Skip to content

fix(roles): refresh apt cache before upgrade on Debian#286

Open
markuslf wants to merge 1 commit into
mainfrom
fix/apt-cache-refresh-before-upgrade
Open

fix(roles): refresh apt cache before upgrade on Debian#286
markuslf wants to merge 1 commit into
mainfrom
fix/apt-cache-refresh-before-upgrade

Conversation

@markuslf

Copy link
Copy Markdown
Member

Follow-up to 587dc13 (fix(roles/icinga2_agent): refresh apt cache before upgrade on Debian).

That fix addressed the stale-apt-cache problem only in icinga2_agent. The same pattern (upgrading a package to state: latest on Debian-family hosts without refreshing the apt cache first) exists in three other roles. apt does not auto-expire its cache the way dnf does, so without an explicit apt update the upgrade can resolve against stale metadata and miss newer versions, e.g. security updates.

Changes

Add an apt update task (update_cache: true, changed_when: false, when: os_family == "Debian") right before the state: latest task in:

  • role:php - both state: latest tasks under the php:update tag (Update php php-fpm composer and Update PHP modules).
  • role:mariadb_server - Install latest mariadb-server under the mariadb_server:upgrade tag.
  • role:monitoring_plugins - install linuxfabrik-monitoring-plugins* in the package install path.

RHEL-family hosts are unaffected, since dnf refreshes its metadata on its own.

CHANGELOG updated.

Apply the same fix as 587dc13 (icinga2_agent) to the other roles that
upgrade a package to `state: latest` on Debian-family hosts. apt does not
auto-expire its cache the way dnf does, so without an explicit refresh the
upgrade can run against a stale cache and miss newer versions (e.g.
security updates).

Affected: php (php:update), mariadb_server (mariadb_server:upgrade),
monitoring_plugins.
@markuslf markuslf requested a review from NavidSassan June 30, 2026 12:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant