ansible-roles/provision_ansible_user
ansible-roles/provision_ansible_user
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: remove become frome role, fix #1
All checks were successful
test / Linting (push) Successful in 24s
Details
test / Molecule tests (default, debian11) (push) Successful in 33s
Details
test / Molecule tests (default, debian12) (push) Successful in 32s
Details
test / Molecule tests (default, ubuntu2004) (push) Successful in 27s
Details
test / Molecule tests (default, ubuntu2204) (push) Successful in 27s
Details
test / Molecule tests (with_ssh_keys, debian11) (push) Successful in 35s
Details
test / Molecule tests (with_ssh_keys, debian12) (push) Successful in 30s
Details
test / Molecule tests (with_ssh_keys, ubuntu2004) (push) Successful in 30s
Details
test / Molecule tests (with_ssh_keys, ubuntu2204) (push) Successful in 35s
Details

Browse Source
This commit is contained in:
Bertrand Lanson 2023-12-03 18:08:11 +01:00
parent 4b85e03e3e
commit 3f41dbee11
10 changed files with 12 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
molecule/default/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.provision_ansible_user" - name: "Include ednxzu.provision_ansible_user"
ansible.builtin.include_role: ansible.builtin.include_role:

20
molecule/default/verify.yml
View File

@ -1,23 +1,9 @@
--- ---
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: false gather_facts: true
become: true
tasks: tasks:
- name: "Test: file /etc/hosts"
block:
- name: "Stat file /etc/hosts"
ansible.builtin.stat:
path: "/etc/hosts"
register: stat_etc_hosts
- name: "Verify file /etc/hosts"
ansible.builtin.assert:
that:
- stat_etc_hosts.stat.exists
- stat_etc_hosts.stat.isreg
- stat_etc_hosts.stat.pw_name == 'root'
- stat_etc_hosts.stat.gr_name == 'root'
- name: "Test: ansible user and group" - name: "Test: ansible user and group"
block: block:
- name: "Getent user ansible" - name: "Getent user ansible"
@ -48,7 +34,6 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/etc/sudoers.d/ansible" path: "/etc/sudoers.d/ansible"
register: stat_etc_sudoers_d_ansible register: stat_etc_sudoers_d_ansible
become: true
- name: "Verify file /etc/sudoers.d/ansible" - name: "Verify file /etc/sudoers.d/ansible"
ansible.builtin.assert: ansible.builtin.assert:
@ -61,7 +46,6 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/opt/ansible/.ssh/authorized_keys" path: "/opt/ansible/.ssh/authorized_keys"
register: stat_opt_ansible_ssh_authorized_keys register: stat_opt_ansible_ssh_authorized_keys
become: true
- name: "Verify file /opt/ansible/.ssh/authorized_keys" - name: "Verify file /opt/ansible/.ssh/authorized_keys"
ansible.builtin.assert: ansible.builtin.assert:

1
molecule/default_vagrant/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.provision_ansible_user" - name: "Include ednxzu.provision_ansible_user"
ansible.builtin.include_role: ansible.builtin.include_role:

22
molecule/default_vagrant/verify.yml
View File

@ -2,26 +2,8 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: file /etc/hosts"
block:
- name: "Stat file /etc/hosts"
ansible.builtin.stat:
path: "/etc/hosts"
register: stat_etc_hosts
- name: "Verify file /etc/hosts"
vars:
etc_hosts_group:
ubuntu: "adm"
debian: "root"
ansible.builtin.assert:
that:
- stat_etc_hosts.stat.exists
- stat_etc_hosts.stat.isreg
- stat_etc_hosts.stat.pw_name == 'root'
- stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)]
- name: "Test: ansible user and group" - name: "Test: ansible user and group"
block: block:
- name: "Getent user ansible" - name: "Getent user ansible"
@ -52,7 +34,6 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/etc/sudoers.d/ansible" path: "/etc/sudoers.d/ansible"
register: stat_etc_sudoers_d_ansible register: stat_etc_sudoers_d_ansible
become: true
- name: "Verify file /etc/sudoers.d/ansible" - name: "Verify file /etc/sudoers.d/ansible"
ansible.builtin.assert: ansible.builtin.assert:
@ -65,7 +46,6 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/opt/ansible/.ssh/authorized_keys" path: "/opt/ansible/.ssh/authorized_keys"
register: stat_opt_ansible_ssh_authorized_keys register: stat_opt_ansible_ssh_authorized_keys
become: true
- name: "Verify file /opt/ansible/.ssh/authorized_keys" - name: "Verify file /opt/ansible/.ssh/authorized_keys"
ansible.builtin.assert: ansible.builtin.assert:

1
molecule/with_ssh_keys/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.provision_ansible_user" - name: "Include ednxzu.provision_ansible_user"
ansible.builtin.include_role: ansible.builtin.include_role:

22
molecule/with_ssh_keys/verify.yml
View File

@ -1,23 +1,9 @@
--- ---
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: false gather_facts: true
become: true
tasks: tasks:
- name: "Test: file /etc/hosts"
block:
- name: "Stat file /etc/hosts"
ansible.builtin.stat:
path: "/etc/hosts"
register: stat_etc_hosts
- name: "Verify file /etc/hosts"
ansible.builtin.assert:
that:
- stat_etc_hosts.stat.exists
- stat_etc_hosts.stat.isreg
- stat_etc_hosts.stat.pw_name == 'root'
- stat_etc_hosts.stat.gr_name == 'root'
- name: "Test: ansible user and group" - name: "Test: ansible user and group"
block: block:
- name: "Getent user ansible" - name: "Getent user ansible"
@ -48,13 +34,11 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/etc/sudoers.d/ansible" path: "/etc/sudoers.d/ansible"
register: stat_etc_sudoers_d_ansible register: stat_etc_sudoers_d_ansible
become: true
- name: "Slurp file /etc/sudoers.d/ansible" - name: "Slurp file /etc/sudoers.d/ansible"
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/sudoers.d/ansible" src: "/etc/sudoers.d/ansible"
register: slurp_etc_sudoers_d_ansible register: slurp_etc_sudoers_d_ansible
become: true
- name: "Verify file /etc/sudoers.d/ansible" - name: "Verify file /etc/sudoers.d/ansible"
ansible.builtin.assert: ansible.builtin.assert:
@ -72,13 +56,11 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/opt/ansible/.ssh/authorized_keys" path: "/opt/ansible/.ssh/authorized_keys"
register: stat_opt_ansible_ssh_authorized_keys register: stat_opt_ansible_ssh_authorized_keys
become: true
- name: "Slurp file /opt/ansible/.ssh/authorized_keys" - name: "Slurp file /opt/ansible/.ssh/authorized_keys"
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/opt/ansible/.ssh/authorized_keys" src: "/opt/ansible/.ssh/authorized_keys"
register: slurp_opt_ansible_ssh_authorized_keys register: slurp_opt_ansible_ssh_authorized_keys
become: true
- name: "Verify file /opt/ansible/.ssh/authorized_keys" - name: "Verify file /opt/ansible/.ssh/authorized_keys"
ansible.builtin.assert: ansible.builtin.assert:

1
molecule/with_ssh_keys_vagrant/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.provision_ansible_user" - name: "Include ednxzu.provision_ansible_user"
ansible.builtin.include_role: ansible.builtin.include_role:

24
molecule/with_ssh_keys_vagrant/verify.yml
View File

@ -2,26 +2,8 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: file /etc/hosts"
block:
- name: "Stat file /etc/hosts"
ansible.builtin.stat:
path: "/etc/hosts"
register: stat_etc_hosts
- name: "Verify file /etc/hosts"
vars:
etc_hosts_group:
ubuntu: "adm"
debian: "root"
ansible.builtin.assert:
that:
- stat_etc_hosts.stat.exists
- stat_etc_hosts.stat.isreg
- stat_etc_hosts.stat.pw_name == 'root'
- stat_etc_hosts.stat.gr_name == etc_hosts_group[(ansible_distribution|lower)]
- name: "Test: ansible user and group" - name: "Test: ansible user and group"
block: block:
- name: "Getent user ansible" - name: "Getent user ansible"
@ -52,13 +34,11 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/etc/sudoers.d/ansible" path: "/etc/sudoers.d/ansible"
register: stat_etc_sudoers_d_ansible register: stat_etc_sudoers_d_ansible
become: true
- name: "Slurp file /etc/sudoers.d/ansible" - name: "Slurp file /etc/sudoers.d/ansible"
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/sudoers.d/ansible" src: "/etc/sudoers.d/ansible"
register: slurp_etc_sudoers_d_ansible register: slurp_etc_sudoers_d_ansible
become: true
- name: "Verify file /etc/sudoers.d/ansible" - name: "Verify file /etc/sudoers.d/ansible"
ansible.builtin.assert: ansible.builtin.assert:
@ -76,13 +56,11 @@
ansible.builtin.stat: ansible.builtin.stat:
path: "/opt/ansible/.ssh/authorized_keys" path: "/opt/ansible/.ssh/authorized_keys"
register: stat_opt_ansible_ssh_authorized_keys register: stat_opt_ansible_ssh_authorized_keys
become: true
- name: "Slurp file /opt/ansible/.ssh/authorized_keys" - name: "Slurp file /opt/ansible/.ssh/authorized_keys"
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/opt/ansible/.ssh/authorized_keys" src: "/opt/ansible/.ssh/authorized_keys"
register: slurp_opt_ansible_ssh_authorized_keys register: slurp_opt_ansible_ssh_authorized_keys
become: true
- name: "Verify file /opt/ansible/.ssh/authorized_keys" - name: "Verify file /opt/ansible/.ssh/authorized_keys"
ansible.builtin.assert: ansible.builtin.assert:

1
tasks/add_ssh_keys.yml
View File

@ -7,4 +7,3 @@
comment: "{{ provision_ansible_user_name }}@{{ ansible_hostname }}" comment: "{{ provision_ansible_user_name }}@{{ ansible_hostname }}"
key_options: "{{ provision_ansible_user_ssh_key_options }}" key_options: "{{ provision_ansible_user_ssh_key_options }}"
exclusive: "{{ provision_ansible_user_ssh_key_exclusive }}" exclusive: "{{ provision_ansible_user_ssh_key_exclusive }}"
become: true

5
tasks/create_user.yml
View File

@ -5,7 +5,7 @@
name: "{{ provision_ansible_user_group }}" name: "{{ provision_ansible_user_group }}"
state: present state: present
system: "{{ provision_ansible_user_is_system }}" system: "{{ provision_ansible_user_is_system }}"
become: true
- name: "Create user {{ provision_ansible_user_name }}" - name: "Create user {{ provision_ansible_user_name }}"
ansible.builtin.user: ansible.builtin.user:
@ -17,7 +17,7 @@
shell: "{{ provision_ansible_user_shell }}" shell: "{{ provision_ansible_user_shell }}"
system: "{{ provision_ansible_user_is_system }}" system: "{{ provision_ansible_user_is_system }}"
create_home: true create_home: true
become: true
- name: "Add user to sudoers" - name: "Add user to sudoers"
community.general.sudoers: community.general.sudoers:
@ -27,4 +27,3 @@
nopassword: true nopassword: true
setenv: true setenv: true
when: provision_ansible_user_sudoer when: provision_ansible_user_sudoer
become: true