jstoja
commented
6 years ago I managed to solve this using become_user with Ansible 2.4 in the PR #16 .
Closed jstoja closed 6 years ago
jstoja
commented
6 years ago I managed to solve this using become_user with Ansible 2.4 in the PR #16 .
pushcx
commented
6 years ago I pulled in this couple lines (and landed a few more commits for deprecation warnings while I was in there).
Hey guys, It seems that you're using
sudokeyword as a privilege escalation method. This has been deprecated and replaced bybecome. With the last few versions of Ansible,sudois ignored. This means that the [git pull task] (https://github.com/lobsters/lobsters-ansible/blob/96a0aadfa4c2af088123153745c2ddf51ab61249/roles/lobsters/tasks/main.yml#L40) is not pulling with the user lobsters but with root (since the role is called withbecome: true.There is no quickfix for what the task wants to do because of the Privilege escalation of Ansible.
To me a quick fix would be to pull as the connecting user and to chown to the lobsters user the directory. I just don't know how unicorn would react if the files change owner. In addition, as discussed recently on Lobsters, Deploying using git pulls can lead to issues and is not a great pattern.