feat(tests): test playbboks are played correctly on molecule scenarios
This commit is contained in:
parent
a7aca2fdba
commit
a162879d20
@ -1,8 +0,0 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Replace this task with one that validates your content
|
||||
ansible.builtin.debug:
|
||||
msg: "This is the effective test"
|
||||
3
molecule/no_tls_multi_node/converge.yml
Normal file
3
molecule/no_tls_multi_node/converge.yml
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
- name: Include a playbook from a collection
|
||||
ansible.builtin.import_playbook: ednxzu.hashistack.deploy.yml
|
||||
42
molecule/no_tls_multi_node/molecule.yml
Normal file
42
molecule/no_tls_multi_node/molecule.yml
Normal file
@ -0,0 +1,42 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: vagrant
|
||||
provider:
|
||||
name: libvirt
|
||||
platforms:
|
||||
- name: hashistack01
|
||||
box: generic/${MOLECULE_TEST_OS}
|
||||
cpus: 4
|
||||
memory: 4096
|
||||
- name: hashistack02
|
||||
box: generic/${MOLECULE_TEST_OS}
|
||||
cpus: 4
|
||||
memory: 4096
|
||||
- name: hashistack03
|
||||
box: generic/${MOLECULE_TEST_OS}
|
||||
cpus: 4
|
||||
memory: 4096
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: no_tls_multi_node
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
5
molecule/no_tls_multi_node/prepare.yml
Normal file
5
molecule/no_tls_multi_node/prepare.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
become: true
|
||||
tasks: []
|
||||
@ -5,3 +5,6 @@ roles:
|
||||
- name: ednxzu.manage_apt_packages
|
||||
- name: ednxzu.install_docker
|
||||
- name: ednxzu.docker_systemd_service
|
||||
|
||||
collections:
|
||||
- name: ednxzu.hashistack
|
||||
9
playbooks/deploy.yml
Normal file
9
playbooks/deploy.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
# hashistack deployment playbook
|
||||
- name: "Deploy"
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
tasks:
|
||||
- name: "Debug"
|
||||
ansible.builtin.debug:
|
||||
msg: "{{ ansible_hostname }}"
|
||||
@ -0,0 +1,22 @@
|
||||
[vault_servers]
|
||||
vault01
|
||||
vault02
|
||||
vault03
|
||||
|
||||
[consul_servers]
|
||||
consul01
|
||||
consul02
|
||||
consul03
|
||||
|
||||
[nomad_servers]
|
||||
nomad01
|
||||
nomad02
|
||||
nomad03
|
||||
|
||||
[deployment]
|
||||
localhost ansible_connection=local
|
||||
|
||||
[common:children]
|
||||
vault_servers
|
||||
consul_servers
|
||||
nomad_servers
|
||||
6
playbooks/prepare.yml
Normal file
6
playbooks/prepare.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
# hashistack prepare playbook
|
||||
- name: "Deploy"
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
tasks: []
|
||||
@ -1 +1,44 @@
|
||||
---
|
||||
---
|
||||
hashi_nomad_install: true
|
||||
hashi_nomad_auto_update: false
|
||||
hashi_nomad_cni_plugins_install: true
|
||||
hashi_nomad_start_service: true
|
||||
hashi_nomad_cni_plugins_version: latest
|
||||
hashi_nomad_cni_plugins_install_path: /opt/cni/bin
|
||||
hashi_nomad_version: latest
|
||||
hashi_nomad_deploy_method: host # deployment method, either host or docker
|
||||
hashi_nomad_env_variables: {}
|
||||
hashi_nomad_data_dir: /opt/nomad
|
||||
hashi_nomad_extra_files: false
|
||||
hashi_nomad_extra_files_src: /tmp/extra_files
|
||||
hashi_nomad_extra_files_dst: /etc/nomad.d/extra_files
|
||||
#! nomad configuration
|
||||
hashi_nomad_configuration: {}
|
||||
|
||||
hashi_vault_install: true
|
||||
hashi_vault_auto_update: false
|
||||
hashi_vault_start_service: true
|
||||
hashi_vault_version: latest
|
||||
hashi_vault_deploy_method: host # deployment method, either host or docker
|
||||
hashi_vault_env_variables: {}
|
||||
hashi_vault_data_dir: "/opt/vault"
|
||||
hashi_vault_extra_files: false
|
||||
hashi_vault_extra_files_src: /tmp/extra_files
|
||||
hashi_vault_extra_files_dst: /etc/vault.d/extra_files
|
||||
#! vault configuration
|
||||
hashi_vault_configuration: {}
|
||||
|
||||
hashi_consul_install: true
|
||||
hashi_consul_auto_update: false
|
||||
hashi_consul_start_service: true
|
||||
hashi_consul_version: latest
|
||||
hashi_consul_deploy_method: host # deployment method, either host or docker.
|
||||
hashi_consul_env_variables: {}
|
||||
hashi_consul_data_dir: "/opt/consul"
|
||||
hashi_consul_extra_files: false
|
||||
hashi_consul_extra_files_src: /tmp/extra_files
|
||||
hashi_consul_extra_files_dst: /etc/consul.d/extra_files
|
||||
hashi_consul_envoy_install: false
|
||||
hashi_consul_envoy_version: latest
|
||||
#! consul configuration
|
||||
hashi_consul_configuration: {}
|
||||
|
||||
8
roles/ednxzu.docker_systemd_service/.ansible-lint
Normal file
8
roles/ednxzu.docker_systemd_service/.ansible-lint
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
warn_list:
|
||||
- experimental # all rules tagged as experimental
|
||||
- yaml # violations reported by yamllint
|
||||
- meta-no-info
|
||||
|
||||
skip_list:
|
||||
- jinja[spacing] # Rule that looks inside jinja2 templates.
|
||||
@ -0,0 +1,52 @@
|
||||
---
|
||||
name: test
|
||||
on: [push]
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: Linting
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: git.ednz.fr/container-factory/ansible-runner:act-latest
|
||||
credentials:
|
||||
username: ${{ secrets.ACTIONS_USER }}
|
||||
password: ${{ secrets.ACTIONS_TOKEN }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: "Ansible lint"
|
||||
run: ansible-lint --force-color
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
|
||||
- name: "YAML lint"
|
||||
run: yamllint . -f colored -c .yamllint
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
|
||||
molecule-test:
|
||||
name: Molecule tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: lint
|
||||
container:
|
||||
image: git.ednz.fr/container-factory/ansible-runner:act-latest
|
||||
credentials:
|
||||
username: ${{ secrets.ACTIONS_USER }}
|
||||
password: ${{ secrets.ACTIONS_TOKEN }}
|
||||
strategy:
|
||||
matrix:
|
||||
test_os: [debian11, debian12, ubuntu2004, ubuntu2204]
|
||||
scenario: [default, with_custom_flags]
|
||||
env:
|
||||
ANSIBLE_HOST_KEY_CHECKING: 'false'
|
||||
ANSIBLE_FORCE_COLOR: 'true'
|
||||
ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: "Molecule test"
|
||||
run: molecule test -s ${{ matrix.scenario }}
|
||||
shell: bash
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
env:
|
||||
MOLECULE_TEST_OS: ${{ matrix.test_os }}
|
||||
18
roles/ednxzu.docker_systemd_service/.github/workflows/publish.yml
vendored
Normal file
18
roles/ednxzu.docker_systemd_service/.github/workflows/publish.yml
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
name: publish
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
name: Publish to galaxy
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name: Publish
|
||||
uses: ednxzu/galaxy-import-role@v1
|
||||
with:
|
||||
galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }}
|
||||
3
roles/ednxzu.docker_systemd_service/.gitignore
vendored
Normal file
3
roles/ednxzu.docker_systemd_service/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
# ignore molecule/testinfra pycache
|
||||
**/__pycache__
|
||||
.vscode
|
||||
40
roles/ednxzu.docker_systemd_service/.yamllint
Normal file
40
roles/ednxzu.docker_systemd_service/.yamllint
Normal file
@ -0,0 +1,40 @@
|
||||
---
|
||||
# Based on ansible-lint config
|
||||
extends: default
|
||||
|
||||
rules:
|
||||
braces:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
brackets:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
colons:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
commas:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
comments: enable
|
||||
comments-indentation: disable
|
||||
document-start: enable
|
||||
empty-lines:
|
||||
max: 3
|
||||
level: error
|
||||
hyphens:
|
||||
level: error
|
||||
indentation: enable
|
||||
key-duplicates: enable
|
||||
line-length:
|
||||
max: 80
|
||||
level: warning
|
||||
new-line-at-end-of-file: enable
|
||||
new-lines:
|
||||
type: unix
|
||||
trailing-spaces: enable
|
||||
truthy:
|
||||
allowed-values:
|
||||
- 'true'
|
||||
- 'false'
|
||||
- 'yes'
|
||||
- 'no'
|
||||
20
roles/ednxzu.docker_systemd_service/LICENSE
Normal file
20
roles/ednxzu.docker_systemd_service/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Bertrand Lanson
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
118
roles/ednxzu.docker_systemd_service/README.md
Normal file
118
roles/ednxzu.docker_systemd_service/README.md
Normal file
@ -0,0 +1,118 @@
|
||||
docker_systemd_service
|
||||
=========
|
||||
> This repository is only a mirror. Development and testing is done on a private gitea server.
|
||||
|
||||
This role lets you configure a docker container and run it as a systemd service on **debian-based** distributions. This role is heavily sourced from [mhutter.docker-systemd-service](https://github.com/mhutter/ansible-docker-systemd-service), but aims at providing some of the missing features of said role.
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
This roles assumes you have docker installed on the target host. You can use [ednxzu.install_docker](https://github.com/ednxzu/install_docker) to do so.
|
||||
|
||||
Role Variables
|
||||
--------------
|
||||
Available variables are listed below, along with default values. A sample file for the default values is available in `default/docker_systemd_service.yml.sample` in case you need it for any `group_vars` or `host_vars` configuration.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_container_name: "My-Service" # by default, set to "My-Service"
|
||||
```
|
||||
The name that will be assigned to the container.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_image: # by default, not defined
|
||||
```
|
||||
The image (and optionally tag) to use for the service.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_container_env: {} # by default, set to {}
|
||||
```
|
||||
A list of key/value pairs, that will be written to the environment file for the container. the key NEEDS TO BE CAPTIALIZED, it will not be done automatically. Example: `MY_ENV_VAR: foobar`.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_container_pull_image: true # by default, set to true
|
||||
```
|
||||
Whether or not the role should pull the image during its run.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_container_pull_force_source: true # by default, set to true
|
||||
```
|
||||
If `docker_systemd_service_container_pull_image: true`, whether the pull you be executed at every run. See [`docker_image.force_source`](https://docs.ansible.com/ansible/latest/collections/community/docker/docker_image_module.html#parameter-force_source)
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_flags: [] # by default, set to []
|
||||
```
|
||||
This variable lets you pass whatever flags you need to the docker run command. It is a list, to which you can add multiple types of flags:
|
||||
- ```yaml
|
||||
- key: value
|
||||
# will pass the flag --key "value" to the container.
|
||||
Example:
|
||||
- network: host
|
||||
- ```yaml
|
||||
- simple_key
|
||||
# will pass the flag --simple_key to the container.
|
||||
Example:
|
||||
- privileged
|
||||
- ```yaml
|
||||
- key:
|
||||
- value1
|
||||
- value2
|
||||
# will pass the flags --key "value1" --key "value2" to the container.
|
||||
Example:
|
||||
- volume:
|
||||
- /path/on/host:/path/on/container
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" # by default, set to "{{ docker_systemd_service_container_name }}_container"
|
||||
```
|
||||
The name of the systemd service to register.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_systemd_options: [] # by default, set to []
|
||||
```
|
||||
Extra options to include in systemd service file.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_enabled: true # by default, set to true
|
||||
```
|
||||
Whether the service should be enabled during the role's run.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_masked: false # by default, set to false
|
||||
```
|
||||
Whether the service should be marked as masked.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_state: started # by default, set to started
|
||||
```
|
||||
The state the service should be put in. Valid options are: `reloaded`, `restarted`, `started`, `stopped`, and `absent`. Realistically, you probably want to use `started` or `stopped`. `absent` can be used to remove the service and all associated files from the host.
|
||||
|
||||
```yaml
|
||||
docker_systemd_service_restart: true # by default, set to true
|
||||
```
|
||||
Whether the role should restart the service if changes are made to any of the files (when service is already runing).
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
||||
None.
|
||||
|
||||
Example Playbook
|
||||
----------------
|
||||
|
||||
```yaml
|
||||
# calling the role inside a playbook with either the default or group_vars/host_vars
|
||||
- hosts: servers
|
||||
roles:
|
||||
- ednxzu.docker_systemd_service
|
||||
```
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
MIT / BSD
|
||||
|
||||
Author Information
|
||||
------------------
|
||||
|
||||
This role was created by Bertrand Lanson in 2023.
|
||||
@ -0,0 +1,14 @@
|
||||
---
|
||||
# docker_systemd_service_container_name: "My-Service"
|
||||
# docker_systemd_service_image:
|
||||
# docker_systemd_service_container_env: {}
|
||||
# docker_systemd_service_container_pull_image: true
|
||||
# docker_systemd_service_container_pull_force_source: true
|
||||
# docker_systemd_service_flags: []
|
||||
# docker_systemd_service_container_cmd: []
|
||||
# docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
|
||||
# docker_systemd_service_systemd_options: []
|
||||
# docker_systemd_service_enabled: true
|
||||
# docker_systemd_service_masked: false
|
||||
# docker_systemd_service_state: started
|
||||
# docker_systemd_service_restart: true
|
||||
15
roles/ednxzu.docker_systemd_service/defaults/main.yml
Normal file
15
roles/ednxzu.docker_systemd_service/defaults/main.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
# defaults file for docker_systemd_service
|
||||
docker_systemd_service_container_name: "My-Service"
|
||||
docker_systemd_service_image:
|
||||
docker_systemd_service_container_env: {}
|
||||
docker_systemd_service_container_pull_image: true
|
||||
docker_systemd_service_container_pull_force_source: true
|
||||
docker_systemd_service_flags: []
|
||||
docker_systemd_service_container_cmd: []
|
||||
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
|
||||
docker_systemd_service_systemd_options: []
|
||||
docker_systemd_service_enabled: true
|
||||
docker_systemd_service_masked: false
|
||||
docker_systemd_service_state: started
|
||||
docker_systemd_service_restart: true
|
||||
0
roles/ednxzu.docker_systemd_service/files/.gitkeep
Normal file
0
roles/ednxzu.docker_systemd_service/files/.gitkeep
Normal file
@ -0,0 +1,32 @@
|
||||
# filter_plugins/docker_filters.py
|
||||
|
||||
def create_docker_flags(flags):
|
||||
if flags:
|
||||
filtered_flags = [
|
||||
create_docker_flag(item) for item in flags if create_docker_flag(item)
|
||||
]
|
||||
return "\n".join(filtered_flags)
|
||||
return None
|
||||
|
||||
|
||||
def create_docker_flag(item):
|
||||
if isinstance(item, dict):
|
||||
key = list(item.keys())[0]
|
||||
value = item[key]
|
||||
if value is not None:
|
||||
if isinstance(value, list):
|
||||
flag_values = ['--{} "{}"'.format(key, val) for val in value]
|
||||
joined_values = " \\\n".join(flag_values)
|
||||
return f"{joined_values} \\" if joined_values else None
|
||||
else:
|
||||
return '--{} "{}" \\'.format(key, value)
|
||||
elif isinstance(item, str):
|
||||
return "--{} \\".format(item)
|
||||
return None
|
||||
|
||||
|
||||
class FilterModule(object):
|
||||
def filters(self):
|
||||
return {
|
||||
"create_docker_flags": create_docker_flags,
|
||||
}
|
||||
10
roles/ednxzu.docker_systemd_service/handlers/main.yml
Normal file
10
roles/ednxzu.docker_systemd_service/handlers/main.yml
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
# handlers file for docker_systemd_service
|
||||
- name: "Restart service(s)"
|
||||
ansible.builtin.service:
|
||||
name: "{{ docker_systemd_service_name }}.service"
|
||||
state: restarted
|
||||
listen: "systemctl-restart-service"
|
||||
when: docker_systemd_service_restart
|
||||
and docker_systemd_service_state != "stopped"
|
||||
and not _enable_and_start.changed
|
||||
@ -0,0 +1,2 @@
|
||||
install_date: 'Fri 15 Dec 2023 05:25:28 PM '
|
||||
version: main
|
||||
25
roles/ednxzu.docker_systemd_service/meta/main.yml
Normal file
25
roles/ednxzu.docker_systemd_service/meta/main.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
# meta file for docker_systemd_service
|
||||
galaxy_info:
|
||||
namespace: 'ednxzu'
|
||||
role_name: 'docker_systemd_service'
|
||||
author: 'Bertrand Lanson'
|
||||
description: 'Create Systemd services for docker containers.'
|
||||
license: 'license (BSD, MIT)'
|
||||
min_ansible_version: '2.10'
|
||||
platforms:
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- focal
|
||||
- jammy
|
||||
- name: Debian
|
||||
versions:
|
||||
- bullseye
|
||||
- bookworm
|
||||
galaxy_tags:
|
||||
- 'ubuntu'
|
||||
- 'debian'
|
||||
- 'docker'
|
||||
- 'systemd'
|
||||
|
||||
dependencies: []
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.docker_systemd_service"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.docker_systemd_service"
|
||||
@ -0,0 +1,14 @@
|
||||
---
|
||||
docker_systemd_service_container_name: "nginx"
|
||||
docker_systemd_service_image: nginx
|
||||
docker_systemd_service_container_env: {}
|
||||
docker_systemd_service_container_pull_image: false
|
||||
docker_systemd_service_container_pull_force_source: false
|
||||
docker_systemd_service_flags: []
|
||||
docker_systemd_service_container_cmd: []
|
||||
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
|
||||
docker_systemd_service_systemd_options: []
|
||||
docker_systemd_service_enabled: true
|
||||
docker_systemd_service_masked: false
|
||||
docker_systemd_service_state: stopped
|
||||
docker_systemd_service_restart: false
|
||||
@ -0,0 +1,37 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: instance
|
||||
image: geerlingguy/docker-${MOLECULE_TEST_OS}-ansible
|
||||
command: ""
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup
|
||||
cgroupns_mode: host
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: default
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
@ -0,0 +1,78 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: file /etc/default/nginx"
|
||||
block:
|
||||
- name: "Stat file /etc/default/nginx"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/default/nginx"
|
||||
register: stat_etc_default_nginx
|
||||
|
||||
- name: "Slurp file /etc/default/nginx"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/default/nginx"
|
||||
register: slurp_etc_default_nginx
|
||||
|
||||
- name: "Verify file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_default_nginx.stat.exists
|
||||
- stat_etc_default_nginx.stat.isreg
|
||||
- stat_etc_default_nginx.stat.pw_name == 'root'
|
||||
- stat_etc_default_nginx.stat.gr_name == 'root'
|
||||
- stat_etc_default_nginx.stat.mode == '0600'
|
||||
- (slurp_etc_default_nginx.content|b64decode) == ''
|
||||
|
||||
- name: "Test: service nginx_container"
|
||||
block:
|
||||
- name: "Get service nginx_container"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/systemd/system/nginx_container.service"
|
||||
register: stat_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Slurp file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/systemd/system/nginx_container.service"
|
||||
register: slurp_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Verify service nginx_container"
|
||||
vars:
|
||||
nginx_expected_service_file: |
|
||||
# Ansible managed: Do NOT edit this file manually!
|
||||
[Unit]
|
||||
After=docker.service
|
||||
PartOf=docker.service
|
||||
Requires=docker.service
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=/etc/default/nginx
|
||||
ExecStartPre=-/usr/bin/docker rm -f nginx
|
||||
ExecStart=/usr/bin/docker run --name nginx \
|
||||
--rm \
|
||||
--env-file /etc/default/nginx \
|
||||
nginx
|
||||
ExecStop=/usr/bin/docker stop nginx
|
||||
SyslogIdentifier=nginx
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
|
||||
[Install]
|
||||
WantedBy=docker.service
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.exists
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.isreg
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.pw_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.gr_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.mode == '0644'
|
||||
- (slurp_etc_systemd_system_nginx_container_service.content|b64decode) == nginx_expected_service_file
|
||||
- ansible_facts.services['nginx_container.service'] is defined
|
||||
- ansible_facts.services['nginx_container.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['nginx_container.service']['state'] == 'inactive'
|
||||
- ansible_facts.services['nginx_container.service']['status'] == 'enabled'
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.docker_systemd_service"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.docker_systemd_service"
|
||||
@ -0,0 +1,14 @@
|
||||
---
|
||||
docker_systemd_service_container_name: "nginx"
|
||||
docker_systemd_service_image: nginx
|
||||
docker_systemd_service_container_env: {}
|
||||
docker_systemd_service_container_pull_image: true
|
||||
docker_systemd_service_container_pull_force_source: true
|
||||
docker_systemd_service_flags: []
|
||||
docker_systemd_service_container_cmd: []
|
||||
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
|
||||
docker_systemd_service_systemd_options: []
|
||||
docker_systemd_service_enabled: true
|
||||
docker_systemd_service_masked: false
|
||||
docker_systemd_service_state: started
|
||||
docker_systemd_service_restart: true
|
||||
@ -25,10 +25,11 @@ scenario:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
- destroy
|
||||
@ -3,7 +3,7 @@
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.install_docker"
|
||||
- name: "Install docker"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.install_docker
|
||||
vars:
|
||||
@ -0,0 +1,6 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
- name: ednxzu.install_docker
|
||||
@ -0,0 +1,78 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: file /etc/default/nginx"
|
||||
block:
|
||||
- name: "Stat file /etc/default/nginx"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/default/nginx"
|
||||
register: stat_etc_default_nginx
|
||||
|
||||
- name: "Slurp file /etc/default/nginx"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/default/nginx"
|
||||
register: slurp_etc_default_nginx
|
||||
|
||||
- name: "Verify file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_default_nginx.stat.exists
|
||||
- stat_etc_default_nginx.stat.isreg
|
||||
- stat_etc_default_nginx.stat.pw_name == 'root'
|
||||
- stat_etc_default_nginx.stat.gr_name == 'root'
|
||||
- stat_etc_default_nginx.stat.mode == '0600'
|
||||
- (slurp_etc_default_nginx.content|b64decode) == ''
|
||||
|
||||
- name: "Test: service nginx_container"
|
||||
block:
|
||||
- name: "Get service nginx_container"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/systemd/system/nginx_container.service"
|
||||
register: stat_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Slurp file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/systemd/system/nginx_container.service"
|
||||
register: slurp_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Verify service nginx_container"
|
||||
vars:
|
||||
nginx_expected_service_file: |
|
||||
# Ansible managed: Do NOT edit this file manually!
|
||||
[Unit]
|
||||
After=docker.service
|
||||
PartOf=docker.service
|
||||
Requires=docker.service
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=/etc/default/nginx
|
||||
ExecStartPre=-/usr/bin/docker rm -f nginx
|
||||
ExecStart=/usr/bin/docker run --name nginx \
|
||||
--rm \
|
||||
--env-file /etc/default/nginx \
|
||||
nginx
|
||||
ExecStop=/usr/bin/docker stop nginx
|
||||
SyslogIdentifier=nginx
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
|
||||
[Install]
|
||||
WantedBy=docker.service
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.exists
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.isreg
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.pw_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.gr_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.mode == '0644'
|
||||
- (slurp_etc_systemd_system_nginx_container_service.content|b64decode) == nginx_expected_service_file
|
||||
- ansible_facts.services['nginx_container.service'] is defined
|
||||
- ansible_facts.services['nginx_container.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['nginx_container.service']['state'] == 'running'
|
||||
- ansible_facts.services['nginx_container.service']['status'] == 'enabled'
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.docker_systemd_service"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.docker_systemd_service"
|
||||
@ -0,0 +1,19 @@
|
||||
---
|
||||
docker_systemd_service_container_name: "nginx"
|
||||
docker_systemd_service_image: nginx
|
||||
docker_systemd_service_container_env:
|
||||
TEST_ENV: test
|
||||
docker_systemd_service_container_pull_image: false
|
||||
docker_systemd_service_container_pull_force_source: false
|
||||
docker_systemd_service_flags:
|
||||
- privileged
|
||||
- network: host
|
||||
- cap-add:
|
||||
- NET_ADMIN
|
||||
docker_systemd_service_container_cmd: []
|
||||
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
|
||||
docker_systemd_service_systemd_options: []
|
||||
docker_systemd_service_enabled: true
|
||||
docker_systemd_service_masked: false
|
||||
docker_systemd_service_state: stopped
|
||||
docker_systemd_service_restart: false
|
||||
@ -0,0 +1,37 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: instance
|
||||
image: geerlingguy/docker-${MOLECULE_TEST_OS}-ansible
|
||||
command: ""
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup
|
||||
cgroupns_mode: host
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: with_custom_flags
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
@ -0,0 +1,84 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: file /etc/default/nginx"
|
||||
block:
|
||||
- name: "Stat file /etc/default/nginx"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/default/nginx"
|
||||
register: stat_etc_default_nginx
|
||||
|
||||
- name: "Slurp file /etc/default/nginx"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/default/nginx"
|
||||
register: slurp_etc_default_nginx
|
||||
|
||||
- name: "Verify file /etc/default/nginx"
|
||||
vars:
|
||||
nginx_expected_env_file: |
|
||||
TEST_ENV=test
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_default_nginx.stat.exists
|
||||
- stat_etc_default_nginx.stat.isreg
|
||||
- stat_etc_default_nginx.stat.pw_name == 'root'
|
||||
- stat_etc_default_nginx.stat.gr_name == 'root'
|
||||
- stat_etc_default_nginx.stat.mode == '0600'
|
||||
- (slurp_etc_default_nginx.content|b64decode) == nginx_expected_env_file
|
||||
|
||||
- name: "Test: service nginx_container"
|
||||
block:
|
||||
- name: "Get service nginx_container"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/systemd/system/nginx_container.service"
|
||||
register: stat_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Slurp file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/systemd/system/nginx_container.service"
|
||||
register: slurp_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Verify service nginx_container"
|
||||
vars:
|
||||
nginx_expected_service_file: |
|
||||
# Ansible managed: Do NOT edit this file manually!
|
||||
[Unit]
|
||||
After=docker.service
|
||||
PartOf=docker.service
|
||||
Requires=docker.service
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=/etc/default/nginx
|
||||
ExecStartPre=-/usr/bin/docker rm -f nginx
|
||||
ExecStart=/usr/bin/docker run --name nginx \
|
||||
--rm \
|
||||
--env-file /etc/default/nginx \
|
||||
--privileged \
|
||||
--network "host" \
|
||||
--cap-add "NET_ADMIN" \
|
||||
nginx
|
||||
ExecStop=/usr/bin/docker stop nginx
|
||||
SyslogIdentifier=nginx
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
|
||||
[Install]
|
||||
WantedBy=docker.service
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.exists
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.isreg
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.pw_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.gr_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.mode == '0644'
|
||||
- (slurp_etc_systemd_system_nginx_container_service.content|b64decode) == nginx_expected_service_file
|
||||
- ansible_facts.services['nginx_container.service'] is defined
|
||||
- ansible_facts.services['nginx_container.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['nginx_container.service']['state'] == 'inactive'
|
||||
- ansible_facts.services['nginx_container.service']['status'] == 'enabled'
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.docker_systemd_service"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.docker_systemd_service"
|
||||
@ -0,0 +1,19 @@
|
||||
---
|
||||
docker_systemd_service_container_name: "nginx"
|
||||
docker_systemd_service_image: nginx
|
||||
docker_systemd_service_container_env:
|
||||
TEST_ENV: test
|
||||
docker_systemd_service_container_pull_image: true
|
||||
docker_systemd_service_container_pull_force_source: true
|
||||
docker_systemd_service_flags:
|
||||
- privileged
|
||||
- network: host
|
||||
- cap-add:
|
||||
- NET_ADMIN
|
||||
docker_systemd_service_container_cmd: []
|
||||
docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container"
|
||||
docker_systemd_service_systemd_options: []
|
||||
docker_systemd_service_enabled: true
|
||||
docker_systemd_service_masked: false
|
||||
docker_systemd_service_state: started
|
||||
docker_systemd_service_restart: true
|
||||
@ -0,0 +1,35 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: vagrant
|
||||
provider:
|
||||
name: libvirt
|
||||
platforms:
|
||||
- name: instance
|
||||
box: generic/${MOLECULE_TEST_OS}
|
||||
cpus: 4
|
||||
memory: 4096
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: with_custom_flags_vagrant
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,10 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Install docker"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.install_docker
|
||||
vars:
|
||||
install_docker_python_packages: true
|
||||
@ -0,0 +1,6 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
- name: ednxzu.install_docker
|
||||
@ -0,0 +1,84 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: file /etc/default/nginx"
|
||||
block:
|
||||
- name: "Stat file /etc/default/nginx"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/default/nginx"
|
||||
register: stat_etc_default_nginx
|
||||
|
||||
- name: "Slurp file /etc/default/nginx"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/default/nginx"
|
||||
register: slurp_etc_default_nginx
|
||||
|
||||
- name: "Verify file /etc/default/nginx"
|
||||
vars:
|
||||
nginx_expected_env_file: |
|
||||
TEST_ENV=test
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_default_nginx.stat.exists
|
||||
- stat_etc_default_nginx.stat.isreg
|
||||
- stat_etc_default_nginx.stat.pw_name == 'root'
|
||||
- stat_etc_default_nginx.stat.gr_name == 'root'
|
||||
- stat_etc_default_nginx.stat.mode == '0600'
|
||||
- (slurp_etc_default_nginx.content|b64decode) == nginx_expected_env_file
|
||||
|
||||
- name: "Test: service nginx_container"
|
||||
block:
|
||||
- name: "Get service nginx_container"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/systemd/system/nginx_container.service"
|
||||
register: stat_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Slurp file /etc/systemd/system/nginx_container.service"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/systemd/system/nginx_container.service"
|
||||
register: slurp_etc_systemd_system_nginx_container_service
|
||||
|
||||
- name: "Verify service nginx_container"
|
||||
vars:
|
||||
nginx_expected_service_file: |
|
||||
# Ansible managed: Do NOT edit this file manually!
|
||||
[Unit]
|
||||
After=docker.service
|
||||
PartOf=docker.service
|
||||
Requires=docker.service
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=/etc/default/nginx
|
||||
ExecStartPre=-/usr/bin/docker rm -f nginx
|
||||
ExecStart=/usr/bin/docker run --name nginx \
|
||||
--rm \
|
||||
--env-file /etc/default/nginx \
|
||||
--privileged \
|
||||
--network "host" \
|
||||
--cap-add "NET_ADMIN" \
|
||||
nginx
|
||||
ExecStop=/usr/bin/docker stop nginx
|
||||
SyslogIdentifier=nginx
|
||||
Restart=always
|
||||
RestartSec=10s
|
||||
|
||||
[Install]
|
||||
WantedBy=docker.service
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.exists
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.isreg
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.pw_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.gr_name == 'root'
|
||||
- stat_etc_systemd_system_nginx_container_service.stat.mode == '0644'
|
||||
- (slurp_etc_systemd_system_nginx_container_service.content|b64decode) == nginx_expected_service_file
|
||||
- ansible_facts.services['nginx_container.service'] is defined
|
||||
- ansible_facts.services['nginx_container.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['nginx_container.service']['state'] == 'running'
|
||||
- ansible_facts.services['nginx_container.service']['status'] == 'enabled'
|
||||
36
roles/ednxzu.docker_systemd_service/tasks/install.yml
Normal file
36
roles/ednxzu.docker_systemd_service/tasks/install.yml
Normal file
@ -0,0 +1,36 @@
|
||||
---
|
||||
# task/install file for docker_systemd_service
|
||||
- name: "Create ENV file(s) for docker service(s)"
|
||||
ansible.builtin.template:
|
||||
src: env.j2
|
||||
dest: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0600'
|
||||
notify: systemctl-restart-service
|
||||
|
||||
- name: "Pull docker image(s)"
|
||||
community.docker.docker_image:
|
||||
name: "{{ docker_systemd_service_image }}"
|
||||
force_source: "{{ docker_systemd_service_container_pull_force_source | bool }}"
|
||||
source: pull
|
||||
when: docker_systemd_service_container_pull_image
|
||||
notify: systemctl-restart-service
|
||||
|
||||
- name: "Create unit file(s) for service(s)"
|
||||
ansible.builtin.template:
|
||||
src: unit.j2
|
||||
dest: "/etc/systemd/system/{{ docker_systemd_service_name }}.service"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify: systemctl-restart-service
|
||||
|
||||
- name: "Enable and start service(s)"
|
||||
ansible.builtin.systemd:
|
||||
name: '{{ docker_systemd_service_name }}.service'
|
||||
daemon_reload: true
|
||||
enabled: "{{ docker_systemd_service_enabled }}"
|
||||
masked: "{{ docker_systemd_service_masked }}"
|
||||
state: "{{ docker_systemd_service_state }}"
|
||||
register: _enable_and_start
|
||||
9
roles/ednxzu.docker_systemd_service/tasks/main.yml
Normal file
9
roles/ednxzu.docker_systemd_service/tasks/main.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
# task/main file for docker_systemd_service
|
||||
- name: "Import install.yml"
|
||||
ansible.builtin.include_tasks: install.yml
|
||||
when: docker_systemd_service_state != "absent"
|
||||
|
||||
- name: "Import uninstall.yml"
|
||||
ansible.builtin.include_tasks: uninstall.yml
|
||||
when: docker_systemd_service_state == "absent"
|
||||
22
roles/ednxzu.docker_systemd_service/tasks/uninstall.yml
Normal file
22
roles/ednxzu.docker_systemd_service/tasks/uninstall.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
# task/uninstall file for docker_systemd_service
|
||||
- name: "Remove ENV file(s) for service(s)"
|
||||
ansible.builtin.file:
|
||||
path: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}"
|
||||
state: absent
|
||||
|
||||
- name: "Disable and stop service(s)"
|
||||
ansible.builtin.systemd:
|
||||
name: '{{ docker_systemd_service_name }}.service'
|
||||
enabled: false
|
||||
state: stopped
|
||||
|
||||
- name: "Remove unit file(s) for service(s)"
|
||||
ansible.builtin.file:
|
||||
path: /etc/systemd/system/{{ docker_systemd_service_name }}.service
|
||||
state: absent
|
||||
|
||||
- name: "Reload systemd units"
|
||||
ansible.builtin.systemd:
|
||||
daemon_reload: true
|
||||
changed_when: false
|
||||
3
roles/ednxzu.docker_systemd_service/templates/env.j2
Normal file
3
roles/ednxzu.docker_systemd_service/templates/env.j2
Normal file
@ -0,0 +1,3 @@
|
||||
{% for k,v in docker_systemd_service_container_env|dictsort %}
|
||||
{{ k }}={{ v }}
|
||||
{% endfor %}
|
||||
43
roles/ednxzu.docker_systemd_service/templates/unit.j2
Normal file
43
roles/ednxzu.docker_systemd_service/templates/unit.j2
Normal file
@ -0,0 +1,43 @@
|
||||
# {{ ansible_managed }}
|
||||
{% set service_systemd_options_keys = docker_systemd_service_systemd_options | selectattr("key") | map(attribute="key") | list %}
|
||||
[Unit]
|
||||
{% for key, value in docker_systemd_service_systemd_unit_options | dictsort %}
|
||||
{{ key }}={{ value }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
{% for item in docker_systemd_service_systemd_options %}
|
||||
{{ item['key'] }}={{ item['value'] }}
|
||||
{% endfor %}
|
||||
{% if not 'EnvironmentFile' in service_systemd_options_keys %}
|
||||
EnvironmentFile={{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}
|
||||
{% endif %}
|
||||
{% if not 'ExecStartPre' in service_systemd_options_keys %}
|
||||
ExecStartPre=-{{ docker_systemd_service_docker_path }} rm -f {{ docker_systemd_service_container_name }}
|
||||
{% endif %}
|
||||
{% if not 'ExecStart' in service_systemd_options_keys %}
|
||||
{% set docker_flags = docker_systemd_service_flags | create_docker_flags %}
|
||||
ExecStart={{ docker_systemd_service_docker_path }} run --name {{ docker_systemd_service_container_name }} \
|
||||
--rm \
|
||||
--env-file {{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }} \
|
||||
{{ docker_flags -}}{% if docker_flags +%}
|
||||
{% endif %}{{ docker_systemd_service_image -}}{{ ' ' if docker_systemd_service_container_cmd else '' }}{% if docker_systemd_service_container_cmd is string %}{{ docker_systemd_service_container_cmd | trim }}{% else %}{{ docker_systemd_service_container_cmd | join(' ') | trim }}{% endif %}
|
||||
{% endif +%}
|
||||
{% if not 'ExecStop' in service_systemd_options_keys %}
|
||||
ExecStop={{ docker_systemd_service_docker_path }} stop {{ docker_systemd_service_container_name }}
|
||||
{% endif %}
|
||||
{% if container_start_post is defined %}
|
||||
ExecStartPost=-{{ container_start_post }}
|
||||
{% endif %}
|
||||
{% if not 'SyslogIdentifier' in service_systemd_options_keys %}
|
||||
SyslogIdentifier={{ docker_systemd_service_container_name }}
|
||||
{% endif %}
|
||||
{% if not 'Restart' in service_systemd_options_keys %}
|
||||
Restart=always
|
||||
{% endif %}
|
||||
{% if not 'RestartSec' in service_systemd_options_keys %}
|
||||
RestartSec=10s
|
||||
{% endif %}
|
||||
|
||||
[Install]
|
||||
WantedBy=docker.service
|
||||
8
roles/ednxzu.docker_systemd_service/vars/main.yml
Normal file
8
roles/ednxzu.docker_systemd_service/vars/main.yml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
# vars file for docker_systemd_service
|
||||
docker_systemd_service_sysconf_dir: /etc/default
|
||||
docker_systemd_service_docker_path: "/usr/bin/docker"
|
||||
docker_systemd_service_systemd_unit_options:
|
||||
After: docker.service
|
||||
PartOf: docker.service
|
||||
Requires: docker.service
|
||||
8
roles/ednxzu.install_docker/.ansible-lint
Normal file
8
roles/ednxzu.install_docker/.ansible-lint
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
warn_list:
|
||||
- experimental # all rules tagged as experimental
|
||||
- yaml # violations reported by yamllint
|
||||
- meta-no-info
|
||||
|
||||
skip_list:
|
||||
- jinja[spacing] # Rule that looks inside jinja2 templates.
|
||||
52
roles/ednxzu.install_docker/.gitea/workflows/test.yml
Normal file
52
roles/ednxzu.install_docker/.gitea/workflows/test.yml
Normal file
@ -0,0 +1,52 @@
|
||||
---
|
||||
name: test
|
||||
on: [push]
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: Linting
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: git.ednz.fr/container-factory/ansible-runner:act-latest
|
||||
credentials:
|
||||
username: ${{ secrets.ACTIONS_USER }}
|
||||
password: ${{ secrets.ACTIONS_TOKEN }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: "Ansible lint"
|
||||
run: ansible-lint --force-color
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
|
||||
- name: "YAML lint"
|
||||
run: yamllint . -f colored -c .yamllint
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
|
||||
molecule-test:
|
||||
name: Molecule tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: lint
|
||||
container:
|
||||
image: git.ednz.fr/container-factory/ansible-runner:act-latest
|
||||
credentials:
|
||||
username: ${{ secrets.ACTIONS_USER }}
|
||||
password: ${{ secrets.ACTIONS_TOKEN }}
|
||||
strategy:
|
||||
matrix:
|
||||
test_os: [debian11, debian12, ubuntu2004, ubuntu2204]
|
||||
scenario: [default, with_custom_config]
|
||||
env:
|
||||
ANSIBLE_HOST_KEY_CHECKING: 'false'
|
||||
ANSIBLE_FORCE_COLOR: 'true'
|
||||
ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: "Molecule test"
|
||||
run: molecule test -s ${{ matrix.scenario }}
|
||||
shell: bash
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
env:
|
||||
MOLECULE_TEST_OS: ${{ matrix.test_os }}
|
||||
18
roles/ednxzu.install_docker/.github/workflows/publish.yml
vendored
Normal file
18
roles/ednxzu.install_docker/.github/workflows/publish.yml
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
name: publish
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
name: Publish to galaxy
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name: Publish
|
||||
uses: ednxzu/galaxy-import-role@v1
|
||||
with:
|
||||
galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }}
|
||||
3
roles/ednxzu.install_docker/.gitignore
vendored
Normal file
3
roles/ednxzu.install_docker/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
# ignore molecule/testinfra pycache
|
||||
**/__pycache__
|
||||
.vscode
|
||||
40
roles/ednxzu.install_docker/.yamllint
Normal file
40
roles/ednxzu.install_docker/.yamllint
Normal file
@ -0,0 +1,40 @@
|
||||
---
|
||||
# Based on ansible-lint config
|
||||
extends: default
|
||||
|
||||
rules:
|
||||
braces:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
brackets:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
colons:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
commas:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
comments: enable
|
||||
comments-indentation: disable
|
||||
document-start: enable
|
||||
empty-lines:
|
||||
max: 3
|
||||
level: error
|
||||
hyphens:
|
||||
level: error
|
||||
indentation: enable
|
||||
key-duplicates: enable
|
||||
line-length:
|
||||
max: 80
|
||||
level: warning
|
||||
new-line-at-end-of-file: enable
|
||||
new-lines:
|
||||
type: unix
|
||||
trailing-spaces: enable
|
||||
truthy:
|
||||
allowed-values:
|
||||
- 'true'
|
||||
- 'false'
|
||||
- 'yes'
|
||||
- 'no'
|
||||
19
roles/ednxzu.install_docker/LICENSE
Normal file
19
roles/ednxzu.install_docker/LICENSE
Normal file
@ -0,0 +1,19 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Bertrand Lanson
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
87
roles/ednxzu.install_docker/README.md
Normal file
87
roles/ednxzu.install_docker/README.md
Normal file
@ -0,0 +1,87 @@
|
||||
install_docker
|
||||
=========
|
||||
> This repository is only a mirror. Development and testing is done on a private gitea server.
|
||||
|
||||
This role install and configure docker on **debian-based** distributions.
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
None.
|
||||
|
||||
Role Variables
|
||||
--------------
|
||||
Available variables are listed below, along with default values. A sample file for the default values is available in `default/install_docker.yml.sample` in case you need it for any `group_vars` or `host_vars` configuration.
|
||||
|
||||
```yaml
|
||||
install_docker_edition: ce # by default, set to ce
|
||||
```
|
||||
This variable sets the edition of docker to install. It can be either `ce` (community edition) or `ee` (enterprise edition).
|
||||
|
||||
```yaml
|
||||
install_docker_auto_update: false # by default, set to false
|
||||
```
|
||||
This variable allows you to choose to automatically update docker if a newer version is available whenever the role is replayed. Updating docker is usually pretty safe if done on a regular basis.
|
||||
|
||||
```yaml
|
||||
install_docker_start_service: true
|
||||
```
|
||||
This variable defines whether or not to start the docker service after installing it. This can be turned off in case you're building golden images, so that your golden image does not start the docker service during it's build process.
|
||||
|
||||
```yaml
|
||||
install_docker_compose: false # by default, set to false
|
||||
```
|
||||
This variables defines whether or not to install docker-compose on the host.
|
||||
|
||||
```yaml
|
||||
install_docker_compose_version: latest # by default, set to latest
|
||||
```
|
||||
This variable defines the version of docker-compose to install. It support either `latest`, or the version number (`vX.Y.Z`). Officially, only versions `>=v2.0.1` are supported, as the naming for most packages changed at this release.
|
||||
|
||||
```yaml
|
||||
install_docker_python_packages: false # by default, set to false
|
||||
```
|
||||
This variable defines whether or not to install the python packages for managing docker with ansible. This package is required if you plan to perform docker operations with ansible, and should be installed if that is your goal.
|
||||
|
||||
```yaml
|
||||
install_docker_python_packages_version: latest # by default, set to latest
|
||||
```
|
||||
This variable defines the version of the python docker package that should be installed. Refer to [ednxzu/manage_pip_packages](https://github.com/ednxzu/manage_pip_packages) for documentation.
|
||||
|
||||
```yaml
|
||||
install_docker_users: [] #by default, set to []
|
||||
```
|
||||
This variable is a list of users to add to the docker group, so that they can perform docker related tasks, without requiring privilege escalation.
|
||||
|
||||
```yaml
|
||||
install_docker_daemon_options: {} # by default, set to {}
|
||||
```
|
||||
This variable defines the parameters to append to the daemon.json file (in `/etc/docker/daemon.json`). For more details, check out the [documentation](https://docs.docker.com/config/daemon/).
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
||||
`ednxzu.manage_pip_packages` to install docker python packages for using the `community.docker` modules.
|
||||
`ednxzu.manage_repositories` to configure the docker apt repository.
|
||||
`ednxzu.manage_apt_packages` to install docker.
|
||||
|
||||
Example Playbook
|
||||
----------------
|
||||
|
||||
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
|
||||
```yaml
|
||||
# calling the role inside a playbook with either the default or group_vars/host_vars
|
||||
- hosts: servers
|
||||
roles:
|
||||
- ednxzu.install_docker
|
||||
```
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
MIT / BSD
|
||||
|
||||
Author Information
|
||||
------------------
|
||||
|
||||
This role was created by Bertrand Lanson in 2023.
|
||||
@ -0,0 +1,10 @@
|
||||
---
|
||||
# install_docker_edition: ce # can be ce or ee (community or enterprise)
|
||||
# install_docker_auto_update: false
|
||||
# install_docker_start_service: true
|
||||
# install_docker_compose: false
|
||||
# install_docker_compose_version: latest
|
||||
# install_docker_python_packages: false
|
||||
# install_docker_python_packages_version: latest
|
||||
# install_docker_users: []
|
||||
# install_docker_daemon_options: {}
|
||||
11
roles/ednxzu.install_docker/defaults/main.yml
Normal file
11
roles/ednxzu.install_docker/defaults/main.yml
Normal file
@ -0,0 +1,11 @@
|
||||
---
|
||||
# defaults file for install_docker
|
||||
install_docker_edition: ce # can be ce or ee (community or enterprise)
|
||||
install_docker_auto_update: false
|
||||
install_docker_start_service: true
|
||||
install_docker_compose: false
|
||||
install_docker_compose_version: latest
|
||||
install_docker_python_packages: false
|
||||
install_docker_python_packages_version: latest
|
||||
install_docker_users: []
|
||||
install_docker_daemon_options: {}
|
||||
14
roles/ednxzu.install_docker/handlers/main.yml
Normal file
14
roles/ednxzu.install_docker/handlers/main.yml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
# handlers file for install_docker
|
||||
- name: "Enable docker service"
|
||||
ansible.builtin.service:
|
||||
name: docker
|
||||
enabled: true
|
||||
listen: "systemctl-enable-docker"
|
||||
|
||||
- name: "Reload docker service"
|
||||
ansible.builtin.service:
|
||||
name: docker
|
||||
state: reloaded
|
||||
listen: "systemctl-reload-docker"
|
||||
when: install_docker_start_service
|
||||
2
roles/ednxzu.install_docker/meta/.galaxy_install_info
Normal file
2
roles/ednxzu.install_docker/meta/.galaxy_install_info
Normal file
@ -0,0 +1,2 @@
|
||||
install_date: 'Fri 15 Dec 2023 05:25:27 PM '
|
||||
version: main
|
||||
27
roles/ednxzu.install_docker/meta/main.yml
Normal file
27
roles/ednxzu.install_docker/meta/main.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
# meta file for install_docker
|
||||
galaxy_info:
|
||||
namespace: 'ednxzu'
|
||||
role_name: 'install_docker'
|
||||
author: 'Bertrand Lanson'
|
||||
description: 'Install and configure docker for debian-based distros.'
|
||||
license: 'license (BSD, MIT)'
|
||||
min_ansible_version: '2.10'
|
||||
platforms:
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- focal
|
||||
- jammy
|
||||
- name: Debian
|
||||
versions:
|
||||
- bullseye
|
||||
- bookworm
|
||||
galaxy_tags:
|
||||
- 'ubuntu'
|
||||
- 'debian'
|
||||
- 'docker'
|
||||
- 'container'
|
||||
- 'compose'
|
||||
- 'containerd'
|
||||
|
||||
dependencies: []
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.install_docker"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.install_docker"
|
||||
37
roles/ednxzu.install_docker/molecule/default/molecule.yml
Normal file
37
roles/ednxzu.install_docker/molecule/default/molecule.yml
Normal file
@ -0,0 +1,37 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: instance
|
||||
image: geerlingguy/docker-${MOLECULE_TEST_OS}-ansible
|
||||
command: ""
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup
|
||||
cgroupns_mode: host
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: default
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
96
roles/ednxzu.install_docker/molecule/default/verify.yml
Normal file
96
roles/ednxzu.install_docker/molecule/default/verify.yml
Normal file
@ -0,0 +1,96 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: service docker"
|
||||
block:
|
||||
- name: "Get service docker"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /lib/systemd/system/docker.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/lib/systemd/system/docker.service"
|
||||
register: stat_lib_systemd_system_docker_service
|
||||
|
||||
- name: "Verify service docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_lib_systemd_system_docker_service.stat.exists
|
||||
- stat_lib_systemd_system_docker_service.stat.isreg
|
||||
- stat_lib_systemd_system_docker_service.stat.pw_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.gr_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.mode == '0644'
|
||||
- ansible_facts.services['docker.service'] is defined
|
||||
- ansible_facts.services['docker.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['docker.service']['state'] == 'running'
|
||||
- ansible_facts.services['docker.service']['status'] == 'enabled'
|
||||
|
||||
- name: "Test: file /etc/docker/daemon.json"
|
||||
block:
|
||||
- name: "Stat directory /etc/docker"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker"
|
||||
register: stat_etc_docker
|
||||
|
||||
- name: "Stat file /etc/docker/daemon.json"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker/daemon.json"
|
||||
register: stat_etc_docker_docker_json
|
||||
|
||||
- name: "Slurp file /etc/docker/daemon.json"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/docker/daemon.json"
|
||||
register: slurp_etc_docker_docker_json
|
||||
|
||||
- name: "Verify directory /etc/docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_docker.stat.exists
|
||||
- stat_etc_docker.stat.isdir
|
||||
- stat_etc_docker.stat.pw_name == 'root'
|
||||
- stat_etc_docker.stat.gr_name == 'root'
|
||||
- stat_etc_docker.stat.mode == '0755'
|
||||
- stat_etc_docker_docker_json.stat.exists
|
||||
- stat_etc_docker_docker_json.stat.isreg
|
||||
- stat_etc_docker_docker_json.stat.pw_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.gr_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.mode == '0644'
|
||||
- (slurp_etc_docker_docker_json.content|b64decode) == '{}'
|
||||
|
||||
- name: "Test: interaction docker"
|
||||
block:
|
||||
- name: "Command docker ps"
|
||||
ansible.builtin.command: "docker ps"
|
||||
changed_when: false
|
||||
register: docker_ps
|
||||
|
||||
- name: "Verify docker interaction"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- docker_ps.stdout == 'CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES'
|
||||
|
||||
- name: "Test: file /usr/local/bin/docker-compose"
|
||||
block:
|
||||
- name: "Stat file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.stat:
|
||||
path: "/usr/local/bin/docker-compose"
|
||||
register: stat_url_local_bin_docker_compose
|
||||
|
||||
- name: "Verify file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- not stat_url_local_bin_docker_compose.stat.exists
|
||||
|
||||
- name: "Test: python package docker"
|
||||
block:
|
||||
- name: "Command pip3 list"
|
||||
ansible.builtin.command: "pip3 list -o"
|
||||
changed_when: false
|
||||
register: pip3_list
|
||||
|
||||
- name: "Verify python package docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "'docker' not in pip3_list"
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.install_docker"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.install_docker"
|
||||
@ -0,0 +1,35 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: vagrant
|
||||
provider:
|
||||
name: libvirt
|
||||
platforms:
|
||||
- name: instance
|
||||
box: generic/${MOLECULE_TEST_OS}
|
||||
cpus: 4
|
||||
memory: 4096
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: default_vagrant
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: "Install pip3 packages"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.manage_apt_packages
|
||||
vars:
|
||||
manage_apt_packages_list:
|
||||
- name: python3-pip
|
||||
version: latest
|
||||
state: present
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
@ -0,0 +1,96 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: service docker"
|
||||
block:
|
||||
- name: "Get service docker"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /lib/systemd/system/docker.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/lib/systemd/system/docker.service"
|
||||
register: stat_lib_systemd_system_docker_service
|
||||
|
||||
- name: "Verify service docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_lib_systemd_system_docker_service.stat.exists
|
||||
- stat_lib_systemd_system_docker_service.stat.isreg
|
||||
- stat_lib_systemd_system_docker_service.stat.pw_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.gr_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.mode == '0644'
|
||||
- ansible_facts.services['docker.service'] is defined
|
||||
- ansible_facts.services['docker.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['docker.service']['state'] == 'running'
|
||||
- ansible_facts.services['docker.service']['status'] == 'enabled'
|
||||
|
||||
- name: "Test: file /etc/docker/daemon.json"
|
||||
block:
|
||||
- name: "Stat directory /etc/docker"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker"
|
||||
register: stat_etc_docker
|
||||
|
||||
- name: "Stat file /etc/docker/daemon.json"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker/daemon.json"
|
||||
register: stat_etc_docker_docker_json
|
||||
|
||||
- name: "Slurp file /etc/docker/daemon.json"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/docker/daemon.json"
|
||||
register: slurp_etc_docker_docker_json
|
||||
|
||||
- name: "Verify directory /etc/docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_docker.stat.exists
|
||||
- stat_etc_docker.stat.isdir
|
||||
- stat_etc_docker.stat.pw_name == 'root'
|
||||
- stat_etc_docker.stat.gr_name == 'root'
|
||||
- stat_etc_docker.stat.mode == '0755'
|
||||
- stat_etc_docker_docker_json.stat.exists
|
||||
- stat_etc_docker_docker_json.stat.isreg
|
||||
- stat_etc_docker_docker_json.stat.pw_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.gr_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.mode == '0644'
|
||||
- (slurp_etc_docker_docker_json.content|b64decode) == '{}'
|
||||
|
||||
- name: "Test: interaction docker"
|
||||
block:
|
||||
- name: "Command docker ps"
|
||||
ansible.builtin.command: "docker ps"
|
||||
changed_when: false
|
||||
register: docker_ps
|
||||
|
||||
- name: "Verify docker interaction"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- docker_ps.stdout == 'CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES'
|
||||
|
||||
- name: "Test: file /usr/local/bin/docker-compose"
|
||||
block:
|
||||
- name: "Stat file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.stat:
|
||||
path: "/usr/local/bin/docker-compose"
|
||||
register: stat_url_local_bin_docker_compose
|
||||
|
||||
- name: "Verify file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- not stat_url_local_bin_docker_compose.stat.exists
|
||||
|
||||
- name: "Test: python package docker"
|
||||
block:
|
||||
- name: "Command pip3 list"
|
||||
ansible.builtin.command: "pip3 list -o"
|
||||
changed_when: false
|
||||
register: pip3_list
|
||||
|
||||
- name: "Verify python package docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "'docker' not in pip3_list"
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.install_docker"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.install_docker"
|
||||
@ -0,0 +1,11 @@
|
||||
---
|
||||
install_docker_edition: ce # can be ce or ee (community or enterprise)
|
||||
install_docker_auto_update: true
|
||||
install_docker_start_service: true
|
||||
install_docker_compose: true
|
||||
install_docker_compose_version: latest
|
||||
install_docker_python_packages: true
|
||||
install_docker_python_packages_version: latest
|
||||
install_docker_users: []
|
||||
install_docker_daemon_options:
|
||||
data-root: "/opt/docker"
|
||||
@ -0,0 +1,37 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: instance
|
||||
image: geerlingguy/docker-${MOLECULE_TEST_OS}-ansible
|
||||
command: ""
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup
|
||||
cgroupns_mode: host
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: with_custom_config
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
@ -0,0 +1,106 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: service docker"
|
||||
block:
|
||||
- name: "Get service docker"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /lib/systemd/system/docker.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/lib/systemd/system/docker.service"
|
||||
register: stat_lib_systemd_system_docker_service
|
||||
|
||||
- name: "Verify service docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_lib_systemd_system_docker_service.stat.exists
|
||||
- stat_lib_systemd_system_docker_service.stat.isreg
|
||||
- stat_lib_systemd_system_docker_service.stat.pw_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.gr_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.mode == '0644'
|
||||
- ansible_facts.services['docker.service'] is defined
|
||||
- ansible_facts.services['docker.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['docker.service']['state'] == 'running'
|
||||
- ansible_facts.services['docker.service']['status'] == 'enabled'
|
||||
|
||||
- name: "Test: file /etc/docker/daemon.json"
|
||||
block:
|
||||
- name: "Stat directory /etc/docker"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker"
|
||||
register: stat_etc_docker
|
||||
|
||||
- name: "Stat file /etc/docker/daemon.json"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker/daemon.json"
|
||||
register: stat_etc_docker_docker_json
|
||||
|
||||
- name: "Slurp file /etc/docker/daemon.json"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/docker/daemon.json"
|
||||
register: slurp_etc_docker_docker_json
|
||||
|
||||
- name: "Verify directory /etc/docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_docker.stat.exists
|
||||
- stat_etc_docker.stat.isdir
|
||||
- stat_etc_docker.stat.pw_name == 'root'
|
||||
- stat_etc_docker.stat.gr_name == 'root'
|
||||
- stat_etc_docker.stat.mode == '0755'
|
||||
- stat_etc_docker_docker_json.stat.exists
|
||||
- stat_etc_docker_docker_json.stat.isreg
|
||||
- stat_etc_docker_docker_json.stat.pw_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.gr_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.mode == '0644'
|
||||
- "'\"data-root\": \"/opt/docker\"' in (slurp_etc_docker_docker_json.content|b64decode)"
|
||||
|
||||
- name: "Test: interaction docker"
|
||||
block:
|
||||
- name: "Command docker ps"
|
||||
ansible.builtin.command: "docker ps"
|
||||
changed_when: false
|
||||
register: docker_ps
|
||||
|
||||
- name: "Verify docker interaction"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- docker_ps.stdout == 'CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES'
|
||||
|
||||
- name: "Test: file /usr/local/bin/docker-compose"
|
||||
block:
|
||||
- name: "Stat file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.stat:
|
||||
path: "/usr/local/bin/docker-compose"
|
||||
register: stat_url_local_bin_docker_compose
|
||||
|
||||
- name: "Command docker-compose --version"
|
||||
ansible.builtin.command: "docker-compose --version"
|
||||
changed_when: false
|
||||
register: docker_compose_version
|
||||
|
||||
- name: "Verify file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- docker_compose_version.stdout | regex_search('^Docker Compose version v\\d+\\.\\d+\\.\\d+$')
|
||||
- stat_url_local_bin_docker_compose.stat.exists
|
||||
- stat_url_local_bin_docker_compose.stat.isreg
|
||||
- stat_url_local_bin_docker_compose.stat.pw_name == 'root'
|
||||
- stat_url_local_bin_docker_compose.stat.gr_name == 'root'
|
||||
- stat_url_local_bin_docker_compose.stat.mode == '0755'
|
||||
|
||||
- name: "Test: python package docker"
|
||||
block:
|
||||
- name: "Command pip3 list"
|
||||
ansible.builtin.command: "pip3 list"
|
||||
changed_when: false
|
||||
register: pip3_list
|
||||
|
||||
- name: "Verify python package docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "'docker' in pip3_list.stdout"
|
||||
@ -0,0 +1,8 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: all
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Include ednxzu.install_docker"
|
||||
ansible.builtin.include_role:
|
||||
name: "ednxzu.install_docker"
|
||||
@ -0,0 +1,11 @@
|
||||
---
|
||||
install_docker_edition: ce # can be ce or ee (community or enterprise)
|
||||
install_docker_auto_update: true
|
||||
install_docker_start_service: true
|
||||
install_docker_compose: true
|
||||
install_docker_compose_version: latest
|
||||
install_docker_python_packages: true
|
||||
install_docker_python_packages_version: latest
|
||||
install_docker_users: []
|
||||
install_docker_daemon_options:
|
||||
data-root: "/opt/docker"
|
||||
@ -0,0 +1,35 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ./requirements.yml
|
||||
driver:
|
||||
name: vagrant
|
||||
provider:
|
||||
name: libvirt
|
||||
platforms:
|
||||
- name: instance
|
||||
box: generic/${MOLECULE_TEST_OS}
|
||||
cpus: 4
|
||||
memory: 4096
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
remote_tmp: /tmp/.ansible
|
||||
verifier:
|
||||
name: ansible
|
||||
scenario:
|
||||
name: with_custom_config_vagrant
|
||||
test_sequence:
|
||||
- dependency
|
||||
- cleanup
|
||||
- destroy
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- cleanup
|
||||
- destroy
|
||||
@ -0,0 +1,12 @@
|
||||
---
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: "Install pip3 packages"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.manage_apt_packages
|
||||
vars:
|
||||
manage_apt_packages_list:
|
||||
- name: python3-pip
|
||||
version: latest
|
||||
state: present
|
||||
@ -0,0 +1,5 @@
|
||||
---
|
||||
# requirements file for molecule
|
||||
roles:
|
||||
- name: ednxzu.manage_repositories
|
||||
- name: ednxzu.manage_apt_packages
|
||||
@ -0,0 +1,106 @@
|
||||
---
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
become: true
|
||||
tasks:
|
||||
- name: "Test: service docker"
|
||||
block:
|
||||
- name: "Get service docker"
|
||||
ansible.builtin.service_facts:
|
||||
|
||||
- name: "Stat file /lib/systemd/system/docker.service"
|
||||
ansible.builtin.stat:
|
||||
path: "/lib/systemd/system/docker.service"
|
||||
register: stat_lib_systemd_system_docker_service
|
||||
|
||||
- name: "Verify service docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_lib_systemd_system_docker_service.stat.exists
|
||||
- stat_lib_systemd_system_docker_service.stat.isreg
|
||||
- stat_lib_systemd_system_docker_service.stat.pw_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.gr_name == 'root'
|
||||
- stat_lib_systemd_system_docker_service.stat.mode == '0644'
|
||||
- ansible_facts.services['docker.service'] is defined
|
||||
- ansible_facts.services['docker.service']['source'] == 'systemd'
|
||||
- ansible_facts.services['docker.service']['state'] == 'running'
|
||||
- ansible_facts.services['docker.service']['status'] == 'enabled'
|
||||
|
||||
- name: "Test: file /etc/docker/daemon.json"
|
||||
block:
|
||||
- name: "Stat directory /etc/docker"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker"
|
||||
register: stat_etc_docker
|
||||
|
||||
- name: "Stat file /etc/docker/daemon.json"
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/docker/daemon.json"
|
||||
register: stat_etc_docker_docker_json
|
||||
|
||||
- name: "Slurp file /etc/docker/daemon.json"
|
||||
ansible.builtin.slurp:
|
||||
src: "/etc/docker/daemon.json"
|
||||
register: slurp_etc_docker_docker_json
|
||||
|
||||
- name: "Verify directory /etc/docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- stat_etc_docker.stat.exists
|
||||
- stat_etc_docker.stat.isdir
|
||||
- stat_etc_docker.stat.pw_name == 'root'
|
||||
- stat_etc_docker.stat.gr_name == 'root'
|
||||
- stat_etc_docker.stat.mode == '0755'
|
||||
- stat_etc_docker_docker_json.stat.exists
|
||||
- stat_etc_docker_docker_json.stat.isreg
|
||||
- stat_etc_docker_docker_json.stat.pw_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.gr_name == 'root'
|
||||
- stat_etc_docker_docker_json.stat.mode == '0644'
|
||||
- "'\"data-root\": \"/opt/docker\"' in (slurp_etc_docker_docker_json.content|b64decode)"
|
||||
|
||||
- name: "Test: interaction docker"
|
||||
block:
|
||||
- name: "Command docker ps"
|
||||
ansible.builtin.command: "docker ps"
|
||||
changed_when: false
|
||||
register: docker_ps
|
||||
|
||||
- name: "Verify docker interaction"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- docker_ps.stdout == 'CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES'
|
||||
|
||||
- name: "Test: file /usr/local/bin/docker-compose"
|
||||
block:
|
||||
- name: "Stat file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.stat:
|
||||
path: "/usr/local/bin/docker-compose"
|
||||
register: stat_url_local_bin_docker_compose
|
||||
|
||||
- name: "Command docker-compose --version"
|
||||
ansible.builtin.command: "docker-compose --version"
|
||||
changed_when: false
|
||||
register: docker_compose_version
|
||||
|
||||
- name: "Verify file /usr/local/bin/docker-compose"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- docker_compose_version.stdout | regex_search('^Docker Compose version v\\d+\\.\\d+\\.\\d+$')
|
||||
- stat_url_local_bin_docker_compose.stat.exists
|
||||
- stat_url_local_bin_docker_compose.stat.isreg
|
||||
- stat_url_local_bin_docker_compose.stat.pw_name == 'root'
|
||||
- stat_url_local_bin_docker_compose.stat.gr_name == 'root'
|
||||
- stat_url_local_bin_docker_compose.stat.mode == '0755'
|
||||
|
||||
- name: "Test: python package docker"
|
||||
block:
|
||||
- name: "Command pip3 list"
|
||||
ansible.builtin.command: "pip3 list"
|
||||
changed_when: false
|
||||
register: pip3_list
|
||||
|
||||
- name: "Verify python package docker"
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- "'docker' in pip3_list.stdout"
|
||||
19
roles/ednxzu.install_docker/tasks/configure.yml
Normal file
19
roles/ednxzu.install_docker/tasks/configure.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
# task/configure file for install_docker
|
||||
- name: "Add specified users to group {{ install_docker_group }}"
|
||||
ansible.builtin.user:
|
||||
name: "{{ item }}"
|
||||
groups: "{{ install_docker_group }}"
|
||||
append: true
|
||||
loop: "{{ install_docker_users }}"
|
||||
|
||||
- name: "Copy daemon.json template"
|
||||
ansible.builtin.template:
|
||||
src: daemon.json.j2
|
||||
dest: "{{ install_docker_daemon_dir }}/daemon.json"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0644'
|
||||
notify:
|
||||
- "systemctl-enable-docker"
|
||||
- "systemctl-reload-docker"
|
||||
15
roles/ednxzu.install_docker/tasks/install.yml
Normal file
15
roles/ednxzu.install_docker/tasks/install.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
# task/install file for install_docker
|
||||
- name: "Configure docker repository"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.manage_repositories
|
||||
vars:
|
||||
manage_repositories_enable_default_repo: false
|
||||
manage_repositories_enable_custom_repo: true
|
||||
manage_repositories_custom_repo: "{{ install_docker_repository }}"
|
||||
|
||||
- name: "Install docker packages"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.manage_apt_packages
|
||||
vars:
|
||||
manage_apt_packages_list: "{{ install_docker_packages }}"
|
||||
46
roles/ednxzu.install_docker/tasks/install_compose.yml
Normal file
46
roles/ednxzu.install_docker/tasks/install_compose.yml
Normal file
@ -0,0 +1,46 @@
|
||||
---
|
||||
# task/install_compose file for install_docker
|
||||
- name: "Get release for compose:{{ install_docker_compose_version }}"
|
||||
vars:
|
||||
_docker_compose_url_ext: "{% if install_docker_compose_version == 'latest'%}releases{% else %}releases/tags{% endif %}"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ install_docker_compose_github_api }}/{{ _docker_compose_url_ext }}/{{ install_docker_compose_version }}"
|
||||
return_content: true
|
||||
register: _docker_compose_new_release
|
||||
|
||||
- name: "Check current compose version"
|
||||
ansible.builtin.command: "{{ install_docker_compose_path }} --version --short"
|
||||
register: _docker_compose_old_release
|
||||
check_mode: false
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: "Set facts for wanted compose release"
|
||||
ansible.builtin.set_fact:
|
||||
install_docker_compose_wanted_version: "{{ _docker_compose_new_release.json['tag_name']|regex_replace('v', '') }}"
|
||||
when: _docker_compose_new_release.json is defined
|
||||
and (_docker_compose_new_release.json | length > 0)
|
||||
|
||||
- name: "Set facts for current compose release"
|
||||
ansible.builtin.set_fact:
|
||||
install_docker_compose_current_version: "{{ _docker_compose_old_release.stdout | regex_replace('v', '') }}"
|
||||
when: _docker_compose_old_release.stdout is defined
|
||||
and (_docker_compose_old_release.stdout | length > 0)
|
||||
|
||||
- name: "Remove old compose binary if different"
|
||||
ansible.builtin.file:
|
||||
path: "{{ install_docker_compose_path }}"
|
||||
state: absent
|
||||
register: _docker_compose_binary_removed
|
||||
when: install_docker_compose_current_version is defined
|
||||
and install_docker_compose_wanted_version not in install_docker_compose_current_version
|
||||
|
||||
- name: "Download and install compose:{{ install_docker_compose_version }}"
|
||||
ansible.builtin.get_url:
|
||||
url: "{{ install_docker_compose_github_url }}/releases/download/v{{ install_docker_compose_wanted_version }}/docker-compose-linux-{{ ansible_architecture }}"
|
||||
dest: "{{ install_docker_compose_path }}"
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0755'
|
||||
when: (install_docker_compose_current_version is not defined)
|
||||
or (_docker_compose_binary_removed.changed)
|
||||
@ -0,0 +1,7 @@
|
||||
---
|
||||
# task/install_docker_pip file for install_docker
|
||||
- name: "Install docker packages"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.manage_apt_packages
|
||||
vars:
|
||||
manage_apt_packages_list: "{{ install_docker_python_packages_list }}"
|
||||
24
roles/ednxzu.install_docker/tasks/main.yml
Normal file
24
roles/ednxzu.install_docker/tasks/main.yml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
# task/main file for install_docker
|
||||
- name: "Import prerequisites.yml"
|
||||
ansible.builtin.include_tasks: prerequisites.yml
|
||||
|
||||
- name: "Import install.yml"
|
||||
ansible.builtin.include_tasks: install.yml
|
||||
|
||||
- name: "Import install_compose.yml"
|
||||
ansible.builtin.include_tasks: install_compose.yml
|
||||
when: install_docker_compose
|
||||
|
||||
- name: "Import install_python_docker.yml"
|
||||
ansible.builtin.include_tasks: install_python_docker.yml
|
||||
when: install_docker_python_packages
|
||||
|
||||
- name: "Import configure.yml"
|
||||
ansible.builtin.include_tasks: configure.yml
|
||||
|
||||
- name: "Start docker service"
|
||||
ansible.builtin.service:
|
||||
name: docker
|
||||
state: started
|
||||
when: install_docker_start_service
|
||||
14
roles/ednxzu.install_docker/tasks/prerequisites.yml
Normal file
14
roles/ednxzu.install_docker/tasks/prerequisites.yml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
# task/prerequisites file for install_docker
|
||||
- name: "Create group {{ install_docker_group }}"
|
||||
ansible.builtin.group:
|
||||
name: "{{ install_docker_group }}"
|
||||
state: present
|
||||
|
||||
- name: "Create directory {{ install_docker_daemon_dir }}"
|
||||
ansible.builtin.file:
|
||||
path: "{{ install_docker_daemon_dir }}"
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: '0755'
|
||||
1
roles/ednxzu.install_docker/templates/daemon.json.j2
Normal file
1
roles/ednxzu.install_docker/templates/daemon.json.j2
Normal file
@ -0,0 +1 @@
|
||||
{{ install_docker_daemon_options | to_nice_json }}
|
||||
36
roles/ednxzu.install_docker/vars/main.yml
Normal file
36
roles/ednxzu.install_docker/vars/main.yml
Normal file
@ -0,0 +1,36 @@
|
||||
---
|
||||
# vars file for install_docker
|
||||
install_docker_compose_path: "/usr/local/bin/docker-compose"
|
||||
install_docker_compose_github_api: https://api.github.com/repos/docker/compose
|
||||
install_docker_compose_github_url: https://github.com/docker/compose
|
||||
install_docker_group: docker
|
||||
install_docker_daemon_dir: /etc/docker
|
||||
install_docker_packages:
|
||||
- name: "docker-{{ install_docker_edition }}"
|
||||
version: latest
|
||||
state: "{% if install_docker_auto_update %}latest{% else %}present{% endif %}"
|
||||
- name: "docker-{{ install_docker_edition }}-cli"
|
||||
version: latest
|
||||
state: "{% if install_docker_auto_update %}latest{% else %}present{% endif %}"
|
||||
- name: "docker-{{ install_docker_edition }}-rootless-extras"
|
||||
version: latest
|
||||
state: "{% if install_docker_auto_update %}latest{% else %}present{% endif %}"
|
||||
- name: "containerd.io"
|
||||
version: latest
|
||||
state: "{% if install_docker_auto_update %}latest{% else %}present{% endif %}"
|
||||
install_docker_python_packages_list:
|
||||
- name: python3-docker
|
||||
version: latest
|
||||
state: "{% if install_docker_auto_update %}latest{% else %}present{% endif %}"
|
||||
install_docker_repository:
|
||||
- name: docker
|
||||
uri: "https://download.docker.com/linux/{{ ansible_distribution|lower }}"
|
||||
comments: "{{ ansible_distribution|lower }} docker repository"
|
||||
types:
|
||||
- deb
|
||||
suites:
|
||||
- "{{ ansible_distribution_release }}"
|
||||
components:
|
||||
- stable
|
||||
options:
|
||||
Signed-By: "https://download.docker.com/linux/{{ ansible_distribution|lower }}/gpg"
|
||||
8
roles/ednxzu.manage_apt_packages/.ansible-lint
Normal file
8
roles/ednxzu.manage_apt_packages/.ansible-lint
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
warn_list:
|
||||
- experimental # all rules tagged as experimental
|
||||
- yaml # violations reported by yamllint
|
||||
- meta-no-info
|
||||
|
||||
skip_list:
|
||||
- jinja[spacing] # Rule that looks inside jinja2 templates.
|
||||
52
roles/ednxzu.manage_apt_packages/.gitea/workflows/test.yml
Normal file
52
roles/ednxzu.manage_apt_packages/.gitea/workflows/test.yml
Normal file
@ -0,0 +1,52 @@
|
||||
---
|
||||
name: test
|
||||
on: [push]
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
name: Linting
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: git.ednz.fr/container-factory/ansible-runner:act-latest
|
||||
credentials:
|
||||
username: ${{ secrets.ACTIONS_USER }}
|
||||
password: ${{ secrets.ACTIONS_TOKEN }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: "Ansible lint"
|
||||
run: ansible-lint --force-color
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
|
||||
- name: "YAML lint"
|
||||
run: yamllint . -f colored -c .yamllint
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
|
||||
molecule-test:
|
||||
name: Molecule tests
|
||||
runs-on: ubuntu-latest
|
||||
needs: lint
|
||||
container:
|
||||
image: git.ednz.fr/container-factory/ansible-runner:act-latest
|
||||
credentials:
|
||||
username: ${{ secrets.ACTIONS_USER }}
|
||||
password: ${{ secrets.ACTIONS_TOKEN }}
|
||||
strategy:
|
||||
matrix:
|
||||
test_os: [debian11, debian12, ubuntu2004, ubuntu2204]
|
||||
scenario: [default, with_custom_packages]
|
||||
env:
|
||||
ANSIBLE_HOST_KEY_CHECKING: 'false'
|
||||
ANSIBLE_FORCE_COLOR: 'true'
|
||||
ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: "Molecule test"
|
||||
run: molecule test -s ${{ matrix.scenario }}
|
||||
shell: bash
|
||||
working-directory: ${{ gitea.workspace }}
|
||||
env:
|
||||
MOLECULE_TEST_OS: ${{ matrix.test_os }}
|
||||
18
roles/ednxzu.manage_apt_packages/.github/workflows/publish.yml
vendored
Normal file
18
roles/ednxzu.manage_apt_packages/.github/workflows/publish.yml
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
name: publish
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
name: Publish to galaxy
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name: Publish
|
||||
uses: ednxzu/galaxy-import-role@v1
|
||||
with:
|
||||
galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }}
|
||||
3
roles/ednxzu.manage_apt_packages/.gitignore
vendored
Normal file
3
roles/ednxzu.manage_apt_packages/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
# ignore molecule/testinfra pycache
|
||||
**/__pycache__
|
||||
.vscode
|
||||
40
roles/ednxzu.manage_apt_packages/.yamllint
Normal file
40
roles/ednxzu.manage_apt_packages/.yamllint
Normal file
@ -0,0 +1,40 @@
|
||||
---
|
||||
# Based on ansible-lint config
|
||||
extends: default
|
||||
|
||||
rules:
|
||||
braces:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
brackets:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
colons:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
commas:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
comments: enable
|
||||
comments-indentation: disable
|
||||
document-start: enable
|
||||
empty-lines:
|
||||
max: 3
|
||||
level: error
|
||||
hyphens:
|
||||
level: error
|
||||
indentation: enable
|
||||
key-duplicates: enable
|
||||
line-length:
|
||||
max: 80
|
||||
level: warning
|
||||
new-line-at-end-of-file: enable
|
||||
new-lines:
|
||||
type: unix
|
||||
trailing-spaces: enable
|
||||
truthy:
|
||||
allowed-values:
|
||||
- 'true'
|
||||
- 'false'
|
||||
- 'yes'
|
||||
- 'no'
|
||||
20
roles/ednxzu.manage_apt_packages/LICENSE
Normal file
20
roles/ednxzu.manage_apt_packages/LICENSE
Normal file
@ -0,0 +1,20 @@
|
||||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2017 Bertrand Lanson
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
||||
the Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
|
||||
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
|
||||
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
62
roles/ednxzu.manage_apt_packages/README.md
Normal file
62
roles/ednxzu.manage_apt_packages/README.md
Normal file
@ -0,0 +1,62 @@
|
||||
manage_apt_packages
|
||||
=========
|
||||
> This repository is only a mirror. Development and testing is done on a private gitea server.
|
||||
|
||||
This role enables you to manage packages on **debian-based** distributions. It can be used on its own , or be called by other roles the install/remove packages on demand.
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
None.
|
||||
|
||||
Role Variables
|
||||
--------------
|
||||
Available variables are listed below, along with default values. A sample file for the default values is available in `default/manage_apt_packages.yml.sample` in case you need it for any `group_vars` or `host_vars` configuration.
|
||||
|
||||
```yaml
|
||||
manage_apt_packages_list: # by default, not defined
|
||||
- name: nginx
|
||||
version: latest # Leaving empty or setting '' will be considered as latest
|
||||
state: absent
|
||||
- name: ...
|
||||
```
|
||||
This variable is a list of packages, with their name, desired version and state. Note that the role allows version rollbacks, so unless you absolutely need a specific version, it is usualy advised to keep the version on `latest` or empty (which is considered the same).
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
||||
None.
|
||||
|
||||
Example Playbook
|
||||
----------------
|
||||
|
||||
```yaml
|
||||
# calling the role inside a playbook with either the default or group_vars/host_vars
|
||||
- hosts: servers
|
||||
roles:
|
||||
- ednxzu.manage_apt_packages
|
||||
```
|
||||
|
||||
```yaml
|
||||
# calling the role inside a playbook and injecting variables (in another role for example)
|
||||
- hosts: servers
|
||||
tasks:
|
||||
- name: "Install consul package"
|
||||
ansible.builtin.include_role:
|
||||
name: ednxzu.manage_apt_packages
|
||||
vars:
|
||||
manage_apt_packages_list:
|
||||
- name: consul
|
||||
version: 1.13.1-1
|
||||
state: present
|
||||
```
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
MIT / BSD
|
||||
|
||||
Author Information
|
||||
------------------
|
||||
|
||||
This role was created by Bertrand Lanson in 2023.
|
||||
6
roles/ednxzu.manage_apt_packages/defaults/main.yml
Normal file
6
roles/ednxzu.manage_apt_packages/defaults/main.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
# defaults file for manage_apt_packages
|
||||
manage_apt_packages_list:
|
||||
- name: vim
|
||||
version: latest
|
||||
state: present
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user