ansible-roles/renew_nomad_certificates
ansible-roles/renew_nomad_certificates
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: remove become from role
All checks were successful
test / Linting (push) Successful in 41s
Details
test / Molecule tests (default, debian11) (push) Successful in 1m8s
Details
test / Molecule tests (default, debian12) (push) Successful in 1m13s
Details
test / Molecule tests (default, ubuntu2004) (push) Successful in 1m23s
Details
test / Molecule tests (default, ubuntu2204) (push) Successful in 1m25s
Details
test / Molecule tests (with_custom_config, debian11) (push) Successful in 1m16s
Details
test / Molecule tests (with_custom_config, debian12) (push) Successful in 1m11s
Details
test / Molecule tests (with_custom_config, ubuntu2204) (push) Successful in 1m21s
Details
test / Molecule tests (with_custom_config, ubuntu2004) (push) Successful in 1m45s
Details

Browse Source
This commit is contained in:
Bertrand Lanson 2023-12-03 18:20:08 +01:00
parent a4d952ef1a
commit 38717dcd80
15 changed files with 18 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
handlers/main.yml
View File

@ -3,14 +3,12 @@
- name: "Reload service file" - name: "Reload service file"
ansible.builtin.systemd: ansible.builtin.systemd:
daemon_reload: true daemon_reload: true
become: true
listen: "systemctl-daemon-reload" listen: "systemctl-daemon-reload"
- name: "Enable nomad-certs service" - name: "Enable nomad-certs service"
ansible.builtin.service: ansible.builtin.service:
name: nomad-certs name: nomad-certs
enabled: true enabled: true
become: true
listen: "systemctl-enable-nomad-certs" listen: "systemctl-enable-nomad-certs"
- name: "Start nomad-certs service" - name: "Start nomad-certs service"
@ -19,4 +17,3 @@
state: restarted state: restarted
listen: "systemctl-restart-nomad-certs" listen: "systemctl-restart-nomad-certs"
when: renew_nomad_certificates_start_service when: renew_nomad_certificates_start_service
become: true

1
molecule/default/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_nomad_certificates" - name: "Include ednxzu.renew_nomad_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/default/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group nomad" - name: "Create group nomad"
ansible.builtin.group: ansible.builtin.group:
name: "nomad" name: "nomad"
state: present state: present
become: true
- name: "Create user nomad" - name: "Create user nomad"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "nomad" group: "nomad"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

8
molecule/default/verify.yml
View File

@ -1,7 +1,8 @@
--- ---
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: false gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/nomad" - name: "Test: directory /etc/consul-template.d/nomad"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/nomad/nomad_config.hcl" src: "/etc/consul-template.d/nomad/nomad_config.hcl"
register: slurp_etc_consul_template_d_nomad_nomad_config_hcl register: slurp_etc_consul_template_d_nomad_nomad_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/nomad" - name: "Verify directory /etc/consul-template.d/nomad"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/nomad-certs.service" src: "/etc/systemd/system/nomad-certs.service"
register: slurp_etc_systemd_system_nomad_certs_service register: slurp_etc_systemd_system_nomad_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service nomad-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_nomad_certs_service.stat.exists - stat_etc_systemd_system_nomad_certs_service.stat.exists

1
molecule/default_vagrant/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_nomad_certificates" - name: "Include ednxzu.renew_nomad_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/default_vagrant/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group nomad" - name: "Create group nomad"
ansible.builtin.group: ansible.builtin.group:
name: "nomad" name: "nomad"
state: present state: present
become: true
- name: "Create user nomad" - name: "Create user nomad"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "nomad" group: "nomad"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

6
molecule/default_vagrant/verify.yml
View File

@ -2,6 +2,7 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/nomad" - name: "Test: directory /etc/consul-template.d/nomad"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/nomad/nomad_config.hcl" src: "/etc/consul-template.d/nomad/nomad_config.hcl"
register: slurp_etc_consul_template_d_nomad_nomad_config_hcl register: slurp_etc_consul_template_d_nomad_nomad_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/nomad" - name: "Verify directory /etc/consul-template.d/nomad"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/nomad-certs.service" src: "/etc/systemd/system/nomad-certs.service"
register: slurp_etc_systemd_system_nomad_certs_service register: slurp_etc_systemd_system_nomad_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service nomad-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_nomad_certs_service.stat.exists - stat_etc_systemd_system_nomad_certs_service.stat.exists

1
molecule/with_custom_config/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_nomad_certificates" - name: "Include ednxzu.renew_nomad_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/with_custom_config/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group nomad" - name: "Create group nomad"
ansible.builtin.group: ansible.builtin.group:
name: "nomad" name: "nomad"
state: present state: present
become: true
- name: "Create user nomad" - name: "Create user nomad"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "nomad" group: "nomad"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

8
molecule/with_custom_config/verify.yml
View File

@ -1,7 +1,8 @@
--- ---
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: false gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/nomad" - name: "Test: directory /etc/consul-template.d/nomad"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/nomad/nomad_config.hcl" src: "/etc/consul-template.d/nomad/nomad_config.hcl"
register: slurp_etc_consul_template_d_nomad_nomad_config_hcl register: slurp_etc_consul_template_d_nomad_nomad_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/nomad" - name: "Verify directory /etc/consul-template.d/nomad"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/nomad-certs.service" src: "/etc/systemd/system/nomad-certs.service"
register: slurp_etc_systemd_system_nomad_certs_service register: slurp_etc_systemd_system_nomad_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service nomad-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_nomad_certs_service.stat.exists - stat_etc_systemd_system_nomad_certs_service.stat.exists

1
molecule/with_custom_config_vagrant/converge.yml
View File

@ -1,6 +1,7 @@
--- ---
- name: Converge - name: Converge
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Include ednxzu.renew_nomad_certificates" - name: "Include ednxzu.renew_nomad_certificates"
ansible.builtin.include_role: ansible.builtin.include_role:

3
molecule/with_custom_config_vagrant/prepare.yml
View File

@ -1,12 +1,12 @@
--- ---
- name: Prepare - name: Prepare
hosts: all hosts: all
become: true
tasks: tasks:
- name: "Create group nomad" - name: "Create group nomad"
ansible.builtin.group: ansible.builtin.group:
name: "nomad" name: "nomad"
state: present state: present
become: true
- name: "Create user nomad" - name: "Create user nomad"
ansible.builtin.user: ansible.builtin.user:
@ -14,4 +14,3 @@
group: "nomad" group: "nomad"
shell: /bin/false shell: /bin/false
state: present state: present
become: true

6
molecule/with_custom_config_vagrant/verify.yml
View File

@ -2,6 +2,7 @@
- name: Verify - name: Verify
hosts: all hosts: all
gather_facts: true gather_facts: true
become: true
tasks: tasks:
- name: "Test: directory /etc/consul-template.d/nomad" - name: "Test: directory /etc/consul-template.d/nomad"
block: block:
@ -19,7 +20,6 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/consul-template.d/nomad/nomad_config.hcl" src: "/etc/consul-template.d/nomad/nomad_config.hcl"
register: slurp_etc_consul_template_d_nomad_nomad_config_hcl register: slurp_etc_consul_template_d_nomad_nomad_config_hcl
become: true
- name: "Verify directory /etc/consul-template.d/nomad" - name: "Verify directory /etc/consul-template.d/nomad"
ansible.builtin.assert: ansible.builtin.assert:
@ -60,7 +60,6 @@
src: "{{ item.path }}" src: "{{ item.path }}"
loop: "{{ find_etc_consul_template_d_nomad_templates.files }}" loop: "{{ find_etc_consul_template_d_nomad_templates.files }}"
register: slurp_etc_consul_template_d_nomad_templates register: slurp_etc_consul_template_d_nomad_templates
become: true
- name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl" - name: "Verify file /etc/consul-template.d/nomad/templates/nomad_ca.pem.tpl"
vars: vars:
@ -125,9 +124,8 @@
ansible.builtin.slurp: ansible.builtin.slurp:
src: "/etc/systemd/system/nomad-certs.service" src: "/etc/systemd/system/nomad-certs.service"
register: slurp_etc_systemd_system_nomad_certs_service register: slurp_etc_systemd_system_nomad_certs_service
become: true
- name: "Verify service nomad" - name: "Verify service nomad-certs"
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- stat_etc_systemd_system_nomad_certs_service.stat.exists - stat_etc_systemd_system_nomad_certs_service.stat.exists

2
tasks/configure.yml
View File

@ -1,7 +1,6 @@
--- ---
# task/configure file for renew_nomad_certificates # task/configure file for renew_nomad_certificates
- name: "Configure files for nomad certificate renewal" - name: "Configure files for nomad certificate renewal"
become: true
notify: notify:
- "systemctl-enable-nomad-certs" - "systemctl-enable-nomad-certs"
- "systemctl-restart-nomad-certs" - "systemctl-restart-nomad-certs"
@ -45,6 +44,5 @@
owner: root owner: root
group: root group: root
mode: '0644' mode: '0644'
become: true
notify: notify:
- "systemctl-daemon-reload" - "systemctl-daemon-reload"

3
tasks/prerequisites.yml
View File

@ -7,7 +7,6 @@
owner: "{{ renew_nomad_certificates_nomad_user }}" owner: "{{ renew_nomad_certificates_nomad_user }}"
group: "{{ renew_nomad_certificates_nomad_group }}" group: "{{ renew_nomad_certificates_nomad_group }}"
mode: '0755' mode: '0755'
become: true
- name: "Create directory templates directory in {{ renew_nomad_certificates_config_dir }}" - name: "Create directory templates directory in {{ renew_nomad_certificates_config_dir }}"
ansible.builtin.file: ansible.builtin.file:
@ -16,7 +15,6 @@
owner: "{{ renew_nomad_certificates_nomad_user }}" owner: "{{ renew_nomad_certificates_nomad_user }}"
group: "{{ renew_nomad_certificates_nomad_group }}" group: "{{ renew_nomad_certificates_nomad_group }}"
mode: '0755' mode: '0755'
become: true
- name: "Ensure certificate/key directory(ies) exist(s)" - name: "Ensure certificate/key directory(ies) exist(s)"
ansible.builtin.file: ansible.builtin.file:
@ -29,4 +27,3 @@
- "{{ renew_nomad_certificates_cert_dest }}" - "{{ renew_nomad_certificates_cert_dest }}"
- "{{ renew_nomad_certificates_key_dest }}" - "{{ renew_nomad_certificates_key_dest }}"
- "{{ renew_nomad_certificates_ca_dest }}" - "{{ renew_nomad_certificates_ca_dest }}"
become: true