists_func_user
+      when: (is_master | bool and patroni_standby_cluster.host | default('') | length < 1) # do not perform on the Standby Cluster leader
+      changed_when: false
+
+    - name: "Create 'user_search' function for pgbouncer 'auth_query' option"
+      become: true
+      become_user: postgres
+      ansible.builtin.command: >-
+        {{ postgresql_bin_dir }}/psql -p {{ postgresql_port }} -U {{ patroni_superuser_username }} -d {{ pgbouncer_auth_dbname }} -tAXc
+        "CREATE FUNCTION user_search(uname TEXT) RETURNS TABLE (usename name, passwd text) AS
         $$
         SELECT usename, passwd FROM pg_shadow WHERE usename=$1;
         $$
         LANGUAGE sql SECURITY DEFINER;
         REVOKE ALL ON FUNCTION user_search(uname TEXT) FROM public;
-        GRANT EXECUTE ON FUNCTION user_search(uname TEXT) TO {{ pgbouncer_auth_username }};
-      '; done
-  args:
-    executable: /bin/bash
-  when:
-    - pgbouncer_auth_user | bool
-    - (is_master | bool and patroni_standby_cluster.host | default('') | length < 1) # do not perform on the Standby Cluster leader
+        GRANT EXECUTE ON FUNCTION user_search(uname TEXT) TO {{ pgbouncer_auth_username }}"
+      when:
+        - (is_master | bool and patroni_standby_cluster.host | default('') | length < 1) # do not perform on the Standby Cluster leader
+        - exists_func_user.stdout == "f"
+  when: pgbouncer_auth_user|bool
   tags: pgbouncer, pgbouncer_conf, pgbouncer_auth_query
 
 ...
diff --git a/vars/main.yml b/vars/main.yml
@@ -51,7 +51,7 @@ keepalived_virtual_router_id: "{{ cluster_vip.split('.')[3] | int }}" # The last
 # virtual_router_id - must be unique in the network (available values are 0..255).
 
 # vip-manager (if 'cluster_vip' is specified and 'with_haproxy_load_balancing' is 'false')
-vip_manager_version: "2.1.0"  # version to install
+vip_manager_version: "2.3.0"  # version to install
 vip_manager_conf: "/etc/patroni/vip-manager.yml"
 vip_manager_interval: "1000"  # time (in milliseconds) after which vip-manager wakes up and checks if it needs to register or release ip addresses.
 vip_manager_iface: "{{ vip_interface }}"  # interface to which the virtual ip will be added