ansible-roles/renew_consul_certificates
ansible-roles/renew_consul_certificates
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: remove become from role
All checks were successful
test / Linting (push) Successful in 35s
Details
test / Molecule tests (default, debian12) (push) Successful in 1m14s
Details
test / Molecule tests (default, ubuntu2004) (push) Successful in 1m29s
Details
test / Molecule tests (default, ubuntu2204) (push) Successful in 1m22s
Details
test / Molecule tests (with_custom_config, debian11) (push) Successful in 1m15s
Details
test / Molecule tests (with_custom_config, ubuntu2004) (push) Successful in 1m28s
Details
test / Molecule tests (with_custom_config, ubuntu2204) (push) Successful in 1m31s
Details
test / Molecule tests (with_custom_config, debian12) (push) Successful in 3m14s
Details
test / Molecule tests (default, debian11) (push) Successful in 1m11s
Details

Browse Source
This commit is contained in:
Bertrand Lanson 2023-12-03 18:16:39 +01:00
parent 6a0feba8d8
commit 90a958fba0
15 changed files with 16 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
handlers/main.yml
View File

@ -3,20 +3,17 @@
- name: "Reload service file" - name: "Reload service file"
ansible.builtin.systemd: ansible.builtin.systemd:
daemon_reload: true daemon_reload: true
become: true
listen: "systemctl-daemon-reload" listen: "systemctl-daemon-reload"
- name: "Enable consul-certs service" - name: "Enable consul-certs service"
ansible.builtin.service: ansible.builtin.service:
name: consul-certs name: consul-certs
enabled: true enabled: true
become: true
listen: "systemctl-enable-consul-certs" listen: "systemctl-enable-consul-certs"
- name: "Start consul-certs service" - name: "Start consul-certs service"
ansible.builtin.service: ansible.builtin.service:
name: consul-certs name: consul-certs
state: restarted state: restarted
become: true
listen: "systemctl-restart-consul-certs" listen: "systemctl-restart-consul-certs"
when: renew_consul_certificates_start_service when: renew_consul_certificates_start_service

1
molecule/default/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_consul_certificates" - name: "Include ednxzu.renew_consul_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/default/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group consul" - name: "Create group consul"
ansible.builtin.group: ansible.builtin.group:
name: "consul" name: "consul"
state: present state: present
become: true
- name: "Create user consul" - name: "Create user consul"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "consul" group: "consul"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

6
molecule/default/verify.yml
View File

@ -2,6 +2,7 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/consul" - name: "Test: directory /etc/consul-template.d/consul"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/consul/consul_config.hcl" src: "/etc/consul-template.d/consul/consul_config.hcl"
register: slurp_etc_consul_template_d_consul_consul_config_hcl register: slurp_etc_consul_template_d_consul_consul_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/consul" - name: "Verify directory /etc/consul-template.d/consul"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_consul_templates.files }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/consul-certs.service" src: "/etc/systemd/system/consul-certs.service"
register: slurp_etc_systemd_system_consul_certs_service register: slurp_etc_systemd_system_consul_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service consul-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_consul_certs_service.stat.exists - stat_etc_systemd_system_consul_certs_service.stat.exists

1
molecule/default_vagrant/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_consul_certificates" - name: "Include ednxzu.renew_consul_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/default_vagrant/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group consul" - name: "Create group consul"
ansible.builtin.group: ansible.builtin.group:
name: "consul" name: "consul"
state: present state: present
become: true
- name: "Create user consul" - name: "Create user consul"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "consul" group: "consul"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

6
molecule/default_vagrant/verify.yml
View File

@ -2,6 +2,7 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/consul" - name: "Test: directory /etc/consul-template.d/consul"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/consul/consul_config.hcl" src: "/etc/consul-template.d/consul/consul_config.hcl"
register: slurp_etc_consul_template_d_consul_consul_config_hcl register: slurp_etc_consul_template_d_consul_consul_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/consul" - name: "Verify directory /etc/consul-template.d/consul"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_consul_templates.files }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/consul-certs.service" src: "/etc/systemd/system/consul-certs.service"
register: slurp_etc_systemd_system_consul_certs_service register: slurp_etc_systemd_system_consul_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service consul-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_consul_certs_service.stat.exists - stat_etc_systemd_system_consul_certs_service.stat.exists

1
molecule/with_custom_config/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_consul_certificates" - name: "Include ednxzu.renew_consul_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/with_custom_config/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group consul" - name: "Create group consul"
ansible.builtin.group: ansible.builtin.group:
name: "consul" name: "consul"
state: present state: present
become: true
- name: "Create user consul" - name: "Create user consul"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "consul" group: "consul"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

6
molecule/with_custom_config/verify.yml
View File

@ -2,6 +2,7 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/consul" - name: "Test: directory /etc/consul-template.d/consul"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/consul/consul_config.hcl" src: "/etc/consul-template.d/consul/consul_config.hcl"
register: slurp_etc_consul_template_d_consul_consul_config_hcl register: slurp_etc_consul_template_d_consul_consul_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/consul" - name: "Verify directory /etc/consul-template.d/consul"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_consul_templates.files }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/consul-certs.service" src: "/etc/systemd/system/consul-certs.service"
register: slurp_etc_systemd_system_consul_certs_service register: slurp_etc_systemd_system_consul_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service consul-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_consul_certs_service.stat.exists - stat_etc_systemd_system_consul_certs_service.stat.exists

1
molecule/with_custom_config_vagrant/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_consul_certificates" - name: "Include ednxzu.renew_consul_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/with_custom_config_vagrant/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group consul" - name: "Create group consul"
ansible.builtin.group: ansible.builtin.group:
name: "consul" name: "consul"
state: present state: present
become: true
- name: "Create user consul" - name: "Create user consul"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "consul" group: "consul"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

6
molecule/with_custom_config_vagrant/verify.yml
View File

@ -2,6 +2,7 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/consul" - name: "Test: directory /etc/consul-template.d/consul"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/consul/consul_config.hcl" src: "/etc/consul-template.d/consul/consul_config.hcl"
register: slurp_etc_consul_template_d_consul_consul_config_hcl register: slurp_etc_consul_template_d_consul_consul_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/consul" - name: "Verify directory /etc/consul-template.d/consul"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_consul_templates.files }}" loop: "{{ find_etc_consul_template_d_consul_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/consul/templates/consul_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/consul-certs.service" src: "/etc/systemd/system/consul-certs.service"
register: slurp_etc_systemd_system_consul_certs_service register: slurp_etc_systemd_system_consul_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service consul-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_consul_certs_service.stat.exists - stat_etc_systemd_system_consul_certs_service.stat.exists

2
tasks/configure.yml
View File

@ -1,7 +1,6 @@
--- ---
# task/configure file for renew_consul_certificates # task/configure file for renew_consul_certificates
- name: "Configure files for consul certificate renewal" - name: "Configure files for consul certificate renewal"
become: true
notify: notify:
- "systemctl-enable-consul-certs" - "systemctl-enable-consul-certs"
- "systemctl-restart-consul-certs" - "systemctl-restart-consul-certs"
@ -39,7 +38,6 @@
mode: '0600' mode: '0600'
- name: "Configure consul-certs systemd service" - name: "Configure consul-certs systemd service"
become: true
notify: notify:
- "systemctl-daemon-reload" - "systemctl-daemon-reload"
block: block:

3
tasks/prerequisites.yml
View File

@ -7,7 +7,6 @@
owner: "{{ renew_consul_certificates_consul_user }}" owner: "{{ renew_consul_certificates_consul_user }}"
group: "{{ renew_consul_certificates_consul_group }}" group: "{{ renew_consul_certificates_consul_group }}"
mode: '0755' mode: '0755'
become: true
- name: "Create directory templates directory in {{ renew_consul_certificates_config_dir }}" - name: "Create directory templates directory in {{ renew_consul_certificates_config_dir }}"
ansible.builtin.file: ansible.builtin.file:
@ -16,7 +15,6 @@
owner: "{{ renew_consul_certificates_consul_user }}" owner: "{{ renew_consul_certificates_consul_user }}"
group: "{{ renew_consul_certificates_consul_group }}" group: "{{ renew_consul_certificates_consul_group }}"
mode: '0755' mode: '0755'
become: true
- name: "Ensure certificate/key directory(ies) exist(s)" - name: "Ensure certificate/key directory(ies) exist(s)"
ansible.builtin.file: ansible.builtin.file:
@ -25,7 +23,6 @@
owner: "{{ renew_consul_certificates_consul_user }}" owner: "{{ renew_consul_certificates_consul_user }}"
group: "{{ renew_consul_certificates_consul_group }}" group: "{{ renew_consul_certificates_consul_group }}"
mode: '0755' mode: '0755'
become: true
loop: loop:
- "{{ renew_consul_certificates_cert_dest }}" - "{{ renew_consul_certificates_cert_dest }}"
- "{{ renew_consul_certificates_key_dest }}" - "{{ renew_consul_certificates_key_dest }}"