From b21265400faef3fb337360acdb27f13e82fa0ac5 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Thu, 30 Nov 2023 18:02:40 +0100 Subject: [PATCH] feat: add become: true to not rely on ansible.cfg, add vagrant tests for later --- handlers/main.yml | 2 + molecule/default_vagrant/converge.yml | 7 + molecule/default_vagrant/molecule.yml | 35 +++++ molecule/default_vagrant/prepare.yml | 12 ++ molecule/default_vagrant/requirements.yml | 5 + molecule/default_vagrant/verify.yml | 115 ++++++++++++++++ .../with_custom_config_vagrant/converge.yml | 7 + .../group_vars/all.yml | 11 ++ .../with_custom_config_vagrant/molecule.yml | 35 +++++ .../with_custom_config_vagrant/prepare.yml | 12 ++ .../requirements.yml | 5 + .../with_custom_config_vagrant/verify.yml | 125 ++++++++++++++++++ tasks/configure.yml | 2 + tasks/install_compose.yml | 3 + tasks/prerequisites.yml | 2 + 15 files changed, 378 insertions(+) create mode 100644 molecule/default_vagrant/converge.yml create mode 100644 molecule/default_vagrant/molecule.yml create mode 100644 molecule/default_vagrant/prepare.yml create mode 100644 molecule/default_vagrant/requirements.yml create mode 100644 molecule/default_vagrant/verify.yml create mode 100644 molecule/with_custom_config_vagrant/converge.yml create mode 100644 molecule/with_custom_config_vagrant/group_vars/all.yml create mode 100644 molecule/with_custom_config_vagrant/molecule.yml create mode 100644 molecule/with_custom_config_vagrant/prepare.yml create mode 100644 molecule/with_custom_config_vagrant/requirements.yml create mode 100644 molecule/with_custom_config_vagrant/verify.yml diff --git a/handlers/main.yml b/handlers/main.yml index 2b1b5c5..2e2f446 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -4,11 +4,13 @@ ansible.builtin.service: name: docker enabled: true + become: true listen: "systemctl-enable-docker" - name: "Reload docker service" ansible.builtin.service: name: docker state: reloaded + become: true listen: "systemctl-reload-docker" when: install_docker_start_service diff --git a/molecule/default_vagrant/converge.yml b/molecule/default_vagrant/converge.yml new file mode 100644 index 0000000..3825f52 --- /dev/null +++ b/molecule/default_vagrant/converge.yml @@ -0,0 +1,7 @@ +--- +- name: Converge + hosts: all + tasks: + - name: "Include ednxzu.install_docker" + ansible.builtin.include_role: + name: "ednxzu.install_docker" diff --git a/molecule/default_vagrant/molecule.yml b/molecule/default_vagrant/molecule.yml new file mode 100644 index 0000000..2b02360 --- /dev/null +++ b/molecule/default_vagrant/molecule.yml @@ -0,0 +1,35 @@ +--- +dependency: + name: galaxy + options: + requirements-file: ./requirements.yml +driver: + name: vagrant + provider: + name: libvirt +platforms: + - name: instance + box: generic/${MOLECULE_TEST_OS} + cpus: 4 + memory: 4096 +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp/.ansible +verifier: + name: ansible +scenario: + name: default_vagrant + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + - idempotence + - verify + - cleanup + - destroy diff --git a/molecule/default_vagrant/prepare.yml b/molecule/default_vagrant/prepare.yml new file mode 100644 index 0000000..65cb4bd --- /dev/null +++ b/molecule/default_vagrant/prepare.yml @@ -0,0 +1,12 @@ +--- +- name: Prepare + hosts: all + tasks: + - name: "Install pip3 packages" + ansible.builtin.include_role: + name: ednxzu.manage_apt_packages + vars: + manage_apt_packages_list: + - name: python3-pip + version: latest + state: present diff --git a/molecule/default_vagrant/requirements.yml b/molecule/default_vagrant/requirements.yml new file mode 100644 index 0000000..0a4a9fb --- /dev/null +++ b/molecule/default_vagrant/requirements.yml @@ -0,0 +1,5 @@ +--- +# requirements file for molecule +roles: + - name: ednxzu.manage_repositories + - name: ednxzu.manage_apt_packages diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_vagrant/verify.yml new file mode 100644 index 0000000..47ace28 --- /dev/null +++ b/molecule/default_vagrant/verify.yml @@ -0,0 +1,115 @@ +--- +- name: Verify + hosts: all + gather_facts: true + tasks: + - name: "Test: file /etc/hosts" + block: + - name: "Stat file /etc/hosts" + ansible.builtin.stat: + path: "/etc/hosts" + register: stat_etc_hosts + + - name: "Verify file /etc/hosts" + vars: + etc_hosts_group: + ubuntu: "adm" + debian: "root" + ansible.builtin.assert: + that: + - stat_etc_hosts.stat.exists + - stat_etc_hosts.stat.isreg + - stat_etc_hosts.stat.pw_name == 'root' + - stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)] + + - name: "Test: service docker" + block: + - name: "Get service docker" + ansible.builtin.service_facts: + + - name: "Stat file /lib/systemd/system/docker.service" + ansible.builtin.stat: + path: "/lib/systemd/system/docker.service" + register: stat_lib_systemd_system_docker_service + + - name: "Verify service docker" + ansible.builtin.assert: + that: + - stat_lib_systemd_system_docker_service.stat.exists + - stat_lib_systemd_system_docker_service.stat.isreg + - stat_lib_systemd_system_docker_service.stat.pw_name == 'root' + - stat_lib_systemd_system_docker_service.stat.gr_name == 'root' + - stat_lib_systemd_system_docker_service.stat.mode == '0644' + - ansible_facts.services['docker.service'] is defined + - ansible_facts.services['docker.service']['source'] == 'systemd' + - ansible_facts.services['docker.service']['state'] == 'running' + - ansible_facts.services['docker.service']['status'] == 'enabled' + + - name: "Test: file /etc/docker/daemon.json" + block: + - name: "Stat directory /etc/docker" + ansible.builtin.stat: + path: "/etc/docker" + register: stat_etc_docker + + - name: "Stat file /etc/docker/daemon.json" + ansible.builtin.stat: + path: "/etc/docker/daemon.json" + register: stat_etc_docker_docker_json + + - name: "Slurp file /etc/docker/daemon.json" + ansible.builtin.slurp: + src: "/etc/docker/daemon.json" + register: slurp_etc_docker_docker_json + + - name: "Verify directory /etc/docker" + ansible.builtin.assert: + that: + - stat_etc_docker.stat.exists + - stat_etc_docker.stat.isdir + - stat_etc_docker.stat.pw_name == 'root' + - stat_etc_docker.stat.gr_name == 'root' + - stat_etc_docker.stat.mode == '0755' + - stat_etc_docker_docker_json.stat.exists + - stat_etc_docker_docker_json.stat.isreg + - stat_etc_docker_docker_json.stat.pw_name == 'root' + - stat_etc_docker_docker_json.stat.gr_name == 'root' + - stat_etc_docker_docker_json.stat.mode == '0644' + - (slurp_etc_docker_docker_json.content|b64decode) == '{}' + + - name: "Test: interaction docker" + block: + - name: "Command docker ps" + ansible.builtin.command: "docker ps" + changed_when: false + become: true + register: docker_ps + + - name: "Verify docker interaction" + ansible.builtin.assert: + that: + - docker_ps.stdout == 'CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES' + + - name: "Test: file /usr/local/bin/docker-compose" + block: + - name: "Stat file /usr/local/bin/docker-compose" + ansible.builtin.stat: + path: "/usr/local/bin/docker-compose" + register: stat_url_local_bin_docker_compose + + - name: "Verify file /usr/local/bin/docker-compose" + ansible.builtin.assert: + that: + - not stat_url_local_bin_docker_compose.stat.exists + + - name: "Test: python package docker" + block: + - name: "Command pip3 list" + ansible.builtin.command: "pip3 list -o" + changed_when: false + register: pip3_list + + - name: "Verify python package docker" + ansible.builtin.assert: + that: + - "'docker' not in pip3_list" diff --git a/molecule/with_custom_config_vagrant/converge.yml b/molecule/with_custom_config_vagrant/converge.yml new file mode 100644 index 0000000..3825f52 --- /dev/null +++ b/molecule/with_custom_config_vagrant/converge.yml @@ -0,0 +1,7 @@ +--- +- name: Converge + hosts: all + tasks: + - name: "Include ednxzu.install_docker" + ansible.builtin.include_role: + name: "ednxzu.install_docker" diff --git a/molecule/with_custom_config_vagrant/group_vars/all.yml b/molecule/with_custom_config_vagrant/group_vars/all.yml new file mode 100644 index 0000000..9996b9c --- /dev/null +++ b/molecule/with_custom_config_vagrant/group_vars/all.yml @@ -0,0 +1,11 @@ +--- +install_docker_edition: ce # can be ce or ee (community or enterprise) +install_docker_auto_update: true +install_docker_start_service: true +install_docker_compose: true +install_docker_compose_version: latest +install_docker_python_packages: true +install_docker_python_packages_version: latest +install_docker_users: [] +install_docker_daemon_options: + data-root: "/opt/docker" diff --git a/molecule/with_custom_config_vagrant/molecule.yml b/molecule/with_custom_config_vagrant/molecule.yml new file mode 100644 index 0000000..890cdd0 --- /dev/null +++ b/molecule/with_custom_config_vagrant/molecule.yml @@ -0,0 +1,35 @@ +--- +dependency: + name: galaxy + options: + requirements-file: ./requirements.yml +driver: + name: vagrant + provider: + name: libvirt +platforms: + - name: instance + box: generic/${MOLECULE_TEST_OS} + cpus: 4 + memory: 4096 +provisioner: + name: ansible + config_options: + defaults: + remote_tmp: /tmp/.ansible +verifier: + name: ansible +scenario: + name: with_custom_config_vagrant + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + - idempotence + - verify + - cleanup + - destroy diff --git a/molecule/with_custom_config_vagrant/prepare.yml b/molecule/with_custom_config_vagrant/prepare.yml new file mode 100644 index 0000000..65cb4bd --- /dev/null +++ b/molecule/with_custom_config_vagrant/prepare.yml @@ -0,0 +1,12 @@ +--- +- name: Prepare + hosts: all + tasks: + - name: "Install pip3 packages" + ansible.builtin.include_role: + name: ednxzu.manage_apt_packages + vars: + manage_apt_packages_list: + - name: python3-pip + version: latest + state: present diff --git a/molecule/with_custom_config_vagrant/requirements.yml b/molecule/with_custom_config_vagrant/requirements.yml new file mode 100644 index 0000000..0a4a9fb --- /dev/null +++ b/molecule/with_custom_config_vagrant/requirements.yml @@ -0,0 +1,5 @@ +--- +# requirements file for molecule +roles: + - name: ednxzu.manage_repositories + - name: ednxzu.manage_apt_packages diff --git a/molecule/with_custom_config_vagrant/verify.yml b/molecule/with_custom_config_vagrant/verify.yml new file mode 100644 index 0000000..e7e9c29 --- /dev/null +++ b/molecule/with_custom_config_vagrant/verify.yml @@ -0,0 +1,125 @@ +--- +- name: Verify + hosts: all + gather_facts: true + tasks: + - name: "Test: file /etc/hosts" + block: + - name: "Stat file /etc/hosts" + ansible.builtin.stat: + path: "/etc/hosts" + register: stat_etc_hosts + + - name: "Verify file /etc/hosts" + vars: + etc_hosts_group: + ubuntu: "adm" + debian: "root" + ansible.builtin.assert: + that: + - stat_etc_hosts.stat.exists + - stat_etc_hosts.stat.isreg + - stat_etc_hosts.stat.pw_name == 'root' + - stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)] + + - name: "Test: service docker" + block: + - name: "Get service docker" + ansible.builtin.service_facts: + + - name: "Stat file /lib/systemd/system/docker.service" + ansible.builtin.stat: + path: "/lib/systemd/system/docker.service" + register: stat_lib_systemd_system_docker_service + + - name: "Verify service docker" + ansible.builtin.assert: + that: + - stat_lib_systemd_system_docker_service.stat.exists + - stat_lib_systemd_system_docker_service.stat.isreg + - stat_lib_systemd_system_docker_service.stat.pw_name == 'root' + - stat_lib_systemd_system_docker_service.stat.gr_name == 'root' + - stat_lib_systemd_system_docker_service.stat.mode == '0644' + - ansible_facts.services['docker.service'] is defined + - ansible_facts.services['docker.service']['source'] == 'systemd' + - ansible_facts.services['docker.service']['state'] == 'running' + - ansible_facts.services['docker.service']['status'] == 'enabled' + + - name: "Test: file /etc/docker/daemon.json" + block: + - name: "Stat directory /etc/docker" + ansible.builtin.stat: + path: "/etc/docker" + register: stat_etc_docker + + - name: "Stat file /etc/docker/daemon.json" + ansible.builtin.stat: + path: "/etc/docker/daemon.json" + register: stat_etc_docker_docker_json + + - name: "Slurp file /etc/docker/daemon.json" + ansible.builtin.slurp: + src: "/etc/docker/daemon.json" + register: slurp_etc_docker_docker_json + + - name: "Verify directory /etc/docker" + ansible.builtin.assert: + that: + - stat_etc_docker.stat.exists + - stat_etc_docker.stat.isdir + - stat_etc_docker.stat.pw_name == 'root' + - stat_etc_docker.stat.gr_name == 'root' + - stat_etc_docker.stat.mode == '0755' + - stat_etc_docker_docker_json.stat.exists + - stat_etc_docker_docker_json.stat.isreg + - stat_etc_docker_docker_json.stat.pw_name == 'root' + - stat_etc_docker_docker_json.stat.gr_name == 'root' + - stat_etc_docker_docker_json.stat.mode == '0644' + - "'\"data-root\": \"/opt/docker\"' in (slurp_etc_docker_docker_json.content|b64decode)" + + - name: "Test: interaction docker" + block: + - name: "Command docker ps" + ansible.builtin.command: "docker ps" + changed_when: false + become: true + register: docker_ps + + - name: "Verify docker interaction" + ansible.builtin.assert: + that: + - docker_ps.stdout == 'CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES' + + - name: "Test: file /usr/local/bin/docker-compose" + block: + - name: "Stat file /usr/local/bin/docker-compose" + ansible.builtin.stat: + path: "/usr/local/bin/docker-compose" + register: stat_url_local_bin_docker_compose + + - name: "Command docker-compose --version" + ansible.builtin.command: "docker-compose --version" + changed_when: false + register: docker_compose_version + + - name: "Verify file /usr/local/bin/docker-compose" + ansible.builtin.assert: + that: + - docker_compose_version.stdout | regex_search('^Docker Compose version v\\d+\\.\\d+\\.\\d+$') + - stat_url_local_bin_docker_compose.stat.exists + - stat_url_local_bin_docker_compose.stat.isreg + - stat_url_local_bin_docker_compose.stat.pw_name == 'root' + - stat_url_local_bin_docker_compose.stat.gr_name == 'root' + - stat_url_local_bin_docker_compose.stat.mode == '0755' + + - name: "Test: python package docker" + block: + - name: "Command pip3 list" + ansible.builtin.command: "pip3 list" + changed_when: false + register: pip3_list + + - name: "Verify python package docker" + ansible.builtin.assert: + that: + - "'docker' in pip3_list.stdout" diff --git a/tasks/configure.yml b/tasks/configure.yml index 8405372..13d7103 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -6,6 +6,7 @@ groups: "{{ install_docker_group }}" append: true loop: "{{ install_docker_users }}" + become: true - name: "Copy daemon.json template" ansible.builtin.template: @@ -14,6 +15,7 @@ owner: root group: root mode: '0644' + become: true notify: - "systemctl-enable-docker" - "systemctl-reload-docker" diff --git a/tasks/install_compose.yml b/tasks/install_compose.yml index c630394..1fd0914 100644 --- a/tasks/install_compose.yml +++ b/tasks/install_compose.yml @@ -14,6 +14,7 @@ check_mode: false changed_when: false failed_when: false + become: true - name: "Set facts for wanted compose release" ansible.builtin.set_fact: @@ -34,6 +35,7 @@ register: _docker_compose_binary_removed when: install_docker_compose_current_version is defined and install_docker_compose_wanted_version not in install_docker_compose_current_version + become: true - name: "Download and install compose:{{ install_docker_compose_version }}" ansible.builtin.get_url: @@ -44,3 +46,4 @@ mode: '0755' when: (install_docker_compose_current_version is not defined) or (_docker_compose_binary_removed.changed) + become: true diff --git a/tasks/prerequisites.yml b/tasks/prerequisites.yml index 7136fb4..5836247 100644 --- a/tasks/prerequisites.yml +++ b/tasks/prerequisites.yml @@ -4,6 +4,7 @@ ansible.builtin.group: name: "{{ install_docker_group }}" state: present + become: true - name: "Create directory {{ install_docker_daemon_dir }}" ansible.builtin.file: @@ -12,3 +13,4 @@ owner: root group: root mode: '0755' + become: true