--- - name: Verify hosts: all gather_facts: true become: true tasks: - name: "Test: nomad user and group" block: - name: "Getent user nomad" ansible.builtin.getent: database: passwd key: nomad register: nomad_user - name: "Getent group nomad" ansible.builtin.getent: database: group key: nomad register: nomad_group - name: "Verify nomad user and group" ansible.builtin.assert: that: - not nomad_user.failed - not nomad_group.failed - "'nomad' in nomad_user.ansible_facts.getent_passwd.keys()" - "'/home/nomad' in nomad_user.ansible_facts.getent_passwd['nomad']" - "'/bin/false' in nomad_user.ansible_facts.getent_passwd['nomad']" - "'nomad' in nomad_group.ansible_facts.getent_group.keys()" - name: "Test: binary /usr/local/bin/nomad" block: - name: "Stat binary /usr/local/bin/nomad" ansible.builtin.stat: path: "/usr/local/bin/nomad" register: stat_usr_local_bin_nomad - name: "Verify binary /usr/local/bin/nomad" ansible.builtin.assert: that: - stat_usr_local_bin_nomad.stat.exists - stat_usr_local_bin_nomad.stat.isreg - stat_usr_local_bin_nomad.stat.pw_name == 'root' - stat_usr_local_bin_nomad.stat.gr_name == 'root' - stat_usr_local_bin_nomad.stat.mode == '0755' - name: "Test: directory /etc/nomad.d" block: - name: "Stat directory /etc/nomad.d" ansible.builtin.stat: path: "/etc/nomad.d" register: stat_etc_nomad_d - name: "Stat file /etc/nomad.d/nomad.env" ansible.builtin.stat: path: "/etc/nomad.d/nomad.env" register: stat_etc_nomad_d_nomad_env - name: "Stat file /etc/nomad.d/nomad.json" ansible.builtin.stat: path: "/etc/nomad.d/nomad.json" register: stat_etc_nomad_d_nomad_json - name: "Slurp file /etc/nomad.d/nomad.json" ansible.builtin.slurp: src: "/etc/nomad.d/nomad.json" register: slurp_etc_nomad_d_nomad_json - name: "Verify directory /etc/nomad.d" ansible.builtin.assert: that: - stat_etc_nomad_d.stat.exists - stat_etc_nomad_d.stat.isdir - stat_etc_nomad_d.stat.pw_name == 'nomad' - stat_etc_nomad_d.stat.gr_name == 'nomad' - stat_etc_nomad_d.stat.mode == '0755' - stat_etc_nomad_d_nomad_env.stat.exists - stat_etc_nomad_d_nomad_env.stat.isreg - stat_etc_nomad_d_nomad_env.stat.pw_name == 'nomad' - stat_etc_nomad_d_nomad_env.stat.gr_name == 'nomad' - stat_etc_nomad_d_nomad_env.stat.mode == '0600' - stat_etc_nomad_d_nomad_json.stat.exists - stat_etc_nomad_d_nomad_json.stat.isreg - stat_etc_nomad_d_nomad_json.stat.pw_name == 'nomad' - stat_etc_nomad_d_nomad_json.stat.gr_name == 'nomad' - stat_etc_nomad_d_nomad_json.stat.mode == '0600' - slurp_etc_nomad_d_nomad_json.content != '' - name: "Test: directory /opt/nomad" block: - name: "Stat directory /opt/nomad" ansible.builtin.stat: path: "/opt/nomad" register: stat_opt_nomad - name: "Verify directory /opt/nomad" ansible.builtin.assert: that: - stat_opt_nomad.stat.exists - stat_opt_nomad.stat.isdir - stat_opt_nomad.stat.pw_name == 'nomad' - stat_opt_nomad.stat.gr_name == 'nomad' - stat_opt_nomad.stat.mode == '0755' - name: "Test: service nomad" block: - name: "Get service nomad" ansible.builtin.service_facts: - name: "Stat file /etc/systemd/system/nomad.service" ansible.builtin.stat: path: "/etc/systemd/system/nomad.service" register: stat_etc_systemd_system_nomad_service - name: "Slurp file /etc/systemd/system/nomad.service" ansible.builtin.slurp: src: "/etc/systemd/system/nomad.service" register: slurp_etc_systemd_system_nomad_service - name: "Verify service nomad" ansible.builtin.assert: that: - stat_etc_systemd_system_nomad_service.stat.exists - stat_etc_systemd_system_nomad_service.stat.isreg - stat_etc_systemd_system_nomad_service.stat.pw_name == 'root' - stat_etc_systemd_system_nomad_service.stat.gr_name == 'root' - stat_etc_systemd_system_nomad_service.stat.mode == '0644' - slurp_etc_systemd_system_nomad_service.content != '' - ansible_facts.services['nomad.service'] is defined - ansible_facts.services['nomad.service']['source'] == 'systemd' - ansible_facts.services['nomad.service']['state'] == 'running' - ansible_facts.services['nomad.service']['status'] == 'enabled' - name: "Test: bootstrap acl nomad" block: - name: "Command nomad acl bootstrap" ansible.builtin.command: "nomad acl bootstrap -json" environment: NOMAD_ADDR: "http://{{ ansible_default_ipv4.address }}:4646" changed_when: false register: nomad_acl_bootstrap - name: "Test: interaction nomad" vars: acl_token: "{{ nomad_acl_bootstrap.stdout|from_json|json_query('SecretID') }}" block: - name: "Command nomad var put" ansible.builtin.command: "nomad var put secret/foobar foo=bar" environment: NOMAD_ADDR: "http://{{ ansible_default_ipv4.address }}:4646" NOMAD_TOKEN: "{{ acl_token }}" changed_when: false register: nomad_var_put - name: "Command nomad var get" ansible.builtin.command: "nomad var get secret/foobar" environment: NOMAD_ADDR: "http://{{ ansible_default_ipv4.address }}:4646" NOMAD_TOKEN: "{{ acl_token }}" changed_when: false register: nomad_var_get - name: "Command nomad var purge" ansible.builtin.command: "nomad var purge secret/foobar" environment: NOMAD_ADDR: "http://{{ ansible_default_ipv4.address }}:4646" NOMAD_TOKEN: "{{ acl_token }}" changed_when: false register: nomad_var_purge - name: "Command nomad server members" ansible.builtin.command: "nomad server members" environment: NOMAD_ADDR: "http://{{ ansible_default_ipv4.address }}:4646" NOMAD_TOKEN: "{{ acl_token }}" changed_when: false register: nomad_server_members - name: "Verify nomad interaction" ansible.builtin.assert: that: - "'instance.global' in nomad_server_members.stdout" - "'\"Items\": {\n \"foo\": \"bar\"\n }' in nomad_var_put.stdout" - "'\"Items\": {\n \"foo\": \"bar\"\n }' in nomad_var_get.stdout" - nomad_var_purge.stdout == 'Successfully purged variable \"secret/foobar\"!'