From 8a600d3c4703fbcb6ebc207f53d480b21621c626 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 10:49:36 +0100 Subject: [PATCH 1/8] chore: add precommit hooks and commitizen config --- .cz.toml | 6 ++++++ .pre-commit-config.yaml | 20 ++++++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 .cz.toml create mode 100644 .pre-commit-config.yaml diff --git a/.cz.toml b/.cz.toml new file mode 100644 index 0000000..7866eab --- /dev/null +++ b/.cz.toml @@ -0,0 +1,6 @@ +[tool.commitizen] +name = "cz_conventional_commits" +version_provider = "scm" +update_changelog_on_bump = true +major_version_zero = true +tag_format = "v$version" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..0e7abb9 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,20 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - repo: https://github.com/adrienverge/yamllint.git + rev: v1.35.1 + hooks: + - id: yamllint + args: [-c=./.yamllint] + - repo: https://github.com/commitizen-tools/commitizen + rev: v3.30.0 + hooks: + - id: commitizen + - id: commitizen-branch + stages: + - post-commit + - push -- 2.45.2 From b82426201daff2ec8d00a47987321ab9aa2bd463 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 10:50:51 +0100 Subject: [PATCH 2/8] ci: add full gitea workflow and remove github actions steps --- .gitea/workflows/development.yml | 26 +++++++++ .../e2e-tests-docker_systemd_service.yml | 46 ++++++++++++++++ .gitea/workflows/e2e-tests.yml | 47 ++++++++++++++++ .gitea/workflows/pull-request-open.yml | 35 ++++++++++++ .gitea/workflows/release.yml | 54 +++++++++++++++++++ .github/workflows/publish.yml | 20 ------- 6 files changed, 208 insertions(+), 20 deletions(-) create mode 100644 .gitea/workflows/development.yml create mode 100644 .gitea/workflows/e2e-tests-docker_systemd_service.yml create mode 100644 .gitea/workflows/e2e-tests.yml create mode 100644 .gitea/workflows/pull-request-open.yml create mode 100644 .gitea/workflows/release.yml delete mode 100644 .github/workflows/publish.yml diff --git a/.gitea/workflows/development.yml b/.gitea/workflows/development.yml new file mode 100644 index 0000000..bfba126 --- /dev/null +++ b/.gitea/workflows/development.yml @@ -0,0 +1,26 @@ +--- +name: development +on: + push: + branches-ignore: + - main + +jobs: + commit-check: + name: Check commit compliance + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - name: Verify commit message compliance + run: | + echo "cz check --message '${{ github.event.head_commit.message }}'" + cz check --message "${{ github.event.head_commit.message }}" + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/e2e-tests-docker_systemd_service.yml b/.gitea/workflows/e2e-tests-docker_systemd_service.yml new file mode 100644 index 0000000..ab35bb6 --- /dev/null +++ b/.gitea/workflows/e2e-tests-docker_systemd_service.yml @@ -0,0 +1,46 @@ +--- +name: test +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + +jobs: + retrieve-credentials: + name: Retrieve Credentials + runs-on: ubuntu-latest + outputs: + registry-username: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + registry-token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + end_to_end_role: + needs: retrieve-credentials + strategy: + matrix: + test_os: + ["debian11", "debian12", "ubuntu2004", "ubuntu2204", "ubuntu2404"] + scenario: ["default", "with_custom_flags"] + uses: ./.gitea/workflows/e2e-tests.yml + with: + role: docker_systemd_service + scenario: ${{ matrix.scenario }} + test_os: ${{ matrix.test_os }} + secrets: + GITEA_ACTIONS_USERNAME: ${{ needs.retrieve-credentials.outputs.registry-username }} + GITEA_ACTIONS_TOKEN: ${{ needs.retrieve-credentials.outputs.registry-token }} diff --git a/.gitea/workflows/e2e-tests.yml b/.gitea/workflows/e2e-tests.yml new file mode 100644 index 0000000..fd822c5 --- /dev/null +++ b/.gitea/workflows/e2e-tests.yml @@ -0,0 +1,47 @@ +--- +name: End-to-end tests + +on: + workflow_call: + inputs: + role: + required: true + type: string + description: "Which role should be tested" + scenario: + required: true + type: string + description: "Which scenarios should be run" + test_os: + required: true + type: string + description: "On which OS to run the tests" + secrets: + GITEA_ACTIONS_USERNAME: + required: true + GITEA_ACTIONS_TOKEN: + required: true + +jobs: + molecule-test: + name: Molecule tests + runs-on: ubuntu-latest + container: + image: git.ednz.fr/container-factory/ansible-runner:act-latest + credentials: + username: ${{ secrets.GITEA_ACTIONS_USERNAME }} + password: ${{ secrets.GITEA_ACTIONS_TOKEN }} + env: + ANSIBLE_HOST_KEY_CHECKING: "false" + ANSIBLE_FORCE_COLOR: "true" + ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: "Molecule test" + run: molecule test -s ${{ inputs.scenario }} + shell: bash + working-directory: ${{ gitea.workspace }} + env: + MOLECULE_TEST_OS: ${{ inputs.test_os }} diff --git a/.gitea/workflows/pull-request-open.yml b/.gitea/workflows/pull-request-open.yml new file mode 100644 index 0000000..ea2a600 --- /dev/null +++ b/.gitea/workflows/pull-request-open.yml @@ -0,0 +1,35 @@ +--- +name: pull-requests-open +on: + pull_request: + types: + - opened + - edited + - synchronize + branches: + - main + +jobs: + commit-history-check: + name: Check commit compliance + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - run: git log origin/${{ github.event.pull_request.base.ref }}.. + + - name: Verify commit message compliance + run: | + echo "cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.." + cz check --rev-range origin/${{ gitea.event.pull_request.base.ref }}.. + shell: bash + working-directory: ./ diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml new file mode 100644 index 0000000..c72fc74 --- /dev/null +++ b/.gitea/workflows/release.yml @@ -0,0 +1,54 @@ +--- +name: build-deploy +on: + push: + branches: + - main + +jobs: + do-release: + if: "!startsWith(github.event.head_commit.message, 'bump:')" + runs-on: ubuntu-latest + name: Bump version and create changelog with commitizen + steps: + - name: Get secrets from vault + id: import-secrets + uses: hashicorp/vault-action@v3 + with: + url: "https://vault.ednz.fr" + method: approle + roleId: ${{ secrets.VAULT_APPROLE_ID }} + secretId: ${{ secrets.VAULT_APPROLE_SECRET_ID }} + secrets: | + kv/data/applications/gitea/users/actions username | GITEA_ACTIONS_USERNAME ; + kv/data/applications/gitea/users/actions token_write | GITEA_ACTIONS_TOKEN ; + + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + + - name: Install commitizen + run: pip3 install commitizen + shell: bash + working-directory: ./ + + - name: Configure git credentials + uses: oleksiyrudenko/gha-git-credentials@v2 + with: + global: true + name: "Gitea-Actions Bot" + email: "gitea-actions@ednz.fr" + actor: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_USERNAME }} + token: ${{ steps.import-secrets.outputs.GITEA_ACTIONS_TOKEN }} + + - name: Do release + run: cz -nr 21 bump --yes + shell: bash + working-directory: ./ + + - name: Push release + run: git push && git push --tags + shell: bash + working-directory: ./ diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml deleted file mode 100644 index 0fae547..0000000 --- a/.github/workflows/publish.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: publish -on: - push: - branches: - - main - -jobs: - publish: - name: Publish to galaxy - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Publish - uses: ednxzu/galaxy-import-role@v2 - with: - galaxy-api-key: ${{ secrets.GALAXY_API_TOKEN }} - repository-owner: ednxzu - repository-name: docker_systemd_service -- 2.45.2 From fee75fb57c05ac1ce5470ab5a3e6813047367b46 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 10:52:39 +0100 Subject: [PATCH 3/8] ci: remove old test action in favor of new template one --- .gitea/workflows/test.yml | 52 --------------------------------------- .gitignore | 2 +- 2 files changed, 1 insertion(+), 53 deletions(-) delete mode 100644 .gitea/workflows/test.yml diff --git a/.gitea/workflows/test.yml b/.gitea/workflows/test.yml deleted file mode 100644 index 3a74d0a..0000000 --- a/.gitea/workflows/test.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -name: test -on: [push] - -jobs: - lint: - name: Linting - runs-on: ubuntu-latest - container: - image: git.ednz.fr/container-factory/ansible-runner:act-latest - credentials: - username: ${{ secrets.ACTIONS_USER }} - password: ${{ secrets.ACTIONS_TOKEN }} - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: "Ansible lint" - run: ansible-lint --force-color - working-directory: ${{ gitea.workspace }} - - - name: "YAML lint" - run: yamllint . -f colored -c .yamllint - working-directory: ${{ gitea.workspace }} - - molecule-test: - name: Molecule tests - runs-on: ubuntu-latest - needs: lint - container: - image: git.ednz.fr/container-factory/ansible-runner:act-latest - credentials: - username: ${{ secrets.ACTIONS_USER }} - password: ${{ secrets.ACTIONS_TOKEN }} - strategy: - matrix: - test_os: [debian11, debian12, ubuntu2004, ubuntu2204] - scenario: [default, with_custom_flags] - env: - ANSIBLE_HOST_KEY_CHECKING: 'false' - ANSIBLE_FORCE_COLOR: 'true' - ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3 - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: "Molecule test" - run: molecule test -s ${{ matrix.scenario }} - shell: bash - working-directory: ${{ gitea.workspace }} - env: - MOLECULE_TEST_OS: ${{ matrix.test_os }} diff --git a/.gitignore b/.gitignore index bccf235..a1ca609 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ # ignore molecule/testinfra pycache **/__pycache__ -.vscode \ No newline at end of file +.vscode -- 2.45.2 From f39e1f95d0d0e2a1905df49aba1d285e4a56df5d Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 11:04:13 +0100 Subject: [PATCH 4/8] fix: handlers running in unpredictable ways this patch adds support for in-role management of reload and restarts of the systemd service it also adds support for ubuntu 24 --- meta/main.yml | 1 + .../converge.yml | 0 .../group_vars/all.yml | 2 +- molecule/default_os/molecule.yml | 48 +++++++++++++++++++ .../prepare.yml | 0 .../requirements.yml | 0 .../verify.yml | 0 molecule/default_vagrant/molecule.yml | 35 -------------- .../converge.yml | 0 .../group_vars/all.yml | 4 +- molecule/with_custom_flags_os/molecule.yml | 48 +++++++++++++++++++ .../prepare.yml | 0 .../requirements.yml | 0 .../verify.yml | 0 .../with_custom_flags_vagrant/molecule.yml | 35 -------------- tasks/install.yml | 23 ++++++--- tasks/main.yml | 26 +++++++++- templates/env.j2 | 2 +- 18 files changed, 141 insertions(+), 83 deletions(-) rename molecule/{default_vagrant => default_os}/converge.yml (100%) rename molecule/{default_vagrant => default_os}/group_vars/all.yml (90%) create mode 100644 molecule/default_os/molecule.yml rename molecule/{default_vagrant => default_os}/prepare.yml (100%) rename molecule/{default_vagrant => default_os}/requirements.yml (100%) rename molecule/{default_vagrant => default_os}/verify.yml (100%) delete mode 100644 molecule/default_vagrant/molecule.yml rename molecule/{with_custom_flags_vagrant => with_custom_flags_os}/converge.yml (100%) rename molecule/{with_custom_flags_vagrant => with_custom_flags_os}/group_vars/all.yml (85%) create mode 100644 molecule/with_custom_flags_os/molecule.yml rename molecule/{with_custom_flags_vagrant => with_custom_flags_os}/prepare.yml (100%) rename molecule/{with_custom_flags_vagrant => with_custom_flags_os}/requirements.yml (100%) rename molecule/{with_custom_flags_vagrant => with_custom_flags_os}/verify.yml (100%) delete mode 100644 molecule/with_custom_flags_vagrant/molecule.yml diff --git a/meta/main.yml b/meta/main.yml index 42c3c1a..6048187 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -12,6 +12,7 @@ galaxy_info: versions: - focal - jammy + - noble - name: Debian versions: - bullseye diff --git a/molecule/default_vagrant/converge.yml b/molecule/default_os/converge.yml similarity index 100% rename from molecule/default_vagrant/converge.yml rename to molecule/default_os/converge.yml diff --git a/molecule/default_vagrant/group_vars/all.yml b/molecule/default_os/group_vars/all.yml similarity index 90% rename from molecule/default_vagrant/group_vars/all.yml rename to molecule/default_os/group_vars/all.yml index 359ff70..768ded5 100644 --- a/molecule/default_vagrant/group_vars/all.yml +++ b/molecule/default_os/group_vars/all.yml @@ -3,7 +3,7 @@ docker_systemd_service_container_name: "nginx" docker_systemd_service_image: nginx docker_systemd_service_container_env: {} docker_systemd_service_container_pull_image: true -docker_systemd_service_container_pull_force_source: true +docker_systemd_service_container_pull_force_source: false docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" diff --git a/molecule/default_os/molecule.yml b/molecule/default_os/molecule.yml new file mode 100644 index 0000000..548be71 --- /dev/null +++ b/molecule/default_os/molecule.yml @@ -0,0 +1,48 @@ +--- +dependency: + name: galaxy + options: + requirements-file: ./requirements.yml +driver: + name: openstack +platforms: + - name: instance.example.com + description: Molecule test instance. + flavor: a2-ram4-disk20-perf1 + image: Debian 12 bookworm + user: debian + network: + name: pcp-w3rxsrj-backend-network + create: false + security_group: + name: molecule__docker_systemd_service__with_custom_flags_os + create: true + description: Molecule test security group. + rules: + - proto: tcp + port: -1 + port_min: 0 + port_max: 0 + cidr: 0.0.0.0/0 + type: IPv4 +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp/.ansible +verifier: + name: ansible +scenario: + name: default_os + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + - idempotence + - verify + - cleanup + - destroy diff --git a/molecule/default_vagrant/prepare.yml b/molecule/default_os/prepare.yml similarity index 100% rename from molecule/default_vagrant/prepare.yml rename to molecule/default_os/prepare.yml diff --git a/molecule/default_vagrant/requirements.yml b/molecule/default_os/requirements.yml similarity index 100% rename from molecule/default_vagrant/requirements.yml rename to molecule/default_os/requirements.yml diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_os/verify.yml similarity index 100% rename from molecule/default_vagrant/verify.yml rename to molecule/default_os/verify.yml diff --git a/molecule/default_vagrant/molecule.yml b/molecule/default_vagrant/molecule.yml deleted file mode 100644 index 2b02360..0000000 --- a/molecule/default_vagrant/molecule.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: ./requirements.yml -driver: - name: vagrant - provider: - name: libvirt -platforms: - - name: instance - box: generic/${MOLECULE_TEST_OS} - cpus: 4 - memory: 4096 -provisioner: - name: ansible - config_options: - defaults: - remote_tmp: /tmp/.ansible -verifier: - name: ansible -scenario: - name: default_vagrant - test_sequence: - - dependency - - cleanup - - destroy - - syntax - - create - - prepare - - converge - - idempotence - - verify - - cleanup - - destroy diff --git a/molecule/with_custom_flags_vagrant/converge.yml b/molecule/with_custom_flags_os/converge.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/converge.yml rename to molecule/with_custom_flags_os/converge.yml diff --git a/molecule/with_custom_flags_vagrant/group_vars/all.yml b/molecule/with_custom_flags_os/group_vars/all.yml similarity index 85% rename from molecule/with_custom_flags_vagrant/group_vars/all.yml rename to molecule/with_custom_flags_os/group_vars/all.yml index 0c8909c..405fd2f 100644 --- a/molecule/with_custom_flags_vagrant/group_vars/all.yml +++ b/molecule/with_custom_flags_os/group_vars/all.yml @@ -1,10 +1,10 @@ --- docker_systemd_service_container_name: "nginx" -docker_systemd_service_image: nginx +docker_systemd_service_image: nginx:1.27 docker_systemd_service_container_env: TEST_ENV: test docker_systemd_service_container_pull_image: true -docker_systemd_service_container_pull_force_source: true +docker_systemd_service_container_pull_force_source: false docker_systemd_service_flags: - privileged - network: host diff --git a/molecule/with_custom_flags_os/molecule.yml b/molecule/with_custom_flags_os/molecule.yml new file mode 100644 index 0000000..d35efaf --- /dev/null +++ b/molecule/with_custom_flags_os/molecule.yml @@ -0,0 +1,48 @@ +--- +dependency: + name: galaxy + options: + requirements-file: ./requirements.yml +driver: + name: openstack +platforms: + - name: instance.example.com + description: Molecule test instance. + flavor: a2-ram4-disk20-perf1 + image: Debian 12 bookworm + user: debian + network: + name: pcp-w3rxsrj-backend-network + create: false + security_group: + name: molecule__docker_systemd_service__with_custom_flags_os + create: true + description: Molecule test security group. + rules: + - proto: tcp + port: -1 + port_min: 0 + port_max: 0 + cidr: 0.0.0.0/0 + type: IPv4 +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp/.ansible +verifier: + name: ansible +scenario: + name: with_custom_flags_os + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + - idempotence + - verify + - cleanup + - destroy diff --git a/molecule/with_custom_flags_vagrant/prepare.yml b/molecule/with_custom_flags_os/prepare.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/prepare.yml rename to molecule/with_custom_flags_os/prepare.yml diff --git a/molecule/with_custom_flags_vagrant/requirements.yml b/molecule/with_custom_flags_os/requirements.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/requirements.yml rename to molecule/with_custom_flags_os/requirements.yml diff --git a/molecule/with_custom_flags_vagrant/verify.yml b/molecule/with_custom_flags_os/verify.yml similarity index 100% rename from molecule/with_custom_flags_vagrant/verify.yml rename to molecule/with_custom_flags_os/verify.yml diff --git a/molecule/with_custom_flags_vagrant/molecule.yml b/molecule/with_custom_flags_vagrant/molecule.yml deleted file mode 100644 index fe55051..0000000 --- a/molecule/with_custom_flags_vagrant/molecule.yml +++ /dev/null @@ -1,35 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: ./requirements.yml -driver: - name: vagrant - provider: - name: libvirt -platforms: - - name: instance - box: generic/${MOLECULE_TEST_OS} - cpus: 4 - memory: 4096 -provisioner: - name: ansible - config_options: - defaults: - remote_tmp: /tmp/.ansible -verifier: - name: ansible -scenario: - name: with_custom_flags_vagrant - test_sequence: - - dependency - - cleanup - - destroy - - syntax - - create - - prepare - - converge - - idempotence - - verify - - cleanup - - destroy diff --git a/tasks/install.yml b/tasks/install.yml index c62cc6f..038fcb9 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,32 +1,41 @@ --- # task/install file for docker_systemd_service -- name: "Create ENV file(s) for docker service(s)" +- name: "Docker systemd service | Create ENV file(s) for docker service(s)" ansible.builtin.template: src: env.j2 dest: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}" owner: root group: root mode: '0600' - notify: systemctl-restart-service + register: _docker_systemd_service_env_file -- name: "Pull docker image(s)" +- name: "Docker systemd service | Pull docker image(s)" community.docker.docker_image: name: "{{ docker_systemd_service_image }}" force_source: "{{ docker_systemd_service_container_pull_force_source | bool }}" source: pull + register: _docker_systemd_service_image_pull when: docker_systemd_service_container_pull_image - notify: systemctl-restart-service -- name: "Create unit file(s) for service(s)" +- name: "Docker systemd service | Create unit file(s) for service(s)" ansible.builtin.template: src: unit.j2 dest: "/etc/systemd/system/{{ docker_systemd_service_name }}.service" owner: root group: root mode: '0644' - notify: systemctl-restart-service + registr: _docker_systemd_service_unit_file -- name: "Enable and start service(s)" +- name: "Docker systemd service | Set reload-check & restart-check variable" + ansible.builtin.set_fact: + _docker_systemd_service_need_daemon_reload: >- + {{ _docker_systemd_service_unit_file.changed | bool }} + _docker_systemd_service_need_restart: true + when: _docker_systemd_service_env_file.changed or + _docker_systemd_service_unit_file.changed or + docker_systemd_service_container_pull_image.changed + +- name: "Docker systemd service | Enable and start service(s)" ansible.builtin.systemd: name: '{{ docker_systemd_service_name }}.service' daemon_reload: true diff --git a/tasks/main.yml b/tasks/main.yml index 77d46d7..8c0b22a 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,9 +1,31 @@ --- # task/main file for docker_systemd_service -- name: "Import install.yml" +- name: "Docker systemd service | Set reload-check & restart-check variable" + ansible.builtin.set_fact: + _docker_systemd_service_need_daemon_reload: false + _docker_systemd_service_need_restart: false + +- name: "Docker systemd service | Import install.yml" ansible.builtin.include_tasks: install.yml when: docker_systemd_service_state != "absent" -- name: "Import uninstall.yml" +- name: "Docker systemd service | Import uninstall.yml" ansible.builtin.include_tasks: uninstall.yml when: docker_systemd_service_state == "absent" + +- name: "Docker systemd service | Enable service: {{ docker_systemd_service_name }}" + ansible.builtin.service: + name: "{{ docker_systemd_service_name }}" + enabled: true + +- name: "Docker systemd service | Reload systemd daemon" + ansible.builtin.systemd: + daemon_reload: true + when: _docker_systemd_service_need_daemon_reload + +- name: "Docker systemd service | Start service: {{ docker_systemd_service_name }}" + ansible.builtin.service: + name: "{{ docker_systemd_service_name }}" + state: restarted + throttle: 1 + when: _docker_systemd_service_need_restart diff --git a/templates/env.j2 b/templates/env.j2 index f5e5931..cb4fd2c 100644 --- a/templates/env.j2 +++ b/templates/env.j2 @@ -1,3 +1,3 @@ {% for k,v in docker_systemd_service_container_env|dictsort %} {{ k }}={{ v }} -{% endfor %} \ No newline at end of file +{% endfor %} -- 2.45.2 From 6e2f47acce767c34e32b7b9730d2b510a90fa724 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 11:04:34 +0100 Subject: [PATCH 5/8] chore: pre-commit fixes --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index c9a37e5..475d657 100644 --- a/LICENSE +++ b/LICENSE @@ -17,4 +17,4 @@ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -- 2.45.2 From cbde72a17fba529298d950503edee9e42fd2a2fc Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 11:08:56 +0100 Subject: [PATCH 6/8] fix: typo in install.yml file --- tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/install.yml b/tasks/install.yml index 038fcb9..c770692 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -24,7 +24,7 @@ owner: root group: root mode: '0644' - registr: _docker_systemd_service_unit_file + register: _docker_systemd_service_unit_file - name: "Docker systemd service | Set reload-check & restart-check variable" ansible.builtin.set_fact: -- 2.45.2 From ffbb6157ef6e9dc85395b1995edfa62d70be9198 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 13:24:14 +0100 Subject: [PATCH 7/8] feat: only allow starting and managing running services. destroying/removing services should be handled separately, most likely by the end user's custom code, to avoid data loss, etc... --- defaults/docker_systemd_service.yml.sample | 14 ------------ defaults/main.yml | 6 ++--- molecule/default/group_vars/all.yml | 5 +---- molecule/default/verify.yml | 2 +- molecule/default_os/group_vars/all.yml | 5 +---- molecule/default_os/verify.yml | 2 +- molecule/with_custom_flags/group_vars/all.yml | 5 +---- .../with_custom_flags_os/group_vars/all.yml | 5 +---- tasks/{install.yml => configure.yml} | 11 +--------- tasks/main.yml | 20 +++++++++++------ tasks/uninstall.yml | 22 ------------------- 11 files changed, 22 insertions(+), 75 deletions(-) delete mode 100644 defaults/docker_systemd_service.yml.sample rename tasks/{install.yml => configure.yml} (76%) delete mode 100644 tasks/uninstall.yml diff --git a/defaults/docker_systemd_service.yml.sample b/defaults/docker_systemd_service.yml.sample deleted file mode 100644 index d00d9ac..0000000 --- a/defaults/docker_systemd_service.yml.sample +++ /dev/null @@ -1,14 +0,0 @@ ---- -# docker_systemd_service_container_name: "My-Service" -# docker_systemd_service_image: -# docker_systemd_service_container_env: {} -# docker_systemd_service_container_pull_image: true -# docker_systemd_service_container_pull_force_source: true -# docker_systemd_service_flags: [] -# docker_systemd_service_container_cmd: [] -# docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" -# docker_systemd_service_systemd_options: [] -# docker_systemd_service_enabled: true -# docker_systemd_service_masked: false -# docker_systemd_service_state: started -# docker_systemd_service_restart: true diff --git a/defaults/main.yml b/defaults/main.yml index f70688b..f5f55c1 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,7 +9,5 @@ docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: started -docker_systemd_service_restart: true + +docker_systemd_service_start: true diff --git a/molecule/default/group_vars/all.yml b/molecule/default/group_vars/all.yml index 1546e18..0c0e824 100644 --- a/molecule/default/group_vars/all.yml +++ b/molecule/default/group_vars/all.yml @@ -8,7 +8,4 @@ docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: stopped -docker_systemd_service_restart: false +docker_systemd_service_start: false diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 433b360..8e4e4da 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -24,7 +24,7 @@ - stat_etc_default_nginx.stat.pw_name == 'root' - stat_etc_default_nginx.stat.gr_name == 'root' - stat_etc_default_nginx.stat.mode == '0600' - - (slurp_etc_default_nginx.content|b64decode) == '' + - (slurp_etc_default_nginx.content|b64decode) == '\n' - name: "Test: service nginx_container" block: diff --git a/molecule/default_os/group_vars/all.yml b/molecule/default_os/group_vars/all.yml index 768ded5..97cad22 100644 --- a/molecule/default_os/group_vars/all.yml +++ b/molecule/default_os/group_vars/all.yml @@ -8,7 +8,4 @@ docker_systemd_service_flags: [] docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: started -docker_systemd_service_restart: true +docker_systemd_service_start: true diff --git a/molecule/default_os/verify.yml b/molecule/default_os/verify.yml index 5e1cbce..c5dfebf 100644 --- a/molecule/default_os/verify.yml +++ b/molecule/default_os/verify.yml @@ -24,7 +24,7 @@ - stat_etc_default_nginx.stat.pw_name == 'root' - stat_etc_default_nginx.stat.gr_name == 'root' - stat_etc_default_nginx.stat.mode == '0600' - - (slurp_etc_default_nginx.content|b64decode) == '' + - (slurp_etc_default_nginx.content|b64decode) == '\n' - name: "Test: service nginx_container" block: diff --git a/molecule/with_custom_flags/group_vars/all.yml b/molecule/with_custom_flags/group_vars/all.yml index 11733c3..3b75768 100644 --- a/molecule/with_custom_flags/group_vars/all.yml +++ b/molecule/with_custom_flags/group_vars/all.yml @@ -13,7 +13,4 @@ docker_systemd_service_flags: docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: stopped -docker_systemd_service_restart: false +docker_systemd_service_start: false diff --git a/molecule/with_custom_flags_os/group_vars/all.yml b/molecule/with_custom_flags_os/group_vars/all.yml index 405fd2f..6327d85 100644 --- a/molecule/with_custom_flags_os/group_vars/all.yml +++ b/molecule/with_custom_flags_os/group_vars/all.yml @@ -13,7 +13,4 @@ docker_systemd_service_flags: docker_systemd_service_container_cmd: [] docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" docker_systemd_service_systemd_options: [] -docker_systemd_service_enabled: true -docker_systemd_service_masked: false -docker_systemd_service_state: started -docker_systemd_service_restart: true +docker_systemd_service_start: true diff --git a/tasks/install.yml b/tasks/configure.yml similarity index 76% rename from tasks/install.yml rename to tasks/configure.yml index c770692..67e06ac 100644 --- a/tasks/install.yml +++ b/tasks/configure.yml @@ -33,13 +33,4 @@ _docker_systemd_service_need_restart: true when: _docker_systemd_service_env_file.changed or _docker_systemd_service_unit_file.changed or - docker_systemd_service_container_pull_image.changed - -- name: "Docker systemd service | Enable and start service(s)" - ansible.builtin.systemd: - name: '{{ docker_systemd_service_name }}.service' - daemon_reload: true - enabled: "{{ docker_systemd_service_enabled }}" - masked: "{{ docker_systemd_service_masked }}" - state: "{{ docker_systemd_service_state }}" - register: _enable_and_start + _docker_systemd_service_image_pull.changed diff --git a/tasks/main.yml b/tasks/main.yml index 8c0b22a..079e60d 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,13 +5,17 @@ _docker_systemd_service_need_daemon_reload: false _docker_systemd_service_need_restart: false -- name: "Docker systemd service | Import install.yml" - ansible.builtin.include_tasks: install.yml - when: docker_systemd_service_state != "absent" +- name: "Docker systemd service | Import configure.yml" + ansible.builtin.include_tasks: configure.yml -- name: "Docker systemd service | Import uninstall.yml" - ansible.builtin.include_tasks: uninstall.yml - when: docker_systemd_service_state == "absent" +- name: "Docker systemd service | Populate service facts" + ansible.builtin.service_facts: + +- name: "Docker systemd service | Set restart-check variable" + ansible.builtin.set_fact: + _docker_systemd_service_need_restart: true + when: + - ansible_facts.services[docker_systemd_service_name~'.service'].state != 'running' - name: "Docker systemd service | Enable service: {{ docker_systemd_service_name }}" ansible.builtin.service: @@ -28,4 +32,6 @@ name: "{{ docker_systemd_service_name }}" state: restarted throttle: 1 - when: _docker_systemd_service_need_restart + when: + - _docker_systemd_service_need_restart + - docker_systemd_service_start diff --git a/tasks/uninstall.yml b/tasks/uninstall.yml deleted file mode 100644 index 9faf8d3..0000000 --- a/tasks/uninstall.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -# task/uninstall file for docker_systemd_service -- name: "Remove ENV file(s) for service(s)" - ansible.builtin.file: - path: "{{ docker_systemd_service_sysconf_dir }}/{{ docker_systemd_service_container_name }}" - state: absent - -- name: "Disable and stop service(s)" - ansible.builtin.systemd: - name: '{{ docker_systemd_service_name }}.service' - enabled: false - state: stopped - -- name: "Remove unit file(s) for service(s)" - ansible.builtin.file: - path: /etc/systemd/system/{{ docker_systemd_service_name }}.service - state: absent - -- name: "Reload systemd units" - ansible.builtin.systemd: - daemon_reload: true - changed_when: false -- 2.45.2 From 56f74786aa2b6986897dfea0da57d87088e2e4aa Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sat, 9 Nov 2024 14:06:07 +0100 Subject: [PATCH 8/8] ci: fix custom flags tests, add different image values --- molecule/with_custom_flags/group_vars/all.yml | 2 +- molecule/with_custom_flags/verify.yml | 2 +- molecule/with_custom_flags_os/verify.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/molecule/with_custom_flags/group_vars/all.yml b/molecule/with_custom_flags/group_vars/all.yml index 3b75768..800a15e 100644 --- a/molecule/with_custom_flags/group_vars/all.yml +++ b/molecule/with_custom_flags/group_vars/all.yml @@ -1,6 +1,6 @@ --- docker_systemd_service_container_name: "nginx" -docker_systemd_service_image: nginx +docker_systemd_service_image: nginx:1.27 docker_systemd_service_container_env: TEST_ENV: test docker_systemd_service_container_pull_image: false diff --git a/molecule/with_custom_flags/verify.yml b/molecule/with_custom_flags/verify.yml index 6e80eef..502939e 100644 --- a/molecule/with_custom_flags/verify.yml +++ b/molecule/with_custom_flags/verify.yml @@ -62,7 +62,7 @@ --privileged \ --network "host" \ --cap-add "NET_ADMIN" \ - nginx + nginx:1.27 ExecStop=/usr/bin/docker stop nginx SyslogIdentifier=nginx Restart=always diff --git a/molecule/with_custom_flags_os/verify.yml b/molecule/with_custom_flags_os/verify.yml index d043f00..2d12e07 100644 --- a/molecule/with_custom_flags_os/verify.yml +++ b/molecule/with_custom_flags_os/verify.yml @@ -62,7 +62,7 @@ --privileged \ --network "host" \ --cap-add "NET_ADMIN" \ - nginx + nginx:1.27 ExecStop=/usr/bin/docker stop nginx SyslogIdentifier=nginx Restart=always -- 2.45.2