diff options
Diffstat (limited to 'src/roles/pacman')
| -rw-r--r-- | src/roles/pacman/meta/main.yml | 4 | ||||
| -rw-r--r-- | src/roles/pacman/tasks/main.yml | 67 |
2 files changed, 71 insertions, 0 deletions
diff --git a/src/roles/pacman/meta/main.yml b/src/roles/pacman/meta/main.yml new file mode 100644 index 0000000..f9d9a85 --- /dev/null +++ b/src/roles/pacman/meta/main.yml @@ -0,0 +1,4 @@ +dependencies: + - role: common + - {role: etckeeper, when: etc_versioned} + - {role: rate_mirrors, when: has_rate_mirrors} diff --git a/src/roles/pacman/tasks/main.yml b/src/roles/pacman/tasks/main.yml new file mode 100644 index 0000000..ed9250d --- /dev/null +++ b/src/roles/pacman/tasks/main.yml @@ -0,0 +1,67 @@ +- name: Upgrade packages or fail gracefully + become: true + block: + - name: Upgrade packages + community.general.pacman: + update_cache: true + upgrade: true + register: pacman_result + notify: reboot + + - name: Show upgraded packages + ansible.builtin.debug: + var: pacman_result.packages + when: pacman_result.changed + + - name: Flush handlers + ansible.builtin.meta: flush_handlers + rescue: + - name: Fail if /etc is not versioned + ansible.builtin.fail: + msg: Upgrading packages failed for an unknown reason! + when: not etc_versioned + + - name: Check for changes in /etc + ansible.builtin.command: git status --porcelain=v1 + args: + chdir: /etc + register: git_status + changed_when: false + failed_when: false + + - name: Fail if there're no unstaged changes in /etc + ansible.builtin.fail: + msg: Upgrading packages failed for an unknown reason! + when: not git_status.stdout + + - name: All changes in /etc are in pacman.d/gnupg? + ansible.builtin.shell: | + set -o pipefail && \ + git status --porcelain=v1 \ + | cut -c 4- \ + | grep -G -v '^pacman.d/gnupg/' + args: + chdir: /etc + register: only_gnupg + changed_when: false + failed_when: false + + - name: Commit changes in /etc + ansible.builtin.command: | + etckeeper commit 'pacman: GPG keys' + when: git_status.stdout and only_gnupg.rc != 0 + + - name: Retry upgrading packages + community.general.pacman: + update_cache: true + upgrade: true + register: pacman_result + notify: reboot + + - name: Show upgraded packages + ansible.builtin.debug: + var: pacman_result.packages + when: pacman_result.changed + + - name: Flush handlers + ansible.builtin.meta: flush_handlers |