diff --git a/.cz.toml b/.cz.toml new file mode 100644 index 0000000..7866eab --- /dev/null +++ b/.cz.toml @@ -0,0 +1,6 @@ +[tool.commitizen] +name = "cz_conventional_commits" +version_provider = "scm" +update_changelog_on_bump = true +major_version_zero = true +tag_format = "v$version" diff --git a/.gitea/workflows/development.yml b/.gitea/workflows/development.yml new file mode 100644 index 0000000..bfba126 --- /dev/null +++ b/.gitea/workflows/development.yml @@ -0,0 +1,26 @@ +--- +name: development +on: + push: + branches-ignore: + - main + +jobs: + commit-check: + name: Check commit compliance + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - name: Verify commit message compliance + run: | + echo "cz check --message '${{ github.event.head_commit.message }}'" + cz check --message "${{ github.event.head_commit.message }}" + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/e2e-tests-docker_systemd_service.yml b/.gitea/workflows/e2e-tests-docker_systemd_service.yml new file mode 100644 index 0000000..ab35bb6 --- /dev/null +++ b/.gitea/workflows/e2e-tests-docker_systemd_service.yml @@ -0,0 +1,46 @@ +--- +name: test +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + +jobs: + retrieve-credentials: + name: Retrieve Credentials + runs-on: ubuntu-latest + outputs: + registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + end_to_end_role: + needs: retrieve-credentials + strategy: + matrix: + test_os: + ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"] + scenario: ["default", "with_custom_flags"] + uses: ./.gitea/workflows/e2e-tests.yml + with: + role: docker_systemd_service + scenario: ${{ matrix.scenario }} + test_os: ${{ matrix.test_os }} + secrets: + GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }} + GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }} diff --git a/.gitea/workflows/e2e-tests.yml b/.gitea/workflows/e2e-tests.yml new file mode 100644 index 0000000..fd822c5 --- /dev/null +++ b/.gitea/workflows/e2e-tests.yml @@ -0,0 +1,47 @@ +--- +name: End-to-end tests + +on: + workflow_call: + inputs: + role: + required: true + type: string + description: "Which role should be tested" + scenario: + required: true + type: string + description: "Which scenarios should be run" + test_os: + required: true + type: string + description: "On which OS to run the tests" + secrets: + GITEA_ACTIONS_USERNAME: + required: true + GITEA_ACTIONS_TOKEN: + required: true + +jobs: + molecule-test: + name: Molecule tests + runs-on: ubuntu-latest + container: + image: git.ednz.fr/container-factory/ansible-runner:act-latest + credentials: + username: ${{ secrets.GITEA_ACTIONS_USERNAME }} + password: ${{ secrets.GITEA_ACTIONS_TOKEN }} + env: + ANSIBLE_HOST_KEY_CHECKING: "false" + ANSIBLE_FORCE_COLOR: "true" + ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: "Molecule test" + run: molecule test -s ${{ inputs.scenario }} + shell: bash + working-directory: ${{ gitea.workspace }} + env: + MOLECULE_TEST_OS: ${{ inputs.test_os }} diff --git a/.gitea/workflows/pull-request-open.yml b/.gitea/workflows/pull-request-open.yml new file mode 100644 index 0000000..ea2a600 --- /dev/null +++ b/.gitea/workflows/pull-request-open.yml @@ -0,0 +1,35 @@ +--- +name: pull-requests-open +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + +jobs: + commit-history-check: + name: Check commit compliance + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - run: git log origin/${{ github.event.pull_request.base.ref }}.. + + - name: Verify commit message compliance + run: | + echo "cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.." + cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.. + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml new file mode 100644 index 0000000..c72fc74 --- /dev/null +++ b/.gitea/workflows/release.yml @@ -0,0 +1,54 @@ +--- +name: build-deploy +on: + push: + branches: + - main + +jobs: + do-release: + if: "!startsWith(github.event.head_commit.message, 'bump:')" + runs-on: ubuntu-latest + name: Bump version and create changelog with commitizen + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - name: Configure git credentials + uses: oleksiyrudenko/gha-git-credentials@v2 + with: + global: true + name: "Gitea-Actions Bot" + email: "gitea-actions@ednz.fr" + actor: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + + - name: Do release + run: cz -nr 21 bump --yes + shell: bash + working-directory: ./ + + - name: Push release + run: git push && git push --tags + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/test.yml b/.gitea/workflows/test.yml deleted file mode 100644 index 3a74d0a..0000000 --- a/.gitea/workflows/test.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -name: test -on: [push] - -jobs: - lint: - name: Linting - runs-on: ubuntu-latest - container: - image: git.ednz.fr/container-factory/ansible-runner:act-latest - credentials: - username: ${{ secrets.ACTIONS_USER }} - password: ${{ secrets.ACTIONS_TOKEN }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: "Ansible lint" - run: ansible-lint --force-color - working-directory: ${{ gitea.workspace }} - - - name: "YAML lint" - run: yamllint . -f colored -c .yamllint - working-directory: ${{ gitea.workspace }} - - molecule-test: - name: Molecule tests - runs-on: ubuntu-latest - needs: lint - container: - image: git.ednz.fr/container-factory/ansible-runner:act-latest - credentials: - username: ${{ secrets.ACTIONS_USER }} - password: ${{ secrets.ACTIONS_TOKEN }} - strategy: - matrix: - test_os: [debian11, debian12, ubuntu2004, ubuntu2204] - scenario: [default, with_custom_flags] - env: - ANSIBLE_HOST_KEY_CHECKING: 'false' - ANSIBLE_FORCE_COLOR: 'true' - ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: "Molecule test" - run: molecule test -s ${{ matrix.scenario }} - shell: bash - working-directory: ${{ gitea.workspace }} - env: - MOLECULE_TEST_OS: ${{ matrix.test_os }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index 0fae547..0000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: publish -on: - push: - branches: - - main - -jobs: - publish: - name: Publish to galaxy - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Publish - uses: ednxzu/galaxy-import-role@v2 - with: - galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }} - repository-owner: ednxzu - repository-name: docker_systemd_service diff --git a/.gitignore b/.gitignore index bccf235..a1ca609 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ # ignore molecule/testinfra pycache **/__pycache__ -.vscode \ No newline at end of file +.vscode diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..0e7abb9 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,20 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - repo: https://github.com/adrienverge/yamllint.git + rev: v1.35.1 + hooks: + - id: yamllint + args: [-c=./.yamllint] + - repo: https://github.com/commitizen-tools/commitizen + rev: v3.30.0 + hooks: + - id: commitizen + - id: commitizen-branch + stages: + - post-commit + - push diff --git a/LICENSE b/LICENSE index c9a37e5..475d657 100644 --- a/LICENSE +++ b/LICENSE @@ -17,4 +17,4 @@ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/defaults/docker_systemd_service.yml.sample b/defaults/docker_systemd_service.yml.sample deleted file mode 100644 index d00d9ac..0000000 --- a/defaults/docker_systemd_service.yml.sample +++ /dev/null @@ -1,14 +0,0 @@ ---- -# docker_systemd_service_container_name: "My-Service" -# docker_systemd_service_image: -# docker_systemd_service_container_env: {} -# docker_systemd_service_container_pull_image: true -# docker_systemd_service_container_pull_force_source: true -# docker_systemd_service_flags: [] -# docker_systemd_service_container_cmd: [] -# docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" -# docker_systemd_service_systemd_options: [] -# docker_systemd_service_enabled: true -# docker_systemd_service_masked: false -# docker_systemd_service_state: started -# docker_systemd_service_restart: true diff --git a/defaults/main.yml b/defaults/main.yml index f70688b..f5f55c1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,7 +9,5 @@ docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: started -docker_systemd_service_restart: true + +docker_systemd_service_start: true diff --git a/meta/main.yml b/meta/main.yml index 42c3c1a..6048187 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -12,6 +12,7 @@ galaxy_info: versions: - focal - jammy + - noble - name: Debian versions: - bullseye diff --git a/molecule/default/group_vars/all.yml b/molecule/default/group_vars/all.yml index 1546e18..0c0e824 100644 --- a/molecule/default/group_vars/all.yml +++ b/molecule/default/group_vars/all.yml @@ -8,7 +8,4 @@ docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: stopped -docker_systemd_service_restart: false +docker_systemd_service_start: false diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 433b360..8e4e4da 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -24,7 +24,7 @@ - stat_etc_default_nginx.stat.pw_name == 'root' - stat_etc_default_nginx.stat.gr_name == 'root' - stat_etc_default_nginx.stat.mode == '0600' - - (slurp_etc_default_nginx.content|b64decode) == '' + - (slurp_etc_default_nginx.content|b64decode) == '\n' - name: "Test: service nginx_container" block: diff --git a/molecule/default_vagrant/converge.yml b/molecule/default_os/converge.yml similarity index 100% rename from molecule/default_vagrant/converge.yml rename to molecule/default_os/converge.yml diff --git a/molecule/default_vagrant/group_vars/all.yml b/molecule/default_os/group_vars/all.yml similarity index 64% rename from molecule/default_vagrant/group_vars/all.yml rename to molecule/default_os/group_vars/all.yml index 359ff70..97cad22 100644 --- a/molecule/default_vagrant/group_vars/all.yml +++ b/molecule/default_os/group_vars/all.yml @@ -3,12 +3,9 @@ docker_systemd_service_container_name: "nginx" docker_systemd_service_image: nginx docker_systemd_service_container_env: {} docker_systemd_service_container_pull_image: true -docker_systemd_service_container_pull_force_source: true +docker_systemd_service_container_pull_force_source: false docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: started -docker_systemd_service_restart: true +docker_systemd_service_start: true diff --git a/molecule/default_os/molecule.yml b/molecule/default_os/molecule.yml new file mode 100644 index 0000000..548be71 --- /dev/null +++ b/molecule/default_os/molecule.yml @@ -0,0 +1,48 @@ +--- +dependency: + name: galaxy + options: + requirements-file: ./requirements.yml +driver: + name: openstack +platforms: + - name: instance.example.com + description: Molecule test instance. + flavor: a2-ram4-disk20-perf1 + image: Debian 12 bookworm + user: debian + network: + name: pcp-w3rxsrj-backend-network + create: false + security_group: + name: molecule__docker_systemd_service__with_custom_flags_os + create: true + description: Molecule test security group. + rules: + - proto: tcp + port: -1 + port_min: 0 + port_max: 0 + cidr: 0.0.0.0/0 + type: IPv4 +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp/.ansible +verifier: + name: ansible +scenario: + name: default_os + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + - idempotence + - verify + - cleanup + - destroy diff --git a/molecule/default_vagrant/prepare.yml b/molecule/default_os/prepare.yml similarity index 100% rename from molecule/default_vagrant/prepare.yml rename to molecule/default_os/prepare.yml diff --git a/molecule/default_vagrant/requirements.yml b/molecule/default_os/requirements.yml similarity index 100% rename from molecule/default_vagrant/requirements.yml rename to molecule/default_os/requirements.yml diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_os/verify.yml similarity index 99% rename from molecule/default_vagrant/verify.yml rename to molecule/default_os/verify.yml index 5e1cbce..c5dfebf 100644 --- a/molecule/default_vagrant/verify.yml +++ b/molecule/default_os/verify.yml @@ -24,7 +24,7 @@ - stat_etc_default_nginx.stat.pw_name == 'root' - stat_etc_default_nginx.stat.gr_name == 'root' - stat_etc_default_nginx.stat.mode == '0600' - - (slurp_etc_default_nginx.content|b64decode) == '' + - (slurp_etc_default_nginx.content|b64decode) == '\n' - name: "Test: service nginx_container" block: diff --git a/molecule/default_vagrant/molecule.yml b/molecule/default_vagrant/molecule.yml deleted file mode 100644 index 2b02360..0000000 --- a/molecule/default_vagrant/molecule.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: ./requirements.yml -driver: - name: vagrant - provider: - name: libvirt -platforms: - - name: instance - box: generic/${MOLECULE_TEST_OS} - cpus: 4 - memory: 4096 -provisioner: - name: ansible - config_options: - defaults: - remote_tmp: /tmp/.ansible -verifier: - name: ansible -scenario: - name: default_vagrant - test_sequence: - - dependency - - cleanup - - destroy - - syntax - - create - - prepare - - converge - - idempotence - - verify - - cleanup - - destroy diff --git a/molecule/with_custom_flags/group_vars/all.yml b/molecule/with_custom_flags/group_vars/all.yml index 11733c3..800a15e 100644 --- a/molecule/with_custom_flags/group_vars/all.yml +++ b/molecule/with_custom_flags/group_vars/all.yml @@ -1,6 +1,6 @@ --- docker_systemd_service_container_name: "nginx" -docker_systemd_service_image: nginx +docker_systemd_service_image: nginx:1.27 docker_systemd_service_container_env: TEST_ENV: test docker_systemd_service_container_pull_image: false @@ -13,7 +13,4 @@ docker_systemd_service_flags: docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: stopped -docker_systemd_service_restart: false +docker_systemd_service_start: false diff --git a/molecule/with_custom_flags/verify.yml b/molecule/with_custom_flags/verify.yml index 6e80eef..502939e 100644 --- a/molecule/with_custom_flags/verify.yml +++ b/molecule/with_custom_flags/verify.yml @@ -62,7 +62,7 @@ --privileged \ --network "host" \ --cap-add "NET_ADMIN" \ - nginx + nginx:1.27 ExecStop=/usr/bin/docker stop nginx SyslogIdentifier=nginx Restart=always diff --git a/molecule/with_custom_flags_vagrant/converge.yml b/molecule/with_custom_flags_os/converge.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/converge.yml rename to molecule/with_custom_flags_os/converge.yml diff --git a/molecule/with_custom_flags_vagrant/group_vars/all.yml b/molecule/with_custom_flags_os/group_vars/all.yml similarity index 63% rename from molecule/with_custom_flags_vagrant/group_vars/all.yml rename to molecule/with_custom_flags_os/group_vars/all.yml index 0c8909c..6327d85 100644 --- a/molecule/with_custom_flags_vagrant/group_vars/all.yml +++ b/molecule/with_custom_flags_os/group_vars/all.yml @@ -1,10 +1,10 @@ --- docker_systemd_service_container_name: "nginx" -docker_systemd_service_image: nginx +docker_systemd_service_image: nginx:1.27 docker_systemd_service_container_env: TEST_ENV: test docker_systemd_service_container_pull_image: true -docker_systemd_service_container_pull_force_source: true +docker_systemd_service_container_pull_force_source: false docker_systemd_service_flags: - privileged - network: host @@ -13,7 +13,4 @@ docker_systemd_service_flags: docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: started -docker_systemd_service_restart: true +docker_systemd_service_start: true diff --git a/molecule/with_custom_flags_os/molecule.yml b/molecule/with_custom_flags_os/molecule.yml new file mode 100644 index 0000000..d35efaf --- /dev/null +++ b/molecule/with_custom_flags_os/molecule.yml @@ -0,0 +1,48 @@ +--- +dependency: + name: galaxy + options: + requirements-file: ./requirements.yml +driver: + name: openstack +platforms: + - name: instance.example.com + description: Molecule test instance. + flavor: a2-ram4-disk20-perf1 + image: Debian 12 bookworm + user: debian + network: + name: pcp-w3rxsrj-backend-network + create: false + security_group: + name: molecule__docker_systemd_service__with_custom_flags_os + create: true + description: Molecule test security group. + rules: + - proto: tcp + port: -1 + port_min: 0 + port_max: 0 + cidr: 0.0.0.0/0 + type: IPv4 +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp/.ansible +verifier: + name: ansible +scenario: + name: with_custom_flags_os + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + - idempotence + - verify + - cleanup + - destroy diff --git a/molecule/with_custom_flags_vagrant/prepare.yml b/molecule/with_custom_flags_os/prepare.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/prepare.yml rename to molecule/with_custom_flags_os/prepare.yml diff --git a/molecule/with_custom_flags_vagrant/requirements.yml b/molecule/with_custom_flags_os/requirements.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/requirements.yml rename to molecule/with_custom_flags_os/requirements.yml diff --git a/molecule/with_custom_flags_vagrant/verify.yml b/molecule/with_custom_flags_os/verify.yml similarity index 99% rename from molecule/with_custom_flags_vagrant/verify.yml rename to molecule/with_custom_flags_os/verify.yml index d043f00..2d12e07 100644 --- a/molecule/with_custom_flags_vagrant/verify.yml +++ b/molecule/with_custom_flags_os/verify.yml @@ -62,7 +62,7 @@ --privileged \ --network "host" \ --cap-add "NET_ADMIN" \ - nginx + nginx:1.27 ExecStop=/usr/bin/docker stop nginx SyslogIdentifier=nginx Restart=always diff --git a/molecule/with_custom_flags_vagrant/molecule.yml b/molecule/with_custom_flags_vagrant/molecule.yml deleted file mode 100644 index fe55051..0000000 --- a/molecule/with_custom_flags_vagrant/molecule.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: ./requirements.yml -driver: - name: vagrant - provider: - name: libvirt -platforms: - - name: instance - box: generic/${MOLECULE_TEST_OS} - cpus: 4 - memory: 4096 -provisioner: - name: ansible - config_options: - defaults: - remote_tmp: /tmp/.ansible -verifier: - name: ansible -scenario: - name: with_custom_flags_vagrant - test_sequence: - - dependency - - cleanup - - destroy - - syntax - - create - - prepare - - converge - - idempotence - - verify - - cleanup - - destroy diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..67e06ac --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,36 @@ +--- +# task/install file for docker_systemd_service +- name: "Docker systemd service | Create ENV file(s) for docker service(s)" + ansible.builtin.template: + src: env.j2 + dest: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}" + owner: root + group: root + mode: '0600' + register: _docker_systemd_service_env_file + +- name: "Docker systemd service | Pull docker image(s)" + community.docker.docker_image: + name: "{{ docker_systemd_service_image }}" + force_source: "{{ docker_systemd_service_container_pull_force_source | bool }}" + source: pull + register: _docker_systemd_service_image_pull + when: docker_systemd_service_container_pull_image + +- name: "Docker systemd service | Create unit file(s) for service(s)" + ansible.builtin.template: + src: unit.j2 + dest: "/etc/systemd/system/{{ docker_systemd_service_name }}.service" + owner: root + group: root + mode: '0644' + register: _docker_systemd_service_unit_file + +- name: "Docker systemd service | Set reload-check & restart-check variable" + ansible.builtin.set_fact: + _docker_systemd_service_need_daemon_reload: >- + {{ _docker_systemd_service_unit_file.changed | bool }} + _docker_systemd_service_need_restart: true + when: _docker_systemd_service_env_file.changed or + _docker_systemd_service_unit_file.changed or + _docker_systemd_service_image_pull.changed diff --git a/tasks/install.yml b/tasks/install.yml deleted file mode 100644 index c62cc6f..0000000 --- a/tasks/install.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# task/install file for docker_systemd_service -- name: "Create ENV file(s) for docker service(s)" - ansible.builtin.template: - src: env.j2 - dest: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}" - owner: root - group: root - mode: '0600' - notify: systemctl-restart-service - -- name: "Pull docker image(s)" - community.docker.docker_image: - name: "{{ docker_systemd_service_image }}" - force_source: "{{ docker_systemd_service_container_pull_force_source | bool }}" - source: pull - when: docker_systemd_service_container_pull_image - notify: systemctl-restart-service - -- name: "Create unit file(s) for service(s)" - ansible.builtin.template: - src: unit.j2 - dest: "/etc/systemd/system/{{ docker_systemd_service_name }}.service" - owner: root - group: root - mode: '0644' - notify: systemctl-restart-service - -- name: "Enable and start service(s)" - ansible.builtin.systemd: - name: '{{ docker_systemd_service_name }}.service' - daemon_reload: true - enabled: "{{ docker_systemd_service_enabled }}" - masked: "{{ docker_systemd_service_masked }}" - state: "{{ docker_systemd_service_state }}" - register: _enable_and_start diff --git a/tasks/main.yml b/tasks/main.yml index 77d46d7..079e60d 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,9 +1,37 @@ --- # task/main file for docker_systemd_service -- name: "Import install.yml" - ansible.builtin.include_tasks: install.yml - when: docker_systemd_service_state != "absent" +- name: "Docker systemd service | Set reload-check & restart-check variable" + ansible.builtin.set_fact: + _docker_systemd_service_need_daemon_reload: false + _docker_systemd_service_need_restart: false -- name: "Import uninstall.yml" - ansible.builtin.include_tasks: uninstall.yml - when: docker_systemd_service_state == "absent" +- name: "Docker systemd service | Import configure.yml" + ansible.builtin.include_tasks: configure.yml + +- name: "Docker systemd service | Populate service facts" + ansible.builtin.service_facts: + +- name: "Docker systemd service | Set restart-check variable" + ansible.builtin.set_fact: + _docker_systemd_service_need_restart: true + when: + - ansible_facts.services[docker_systemd_service_name~'.service'].state != 'running' + +- name: "Docker systemd service | Enable service: {{ docker_systemd_service_name }}" + ansible.builtin.service: + name: "{{ docker_systemd_service_name }}" + enabled: true + +- name: "Docker systemd service | Reload systemd daemon" + ansible.builtin.systemd: + daemon_reload: true + when: _docker_systemd_service_need_daemon_reload + +- name: "Docker systemd service | Start service: {{ docker_systemd_service_name }}" + ansible.builtin.service: + name: "{{ docker_systemd_service_name }}" + state: restarted + throttle: 1 + when: + - _docker_systemd_service_need_restart + - docker_systemd_service_start diff --git a/tasks/uninstall.yml b/tasks/uninstall.yml deleted file mode 100644 index 9faf8d3..0000000 --- a/tasks/uninstall.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# task/uninstall file for docker_systemd_service -- name: "Remove ENV file(s) for service(s)" - ansible.builtin.file: - path: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}" - state: absent - -- name: "Disable and stop service(s)" - ansible.builtin.systemd: - name: '{{ docker_systemd_service_name }}.service' - enabled: false - state: stopped - -- name: "Remove unit file(s) for service(s)" - ansible.builtin.file: - path: /etc/systemd/system/{{ docker_systemd_service_name }}.service - state: absent - -- name: "Reload systemd units" - ansible.builtin.systemd: - daemon_reload: true - changed_when: false diff --git a/templates/env.j2 b/templates/env.j2 index f5e5931..cb4fd2c 100644 --- a/templates/env.j2 +++ b/templates/env.j2 @@ -1,3 +1,3 @@ {% for k,v in docker_systemd_service_container_env|dictsort %} {{ k }}={{ v }} -{% endfor %} \ No newline at end of file +{% endfor %}