From cbb5d9e92bc1037a151cf7d20a012e611b12b0ae Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Mon, 13 Jul 2020 17:20:40 +0200
Subject: [PATCH] gitlab: Fix idempotence for compose file

Currently the gitlab container is recreated everytime time the playbook
is running, even when no changes were made to gitlab itself. This is
caused by the addition of a random "omit placeholder" that Ansible adds
when using the `| default(omit)` filter instead of just leaving it empty.

While alone, that works fine, within a value it stays there instead of
becoming actually omitted and an empty string. As this random string
changes on every run of Ansible, the environment variable in the compose
file changes every run and this causes the recreation of the gitlab
container.

This patch removes the omit statement and replaces it with an empty
string, which should solve the whole problem.
---
 roles/gitlab/templates/docker-compose.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/roles/gitlab/templates/docker-compose.yml b/roles/gitlab/templates/docker-compose.yml
index cce1c011..bad34fff 100644
--- a/roles/gitlab/templates/docker-compose.yml
+++ b/roles/gitlab/templates/docker-compose.yml
@@ -20,11 +20,11 @@ services:
             enabled: true,
             report_only: false,
             directives: {
-              default_src: "'self' {{ gitlab_csp.default_src | default(omit) }}",
-              script_src: "'self' {{ gitlab_csp.script_src | default(omit) }} 'unsafe-eval'",
+              default_src: "'self' {{ gitlab_csp.default_src | default("") }}",
+              script_src: "'self' {{ gitlab_csp.script_src | default("") }} 'unsafe-eval'",
               frame_ancestor: "'self'",
-              frame_src: "'self' {{ gitlab_csp.frame_src | default(omit) }}",
-              img_src: "'self' https://{{ gitlab_libravatar_ssl }} {{ gitlab_csp.img_src | default(omit) }} data: blob:",
+              frame_src: "'self' {{ gitlab_csp.frame_src | default("") }}",
+              img_src: "'self' https://{{ gitlab_libravatar_ssl }} {{ gitlab_csp.img_src | default("") }} data: blob:",
               style_src: "'self' 'unsafe-inline'",
               worker_src: "'self' blob:",
               object_src: "'none'"
-- 
GitLab