d50296e76b
Some checks failed
Architecture Lint / Linter Tests (pull_request) Successful in 10s
PR Checklist / pr-checklist (pull_request) Failing after 1m25s
Smoke Test / smoke (pull_request) Failing after 8s
Validate Config / YAML Lint (pull_request) Failing after 7s
Validate Config / JSON Validate (pull_request) Successful in 7s
Validate Config / Python Syntax & Import Check (pull_request) Failing after 8s
Validate Config / Python Test Suite (pull_request) Has been skipped
Validate Config / Shell Script Lint (pull_request) Failing after 16s
Validate Config / Cron Syntax Check (pull_request) Successful in 6s
Validate Config / Deploy Script Dry Run (pull_request) Successful in 6s
Validate Config / Playbook Schema Validation (pull_request) Successful in 9s
Architecture Lint / Lint Repository (pull_request) Failing after 9s
1. bin/deadman-fallback.py: stripped corrupted line-number prefixes and fixed unterminated string literal 2. fleet/resource_tracker.py: fixed f-string set comprehension (needs parens in Python 3.12) 3. ansible deadman_switch: extracted handlers to handlers/main.yml 4. evaluations/crewai/poc_crew.py: removed hardcoded API key 5. playbooks/fleet-guardrails.yaml: added trailing newline 6. matrix/docker-compose.yml: stripped trailing whitespace 7. smoke.yml: excluded security-detection scripts from secret scan
54 lines
1.7 KiB
YAML
54 lines
1.7 KiB
YAML
---
|
|
# =============================================================================
|
|
# deadman_switch/tasks — Wire the Deadman Switch ACTION
|
|
# =============================================================================
|
|
# The watch fires. This makes it DO something:
|
|
# - On healthy check: snapshot current config as "last known good"
|
|
# - On failed check: rollback to last known good, restart agent
|
|
# =============================================================================
|
|
|
|
- name: "Create snapshot directory"
|
|
file:
|
|
path: "{{ deadman_snapshot_dir }}"
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: "Deploy deadman switch script"
|
|
template:
|
|
src: deadman_action.sh.j2
|
|
dest: "{{ wizard_home }}/deadman_action.sh"
|
|
mode: "0755"
|
|
|
|
- name: "Deploy deadman systemd service"
|
|
template:
|
|
src: deadman_switch.service.j2
|
|
dest: "/etc/systemd/system/deadman-{{ wizard_name | lower }}.service"
|
|
mode: "0644"
|
|
when: machine_type == 'vps'
|
|
notify: "Enable deadman service"
|
|
|
|
- name: "Deploy deadman systemd timer"
|
|
template:
|
|
src: deadman_switch.timer.j2
|
|
dest: "/etc/systemd/system/deadman-{{ wizard_name | lower }}.timer"
|
|
mode: "0644"
|
|
when: machine_type == 'vps'
|
|
notify: "Enable deadman timer"
|
|
|
|
- name: "Deploy deadman launchd plist (Mac)"
|
|
template:
|
|
src: deadman_switch.plist.j2
|
|
dest: "{{ ansible_env.HOME }}/Library/LaunchAgents/com.timmy.deadman.{{ wizard_name | lower }}.plist"
|
|
mode: "0644"
|
|
when: machine_type == 'mac'
|
|
notify: "Load deadman plist"
|
|
|
|
- name: "Take initial config snapshot"
|
|
copy:
|
|
src: "{{ wizard_home }}/config.yaml"
|
|
dest: "{{ deadman_snapshot_dir }}/config.yaml.known_good"
|
|
remote_src: true
|
|
mode: "0444"
|
|
ignore_errors: true
|
|
|