Bertrand Lanson
cb36ee65f3
All checks were successful
test / Linting (push) Successful in 26s
test / Molecule tests (default, ubuntu2004) (push) Successful in 56s
test / Molecule tests (default, debian11) (push) Successful in 1m22s
test / Molecule tests (default, debian12) (push) Successful in 1m22s
test / Molecule tests (default, ubuntu2204) (push) Successful in 55s
test / Molecule tests (with_custom_repo, debian11) (push) Successful in 41s
test / Molecule tests (with_custom_repo, debian12) (push) Successful in 43s
test / Molecule tests (with_custom_repo, ubuntu2004) (push) Successful in 43s
test / Molecule tests (with_custom_repo, ubuntu2204) (push) Successful in 1m4s
101 lines
5.0 KiB
YAML
101 lines
5.0 KiB
YAML
---
|
|
- name: Verify
|
|
hosts: all
|
|
gather_facts: true
|
|
tasks:
|
|
- name: "Test: file /etc/hosts"
|
|
block:
|
|
- name: "Stat file /etc/hosts"
|
|
ansible.builtin.stat:
|
|
path: "/etc/hosts"
|
|
register: stat_etc_hosts
|
|
|
|
- name: "Verify file /etc/hosts"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- stat_etc_hosts.stat.exists
|
|
- stat_etc_hosts.stat.isreg
|
|
- stat_etc_hosts.stat.pw_name == 'root'
|
|
- stat_etc_hosts.stat.gr_name == 'root'
|
|
|
|
- name: "Test: file /etc/apt/sources.list"
|
|
block:
|
|
- name: "Stat file /etc/apt/sources.list"
|
|
ansible.builtin.stat:
|
|
path: "/etc/apt/sources.list"
|
|
register: stat_etc_apt_sources_list
|
|
|
|
- name: "Slurp file /etc/apt/sources.list"
|
|
ansible.builtin.slurp:
|
|
src: "/etc/apt/sources.list"
|
|
register: slurp_etc_apt_sources_list
|
|
|
|
- name: "Verify file /etc/apt/sources.list"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- stat_etc_apt_sources_list.stat.exists
|
|
- stat_etc_apt_sources_list.stat.isreg
|
|
- stat_etc_apt_sources_list.stat.pw_name == 'root'
|
|
- stat_etc_apt_sources_list.stat.gr_name == 'root'
|
|
- stat_etc_apt_sources_list.stat.mode == '0644'
|
|
|
|
- name: "Verify file /etc/apt/sources.list"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + ' main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-updates main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-security main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
- "('deb http://fr.archive.ubuntu.com/ubuntu ' + ansible_distribution_release + '-backports main restricted universe multiverse') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
when: (ansible_distribution|lower) == 'ubuntu'
|
|
|
|
- name: "Verify file /etc/apt/sources.list"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + ' main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + '-updates main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
- "('deb http://deb.debian.org/debian-security ' + ansible_distribution_release + '-security main contrib') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
- "('deb http://deb.debian.org/debian ' + ansible_distribution_release + '-backports main') in (slurp_etc_apt_sources_list.content|b64decode)"
|
|
when: (ansible_distribution|lower) == 'debian'
|
|
|
|
- name: "Test: directory /etc/apt/sources.list.d"
|
|
block:
|
|
- name: "Find in directory /etc/apt/sources.list.d"
|
|
ansible.builtin.find:
|
|
paths: /etc/apt/sources.list.d
|
|
file_type: file
|
|
register: find_etc_apt_sources_list_d
|
|
|
|
- name: "Stat in directory /etc/apt/sources.list.d"
|
|
ansible.builtin.stat:
|
|
path: "{{ item.path }}"
|
|
loop: "{{ find_etc_apt_sources_list_d.files }}"
|
|
register: stat_etc_apt_sources_list_d
|
|
|
|
- name: "Slurp in directory /etc/apt/sources.list.d"
|
|
ansible.builtin.slurp:
|
|
src: "{{ item.path }}"
|
|
loop: "{{ find_etc_apt_sources_list_d.files }}"
|
|
register: slurp_etc_apt_sources_list_d
|
|
|
|
- name: "Verify file /etc/apt/sources.list.d/docker.list"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- item.item.isreg
|
|
- item.item.pw_name == 'root'
|
|
- item.item.gr_name == 'root'
|
|
- item.item.mode == '0644'
|
|
- "(item.content|b64decode) == ('deb [signed-by=/usr/share/keyrings/docker-archive-keyring.asc] https://download.docker.com/linux/' + (ansible_distribution|lower) + ' ' + ansible_distribution_release + ' stable\\n')"
|
|
loop: "{{ slurp_etc_apt_sources_list_d.results }}"
|
|
when: (item.item.path | basename | splitext | first) == 'docker'
|
|
|
|
- name: "Verify file /etc/apt/sources.list.d/hashicorp.list"
|
|
ansible.builtin.assert:
|
|
that:
|
|
- item.item.isreg
|
|
- item.item.pw_name == 'root'
|
|
- item.item.gr_name == 'root'
|
|
- item.item.mode == '0644'
|
|
- "(item.content|b64decode) == ('deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.asc] https://apt.releases.hashicorp.com ' + ansible_distribution_release + ' main\\n')"
|
|
loop: "{{ slurp_etc_apt_sources_list_d.results }}"
|
|
when: (item.item.path | basename | splitext | first) == 'hashicorp'
|