From 65dfc185240f43bcc2a9d9fdb75de4c61d8cc3ad Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Mon, 11 Dec 2023 23:50:13 +0100 Subject: [PATCH] feat: start custom tests, and improve docker deployment method --- defaults/main.yml | 2 +- molecule/default/verify.yml | 140 +++++++++++++++++-- molecule/default_vagrant/group_vars/all.yml | 35 ----- molecule/default_vagrant/verify.yml | 134 ++++++++++++++++++ molecule/with_docker_host/group_vars/all.yml | 8 +- molecule/with_docker_host/prepare.yml | 10 ++ templates/config.yaml.j2 | 2 +- templates/gitea-runner.service.j2 | 2 +- 8 files changed, 281 insertions(+), 52 deletions(-) delete mode 100644 molecule/default_vagrant/group_vars/all.yml create mode 100644 molecule/with_docker_host/prepare.yml diff --git a/defaults/main.yml b/defaults/main.yml index 265dc12..3b98702 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -32,6 +32,6 @@ deploy_gitea_runner_config: options: "" workdir_parent: valid_volumes: [] - docker_host: "-" + docker_host: "" host: workdir_parent: "" diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index a72e7ac..9717c92 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -4,17 +4,137 @@ gather_facts: true become: true tasks: - - name: "Test: file /etc/hosts" + - name: "Test: act_runner user and group" block: - - name: "Stat file /etc/hosts" - ansible.builtin.stat: - path: "/etc/hosts" - register: stat_etc_hosts + - name: "Getent user act_runner" + ansible.builtin.getent: + database: passwd + key: act_runner + register: act_runner_user - - name: "Verify file /etc/hosts" + - name: "Getent group act_runner" + ansible.builtin.getent: + database: group + key: act_runner + register: act_runner_group + + - name: "Verify act_runner user and group" ansible.builtin.assert: that: - - stat_etc_hosts.stat.exists - - stat_etc_hosts.stat.isreg - - stat_etc_hosts.stat.pw_name == 'root' - - stat_etc_hosts.stat.gr_name == 'root' + - not act_runner_user.failed + - not act_runner_group.failed + - "'act_runner' in act_runner_user.ansible_facts.getent_passwd.keys()" + - "'/opt/gitea-actions' in act_runner_user.ansible_facts.getent_passwd['act_runner']" + - "'/bin/false' in act_runner_user.ansible_facts.getent_passwd['act_runner']" + - "'act_runner' in act_runner_group.ansible_facts.getent_group.keys()" + + - name: "Test: directory /etc/act_runner" + block: + - name: "Stat directory /etc/act_runner" + ansible.builtin.stat: + path: "/etc/act_runner" + register: stat_etc_act_runner + + - name: "Stat file /etc/act_runner/config.yaml" + ansible.builtin.stat: + path: "/etc/act_runner/config.yaml" + register: stat_etc_act_runner_config_yaml + + - name: "Slurp file /etc/act_runner/config.yaml" + ansible.builtin.slurp: + src: "/etc/act_runner/config.yaml" + register: slurp_etc_act_runner_config_yaml + + - name: "Verify directory /etc/act_runner" + ansible.builtin.assert: + that: + - stat_etc_act_runner.stat.exists + - stat_etc_act_runner.stat.isdir + - stat_etc_act_runner.stat.pw_name == 'act_runner' + - stat_etc_act_runner.stat.gr_name == 'act_runner' + - stat_etc_act_runner.stat.mode == '0755' + - stat_etc_act_runner_config_yaml.stat.exists + - stat_etc_act_runner_config_yaml.stat.isreg + - stat_etc_act_runner_config_yaml.stat.pw_name == 'act_runner' + - stat_etc_act_runner_config_yaml.stat.gr_name == 'act_runner' + - stat_etc_act_runner_config_yaml.stat.mode == '0600' + - slurp_etc_act_runner_config_yaml.content != '' + + - name: "Test: directory /opt/gitea-actions" + block: + - name: "Stat directory /opt/gitea-actions" + ansible.builtin.stat: + path: "/opt/gitea-actions" + register: stat_opt_gitea_actions + + - name: "Stat file /opt/gitea-actions/.version" + ansible.builtin.stat: + path: "/opt/gitea-actions/.version" + register: stat_opt_gitea_actions_version + + - name: "Slurp file /opt/gitea-actions/.version" + ansible.builtin.slurp: + src: "/opt/gitea-actions/.version" + register: slurp_opt_gitea_actions_version + + - name: "Verify directory /opt/gitea-actions" + ansible.builtin.assert: + that: + - stat_opt_gitea_actions.stat.exists + - stat_opt_gitea_actions.stat.isdir + - stat_opt_gitea_actions.stat.pw_name == 'act_runner' + - stat_opt_gitea_actions.stat.gr_name == 'act_runner' + - stat_opt_gitea_actions.stat.mode == '0750' + - stat_opt_gitea_actions_version.stat.exists + - stat_opt_gitea_actions_version.stat.isreg + - stat_opt_gitea_actions_version.stat.pw_name == 'root' + - stat_opt_gitea_actions_version.stat.gr_name == 'root' + - stat_opt_gitea_actions_version.stat.mode == '0600' + - slurp_opt_gitea_actions_version.content != '' + + - name: "Test: service gitea-runner" + block: + - name: "Get service gitea-runner" + ansible.builtin.service_facts: + + - name: "Stat file /etc/systemd/system/gitea-runner.service" + ansible.builtin.stat: + path: "/etc/systemd/system/gitea-runner.service" + register: stat_etc_systemd_system_gitea_runner_service + + - name: "Slurp file /etc/systemd/system/gitea-runner.service" + ansible.builtin.slurp: + src: "/etc/systemd/system/gitea-runner.service" + register: slurp_etc_systemd_system_gitea_runner_service + + - name: "Verify service gitea-runner" + vars: + gitea_runner_expected_service_file: | + [Unit] + Description=Gitea Actions runner + Documentation=https://gitea.com/gitea/act_runner + WantedBy=multi-user.target + + [Service] + ExecStart=/usr/local/bin/act-runner daemon --config /etc/act_runner/config.yaml + ExecReload=/bin/kill -s HUP $MAINPID + WorkingDirectory=/opt/gitea-actions + TimeoutSec=0 + RestartSec=10 + Restart=always + User=act_runner + + [Install] + WantedBy=multi-user.target + ansible.builtin.assert: + that: + - stat_etc_systemd_system_gitea_runner_service.stat.exists + - stat_etc_systemd_system_gitea_runner_service.stat.isreg + - stat_etc_systemd_system_gitea_runner_service.stat.pw_name == 'root' + - stat_etc_systemd_system_gitea_runner_service.stat.gr_name == 'root' + - stat_etc_systemd_system_gitea_runner_service.stat.mode == '0644' + - (slurp_etc_systemd_system_gitea_runner_service.content|b64decode) == gitea_runner_expected_service_file + - ansible_facts.services['gitea-runner.service'] is defined + - ansible_facts.services['gitea-runner.service']['source'] == 'systemd' + - ansible_facts.services['gitea-runner.service']['state'] == 'stopped' + - ansible_facts.services['gitea-runner.service']['status'] == 'enabled' diff --git a/molecule/default_vagrant/group_vars/all.yml b/molecule/default_vagrant/group_vars/all.yml deleted file mode 100644 index 45ca4fe..0000000 --- a/molecule/default_vagrant/group_vars/all.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -# defaults file for deploy_gitea_runner -deploy_gitea_runner_version: latest -deploy_gitea_runner_deploy_method: docker # deployment method, either host or docker. -deploy_gitea_runner_directory: /opt/gitea-actions -deploy_gitea_runner_timezone: "Europe/Paris" -deploy_gitea_runner_register: false -deploy_gitea_runner_start_service: false -deploy_gitea_runner_server_url: https://git.ednz.fr -deploy_gitea_runner_server_token: "" -deploy_gitea_runner_name: vagrant-gitea-runner -deploy_gitea_runner_config: - log: - level: info - runner: - file: "{{ deploy_gitea_runner_directory }}/.runner" # this HAS TO BE .runner if deploy_gitea_runner_deploy_method is docker - capacity: 1 - timeout: 3h - insecure: false - fetch_timeout: 5s - fetch_interval: 15s - labels: [] - cache: - enabled: true - dir: "{{ deploy_gitea_runner_directory }}/cache" # this HAS TO BE /cache if deploy_gitea_runner_deploy_method is docker - host: 127.0.0.1 - port: 4974 - container: - network: "" - privileged: false - options: "" - workdir_parent: - valid_volumes: [] - docker_host: "-" - host: {} diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_vagrant/verify.yml index ec450ea..9717c92 100644 --- a/molecule/default_vagrant/verify.yml +++ b/molecule/default_vagrant/verify.yml @@ -4,3 +4,137 @@ gather_facts: true become: true tasks: + - name: "Test: act_runner user and group" + block: + - name: "Getent user act_runner" + ansible.builtin.getent: + database: passwd + key: act_runner + register: act_runner_user + + - name: "Getent group act_runner" + ansible.builtin.getent: + database: group + key: act_runner + register: act_runner_group + + - name: "Verify act_runner user and group" + ansible.builtin.assert: + that: + - not act_runner_user.failed + - not act_runner_group.failed + - "'act_runner' in act_runner_user.ansible_facts.getent_passwd.keys()" + - "'/opt/gitea-actions' in act_runner_user.ansible_facts.getent_passwd['act_runner']" + - "'/bin/false' in act_runner_user.ansible_facts.getent_passwd['act_runner']" + - "'act_runner' in act_runner_group.ansible_facts.getent_group.keys()" + + - name: "Test: directory /etc/act_runner" + block: + - name: "Stat directory /etc/act_runner" + ansible.builtin.stat: + path: "/etc/act_runner" + register: stat_etc_act_runner + + - name: "Stat file /etc/act_runner/config.yaml" + ansible.builtin.stat: + path: "/etc/act_runner/config.yaml" + register: stat_etc_act_runner_config_yaml + + - name: "Slurp file /etc/act_runner/config.yaml" + ansible.builtin.slurp: + src: "/etc/act_runner/config.yaml" + register: slurp_etc_act_runner_config_yaml + + - name: "Verify directory /etc/act_runner" + ansible.builtin.assert: + that: + - stat_etc_act_runner.stat.exists + - stat_etc_act_runner.stat.isdir + - stat_etc_act_runner.stat.pw_name == 'act_runner' + - stat_etc_act_runner.stat.gr_name == 'act_runner' + - stat_etc_act_runner.stat.mode == '0755' + - stat_etc_act_runner_config_yaml.stat.exists + - stat_etc_act_runner_config_yaml.stat.isreg + - stat_etc_act_runner_config_yaml.stat.pw_name == 'act_runner' + - stat_etc_act_runner_config_yaml.stat.gr_name == 'act_runner' + - stat_etc_act_runner_config_yaml.stat.mode == '0600' + - slurp_etc_act_runner_config_yaml.content != '' + + - name: "Test: directory /opt/gitea-actions" + block: + - name: "Stat directory /opt/gitea-actions" + ansible.builtin.stat: + path: "/opt/gitea-actions" + register: stat_opt_gitea_actions + + - name: "Stat file /opt/gitea-actions/.version" + ansible.builtin.stat: + path: "/opt/gitea-actions/.version" + register: stat_opt_gitea_actions_version + + - name: "Slurp file /opt/gitea-actions/.version" + ansible.builtin.slurp: + src: "/opt/gitea-actions/.version" + register: slurp_opt_gitea_actions_version + + - name: "Verify directory /opt/gitea-actions" + ansible.builtin.assert: + that: + - stat_opt_gitea_actions.stat.exists + - stat_opt_gitea_actions.stat.isdir + - stat_opt_gitea_actions.stat.pw_name == 'act_runner' + - stat_opt_gitea_actions.stat.gr_name == 'act_runner' + - stat_opt_gitea_actions.stat.mode == '0750' + - stat_opt_gitea_actions_version.stat.exists + - stat_opt_gitea_actions_version.stat.isreg + - stat_opt_gitea_actions_version.stat.pw_name == 'root' + - stat_opt_gitea_actions_version.stat.gr_name == 'root' + - stat_opt_gitea_actions_version.stat.mode == '0600' + - slurp_opt_gitea_actions_version.content != '' + + - name: "Test: service gitea-runner" + block: + - name: "Get service gitea-runner" + ansible.builtin.service_facts: + + - name: "Stat file /etc/systemd/system/gitea-runner.service" + ansible.builtin.stat: + path: "/etc/systemd/system/gitea-runner.service" + register: stat_etc_systemd_system_gitea_runner_service + + - name: "Slurp file /etc/systemd/system/gitea-runner.service" + ansible.builtin.slurp: + src: "/etc/systemd/system/gitea-runner.service" + register: slurp_etc_systemd_system_gitea_runner_service + + - name: "Verify service gitea-runner" + vars: + gitea_runner_expected_service_file: | + [Unit] + Description=Gitea Actions runner + Documentation=https://gitea.com/gitea/act_runner + WantedBy=multi-user.target + + [Service] + ExecStart=/usr/local/bin/act-runner daemon --config /etc/act_runner/config.yaml + ExecReload=/bin/kill -s HUP $MAINPID + WorkingDirectory=/opt/gitea-actions + TimeoutSec=0 + RestartSec=10 + Restart=always + User=act_runner + + [Install] + WantedBy=multi-user.target + ansible.builtin.assert: + that: + - stat_etc_systemd_system_gitea_runner_service.stat.exists + - stat_etc_systemd_system_gitea_runner_service.stat.isreg + - stat_etc_systemd_system_gitea_runner_service.stat.pw_name == 'root' + - stat_etc_systemd_system_gitea_runner_service.stat.gr_name == 'root' + - stat_etc_systemd_system_gitea_runner_service.stat.mode == '0644' + - (slurp_etc_systemd_system_gitea_runner_service.content|b64decode) == gitea_runner_expected_service_file + - ansible_facts.services['gitea-runner.service'] is defined + - ansible_facts.services['gitea-runner.service']['source'] == 'systemd' + - ansible_facts.services['gitea-runner.service']['state'] == 'stopped' + - ansible_facts.services['gitea-runner.service']['status'] == 'enabled' diff --git a/molecule/with_docker_host/group_vars/all.yml b/molecule/with_docker_host/group_vars/all.yml index d99c38e..3592b6e 100644 --- a/molecule/with_docker_host/group_vars/all.yml +++ b/molecule/with_docker_host/group_vars/all.yml @@ -3,10 +3,10 @@ deploy_gitea_runner_version: latest deploy_gitea_runner_deploy_method: docker # deployment method, either host or docker. deploy_gitea_runner_directory: /opt/gitea-actions deploy_gitea_runner_timezone: "Europe/Paris" -deploy_gitea_runner_register: true +deploy_gitea_runner_register: false deploy_gitea_runner_start_service: false -deploy_gitea_runner_server_url: https://git.ednz.fr -deploy_gitea_runner_server_token: "secret-token" +deploy_gitea_runner_server_url: https://git.example.com +deploy_gitea_runner_server_token: "" deploy_gitea_runner_name: gitea-runner deploy_gitea_runner_config: log: @@ -18,7 +18,7 @@ deploy_gitea_runner_config: insecure: false fetch_timeout: 5s fetch_interval: 2s - labels: ["ubuntu-latest:docker://node:16-bullseye"] + labels: ["debian-bullseye:docker://node:16-bullseye"] cache: enabled: false dir: "/cache" # this HAS TO BE /cache if deploy_gitea_runner_deploy_method is docker diff --git a/molecule/with_docker_host/prepare.yml b/molecule/with_docker_host/prepare.yml new file mode 100644 index 0000000..7f58328 --- /dev/null +++ b/molecule/with_docker_host/prepare.yml @@ -0,0 +1,10 @@ +--- +- name: Prepare + hosts: all + become: true + tasks: + - name: "Include ednxzu.install_docker" + ansible.builtin.include_role: + name: ednxzu.install_docker + vars: + install_docker_python_packages: true diff --git a/templates/config.yaml.j2 b/templates/config.yaml.j2 index 5da3552..8a58c17 100644 --- a/templates/config.yaml.j2 +++ b/templates/config.yaml.j2 @@ -1,2 +1,2 @@ # {{ ansible_managed }} -{{ deploy_gitea_runner_config | to_yaml }} +{{ deploy_gitea_runner_config | to_nice_yaml }} diff --git a/templates/gitea-runner.service.j2 b/templates/gitea-runner.service.j2 index d4e1ed4..30bc911 100644 --- a/templates/gitea-runner.service.j2 +++ b/templates/gitea-runner.service.j2 @@ -4,7 +4,7 @@ Documentation=https://gitea.com/gitea/act_runner WantedBy=multi-user.target [Service] -ExecStart={{ deploy_gitea_runner_path }} daemon --config /etc/act_runner/config.yaml +ExecStart={{ deploy_gitea_runner_path }} daemon --config {{ deploy_gitea_host_config_directory }}/config.yaml ExecReload=/bin/kill -s HUP $MAINPID WorkingDirectory={{ deploy_gitea_runner_directory }} TimeoutSec=0