diff --git a/roles/dependencies/README.md b/roles/dependencies/README.md
index 7ebf6474b9752db92e9a45c13c92b1beff12c47c..9407b61855099fc5ead3ac89df86479ed3145f0b 100644
--- a/roles/dependencies/README.md
+++ b/roles/dependencies/README.md
@@ -10,15 +10,37 @@ The original code used can be found at: [https://github.com/geerlingguy/ansible-
## Requirements
- To have [ansible](https://docs.ansible.com/ansible/latest/installation_guide/installation_distros.html) installed at your system.
-- Set your **remote_user** configuration at the **ansible.cfg** file.
-- Set your **inventories/host_vars/<TARGET_NAME>** file.
+
+
+## Configuration
+You need to set some configuration for this to work
+- ### ansible.cfg
+ You have to edit the **ansible.cfg** file to your needs for accessing your target.
+ - #### remote_user
+ You need to set the **remote_user** configuration for accessing the target host.
+
+ Example: [remote_user](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg#L227)
+
+- ### HOST_VARS
+ In order to access your target host, you need to create/edit your **inventories/host_vars/<YOUR_HOST_NAME>.yml**
+ - #### ansible_become_pass
+ You need to set the **sudo** password from the user setted on **remote_user** for installing packages and etc. at the target.
+
+ Example: [ansible_become_pass](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/host_vars/example_server.yml#L5)
+
+- ### HOSTS
+ You need to provide a **group** in which your target belongs to with the same name setted for **inventories/host_vars/<YOUR_HOST_NAME>.yml**.
+
+ There you can add/edit the target address/IP.
+
+ Example: [hosts](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/hosts)
## Role Variables
Here are the variables setted:
- ### From: inventories/host_vars/<TARGET_NAME>
Here are the variables that you should be changing for your own deployment.
- - **docker_users**: DEFAULT="test-user"
+ - **docker_users**: DEFAULT="[test-user]"
- The users to be added to the docker group.
- These users should should contain at least the same user setted on **ansible.cfg** at the **remote_user**
- **ansible_become_pass**: DEFAULT="Please change this"
@@ -78,33 +100,61 @@ This role have no dependency from any another role.
## Example Playbook
- ### Using the provided example
- For using the example playbook **playbooks/examples/example_02_dependencies.yml** file you only need to:
- - Change the user at the **ansible.cfg** file at the field **remote_user** for acessing your target.
- - Update the file **inventories/host_vars/example_server.yml** and change the value for **ansible_become_pass** from the **remote_user**
- - Update the **inventories/hosts** file and change the **example_server** with the IP address from your target.
+ For using the example playbook **[playbooks/examples/example_02_dependencies.yml](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/playbooks/examples/example_02_dependencies.yml)** file you only need to:
+ - Change the user at the **[ansible.cfg](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg)** file at the field **[remote_user](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg#L227)** for acessing your target.
+ - Update the file **[inventories/host_vars/example_server.yml](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/host_vars/example_server.yml)** and change the value for **[ansible_become_pass](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/host_vars/example_server.yml#L5)** from the **[remote_user](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg#L227)**
+ - Update the **[inventories/hosts](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/hosts)** file and change the **[example_server](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/hosts#L2)** with the IP address from your target.
- And run the command:
-```bash
-ansible-playbook -i inventories/hosts playbooks/examples/example_02_dependencies.yml
-```
+ And run the command:
+ ```bash
+ ansible-playbook -i inventories/hosts playbooks/examples/example_02_dependencies.yml
+ ```
- ### Setting your own example
After setting your variables at **inventories/host_vars/<HOST_NAME>**, you can add this role to your playbook as a regular role.
Here is an example using the **<HOST_NAME>** as **test_servers**
-```yaml
-- hosts:
- - test_servers
- roles:
- - dependencies
-```
+ ```yaml
+ - hosts:
+ - test_servers
+ roles:
+ - dependencies
+ ```
And call the playbook as:
-```bash
-ansible-playbook -i <INVENTORY> <PLAYBOOK_NAME>.yml
-```
+ ```bash
+ ansible-playbook -i <INVENTORY> <PLAYBOOK_NAME>.yml
+ ```
+
+## Testing
+You can test this locally using **DIND (docker in docker)** at your own computer using [ansible molecule](https://ansible.readthedocs.io/projects/molecule/installation/)
+
+- ### Testing requirements
+ You need docker installed at your system and the [ansible molecule](https://ansible.readthedocs.io/projects/molecule/installation/).
+
+ You might have to set DIND at your system, for linux, you can create the file **/etc/docker/daemon.json**
+
+ And add the content and restart docker.
+
+ ```json
+ {
+ "exec-opts": ["native.cgroupdriver=systemd"],
+ "features": {
+ "buildkit": true
+ },
+ "experimental": true,
+ "cgroup-parent": "docker.slice"
+ }
+ ```
+
+- ### Using molecule
+ Just go to the root of the role **roles/dependencies** and run the command:
+
+ ```bash
+ molecule test
+ ```
## License
diff --git a/roles/dependencies/defaults/main.yml b/roles/dependencies/defaults/main.yml
index 8513b6656ef859a3366edb8c9fc0be48d8df4390..8215573e85d68e6e1be98582c06a5dd83aa6c5fe 100644
--- a/roles/dependencies/defaults/main.yml
+++ b/roles/dependencies/defaults/main.yml
@@ -8,6 +8,9 @@
# This should be the password from the deployment user setted on ansible.cfg
ansible_become_pass: "UPDATE THIS FOR THE HOSTS"
+# A list of users who will be added to the docker group.
+docker_users: []
+
###
### install_packages.yml
###
@@ -21,6 +24,7 @@ os_dependencies_packages:
###
### install_docker.yml
###
+docker_installed: false
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_packages:
@@ -81,8 +85,5 @@ docker_yum_repo_enable_nightly: '0'
docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
-# A list of users who will be added to the docker group.
-docker_users: []
-
# Docker daemon options as a dict
docker_daemon_options: {}
diff --git a/roles/dependencies/molecule/README.md b/roles/dependencies/molecule/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..62fcb93fa69d8a69081bd688fea9a000b1340107
--- /dev/null
+++ b/roles/dependencies/molecule/README.md
@@ -0,0 +1,46 @@
+## ansible molecule tests for role: dependencies
+
+
+
+## Why to use it
+It's allways a good idea to test your things.
+
+With **ansible molecule** you can test your role locally without the need of using a **real server** but a local **docker container**.
+
+## Dependencies
+
+- ### molecule
+ You need to have [ansible molecule](https://ansible.readthedocs.io/projects/molecule/installation/) installed.
+
+- ### DIND (docker in docker)
+ For using the tests, you will to have **docker** installed locally and and set it for using **DIND (docker in docker)**
+
+
+ - ### DIND linux
+ You have to create/edit the file **/etc/docker/daemon.json** with the content:
+
+ ```json
+ {
+ "exec-opts": ["native.cgroupdriver=systemd"],
+ "features": {
+ "buildkit": true
+ },
+ "experimental": true,
+ "cgroup-parent": "docker.slice"
+ }
+ ```
+
+
+## Configuration
+There's not much for configuring for using the tests
+
+## Running the tests
+For running the **molecule tests** you just need to run the command:
+
+```bash
+molecule test
+```
+
+
+
+Here you can find how to run the
diff --git a/roles/dependencies/molecule/default/converge.yml b/roles/dependencies/molecule/default/converge.yml
new file mode 100644
index 0000000000000000000000000000000000000000..22530a7d1df5425f566839a9805bc192a08285f9
--- /dev/null
+++ b/roles/dependencies/molecule/default/converge.yml
@@ -0,0 +1,35 @@
+---
+
+- name: MOLECULE | Converge
+ hosts: all
+ pre_tasks:
+ - name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../defaults
+ ansible.builtin.include_vars:
+ dir: ../../defaults
+ depth: 1
+ extensions:
+ - 'yml'
+
+ - name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../vars
+ ansible.builtin.include_vars:
+ dir: ../../vars
+ depth: 1
+ extensions:
+ - 'yml'
+
+ - name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../../../inventories/group_vars
+ ansible.builtin.include_vars:
+ dir: ../../../../inventories/group_vars
+ extensions:
+ - 'yml'
+
+ - name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../../../inventories/host_vars
+ ansible.builtin.include_vars:
+ dir: ../../../../inventories/host_vars
+ extensions:
+ - 'yml'
+
+ tasks:
+ - name: MOLECULE | CONVERGE | Call the 'dependencies' role.
+ ansible.builtin.include_role:
+ name: dependencies
diff --git a/roles/dependencies/molecule/default/molecule.yml b/roles/dependencies/molecule/default/molecule.yml
new file mode 100644
index 0000000000000000000000000000000000000000..cbd61d519013582cc5a352afce62bf81fa07c64e
--- /dev/null
+++ b/roles/dependencies/molecule/default/molecule.yml
@@ -0,0 +1,68 @@
+---
+
+dependency:
+ name: galaxy
+
+driver:
+ name: docker
+
+platforms:
+ - name: molecule_dependencies
+ ### At the moment I'm not running at the latest kernel, please use always with a older kernel than the host
+ # image: docker.io/geerlingguy/docker-ubuntu2204-ansible
+ image: geerlingguy/docker-ubuntu2204-ansible:latest
+ command: /usr/sbin/init
+ pre_build_image: true
+ cgroupns_mode: host
+ privileged: true
+ volumes:
+ - /sys/fs/cgroup:/sys/fs/cgroup:rw
+ - /var/lib/containerd
+
+provisioner:
+ name: ansible
+
+lint: |
+ ansible-lint --exclude molecule/default/
+
+scenario:
+ name: default
+ create_sequence:
+ - dependency
+ - create
+ - prepare
+ check_sequence:
+ - dependency
+ - cleanup
+ - destroy
+ - create
+ - prepare
+ - converge
+ - check
+ - destroy
+ converge_sequence:
+ - dependency
+ - create
+ - prepare
+ - converge
+ destroy_sequence:
+ - dependency
+ - cleanup
+ - destroy
+ test_sequence:
+ # - lint
+ # - dependency
+ # - cleanup
+ - destroy
+ - syntax
+ - create
+ # - prepare
+ - converge
+ - verify
+ - idempotence
+ # - side_effect
+ # - cleanup
+ - destroy
+
+verifier:
+ name: ansible
diff --git a/roles/dependencies/molecule/default/verify.yml b/roles/dependencies/molecule/default/verify.yml
new file mode 100644
index 0000000000000000000000000000000000000000..1f6bab342012e2d46c741b5803d2b30908086c16
--- /dev/null
+++ b/roles/dependencies/molecule/default/verify.yml
@@ -0,0 +1,117 @@
+---
+
+- name: VERIFY | Test role for debugging variables
+ hosts: all
+ vars:
+ package_name_docker: 'docker'
+ package_name_docker_ce: 'docker-ce'
+ package_name_docker_compose: 'docker-compose'
+ package_name_docker_compose_plugin: 'docker-compose-plugin'
+
+ pre_tasks:
+ - name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../defaults
+ ansible.builtin.include_vars:
+ dir: ../../defaults
+ depth: 1
+ extensions:
+ - 'yml'
+
+ - name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../vars
+ ansible.builtin.include_vars:
+ dir: ../../vars
+ depth: 1
+ extensions:
+ - 'yml'
+
+ - name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../../../inventories/group_vars
+ ansible.builtin.include_vars:
+ dir: ../../../../inventories/group_vars
+ extensions:
+ - 'yml'
+
+ - name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../../../inventories/host_vars
+ ansible.builtin.include_vars:
+ dir: ../../../../inventories/host_vars
+ extensions:
+ - 'yml'
+
+ tasks:
+ ###
+ ### POPULATE
+ ###
+ - name: MOLECULE | VERIFY | POPULATE | Gather the package facts
+ ansible.builtin.package_facts:
+ manager: auto
+
+ # - name: MOLECULE | VERIFY | POPULATE | Gather service facts
+ # ansible.builtin.service_facts:
+
+ ###
+ ### TESTS - PACKAGES
+ ###
+ - name: MOLECULE | VERIFY | TEST | Check that the packages from 'os_dependencies_packages' are installed.
+ ansible.builtin.debug:
+ msg: "Package: '{{ package_name }}' is installed"
+ loop: "{{ os_dependencies_packages }}"
+ loop_control:
+ loop_var: package_name
+ failed_when: package_name not in ansible_facts.packages
+
+ - name: MOLECULE | VERIFY | TEST | Check that docker is installed.
+ ansible.builtin.debug:
+ msg: "Package: 'docker' is installed"
+ failed_when:
+ - package_name_docker not in ansible_facts.packages
+ - package_name_docker_ce not in ansible_facts.packages
+
+ - name: MOLECULE | VERIFY | TEST | Check that docker-compose is installed.
+ ansible.builtin.debug:
+ msg: "Package: 'docker-cokmpose' is installed"
+ failed_when:
+ - package_name_docker_compose not in ansible_facts.packages
+ - package_name_docker_compose_plugin not in ansible_facts.packages
+
+ ###
+ ### TESTS - DOCKER
+ ###
+ - name: MOLECULE | VERIFY | TEST | Get docker service state.
+ ansible.builtin.systemd:
+ name: "docker"
+ register: docker_service
+
+ - name: MOLECULE | VERIFY | TEST | Check that docker is running.
+ ansible.builtin.debug:
+ msg: "Docker IS running..."
+ failed_when: "'active' != docker_service.status.ActiveState"
+
+ ###
+ ### TESTS - ADDED USERS
+ ###
+ - name: MOLECULE | VERIFY | TEST | Get added users infos.
+ ansible.builtin.user:
+ name: "{{ item }}"
+ loop: "{{ docker_users }}"
+ check_mode: true
+ register: test_users
+
+ - name: MOLECULE | VERIFY | TEST | Check if users exists
+ ansible.builtin.debug:
+ msg: "User {{ item.item }} {{ 'exists' if item.state | d('') == 'present' else 'does not exist' }}"
+ loop: "{{ test_users.results }}"
+ loop_control:
+ label: "{{ item.item }}"
+
+ - name: MOLECULE | VERIFY | TEST | Get the groups that the users belongs to.
+ ansible.builtin.command:
+ cmd: "id -Gn {{ item.item }}"
+ loop: "{{ test_users.results }}"
+ loop_control:
+ label: "{{ item.item }}"
+ register: user_groups
+ changed_when: false
+
+ - name: MOLECULE | VERIFY | TEST | Check that the users are at the 'docker' group.
+ ansible.builtin.debug:
+ msg: "User '{{ item.item.item }}' belongs to the docker group"
+ with_items: "{{ user_groups.results }}"
+ failed_when: "'docker' not in item.stdout"
diff --git a/roles/dependencies/tasks/main.yml b/roles/dependencies/tasks/main.yml
index 1da7500823187e8985fc74a20d481a752ae2190c..25bbb59e00dd938ff5ecd1a57d65e39cd97e2f2b 100644
--- a/roles/dependencies/tasks/main.yml
+++ b/roles/dependencies/tasks/main.yml
@@ -4,5 +4,18 @@
- name: Importing the 'install_packages.yml' tasks
ansible.builtin.import_tasks: install_packages.yml
-- name: Importing the 'install_docker.yml' tasks
+- name: Get docker service state.
+ ansible.builtin.systemd:
+ name: "docker"
+ register: docker_service
+
+- name: Set fact if docker already installed and active.
+ ansible.builtin.set_fact:
+ docker_installed: true
+ when:
+ - docker_service is defined
+ - "'active' == docker_service.status.ActiveState"
+
+- name: Importing the 'install_docker.yml' tasks if docker not installed.
ansible.builtin.import_tasks: install_docker.yml
+ when: docker_installed | bool is false
diff --git a/roles/test/README.md b/roles/test/README.md
index 123e54580ff8dba8c32568eb02b387aa00211109..f2cf0d1f36d975c5f7004360698ea6c43b2556d7 100644
--- a/roles/test/README.md
+++ b/roles/test/README.md
@@ -37,7 +37,7 @@ The tests shuold be runned at the root directory from the repository.
### Syntax
```bash
-ansible-playbook --syntax-check -i invenvories/hosts ci-cd/01_test.yml
+ansible-playbook --syntax-check -i invenvories/hosts playbooks/examples/example_01_test.yml
```
### Lint