feat: add become: true to not rely on ansible.cfg, add vagrant tests for later

handlers/main.yml

@@ -4,11 +4,13 @@
   ansible.builtin.service:
     name: docker
     enabled: true
+  become: true
   listen: "systemctl-enable-docker"
 
 - name: "Reload docker service"
   ansible.builtin.service:
     name: docker
     state: reloaded
+  become: true
   listen: "systemctl-reload-docker"
   when: install_docker_start_service

molecule/default_vagrant/converge.yml

@@ -0,0 +1,7 @@
+---
+- name: Converge
+  hosts: all
+  tasks:
+    - name: "Include ednxzu.install_docker"
+      ansible.builtin.include_role:
+        name: "ednxzu.install_docker"

molecule/default_vagrant/molecule.yml

@@ -0,0 +1,35 @@
+---
+dependency:
+  name: galaxy
+  options:
+    requirements-file: ./requirements.yml
+driver:
+  name: vagrant
+  provider:
+    name: libvirt
+platforms:
+  - name: instance
+    box: generic/${MOLECULE_TEST_OS}
+    cpus: 4
+    memory: 4096
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp/.ansible
+verifier:
+  name: ansible
+scenario:
+  name: default_vagrant
+  test_sequence:
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - verify
+    - cleanup
+    - destroy

molecule/default_vagrant/prepare.yml

@@ -0,0 +1,12 @@
+---
+- name: Prepare
+  hosts: all
+  tasks:
+    - name: "Install pip3 packages"
+      ansible.builtin.include_role:
+        name: ednxzu.manage_apt_packages
+      vars:
+        manage_apt_packages_list:
+          - name: python3-pip
+            version: latest
+            state: present

molecule/default_vagrant/requirements.yml

@@ -0,0 +1,5 @@
+---
+# requirements file for molecule
+roles:
+  - name: ednxzu.manage_repositories
+  - name: ednxzu.manage_apt_packages

molecule/default_vagrant/verify.yml

@@ -0,0 +1,115 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: "Test: file /etc/hosts"
+      block:
+        - name: "Stat file /etc/hosts"
+          ansible.builtin.stat:
+            path: "/etc/hosts"
+          register: stat_etc_hosts
+
+        - name: "Verify file /etc/hosts"
+          vars:
+            etc_hosts_group:
+              ubuntu: "adm"
+              debian: "root"
+          ansible.builtin.assert:
+            that:
+              - stat_etc_hosts.stat.exists
+              - stat_etc_hosts.stat.isreg
+              - stat_etc_hosts.stat.pw_name == 'root'
+              - stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)]
+
+    - name: "Test: service docker"
+      block:
+        - name: "Get service docker"
+          ansible.builtin.service_facts:
+
+        - name: "Stat file /lib/systemd/system/docker.service"
+          ansible.builtin.stat:
+            path: "/lib/systemd/system/docker.service"
+          register: stat_lib_systemd_system_docker_service
+
+        - name: "Verify service docker"
+          ansible.builtin.assert:
+            that:
+              - stat_lib_systemd_system_docker_service.stat.exists
+              - stat_lib_systemd_system_docker_service.stat.isreg
+              - stat_lib_systemd_system_docker_service.stat.pw_name == 'root'
+              - stat_lib_systemd_system_docker_service.stat.gr_name == 'root'
+              - stat_lib_systemd_system_docker_service.stat.mode == '0644'
+              - ansible_facts.services['docker.service'] is defined
+              - ansible_facts.services['docker.service']['source'] == 'systemd'
+              - ansible_facts.services['docker.service']['state'] == 'running'
+              - ansible_facts.services['docker.service']['status'] == 'enabled'
+
+    - name: "Test: file /etc/docker/daemon.json"
+      block:
+        - name: "Stat directory /etc/docker"
+          ansible.builtin.stat:
+            path: "/etc/docker"
+          register: stat_etc_docker
+
+        - name: "Stat file /etc/docker/daemon.json"
+          ansible.builtin.stat:
+            path: "/etc/docker/daemon.json"
+          register: stat_etc_docker_docker_json
+
+        - name: "Slurp file /etc/docker/daemon.json"
+          ansible.builtin.slurp:
+            src: "/etc/docker/daemon.json"
+          register: slurp_etc_docker_docker_json
+
+        - name: "Verify directory /etc/docker"
+          ansible.builtin.assert:
+            that:
+              - stat_etc_docker.stat.exists
+              - stat_etc_docker.stat.isdir
+              - stat_etc_docker.stat.pw_name == 'root'
+              - stat_etc_docker.stat.gr_name == 'root'
+              - stat_etc_docker.stat.mode == '0755'
+              - stat_etc_docker_docker_json.stat.exists
+              - stat_etc_docker_docker_json.stat.isreg
+              - stat_etc_docker_docker_json.stat.pw_name == 'root'
+              - stat_etc_docker_docker_json.stat.gr_name == 'root'
+              - stat_etc_docker_docker_json.stat.mode == '0644'
+              - (slurp_etc_docker_docker_json.content|b64decode) == '{}'
+
+    - name: "Test: interaction docker"
+      block:
+        - name: "Command docker ps"
+          ansible.builtin.command: "docker ps"
+          changed_when: false
+          become: true
+          register: docker_ps
+
+        - name: "Verify docker interaction"
+          ansible.builtin.assert:
+            that:
+              - docker_ps.stdout == 'CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES'
+
+    - name: "Test: file /usr/local/bin/docker-compose"
+      block:
+        - name: "Stat file /usr/local/bin/docker-compose"
+          ansible.builtin.stat:
+            path: "/usr/local/bin/docker-compose"
+          register: stat_url_local_bin_docker_compose
+
+        - name: "Verify file /usr/local/bin/docker-compose"
+          ansible.builtin.assert:
+            that:
+              - not stat_url_local_bin_docker_compose.stat.exists
+
+    - name: "Test: python package docker"
+      block:
+        - name: "Command pip3 list"
+          ansible.builtin.command: "pip3 list -o"
+          changed_when: false
+          register: pip3_list
+
+        - name: "Verify python package docker"
+          ansible.builtin.assert:
+            that:
+              - "'docker' not in pip3_list"

molecule/with_custom_config_vagrant/converge.yml

@@ -0,0 +1,7 @@
+---
+- name: Converge
+  hosts: all
+  tasks:
+    - name: "Include ednxzu.install_docker"
+      ansible.builtin.include_role:
+        name: "ednxzu.install_docker"

molecule/with_custom_config_vagrant/group_vars/all.yml

@@ -0,0 +1,11 @@
+---
+install_docker_edition: ce # can be ce or ee (community or enterprise)
+install_docker_auto_update: true
+install_docker_start_service: true
+install_docker_compose: true
+install_docker_compose_version: latest
+install_docker_python_packages: true
+install_docker_python_packages_version: latest
+install_docker_users: []
+install_docker_daemon_options:
+  data-root: "/opt/docker"

molecule/with_custom_config_vagrant/molecule.yml

@@ -0,0 +1,35 @@
+---
+dependency:
+  name: galaxy
+  options:
+    requirements-file: ./requirements.yml
+driver:
+  name: vagrant
+  provider:
+    name: libvirt
+platforms:
+  - name: instance
+    box: generic/${MOLECULE_TEST_OS}
+    cpus: 4
+    memory: 4096
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      remote_tmp: /tmp/.ansible
+verifier:
+  name: ansible
+scenario:
+  name: with_custom_config_vagrant
+  test_sequence:
+    - dependency
+    - cleanup
+    - destroy
+    - syntax
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - verify
+    - cleanup
+    - destroy

molecule/with_custom_config_vagrant/prepare.yml

@@ -0,0 +1,12 @@
+---
+- name: Prepare
+  hosts: all
+  tasks:
+    - name: "Install pip3 packages"
+      ansible.builtin.include_role:
+        name: ednxzu.manage_apt_packages
+      vars:
+        manage_apt_packages_list:
+          - name: python3-pip
+            version: latest
+            state: present

molecule/with_custom_config_vagrant/requirements.yml

@@ -0,0 +1,5 @@
+---
+# requirements file for molecule
+roles:
+  - name: ednxzu.manage_repositories
+  - name: ednxzu.manage_apt_packages

molecule/with_custom_config_vagrant/verify.yml

@@ -0,0 +1,125 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: true
+  tasks:
+    - name: "Test: file /etc/hosts"
+      block:
+        - name: "Stat file /etc/hosts"
+          ansible.builtin.stat:
+            path: "/etc/hosts"
+          register: stat_etc_hosts
+
+        - name: "Verify file /etc/hosts"
+          vars:
+            etc_hosts_group:
+              ubuntu: "adm"
+              debian: "root"
+          ansible.builtin.assert:
+            that:
+              - stat_etc_hosts.stat.exists
+              - stat_etc_hosts.stat.isreg
+              - stat_etc_hosts.stat.pw_name == 'root'
+              - stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)]
+
+    - name: "Test: service docker"
+      block:
+        - name: "Get service docker"
+          ansible.builtin.service_facts:
+
+        - name: "Stat file /lib/systemd/system/docker.service"
+          ansible.builtin.stat:
+            path: "/lib/systemd/system/docker.service"
+          register: stat_lib_systemd_system_docker_service
+
+        - name: "Verify service docker"
+          ansible.builtin.assert:
+            that:
+              - stat_lib_systemd_system_docker_service.stat.exists
+              - stat_lib_systemd_system_docker_service.stat.isreg
+              - stat_lib_systemd_system_docker_service.stat.pw_name == 'root'
+              - stat_lib_systemd_system_docker_service.stat.gr_name == 'root'
+              - stat_lib_systemd_system_docker_service.stat.mode == '0644'
+              - ansible_facts.services['docker.service'] is defined
+              - ansible_facts.services['docker.service']['source'] == 'systemd'
+              - ansible_facts.services['docker.service']['state'] == 'running'
+              - ansible_facts.services['docker.service']['status'] == 'enabled'
+
+    - name: "Test: file /etc/docker/daemon.json"
+      block:
+        - name: "Stat directory /etc/docker"
+          ansible.builtin.stat:
+            path: "/etc/docker"
+          register: stat_etc_docker
+
+        - name: "Stat file /etc/docker/daemon.json"
+          ansible.builtin.stat:
+            path: "/etc/docker/daemon.json"
+          register: stat_etc_docker_docker_json
+
+        - name: "Slurp file /etc/docker/daemon.json"
+          ansible.builtin.slurp:
+            src: "/etc/docker/daemon.json"
+          register: slurp_etc_docker_docker_json
+
+        - name: "Verify directory /etc/docker"
+          ansible.builtin.assert:
+            that:
+              - stat_etc_docker.stat.exists
+              - stat_etc_docker.stat.isdir
+              - stat_etc_docker.stat.pw_name == 'root'
+              - stat_etc_docker.stat.gr_name == 'root'
+              - stat_etc_docker.stat.mode == '0755'
+              - stat_etc_docker_docker_json.stat.exists
+              - stat_etc_docker_docker_json.stat.isreg
+              - stat_etc_docker_docker_json.stat.pw_name == 'root'
+              - stat_etc_docker_docker_json.stat.gr_name == 'root'
+              - stat_etc_docker_docker_json.stat.mode == '0644'
+              - "'\"data-root\": \"/opt/docker\"' in (slurp_etc_docker_docker_json.content|b64decode)"
+
+    - name: "Test: interaction docker"
+      block:
+        - name: "Command docker ps"
+          ansible.builtin.command: "docker ps"
+          changed_when: false
+          become: true
+          register: docker_ps
+
+        - name: "Verify docker interaction"
+          ansible.builtin.assert:
+            that:
+              - docker_ps.stdout == 'CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES'
+
+    - name: "Test: file /usr/local/bin/docker-compose"
+      block:
+        - name: "Stat file /usr/local/bin/docker-compose"
+          ansible.builtin.stat:
+            path: "/usr/local/bin/docker-compose"
+          register: stat_url_local_bin_docker_compose
+
+        - name: "Command docker-compose --version"
+          ansible.builtin.command: "docker-compose --version"
+          changed_when: false
+          register: docker_compose_version
+
+        - name: "Verify file /usr/local/bin/docker-compose"
+          ansible.builtin.assert:
+            that:
+              - docker_compose_version.stdout | regex_search('^Docker Compose version v\\d+\\.\\d+\\.\\d+$')
+              - stat_url_local_bin_docker_compose.stat.exists
+              - stat_url_local_bin_docker_compose.stat.isreg
+              - stat_url_local_bin_docker_compose.stat.pw_name == 'root'
+              - stat_url_local_bin_docker_compose.stat.gr_name == 'root'
+              - stat_url_local_bin_docker_compose.stat.mode == '0755'
+
+    - name: "Test: python package docker"
+      block:
+        - name: "Command pip3 list"
+          ansible.builtin.command: "pip3 list"
+          changed_when: false
+          register: pip3_list
+
+        - name: "Verify python package docker"
+          ansible.builtin.assert:
+            that:
+              - "'docker' in pip3_list.stdout"

tasks/configure.yml

@@ -6,6 +6,7 @@
     groups: "{{ install_docker_group }}"
     append: true
   loop: "{{ install_docker_users }}"
+  become: true
 
 - name: "Copy daemon.json template"
   ansible.builtin.template:
@@ -14,6 +15,7 @@
     owner: root
     group: root
     mode: '0644'
+  become: true
   notify:
     - "systemctl-enable-docker"
     - "systemctl-reload-docker"

tasks/install_compose.yml

@@ -14,6 +14,7 @@
   check_mode: false
   changed_when: false
   failed_when: false
+  become: true
 
 - name: "Set facts for wanted compose release"
   ansible.builtin.set_fact:
@@ -34,6 +35,7 @@
   register: _docker_compose_binary_removed
   when: install_docker_compose_current_version is defined
     and install_docker_compose_wanted_version not in install_docker_compose_current_version
+  become: true
 
 - name: "Download and install compose:{{ install_docker_compose_version }}"
   ansible.builtin.get_url:
@@ -44,3 +46,4 @@
     mode: '0755'
   when: (install_docker_compose_current_version is not defined)
     or (_docker_compose_binary_removed.changed)
+  become: true

tasks/prerequisites.yml

@@ -4,6 +4,7 @@
   ansible.builtin.group:
     name: "{{ install_docker_group }}"
     state: present
+  become: true
 
 - name: "Create directory {{ install_docker_daemon_dir }}"
   ansible.builtin.file:
@@ -12,3 +13,4 @@
     owner: root
     group: root
     mode: '0755'
+  become: true