Docker fixes

README.md

@@ -69,7 +69,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: deploy
-        uses: bitovi/github-actions-deploy-docker-to-ec2@v0.5.0
+        uses: bitovi/github-actions-deploy-docker-to-ec2@v0.5.8
         with:
           aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -97,7 +97,7 @@ jobs:
     steps:
     - id: deploy
       name: Deploy
-      uses: bitovi/github-actions-deploy-docker-to-ec2@v0.5.0
+      uses: bitovi/github-actions-deploy-docker-to-ec2@v0.5.8
       with:
         aws_access_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
         aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -124,7 +124,7 @@ jobs:
 1. [Certificates](#certificate-inputs)
 1. [Load Balancer](#load-balancer-inputs)
 1. [Application](#application-inputs)
-1. [Terraform](#terraform-inputs)
+1. [Deployment](#deployment-inputs)
 
 The following inputs can be used as `step.with` keys
 <br/>
@@ -230,12 +230,13 @@ The following inputs can be used as `step.with` keys
 <hr/>
 <br/>
 
-#### **Terraform Inputs**
+#### **Deployment Inputs**
 | Name             | Type    | Description                        |
 |------------------|---------|------------------------------------|
 | `tf_state_bucket` | String | AWS S3 bucket name to use for Terraform state. See [note](#s3-buckets-naming) | 
 | `tf_state_bucket_destroy` | Boolean | Force purge and deletion of S3 bucket defined. Any file contained there will be destroyed. `stack_destroy` must also be `true`. Default is `false`. |
 | `additional_tags` | JSON | Add additional tags to the terraform [default tags](https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider), any tags put here will be added to all provisioned resources.|
+| `ansible_start_docker_timeout` | String | Ammount of time in seconds it takes Ansible to mark as failed the startup of docker. Defaults to `300`.|
 <hr/>
 <br/>
 <br/>

action.yaml

@@ -86,7 +86,6 @@ inputs:
     required: false
     default: "8"
 
-
   # EFS
   aws_create_efs:
     description: "Toggle to indicate whether to create and EFS and mount it to the ec2 as a part of the provisioning. Note: The EFS will be managed by the stack and will be destroyed along with the stack"
@@ -110,6 +109,9 @@ inputs:
   # Stack management
   stack_destroy:
     description: 'Set to "true" to Destroy the stack. Will delete the elb_logs bucket after the destroy action runs.'
+  ansible_start_docker_timeout:
+    description: 'Ammount of time in seconds it takes Ansible to mark as failed the startup of docker. Defaults to `300`'
+    required: false
 
   # Domains
   domain_name:
@@ -225,6 +227,7 @@ runs:
         EC2_INSTANCE_TYPE: ${{ inputs.ec2_instance_type }}
         EC2_VOLUME_SIZE: ${{ inputs.ec2_volume_size }}
         STACK_DESTROY: ${{ inputs.stack_destroy }}
+        ANSIBLE_START_DOCKER_TIMEOUT: ${{ inputs.ansible_start_docker_timeout }}
         AWS_RESOURCE_IDENTIFIER: ${{ inputs.aws_resource_identifier }}
         DOMAIN_NAME: ${{ inputs.domain_name }}
         SUB_DOMAIN: ${{ inputs.sub_domain }}

operations/_scripts/generate/generate_tf_vars.sh

@@ -159,6 +159,7 @@ efs_mount_target=$(generate_var efs_mount_target $EFS_MOUNT_TARGET)
 data_mount_target=$(generate_var data_mount_target $DATA_MOUNT_TARGET)
 ec2_volume_size=$(generate_var ec2_volume_size $EC2_VOLUME_SIZE)
 docker_remove_orphans=$(generate_var docker_remove_orphans $DOCKER_REMOVE_ORPHANS)
+ansible_start_docker_timeout=$(generate_var ansible_start_docker_timeout $ANSIBLE_START_DOCKER_TIMEOUT)
 
 
 # -------------------------------------------------- #
@@ -234,6 +235,7 @@ $create_keypair_sm_entry
 $additional_tags
 
 ##-- ANSIBLE --##
+$ansible_start_docker_timeout
 $application_mount_target
 $efs_mount_target
 $data_mount_target

operations/deployment/ansible/tasks/install.yml

@@ -10,20 +10,36 @@
     - 'virtualenv'
     - 'python3-setuptools'
 
+- name: Create the keyrings folder
+  file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: '0755'
+
 - name: Add Docker GPG apt Key
-  apt_key:
+  get_url:
     url: https://download.docker.com/linux/ubuntu/gpg
-    state: present
+    dest: /etc/apt/keyrings/docker.asc
+
+- name: Fix Docker key permissions
+  file:
+    path: /etc/apt/keyrings/docker.asc
+    mode: '0666'
+
+- name: Get APT package architecture
+  command: dpkg --print-architecture
+  register: dpkg_arch
 
-- name: Add Docker Repository
+- name: Add Docker repo
   apt_repository:
-    repo: deb https://download.docker.com/linux/ubuntu jammy stable
+    repo: "deb [arch={{ dpkg_arch.stdout }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
     state: present
 
-- name: Update apt and install docker-ce
-  apt: update_cache=yes name=docker-ce state=latest
+- name: Update apt repositories
+  apt:
+    update_cache: yes
 
-- name: Install Docker Module for Python
-  pip:
+- name: Install Docker and Docker Compose
+  apt:
     name:
-      - docker
+      - docker-ce

operations/deployment/ansible/tasks/mount.yml

@@ -22,6 +22,7 @@
     dest: /home/ubuntu/efs-utils
     update: false
   become: yes
+  when: not check_efs_utils.stat.exists
 
 - name: Build amazon-efs-utils
   ansible.builtin.shell: 
@@ -60,4 +61,4 @@
     opts: "nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=612,retrans=2,noresvport"
     fstype: nfs4
     state: mounted
-    boot: false
+    boot: false

operations/deployment/ansible/tasks/start.yml

@@ -1,6 +1,16 @@
-- name: Start docker-compose
-  ansible.builtin.command: "docker compose --project-directory {{ app_install_root }}/{{ app_repo_name }} up --detach --build --force-recreate --remove-orphans={{ docker_remove_orphans }}"
+- name: Start docker-compose with remove orphans
+  ansible.builtin.command: "docker compose --project-directory {{ app_install_root }}/{{ app_repo_name }} up --detach --build --force-recreate --remove-orphans"
   register: output
+  async: "{{ ansible_start_docker_timeout }}"
+  poll: 5
+  when:  docker_remove_orphans | bool 
+
+- name: Start docker-compose without remove orphans
+  ansible.builtin.command: "docker compose --project-directory {{ app_install_root }}/{{ app_repo_name }} up --detach --build --force-recreate"
+  register: output
+  async: "{{ ansible_start_docker_timeout }}"
+  poll: 5
+  when:  not ( docker_remove_orphans | bool )
 
 - ansible.builtin.debug:
     var: output

operations/deployment/terraform/inventory.tf

@@ -6,17 +6,18 @@ resource "local_sensitive_file" "private_key" {
 
 resource "local_file" "ansible_inventory" {
   content = templatefile("inventory.tmpl", {
-    ip                       = aws_instance.server.public_ip,
-    ssh_keyfile              = local_sensitive_file.private_key.filename
-    app_repo_name            = var.app_repo_name
-    app_install_root         = var.app_install_root
-    mount_efs                = local.mount_efs
-    efs_url                  = local.efs_url
-    resource_identifier      = var.aws_resource_identifier
-    application_mount_target = var.application_mount_target
-    efs_mount_target         = var.efs_mount_target != null ? var.efs_mount_target : ""
-    data_mount_target        = var.data_mount_target
-    docker_remove_orphans    = var.docker_remove_orphans
+    ip                           = aws_instance.server.public_ip,
+    ssh_keyfile                  = local_sensitive_file.private_key.filename
+    ansible_start_docker_timeout = var.ansible_start_docker_timeout
+    app_repo_name                = var.app_repo_name
+    app_install_root             = var.app_install_root
+    mount_efs                    = local.mount_efs
+    efs_url                      = local.efs_url
+    resource_identifier          = var.aws_resource_identifier
+    application_mount_target     = var.application_mount_target
+    efs_mount_target             = var.efs_mount_target != null ? var.efs_mount_target : ""
+    data_mount_target            = var.data_mount_target
+    docker_remove_orphans        = var.docker_remove_orphans
   })
   filename = format("%s/%s", abspath(path.root), "inventory.yaml")
 }

operations/deployment/terraform/inventory.tmpl

@@ -4,6 +4,7 @@ bitops_servers:
  vars:
    ansible_ssh_user: ubuntu
    ansible_ssh_private_key_file: ${ssh_keyfile}
+   ansible_start_docker_timeout: ${ansible_start_docker_timeout}
    app_repo_name: ${app_repo_name}
    app_install_root: ${app_install_root}
    mount_efs: ${mount_efs}

operations/deployment/terraform/variables.tf

@@ -262,6 +262,12 @@ variable "docker_remove_orphans" {
   default     = false
 }
 
+variable "ansible_start_docker_timeout" {
+  type        = string
+  description = "Ammount of time in seconds it takes Ansible to mark as failed the startup of docker."
+  default     = "300"
+}
+
 ## -- --- -- ##
 variable "availability_zone" {
   type        = string