ansible-roles/manage_repositories
ansible-roles/manage_repositories
4
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

moved testing to ansible, added debian 12 support and gitea actions
Some checks failed
test / Linting (push) Failing after 30s
Details
test / Molecule tests (default, debian11) (push) Has been skipped
Details
test / Molecule tests (default, debian12) (push) Has been skipped
Details
test / Molecule tests (default, ubuntu2004) (push) Has been skipped
Details
test / Molecule tests (default, ubuntu2204) (push) Has been skipped
Details
test / Molecule tests (with_custom_repo, debian11) (push) Has been skipped
Details
test / Molecule tests (with_custom_repo, debian12) (push) Has been skipped
Details
test / Molecule tests (with_custom_repo, ubuntu2004) (push) Has been skipped
Details
test / Molecule tests (with_custom_repo, ubuntu2204) (push) Has been skipped
Details

Browse Source
This commit is contained in:
Bertrand Lanson 2023-07-01 21:01:53 +02:00
parent 7f4591cdaf
commit a6888be545
13 changed files with 218 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
.gitea/workflows/test.yml Normal file
View File

@ -0,0 +1,52 @@
---
name: test
on: [push]
jobs:
lint:
name: Linting
runs-on: ubuntu-latest
container:
image: git.ednz.fr/container-factory/ansible-runner:act-latest
credentials:
username: ${{ secrets.ACTIONS_USER }}
password: ${{ secrets.ACTIONS_TOKEN }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: "Ansible lint"
run: ansible-lint --force-color
working-directory: ${{ gitea.workspace }}
- name: "YAML lint"
run: yamllint . -f colored -c .yamllint
working-directory: ${{ gitea.workspace }}
molecule-test:
name: Molecule tests
runs-on: ubuntu-latest
needs: lint
container:
image: git.ednz.fr/container-factory/ansible-runner:act-latest
credentials:
username: ${{ secrets.ACTIONS_USER }}
password: ${{ secrets.ACTIONS_TOKEN }}
strategy:
matrix:
test_os: [debian11, debian12, ubuntu2004, ubuntu2204]
scenario: [default, with_custom_repo]
env:
ANSIBLE_HOST_KEY_CHECKING: 'false'
ANSIBLE_FORCE_COLOR: 'true'
ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
steps:
- name: Checkout
uses: actions/checkout@v3
- name: "Molecule test"
run: molecule test -s ${{ matrix.scenario }}
shell: bash
working-directory: ${{ gitea.workspace }}
env:
MOLECULE_TEST_OS: ${{ matrix.test_os }}

82
.gitlab-ci.yml
View File

@ -1,82 +0,0 @@
---
stages:
- verify
- test-default
- test-with-custom-repo
image:
name: registry.ednz.fr/forge/ansible-runner
variables:
ANSIBLE_HOST_KEY_CHECKING: 'false'
ANSIBLE_FORCE_COLOR: 'true'
ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
DOCKER_AUTH_CONFIG: $CI_DOCKER_AUTH_CONFIG
.stage-test-default:
stage: test-default
.stage-test-with-custom-repo:
stage: test-with-custom-repo
.variables-ubuntu-2004:
variables:
MOLECULE_TEST_OS: "ubuntu2004"
.variables-ubuntu-2204:
variables:
MOLECULE_TEST_OS: "ubuntu2204"
.variables-debian-11:
variables:
MOLECULE_TEST_OS: "debian11"
.script-molecule-test-default:
script:
- molecule test
.script-molecule-test-with-custom-repo:
script:
- molecule test -s with_custom_repo
ansible-verify:
stage: verify
script:
- yamllint . -c .yamllint
- ansible-lint
ansible-test-ubuntu-2004-default:
extends:
- .stage-test-default
- .variables-ubuntu-2004
- .script-molecule-test-default
ansible-test-ubuntu-2204-default:
extends:
- .stage-test-default
- .variables-ubuntu-2204
- .script-molecule-test-default
ansible-test-debian-11-default:
extends:
- .stage-test-default
- .variables-debian-11
- .script-molecule-test-default
ansible-test-ubuntu-2004-with-custom-repo:
extends:
- .stage-test-with-custom-repo
- .variables-ubuntu-2004
- .script-molecule-test-with-custom-repo
ansible-test-ubuntu-2204-with-custom-repo:
extends:
- .stage-test-with-custom-repo
- .variables-ubuntu-2204
- .script-molecule-test-with-custom-repo
ansible-test-debian-11-with-custom-repo:
extends:
- .stage-test-with-custom-repo
- .variables-debian-11
- .script-molecule-test-with-custom-repo

2
LICENSE
View File

@ -1,6 +1,6 @@
The MIT License (MIT) The MIT License (MIT)
Copyright (c) 2017 Jeff Geerling Copyright (c) 2017 Bertrand Lanson
Permission is hereby granted, free of charge, to any person obtaining a copy of Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in this software and associated documentation files (the "Software"), to deal in

4
README.md
View File

@ -1,6 +1,6 @@
Manage repositories manage_repositories
========= =========
> This repository is only a mirror. Development and testing is done on a private gitlab server. > This repository is only a mirror. Development and testing is done on a private gitea server.
This role enables you to manage repositories on **debian-based** distributions. It can be used on its own , or be called by other roles the configure repositories on demand. This role enables you to manage repositories on **debian-based** distributions. It can be used on its own , or be called by other roles the configure repositories on demand.

1
meta/main.yml
View File

@ -15,6 +15,7 @@ galaxy_info:
- name: Debian - name: Debian
versions: versions:
- bullseye - bullseye
- bookworm
galaxy_tags: galaxy_tags:
- 'ubuntu' - 'ubuntu'
- 'debian' - 'debian'

2
molecule/default/molecule.yml
View File

@ -20,7 +20,7 @@ provisioner:
defaults: defaults:
remote_tmp: /tmp/.ansible remote_tmp: /tmp/.ansible
verifier: verifier:
name: testinfra name: ansible
scenario: scenario:
name: default name: default
test_sequence: test_sequence:

22
molecule/default/tests/conftest.py
View File

@ -1,22 +0,0 @@
"""PyTest Fixtures."""
from __future__ import absolute_import
import os
import pytest
def pytest_runtest_setup(item):
"""Run tests only when under molecule with testinfra installed."""
try:
import testinfra
except ImportError:
pytest.skip("Test requires testinfra", allow_module_level=True)
if "MOLECULE_INVENTORY_FILE" in os.environ:
pytest.testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
else:
pytest.skip(
"Test should run only from inside molecule.", allow_module_level=True
)

34
molecule/default/tests/test_default.py
View File

@ -1,34 +0,0 @@
"""Role testing files using testinfra."""
def test_hosts_file(host):
"""Validate /etc/hosts file."""
etc_hosts = host.file("/etc/hosts")
assert etc_hosts.exists
assert etc_hosts.user == "root"
assert etc_hosts.group == "root"
def test_source_list_default(host):
"""Validate /etc/apt/sources.list file."""
etc_apt_sources_list_default = host.file("/etc/apt/sources.list")
dist_os = host.system_info.distribution
dist_codename = host.system_info.codename
assert etc_apt_sources_list_default.exists
assert etc_apt_sources_list_default.user == "root"
assert etc_apt_sources_list_default.group == "root"
assert etc_apt_sources_list_default.mode == 0o644
if dist_os == "debian":
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian " + dist_codename + " main contrib")
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian " + dist_codename + "-updates main contrib")
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian-security " + dist_codename + "-security main contrib")
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian " + dist_codename + "-backports main")
elif dist_os == "ubuntu":
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + " main restricted universe multiverse")
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + "-updates main restricted universe multiverse")
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + "-security main restricted universe multiverse")
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + "-backports main restricted universe multiverse")
def test_source_list_custom(host):
"""Validate /etc/apt/sources.list.d/custom.list file does not exist."""
etc_apt_sources_list_custom = host.file("/etc/apt/sources.list.d/custom.list")
assert not etc_apt_sources_list_custom.exists

58
molecule/default/verify.yml Normal file
View File

@ -0,0 +1,58 @@
---
- name: Verify
hosts: all
gather_facts: true
tasks:
- name: "Test: file /etc/hosts"
block:
- name: "Stat file /etc/hosts"
ansible.builtin.stat:
path: "/etc/hosts"
register: stat_etc_hosts
- name: "Verify file /etc/hosts"
ansible.builtin.assert:
that:
- stat_etc_hosts.stat.exists
- stat_etc_hosts.stat.isreg
- stat_etc_hosts.stat.pw_name == 'root'
- stat_etc_hosts.stat.gr_name == 'root'
- name: "Test: file /etc/apt/sources.list"
block:
- name: "Stat file /etc/apt/sources.list"
ansible.builtin.stat:
path: "/etc/apt/sources.list"
register: stat_etc_apt_sources_list
- name: "Slurp file /etc/apt/sources.list"
ansible.builtin.slurp:
src: "/etc/apt/sources.list"
register: slurp_etc_apt_sources_list
- name: "Verify file /etc/apt/sources.list"
ansible.builtin.assert:
that:
- stat_etc_apt_sources_list.stat.exists
- stat_etc_apt_sources_list.stat.isreg
- stat_etc_apt_sources_list.stat.pw_name == 'root'
- stat_etc_apt_sources_list.stat.gr_name == 'root'
- stat_etc_apt_sources_list.stat.mode == '0644'
- name: "Verify file /etc/apt/sources.list"
ansible.builtin.assert:
that:
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + ' main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-updates main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-security main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-backports main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
when: (ansible_distribution|lower) == 'ubuntu'
- name: "Verify file /etc/apt/sources.list"
ansible.builtin.assert:
that:
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + ' main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + '-updates main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://deb.debian.org/debian-security ' + ansible_distribution_release + '-security main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + '-backports main') in (slurp_etc_apt_sources_list.content|b64decode)"
when: (ansible_distribution|lower) == 'debian'

2
molecule/with_custom_repo/molecule.yml
View File

@ -20,7 +20,7 @@ provisioner:
defaults: defaults:
remote_tmp: /tmp/.ansible remote_tmp: /tmp/.ansible
verifier: verifier:
name: testinfra name: ansible
scenario: scenario:
name: with_custom_repo name: with_custom_repo
test_sequence: test_sequence:

22
molecule/with_custom_repo/tests/conftest.py
View File

@ -1,22 +0,0 @@
"""PyTest Fixtures."""
from __future__ import absolute_import
import os
import pytest
def pytest_runtest_setup(item):
"""Run tests only when under molecule with testinfra installed."""
try:
import testinfra
except ImportError:
pytest.skip("Test requires testinfra", allow_module_level=True)
if "MOLECULE_INVENTORY_FILE" in os.environ:
pytest.testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
else:
pytest.skip(
"Test should run only from inside molecule.", allow_module_level=True
)

46
molecule/with_custom_repo/tests/test_default.py
View File

@ -1,46 +0,0 @@
"""Role testing files using testinfra."""
def test_hosts_file(host):
"""Validate /etc/hosts file."""
etc_hosts = host.file("/etc/hosts")
assert etc_hosts.exists
assert etc_hosts.user == "root"
assert etc_hosts.group == "root"
def test_source_list_default(host):
"""Validate /etc/apt/sources.list file."""
etc_apt_sources_list_default = host.file("/etc/apt/sources.list")
dist_os = host.system_info.distribution
dist_codename = host.system_info.codename
assert etc_apt_sources_list_default.exists
assert etc_apt_sources_list_default.user == "root"
assert etc_apt_sources_list_default.group == "root"
assert etc_apt_sources_list_default.mode == 0o644
if dist_os == "debian":
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian " + dist_codename + " main contrib")
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian " + dist_codename + "-updates main contrib")
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian-security " + dist_codename + "-security main contrib")
assert etc_apt_sources_list_default.contains("deb http://deb.debian.org/debian " + dist_codename + "-backports main")
elif dist_os == "ubuntu":
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + " main restricted universe multiverse")
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + "-updates main restricted universe multiverse")
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + "-security main restricted universe multiverse")
assert etc_apt_sources_list_default.contains("deb http://fr.archive.ubuntu.com/ubuntu " + dist_codename + "-backports main restricted universe multiverse")
def test_source_list_custom(host):
"""Validate /etc/apt/sources.list.d/custom.list file."""
etc_apt_sources_list_custom = host.file("/etc/apt/sources.list.d").listdir()
dist_os = host.system_info.distribution
dist_codename = host.system_info.codename
for file in etc_apt_sources_list_custom:
list_file = host.file("/etc/apt/sources.list.d/" + file)
if list_file.is_file:
assert list_file.exists
assert list_file.user == "root"
assert list_file.group == "root"
assert list_file.mode == 0o644
if file == "docker.list":
assert list_file.contains(r'deb \[signed-by=/usr/share/keyrings/docker-archive-keyring.asc\] https://download.docker.com/linux/' + dist_os + ' ' + dist_codename + ' stable')
elif file == "hashicorp.list":
assert list_file.contains(r'deb \[signed-by=/usr/share/keyrings/hashicorp-archive-keyring.asc\] https://apt.releases.hashicorp.com ' + dist_codename + ' main')

101
molecule/with_custom_repo/verify.yml Normal file
View File

@ -0,0 +1,101 @@
---
- name: Verify
hosts: all
gather_facts: true
tasks:
- name: "Test: file /etc/hosts"
block:
- name: "Stat file /etc/hosts"
ansible.builtin.stat:
path: "/etc/hosts"
register: stat_etc_hosts
- name: "Verify file /etc/hosts"
ansible.builtin.assert:
that:
- stat_etc_hosts.stat.exists
- stat_etc_hosts.stat.isreg
- stat_etc_hosts.stat.pw_name == 'root'
- stat_etc_hosts.stat.gr_name == 'root'
- name: "Test: file /etc/apt/sources.list"
block:
- name: "Stat file /etc/apt/sources.list"
ansible.builtin.stat:
path: "/etc/apt/sources.list"
register: stat_etc_apt_sources_list
- name: "Slurp file /etc/apt/sources.list"
ansible.builtin.slurp:
src: "/etc/apt/sources.list"
register: slurp_etc_apt_sources_list
- name: "Verify file /etc/apt/sources.list"
ansible.builtin.assert:
that:
- stat_etc_apt_sources_list.stat.exists
- stat_etc_apt_sources_list.stat.isreg
- stat_etc_apt_sources_list.stat.pw_name == 'root'
- stat_etc_apt_sources_list.stat.gr_name == 'root'
- stat_etc_apt_sources_list.stat.mode == '0644'
- name: "Verify file /etc/apt/sources.list"
ansible.builtin.assert:
that:
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + ' main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-updates main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-security main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-backports main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
when: (ansible_distribution|lower) == 'ubuntu'
- name: "Verify file /etc/apt/sources.list"
ansible.builtin.assert:
that:
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + ' main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + '-updates main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://deb.debian.org/debian-security ' + ansible_distribution_release + '-security main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + '-backports main') in (slurp_etc_apt_sources_list.content|b64decode)"
when: (ansible_distribution|lower) == 'debian'
- name: "Test: directory /etc/apt/sources.list.d"
block:
- name: "Find in directory /etc/apt/sources.list.d"
ansible.builtin.find:
paths: /etc/apt/sources.list.d
file_type: file
register: find_etc_apt_sources_list_d
- name: "Stat in directory /etc/apt/sources.list.d"
ansible.builtin.stat:
path: "{{ item.path }}"
loop: "{{ find_etc_apt_sources_list_d.files }}"
register: stat_etc_apt_sources_list_d
- name: "Slurp in directory /etc/apt/sources.list.d"
ansible.builtin.slurp:
src: "{{ item.path }}"
loop: "{{ find_etc_apt_sources_list_d.files }}"
register: slurp_etc_apt_sources_list_d
- name: "Verify file /etc/apt/sources.list.d/docker.list"
ansible.builtin.assert:
that:
- item.item.isreg
- item.item.pw_name == 'root'
- item.item.gr_name == 'root'
- item.item.mode == '0644'
- "(item.content|b64decode) in ('deb [signed-by=/usr/share/keyrings/docker-archive-keyring.asc] https://download.docker.com/linux/' + (ansible_distribution|lower) + ' ' + ansible_distribution_release + ' stable\\n')"
loop: "{{ slurp_etc_apt_sources_list_d.results }}"
when: (item.item.path | basename | splitext | first) == 'docker'
- name: "Verify file /etc/apt/sources.list.d/hashicorp.list"
ansible.builtin.assert:
that:
- item.item.isreg
- item.item.pw_name == 'root'
- item.item.gr_name == 'root'
- item.item.mode == '0644'
- "(item.content|b64decode) in ('deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.asc] https://apt.releases.hashicorp.com ' + ansible_distribution_release + ' main\\n')"
loop: "{{ slurp_etc_apt_sources_list_d.results }}"
when: (item.item.path | basename | splitext | first) == 'hashicorp'