Skip to content
Snippets Groups Projects
Commit c04809f7 authored by fejao's avatar fejao
Browse files

Merge branch 'Setting_molecule_02' into 'main'

Setting molecule 02

See merge request !11
parents f2b0de18 136c38e9
No related branches found
No related tags found
1 merge request!11Setting molecule 02
Pipeline #37464 passed
Showing
with 506 additions and 102 deletions
......@@ -9,6 +9,11 @@
- [x] docker_images
- [x] docker_containers
- [x] Set ansible-lint for the roles.
- [ ] Add molecule tests.
- [x] dependencies
- [ ] clone_repositories
- [ ] docker_images
- [ ] docker_containers
## What is this?
......
......@@ -32,7 +32,7 @@
;become_password_file=
# (pathspec) Colon-separated paths in which Ansible will search for Become Plugins.
;become_plugins=/home/fejao/.ansible/plugins/become:/usr/share/ansible/plugins/become
;become_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/become:/usr/share/ansible/plugins/become
# (string) Chooses which cache plugin to use, the default 'memory' is ephemeral.
;fact_caching=memory
......@@ -54,7 +54,7 @@
# (pathspec) Colon-separated paths in which Ansible will search for collections content. Collections must be in nested *subdirectories*, not directly in these directories. For example, if ``COLLECTIONS_PATHS`` includes ``'{{ ANSIBLE_HOME ~ "/collections" }}'``, and you want to add ``my.collection`` to that directory, it must be saved as ``'{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" }}'``.
;collections_path=/home/fejao/.ansible/collections:/usr/share/ansible/collections
;collections_path=/home/<YOUR_USER_NAME>/.ansible/collections:/usr/share/ansible/collections
# (boolean) A boolean to enable or disable scanning the sys.path for installed collections.
;collections_scan_sys_path=True
......@@ -63,7 +63,7 @@
;connection_password_file=
# (pathspec) Colon-separated paths in which Ansible will search for Action Plugins.
;action_plugins=/home/fejao/.ansible/plugins/action:/usr/share/ansible/plugins/action
;action_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/action:/usr/share/ansible/plugins/action
# (boolean) When enabled, this option allows lookup plugins (whether used in variables as ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked 'unsafe'.
# By default, such data is marked as unsafe to prevent the templating engine from evaluating any jinja2 templating language, as this could represent a security risk. This option is provided to allow for backward compatibility, however, users should first consider adding allow_unsafe=True to any lookups that may be expected to contain data that may be run through the templating engine late.
......@@ -76,16 +76,16 @@
;ask_vault_pass=False
# (pathspec) Colon-separated paths in which Ansible will search for Cache Plugins.
;cache_plugins=/home/fejao/.ansible/plugins/cache:/usr/share/ansible/plugins/cache
;cache_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/cache:/usr/share/ansible/plugins/cache
# (pathspec) Colon-separated paths in which Ansible will search for Callback Plugins.
;callback_plugins=/home/fejao/.ansible/plugins/callback:/usr/share/ansible/plugins/callback
;callback_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/callback:/usr/share/ansible/plugins/callback
# (pathspec) Colon-separated paths in which Ansible will search for Cliconf Plugins.
;cliconf_plugins=/home/fejao/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf
;cliconf_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/cliconf:/usr/share/ansible/plugins/cliconf
# (pathspec) Colon-separated paths in which Ansible will search for Connection Plugins.
;connection_plugins=/home/fejao/.ansible/plugins/connection:/usr/share/ansible/plugins/connection
;connection_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/connection:/usr/share/ansible/plugins/connection
# (boolean) Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug output can also include secret information despite no_log settings being enabled, which means debug mode should not be used in production.
;debug=False
......@@ -100,7 +100,7 @@
;fact_path=
# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Filter Plugins.
;filter_plugins=/home/fejao/.ansible/plugins/filter:/usr/share/ansible/plugins/filter
;filter_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/filter:/usr/share/ansible/plugins/filter
# (boolean) This option controls if notified handlers run on a host even if a failure occurs on that host.
# When false, the handlers will not run if a failure has occurred on a host.
......@@ -140,14 +140,14 @@ inventory=$PWD/inventories/hosts
# inventory=$PWD/inventory
# (pathspec) Colon-separated paths in which Ansible will search for HttpApi Plugins.
;httpapi_plugins=/home/fejao/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi
;httpapi_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/httpapi:/usr/share/ansible/plugins/httpapi
# (float) This sets the interval (in seconds) of Ansible internal processes polling each other. Lower values improve performance with large playbooks at the expense of extra CPU load. Higher values are more suitable for Ansible usage in automation scenarios when UI responsiveness is not required but CPU usage might be a concern.
# The default corresponds to the value hardcoded in Ansible <= 2.1
;internal_poll_interval=0.001
# (pathspec) Colon-separated paths in which Ansible will search for Inventory Plugins.
;inventory_plugins=/home/fejao/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory
;inventory_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory
# (string) This is a developer-specific feature that allows enabling additional Jinja2 extensions.
# See the Jinja2 documentation for details. If you do not know what these do, you probably don't need to change this setting :)
......@@ -164,7 +164,7 @@ inventory=$PWD/inventories/hosts
;bin_ansible_callbacks=False
# (tmppath) Temporary directory for Ansible to use on the controller.
;local_tmp=/home/fejao/.ansible/tmp
;local_tmp=/home/<YOUR_USER_NAME>/.ansible/tmp
# (list) List of logger names to filter out of the log file.
;log_filter=
......@@ -173,7 +173,7 @@ inventory=$PWD/inventories/hosts
;log_path=
# (pathspec) Colon-separated paths in which Ansible will search for Lookup Plugins.
;lookup_plugins=/home/fejao/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup
;lookup_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup
# (string) Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only relevant to those two modules.
;ansible_managed=Ansible managed
......@@ -188,13 +188,13 @@ inventory=$PWD/inventories/hosts
;module_name=command
# (pathspec) Colon-separated paths in which Ansible will search for Modules.
;library=/home/fejao/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
;library=/home/<YOUR_USER_NAME>/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
# (pathspec) Colon-separated paths in which Ansible will search for Module utils files, which are shared by modules.
;module_utils=/home/fejao/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
;module_utils=/home/<YOUR_USER_NAME>/.ansible/plugins/module_utils:/usr/share/ansible/plugins/module_utils
# (pathspec) Colon-separated paths in which Ansible will search for Netconf Plugins.
;netconf_plugins=/home/fejao/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf
;netconf_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/netconf:/usr/share/ansible/plugins/netconf
# (boolean) Toggle Ansible's display and logging of task details, mainly used to avoid security disclosures.
;no_log=False
......@@ -227,7 +227,7 @@ inventory=$PWD/inventories/hosts
remote_user=test-user
# (pathspec) Colon-separated paths in which Ansible will search for Roles.
;roles_path=/home/fejao/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
;roles_path=/home/<YOUR_USER_NAME>/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
# (string) Set the main callback used to display Ansible output. You can only have one at a time.
# You can have many other callbacks, but just one can be in charge of stdout.
......@@ -238,7 +238,7 @@ remote_user=test-user
;strategy=linear
# (pathspec) Colon-separated paths in which Ansible will search for Strategy Plugins.
;strategy_plugins=/home/fejao/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy
;strategy_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy
# (boolean) Toggle the use of "su" for tasks.
;su=False
......@@ -247,10 +247,10 @@ remote_user=test-user
;syslog_facility=LOG_USER
# (pathspec) Colon-separated paths in which Ansible will search for Terminal Plugins.
;terminal_plugins=/home/fejao/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal
;terminal_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/terminal:/usr/share/ansible/plugins/terminal
# (pathspec) Colon-separated paths in which Ansible will search for Jinja2 Test Plugins.
;test_plugins=/home/fejao/.ansible/plugins/test:/usr/share/ansible/plugins/test
;test_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/test:/usr/share/ansible/plugins/test
# (integer) This is the default timeout for connection plugins to use.
;timeout=10
......@@ -264,7 +264,7 @@ remote_user=test-user
;error_on_undefined_vars=True
# (pathspec) Colon-separated paths in which Ansible will search for Vars Plugins.
;vars_plugins=/home/fejao/.ansible/plugins/vars:/usr/share/ansible/plugins/vars
;vars_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/vars:/usr/share/ansible/plugins/vars
# (string) The vault_id to use for encrypting by default. If multiple vault_ids are provided, this specifies which to use for encryption. The ``--encrypt-vault-id`` CLI option overrides the configured value.
;vault_encrypt_identity=
......@@ -305,7 +305,7 @@ deprecation_warnings=False
;docsite_root_url=https://docs.ansible.com/ansible-core/
# (pathspec) Colon-separated paths in which Ansible will search for Documentation Fragments Plugins.
;doc_fragment_plugins=/home/fejao/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments
;doc_fragment_plugins=/home/<YOUR_USER_NAME>/.ansible/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments
# (string) By default, Ansible will issue a warning when a duplicate dict key is encountered in YAML.
# These warnings can be silenced by adjusting this setting to False.
......@@ -533,7 +533,7 @@ interpreter_python=auto_silent
;connect_timeout=30
# (path) Path to the socket to be used by the connection persistence system.
;control_path_dir=/home/fejao/.ansible/pc
;control_path_dir=/home/<YOUR_USER_NAME>/.ansible/pc
[connection]
......@@ -610,7 +610,7 @@ interpreter_python=auto_silent
# (path) The directory that stores cached responses from a Galaxy server.
# This is only used by the ``ansible-galaxy collection install`` and ``download`` commands.
# Cache files inside this dir will be ignored if they are world writable.
;cache_dir=/home/fejao/.ansible/galaxy_cache
;cache_dir=/home/<YOUR_USER_NAME>/.ansible/galaxy_cache
# (bool) whether ``ansible-galaxy collection install`` should warn about ``--collections-path`` missing from configured :ref:`collections_paths`.
;collections_path_warning=True
......@@ -664,7 +664,7 @@ interpreter_python=auto_silent
;server_timeout=60
# (path) Local path to galaxy access token file
;token_path=/home/fejao/.ansible/galaxy_token
;token_path=/home/<YOUR_USER_NAME>/.ansible/galaxy_token
[inventory]
......
# CI-CD
## What is this?
Here are the files used for the gitlab for CI-CD
## Files
- [01_test.yml](ci-cd/01_test.yml)
- The playbook for testing the 'test' role.
- [02_dependencies](ci-cd/02_dependencies.yml)
- The playbook for testing the 'dependencies' role.
- [03_clone_repositories](ci-cd/03_clone_repositories.yml)
- The playbook for testing the 'clone_repositories' role.
- [04_docker_images](ci-cd/04_docker_images.yml)
- The playbook for testing the 'docker_images' role.
- [05_docker_containers](ci-cd/05_docker_containers.yml)
- The playbook for testing the 'docker_containers' role.
......@@ -5,4 +5,4 @@
hosts:
- example_servers_group
roles:
- docker_images
- roles/docker_images
......@@ -10,15 +10,37 @@ The original code used can be found at: [https://github.com/geerlingguy/ansible-
## Requirements
- To have [ansible](https://docs.ansible.com/ansible/latest/installation_guide/installation_distros.html) installed at your system.
- Set your **remote_user** configuration at the **ansible.cfg** file.
- Set your **inventories/host_vars/<TARGET_NAME>** file.
## Configuration
You need to set some configuration for this to work
- ### ansible.cfg
You have to edit the **ansible.cfg** file to your needs for accessing your target.
- #### remote_user
You need to set the **remote_user** configuration for accessing the target host.
Example: [remote_user](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg#L227)
- ### HOST_VARS
In order to access your target host, you need to create/edit your **inventories/host_vars/<YOUR_HOST_NAME>.yml**
- #### ansible_become_pass
You need to set the **sudo** password from the user setted on **remote_user** for installing packages and etc. at the target.
Example: [ansible_become_pass](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/host_vars/example_server.yml#L5)
- ### HOSTS
You need to provide a **group** in which your target belongs to with the same name setted for **inventories/host_vars/<YOUR_HOST_NAME>.yml**.
There you can add/edit the target address/IP.
Example: [hosts](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/hosts)
## Role Variables
Here are the variables setted:
- ### From: inventories/host_vars/<TARGET_NAME>
Here are the variables that you should be changing for your own deployment.
- **docker_users**: DEFAULT="test-user"
- **docker_users**: DEFAULT="[test-user]"
- The users to be added to the docker group.
- These users should should contain at least the same user setted on **ansible.cfg** at the **remote_user**
- **ansible_become_pass**: DEFAULT="Please change this"
......@@ -78,10 +100,10 @@ This role have no dependency from any another role.
## Example Playbook
- ### Using the provided example
For using the example playbook **playbooks/examples/example_02_dependencies.yml** file you only need to:
- Change the user at the **ansible.cfg** file at the field **remote_user** for acessing your target.
- Update the file **inventories/host_vars/example_server.yml** and change the value for **ansible_become_pass** from the **remote_user**
- Update the **inventories/hosts** file and change the **example_server** with the IP address from your target.
For using the example playbook **[playbooks/examples/example_02_dependencies.yml](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/playbooks/examples/example_02_dependencies.yml)** file you only need to:
- Change the user at the **[ansible.cfg](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg)** file at the field **[remote_user](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg#L227)** for acessing your target.
- Update the file **[inventories/host_vars/example_server.yml](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/host_vars/example_server.yml)** and change the value for **[ansible_become_pass](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/host_vars/example_server.yml#L5)** from the **[remote_user](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/ansible.cfg#L227)**
- Update the **[inventories/hosts](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/hosts)** file and change the **[example_server](https://git.cccv.de/fejao/c3infodesk-deployment/-/blob/main/inventories/hosts#L2)** with the IP address from your target.
And run the command:
```bash
......@@ -106,6 +128,34 @@ ansible-playbook -i inventories/hosts playbooks/examples/example_02_dependencies
ansible-playbook -i <INVENTORY> <PLAYBOOK_NAME>.yml
```
## Testing
You can test this locally using **DIND (docker in docker)** at your own computer using [ansible molecule](https://ansible.readthedocs.io/projects/molecule/installation/)
- ### Testing requirements
You need docker installed at your system and the [ansible molecule](https://ansible.readthedocs.io/projects/molecule/installation/).
You might have to set DIND at your system, for linux, you can create the file **/etc/docker/daemon.json**
And add the content and restart docker.
```json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"features": {
"buildkit": true
},
"experimental": true,
"cgroup-parent": "docker.slice"
}
```
- ### Using molecule
Just go to the root of the role **roles/dependencies** and run the command:
```bash
molecule test
```
## License
......
......@@ -8,6 +8,9 @@
# This should be the password from the deployment user setted on ansible.cfg
ansible_become_pass: "UPDATE THIS FOR THE HOSTS"
# A list of users who will be added to the docker group.
docker_users: []
###
### install_packages.yml
###
......@@ -21,6 +24,7 @@ os_dependencies_packages:
###
### install_docker.yml
###
docker_installed: false
# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
docker_edition: 'ce'
docker_packages:
......@@ -81,8 +85,5 @@ docker_yum_repo_enable_nightly: '0'
docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
# A list of users who will be added to the docker group.
docker_users: []
# Docker daemon options as a dict
docker_daemon_options: {}
## ansible molecule tests for role: dependencies
## Why to use it
It's allways a good idea to test your things.
With **ansible molecule** you can test your role locally without the need of using a **real server** but a local **docker container**.
## Dependencies
- ### molecule
You need to have [ansible molecule](https://ansible.readthedocs.io/projects/molecule/installation/) installed.
- ### DIND (docker in docker)
For using the tests, you will to have **docker** installed locally and and set it for using **DIND (docker in docker)**
- ### DIND linux
You have to create/edit the file **/etc/docker/daemon.json** with the content:
```json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"features": {
"buildkit": true
},
"experimental": true,
"cgroup-parent": "docker.slice"
}
```
## Configuration
There's not much for configuring for using the tests
## Running the tests
For running the **molecule tests** you just need to run the command:
```bash
molecule test
```
Here you can find how to run the
---
- name: MOLECULE | Converge
hosts: all
pre_tasks:
- name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../defaults
ansible.builtin.include_vars:
dir: ../../defaults
depth: 1
extensions:
- 'yml'
- name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../vars
ansible.builtin.include_vars:
dir: ../../vars
depth: 1
extensions:
- 'yml'
- name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../../../inventories/group_vars
ansible.builtin.include_vars:
dir: ../../../../inventories/group_vars
extensions:
- 'yml'
- name: MOLECULE | COVERGE | PRE-TASKS | Adding variables from -> ../../../../inventories/host_vars
ansible.builtin.include_vars:
dir: ../../../../inventories/host_vars
extensions:
- 'yml'
tasks:
- name: MOLECULE | CONVERGE | Call the 'dependencies' role.
ansible.builtin.include_role:
name: dependencies
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: molecule_dependencies
### At the moment I'm not running at the latest kernel, please use always with a older kernel than the host
# image: docker.io/geerlingguy/docker-ubuntu2204-ansible
image: geerlingguy/docker-ubuntu2204-ansible:latest
command: /usr/sbin/init
pre_build_image: true
cgroupns_mode: host
privileged: true
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
- /var/lib/containerd
provisioner:
name: ansible
lint: |
ansible-lint --exclude molecule/default/
scenario:
name: default
create_sequence:
- dependency
- create
- prepare
check_sequence:
- dependency
- cleanup
- destroy
- create
- prepare
- converge
- check
- destroy
converge_sequence:
- dependency
- create
- prepare
- converge
destroy_sequence:
- dependency
- cleanup
- destroy
test_sequence:
# - lint
# - dependency
# - cleanup
- destroy
- syntax
- create
# - prepare
- converge
- verify
- idempotence
# - side_effect
# - cleanup
- destroy
verifier:
name: ansible
---
- name: VERIFY | Test role for debugging variables
hosts: all
vars:
package_name_docker: 'docker'
package_name_docker_ce: 'docker-ce'
package_name_docker_compose: 'docker-compose'
package_name_docker_compose_plugin: 'docker-compose-plugin'
pre_tasks:
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../defaults
ansible.builtin.include_vars:
dir: ../../defaults
depth: 1
extensions:
- 'yml'
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../vars
ansible.builtin.include_vars:
dir: ../../vars
depth: 1
extensions:
- 'yml'
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../../../inventories/group_vars
ansible.builtin.include_vars:
dir: ../../../../inventories/group_vars
extensions:
- 'yml'
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../../../inventories/host_vars
ansible.builtin.include_vars:
dir: ../../../../inventories/host_vars
extensions:
- 'yml'
tasks:
###
### POPULATE
###
- name: MOLECULE | VERIFY | POPULATE | Gather the package facts
ansible.builtin.package_facts:
manager: auto
# - name: MOLECULE | VERIFY | POPULATE | Gather service facts
# ansible.builtin.service_facts:
###
### TESTS - PACKAGES
###
- name: MOLECULE | VERIFY | TEST | Check that the packages from 'os_dependencies_packages' are installed.
ansible.builtin.debug:
msg: "Package: '{{ package_name }}' is installed"
loop: "{{ os_dependencies_packages }}"
loop_control:
loop_var: package_name
failed_when: package_name not in ansible_facts.packages
- name: MOLECULE | VERIFY | TEST | Check that docker is installed.
ansible.builtin.debug:
msg: "Package: 'docker' is installed"
failed_when:
- package_name_docker not in ansible_facts.packages
- package_name_docker_ce not in ansible_facts.packages
- name: MOLECULE | VERIFY | TEST | Check that docker-compose is installed.
ansible.builtin.debug:
msg: "Package: 'docker-cokmpose' is installed"
failed_when:
- package_name_docker_compose not in ansible_facts.packages
- package_name_docker_compose_plugin not in ansible_facts.packages
###
### TESTS - DOCKER
###
- name: MOLECULE | VERIFY | TEST | Get docker service state.
ansible.builtin.systemd:
name: "docker"
register: docker_service
- name: MOLECULE | VERIFY | TEST | Check that docker is running.
ansible.builtin.debug:
msg: "Docker IS running..."
failed_when: "'active' != docker_service.status.ActiveState"
###
### TESTS - ADDED USERS
###
- name: MOLECULE | VERIFY | TEST | Get added users infos.
ansible.builtin.user:
name: "{{ item }}"
loop: "{{ docker_users }}"
check_mode: true
register: test_users
- name: MOLECULE | VERIFY | TEST | Check if users exists
ansible.builtin.debug:
msg: "User {{ item.item }} {{ 'exists' if item.state | d('') == 'present' else 'does not exist' }}"
loop: "{{ test_users.results }}"
loop_control:
label: "{{ item.item }}"
- name: MOLECULE | VERIFY | TEST | Get the groups that the users belongs to.
ansible.builtin.command:
cmd: "id -Gn {{ item.item }}"
loop: "{{ test_users.results }}"
loop_control:
label: "{{ item.item }}"
register: user_groups
changed_when: false
- name: MOLECULE | VERIFY | TEST | Check that the users are at the 'docker' group.
ansible.builtin.debug:
msg: "User '{{ item.item.item }}' belongs to the docker group"
with_items: "{{ user_groups.results }}"
failed_when: "'docker' not in item.stdout"
......@@ -4,6 +4,7 @@
ansible.builtin.package:
name: "{{ package_name }}"
state: present
update_cache: true
loop: "{{ os_dependencies_packages }}"
loop_control:
loop_var: package_name
......
......@@ -4,5 +4,18 @@
- name: Importing the 'install_packages.yml' tasks
ansible.builtin.import_tasks: install_packages.yml
- name: Importing the 'install_docker.yml' tasks
- name: Get docker service state.
ansible.builtin.systemd:
name: "docker"
register: docker_service
- name: Set fact if docker already installed and active.
ansible.builtin.set_fact:
docker_installed: true
when:
- docker_service is defined
- "'active' == docker_service.status.ActiveState"
- name: Importing the 'install_docker.yml' tasks if docker not installed.
ansible.builtin.import_tasks: install_docker.yml
when: docker_installed | bool is false
......@@ -37,7 +37,7 @@ The tests shuold be runned at the root directory from the repository.
### Syntax
```bash
ansible-playbook --syntax-check -i invenvories/hosts ci-cd/01_test.yml
ansible-playbook --syntax-check -i invenvories/hosts playbooks/examples/example_01_test.yml
```
### Lint
......
var_setted_only_group_vars: "group_vars_value"
var_setted_everywhere: "group_vars_value"
var_setted_only_host_vars: "host_vars_value"
var_setted_everywhere: "host_vars_value"
......@@ -10,9 +10,10 @@ platforms:
pre_build_image: true
provisioner:
name: ansible
lint:
name: ansible-lint
inventory:
###
### VARS used from the role
###
group_vars:
example_servers_group:
var_setted_only_group_vars: "group_vars_value"
......@@ -21,17 +22,45 @@ provisioner:
instance:
var_setted_only_host_vars: "host_vars_value"
var_setted_everywhere: "host_vars_value"
lint: |
ansible-lint --exclude molecule/default/
scenario:
name: default
create_sequence:
- dependency
- create
- prepare
check_sequence:
- dependency
- cleanup
- destroy
- create
- prepare
- converge
- check
- destroy
converge_sequence:
- dependency
- create
- prepare
- converge
destroy_sequence:
- dependency
- cleanup
- destroy
test_sequence:
# - lint
# - dependency
# - cleanup
- destroy
- syntax
- create
# - prepare
- converge
- verify
- idempotence
# - side_effect
# - cleanup
- destroy
verifier:
name: ansible
###
# lint:
# name: ansible-lint
###
# playbook: verify.yml
###
# Remove the 'playbooks' key and use 'playbooks' directly under 'verifier'
# playbooks:
# verify: verify.yml
###
# lint:
# name: flake8
---
- name: MOLECULE | Test role for debugging variables
hosts: all
tasks:
- name: MOLECULE | TESTS | Test parsed variable setted only at roles/test/defaults/main.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_defaults_main }}"
- name: MOLECULE | TESTS | Test parsed variable setted only at roles/test/vars/main.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_vars_main }}"
- name: MOLECULE | TESTS | Test parsed variable setted only at inventory/group_vars/example_servers_group.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_group_vars }}"
when: var_setted_only_group_vars is defined
- name: MOLECULE | TESTS | Test parsed variable setted only at inventory/host_vars/example_server.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_host_vars }}"
- name: MOLECULE | TESTS | Test parsed variable setted EVERYWHERE -> should come from roles/test/vars/main.yml
ansible.builtin.debug:
msg: "{{ var_setted_everywhere }}"
- name: MOLECULE | TESTS | List the root ('/') folder from the target to a register
ansible.builtin.command:
cmd: ls -hal /
register: ret_list_folder
changed_when: false
- name: MOLECULE | TESTS | Shows output from listing folder
ansible.builtin.debug:
msg: "{{ ret_list_folder }}"
---
- name: VERIFY | Test role for debugging variables
hosts: all
pre_tasks:
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../../../inventories/group_vars
ansible.builtin.include_vars:
dir: ../../../../inventories/group_vars
extensions:
- 'yml'
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../../../inventories/host_vars
ansible.builtin.include_vars:
dir: ../../../../inventories/host_vars
extensions:
- 'yml'
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../defaults
ansible.builtin.include_vars:
dir: ../../defaults
extensions:
- 'yml'
- name: MOLECULE | VERIFY | PRE-TASKS | Adding variables from -> ../../vars
ansible.builtin.include_vars:
dir: ../../vars
extensions:
- 'yml'
tasks:
- name: MOLECULE | VERIFY | Test parsed variable setted only at roles/test/defaults/main.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_defaults_main }}"
- name: MOLECULE | VERIFY | Test parsed variable setted only at roles/test/vars/main.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_vars_main }}"
- name: MOLECULE | VERIFY | Test parsed variable setted only at inventory/group_vars/example_servers_group.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_group_vars }}"
when: var_setted_only_group_vars is defined
- name: MOLECULE | VERIFY | Test parsed variable setted only at inventory/host_vars/example_server.yml
ansible.builtin.debug:
msg: "{{ var_setted_only_host_vars }}"
- name: MOLECULE | VERIFY | Test parsed variable setted EVERYWHERE -> should come from roles/test/vars/main.yml
ansible.builtin.debug:
msg: "{{ var_setted_everywhere }}"
- name: MOLECULE | VERIFY | List the root ('/') folder from the target to a register
ansible.builtin.command:
cmd: ls -hal /
register: ret_list_folder
changed_when: false
- name: MOLECULE | VERIFY | Shows output from listing folder
ansible.builtin.debug:
msg: "{{ ret_list_folder }}"
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment