From 3dd43752550e5ec1154a6442325cce764cdea22a Mon Sep 17 00:00:00 2001
From: fejao <mail@fejao.de>
Date: Mon, 27 Jan 2025 16:59:54 +0100
Subject: [PATCH 1/6] Fixed ansible-lint for role test
---
.ansible-lint | 132 +++++++++++++++++++++++++++++++++++
.yamllint | 49 +++++++++++++
playbook_example_01_test.yml | 7 +-
roles/test/tasks/main.yml | 1 +
4 files changed, 186 insertions(+), 3 deletions(-)
create mode 100644 .ansible-lint
create mode 100644 .yamllint
diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000..34214a6
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,132 @@
+---
+# .ansible-lint
+
+profile: null # min, basic, moderate,safety, shared, production
+
+# Allows dumping of results in SARIF format
+# sarif_file: result.sarif
+
+# exclude_paths included in this file are parsed relative to this file's location
+# and not relative to the CWD of execution. CLI arguments passed to the --exclude
+# option are parsed relative to the CWD of execution.
+exclude_paths:
+ - .cache/ # implicit unless exclude_paths is defined in config
+ - test/fixtures/formatting-before/
+ - test/fixtures/formatting-prettier/
+# parseable: true
+# quiet: true
+# strict: true
+# verbosity: 1
+
+# Mock modules or roles in order to pass ansible-playbook --syntax-check
+mock_modules:
+ - zuul_return
+ # note the foo.bar is invalid as being neither a module or a collection
+ - fake_namespace.fake_collection.fake_module
+ - fake_namespace.fake_collection.fake_module.fake_submodule
+mock_roles:
+ - mocked_role
+ - author.role_name # old standalone galaxy role
+ - fake_namespace.fake_collection.fake_role # role within a collection
+
+# Enable checking of loop variable prefixes in roles
+loop_var_prefix: "^(__|{role}_)"
+
+# Enforce variable names to follow pattern below, in addition to Ansible own
+# requirements, like avoiding python identifiers. To disable add `var-naming`
+# to skip_list.
+var_naming_pattern: "^[a-z_][a-z0-9_]*$"
+###
+# var-naming: false
+
+use_default_rules: true
+# Load custom rules from this specific folder
+# rulesdir:
+# - ./rule/directory/
+
+# Ansible-lint is able to recognize and load skip rules stored inside
+# `.ansible-lint-ignore` (or `.config/ansible-lint-ignore.txt`) files.
+# To skip a rule just enter filename and tag, like "playbook.yml package-latest"
+# on a new line.
+# Optionally you can add comments after the tag, prefixed by "#". We discourage
+# the use of skip_list below because that will hide violations from the output.
+# When putting ignores inside the ignore file, they are marked as ignored, but
+# still visible, making it easier to address later.
+skip_list:
+ - skip_this_tag
+ - var-naming[no-role-prefix]
+
+# Ansible-lint does not automatically load rules that have the 'opt-in' tag.
+# You must enable opt-in rules by listing each rule 'id' below.
+enable_list:
+ - args
+ - empty-string-compare # opt-in
+ - no-log-password # opt-in
+ - no-same-owner # opt-in
+ - name[prefix] # opt-in
+ - galaxy-version-incorrect # opt-in
+ # add yaml here if you want to avoid ignoring yaml checks when yamllint
+ # library is missing. Normally its absence just skips using that rule.
+ - yaml
+# Report only a subset of tags and fully ignore any others
+# tags:
+# - jinja[spacing]
+
+# Ansible-lint does not fail on warnings from the rules or tags listed below
+warn_list:
+ - skip_this_tag
+ - experimental # experimental is included in the implicit list
+ # - role-name
+ # - yaml[document-start] # you can also use sub-rule matches
+
+# Some rules can transform files to fix (or make it easier to fix) identified
+# errors. `ansible-lint --fix` will reformat YAML files and run these transforms.
+# By default it will run all transforms (effectively `write_list: ["all"]`).
+# You can disable running transforms by setting `write_list: ["none"]`.
+# Or only enable a subset of rule transforms by listing rules/tags here.
+# write_list:
+# - all
+
+# Offline mode disables installation of requirements.yml and schema refreshing
+offline: true
+
+# Define required Ansible's variables to satisfy syntax check
+extra_vars:
+ foo: bar
+ multiline_string_variable: |
+ line1
+ line2
+ complex_variable: ":{;\t$()"
+
+# Uncomment to enforce action validation with tasks, usually is not
+# needed as Ansible syntax check also covers it.
+# skip_action_validation: false
+
+# List of additional kind:pattern to be added at the top of the default
+# match list, first match determines the file kind.
+kinds:
+ # - playbook: "**/examples/*.{yml,yaml}"
+ # - galaxy: "**/folder/galaxy.yml"
+ # - tasks: "**/tasks/*.yml"
+ # - vars: "**/vars/*.yml"
+ # - meta: "**/meta/main.yml"
+ - yaml: "**/*.yaml-too"
+
+# List of additional collections to allow in only-builtins rule.
+# only_builtins_allow_collections:
+# - example_ns.example_collection
+
+# List of additions modules to allow in only-builtins rule.
+# only_builtins_allow_modules:
+# - example_module
+
+# Allow setting custom prefix for name[prefix] rule
+task_name_prefix: "{stem} | "
+# Complexity related settings
+
+# Limit the depth of the nested blocks:
+# max_block_depth: 20
+
+# Also recognize these versions of Ansible as supported:
+# supported_ansible_also:
+# - "2.18"
\ No newline at end of file
diff --git a/.yamllint b/.yamllint
new file mode 100644
index 0000000..b786aa3
--- /dev/null
+++ b/.yamllint
@@ -0,0 +1,49 @@
+---
+
+# https://ansible.readthedocs.io/projects/lint/rules/yaml/
+
+yaml-files:
+ - '*.yaml'
+ - '*.yml'
+ - '.yamllint'
+
+rules:
+ anchors: enable
+ # braces: enable
+ # braces: disable
+ braces:
+ max-spaces-inside: 1
+ brackets: enable
+ colons: enable
+ commas: enable
+ comments:
+ level: warning
+ min-spaces-from-content: 1
+ comments-indentation: false
+ document-end: disable
+ document-start:
+ level: warning
+ empty-lines: enable
+ empty-values: disable
+ float-values: disable
+ hyphens: enable
+ # indentation: enable
+ indentation: disable
+ key-duplicates: enable
+ key-ordering: disable
+ # line-length: enable
+ line-length:
+ # max: 160
+ max: 320
+ new-line-at-end-of-file: enable
+ new-lines: enable
+ # octal-values: disable
+ quoted-strings: disable
+ trailing-spaces: enable
+ truthy:
+ level: warning
+ ####
+ # var_naming_pattern: "^[a-z_][a-z0-9_]*$"
+ # var-naming: disable
+ # var-naming:
+ # no-role-prefix: disable
diff --git a/playbook_example_01_test.yml b/playbook_example_01_test.yml
index be558c9..da345d6 100644
--- a/playbook_example_01_test.yml
+++ b/playbook_example_01_test.yml
@@ -1,7 +1,8 @@
---
-# Runs example for
+# Runs the role test
-- hosts:
- - example_servers_group
+- name: Playbook for running the role 'test'
+ hosts:
+ - example_servers_group
roles:
- test
diff --git a/roles/test/tasks/main.yml b/roles/test/tasks/main.yml
index 6e81d9c..231332e 100644
--- a/roles/test/tasks/main.yml
+++ b/roles/test/tasks/main.yml
@@ -27,6 +27,7 @@
ansible.builtin.command:
cmd: ls -hal /
register: ret_list_folder
+ changed_when: ret_list_folder.rc != 0
- name: Shows output from listing folder
ansible.builtin.debug:
--
GitLab
From 875b69cf51cabb0af2910fe2c0337159583625d5 Mon Sep 17 00:00:00 2001
From: fejao <mail@fejao.de>
Date: Mon, 27 Jan 2025 19:55:43 +0100
Subject: [PATCH 2/6] Fixed lint from 'dependencies' role
---
.ansible-lint | 14 +--
.yamllint | 3 +-
playbook_example_02_dependencies.yml | 5 +-
roles/clone_repositories/meta/main.yml | 2 +-
roles/dependencies/defaults/main.yml | 2 +-
roles/dependencies/handlers/main.yml | 10 +-
roles/dependencies/meta/main.yml | 6 +-
.../tasks/docker/install_compose.yml | 11 ++-
.../tasks/docker/install_docker_users.yml | 5 +-
.../tasks/docker/setup-Debian.yml | 19 ++--
.../tasks/docker/setup-RedHat.yml | 94 +++++++++----------
roles/dependencies/tasks/install_docker.yml | 63 +++++++------
roles/dependencies/tasks/install_packages.yml | 10 +-
roles/dependencies/tasks/main.yml | 7 +-
roles/docker_containers/meta/main.yml | 2 +-
roles/docker_images/meta/main.yml | 2 +-
16 files changed, 139 insertions(+), 116 deletions(-)
diff --git a/.ansible-lint b/.ansible-lint
index 34214a6..c381cc1 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -30,14 +30,13 @@ mock_roles:
- fake_namespace.fake_collection.fake_role # role within a collection
# Enable checking of loop variable prefixes in roles
-loop_var_prefix: "^(__|{role}_)"
+# loop_var_prefix: "^(__|{role}_)"
+loop_var_prefix: "^[a-z_][a-z0-9_]*$"
# Enforce variable names to follow pattern below, in addition to Ansible own
# requirements, like avoiding python identifiers. To disable add `var-naming`
# to skip_list.
var_naming_pattern: "^[a-z_][a-z0-9_]*$"
-###
-# var-naming: false
use_default_rules: true
# Load custom rules from this specific folder
@@ -55,6 +54,9 @@ use_default_rules: true
skip_list:
- skip_this_tag
- var-naming[no-role-prefix]
+ - loop-var-prefix[missing]
+ ### Sometimes, it is need to run as command...
+ - command-instead-of-module
# Ansible-lint does not automatically load rules that have the 'opt-in' tag.
# You must enable opt-in rules by listing each rule 'id' below.
@@ -63,7 +65,7 @@ enable_list:
- empty-string-compare # opt-in
- no-log-password # opt-in
- no-same-owner # opt-in
- - name[prefix] # opt-in
+ # - name[prefix] # opt-in
- galaxy-version-incorrect # opt-in
# add yaml here if you want to avoid ignoring yaml checks when yamllint
# library is missing. Normally its absence just skips using that rule.
@@ -75,7 +77,7 @@ enable_list:
# Ansible-lint does not fail on warnings from the rules or tags listed below
warn_list:
- skip_this_tag
- - experimental # experimental is included in the implicit list
+ # - experimental # experimental is included in the implicit list
# - role-name
# - yaml[document-start] # you can also use sub-rule matches
@@ -121,7 +123,7 @@ kinds:
# - example_module
# Allow setting custom prefix for name[prefix] rule
-task_name_prefix: "{stem} | "
+# task_name_prefix: "{stem} | "
# Complexity related settings
# Limit the depth of the nested blocks:
diff --git a/.yamllint b/.yamllint
index b786aa3..2382bed 100644
--- a/.yamllint
+++ b/.yamllint
@@ -34,7 +34,8 @@ rules:
# line-length: enable
line-length:
# max: 160
- max: 320
+ ### roles/dependencies/defaults/main.yml:72 --> 232 characters
+ max: 240
new-line-at-end-of-file: enable
new-lines: enable
# octal-values: disable
diff --git a/playbook_example_02_dependencies.yml b/playbook_example_02_dependencies.yml
index 3e456c1..d9c9808 100644
--- a/playbook_example_02_dependencies.yml
+++ b/playbook_example_02_dependencies.yml
@@ -1,7 +1,8 @@
---
# Runs example for
-- hosts:
- - example_servers_group
+- name: Playbook for running the role 'dependencies'
+ hosts:
+ - example_servers_group
roles:
- dependencies
diff --git a/roles/clone_repositories/meta/main.yml b/roles/clone_repositories/meta/main.yml
index 6de0edd..a566122 100644
--- a/roles/clone_repositories/meta/main.yml
+++ b/roles/clone_repositories/meta/main.yml
@@ -3,7 +3,7 @@ galaxy_info:
description: Role to clone the repositories used from c3InfoDesk sytems
author: fejao
company: cccv.de
- license: license (GPL-2.0-or-later, MIT, etc)
+ license: MIT
min_ansible_version: 2.10
galaxy_tags: []
diff --git a/roles/dependencies/defaults/main.yml b/roles/dependencies/defaults/main.yml
index 5616e16..8513b66 100644
--- a/roles/dependencies/defaults/main.yml
+++ b/roles/dependencies/defaults/main.yml
@@ -76,7 +76,7 @@ docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807c
docker_apt_filename: "docker"
# Used only for RedHat/CentOS/Fedora.
-docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
+docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora', 'centos') }}/docker-{{ docker_edition }}.repo"
docker_yum_repo_enable_nightly: '0'
docker_yum_repo_enable_test: '0'
docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
diff --git a/roles/dependencies/handlers/main.yml b/roles/dependencies/handlers/main.yml
index 7eee98a..d8fd57c 100644
--- a/roles/dependencies/handlers/main.yml
+++ b/roles/dependencies/handlers/main.yml
@@ -1,14 +1,10 @@
---
# handlers file for dependencies
-- name: handler_restart_docker
+- name: HANDLER_RESTART_DOCKER
ansible.builtin.systemd_service:
name: docker
state: restarted
- # daemon_reload: true
- ###
- ### THIS IS GETTING TIMEOUT
- ###
- # ignore_errors: "{{ ansible_check_mode }}"
- ignore_errors: true
+ daemon_reload: true
when: docker_service_manage | bool
+ become: true
diff --git a/roles/dependencies/meta/main.yml b/roles/dependencies/meta/main.yml
index 1fbb987..69e69d0 100644
--- a/roles/dependencies/meta/main.yml
+++ b/roles/dependencies/meta/main.yml
@@ -1,10 +1,12 @@
+---
+
galaxy_info:
role_name: dependencies
description: Role to install the dependencies from the c3InfoDesk sytems
author: fejao
company: cccv.de
- license: license (GPL-2.0-or-later, MIT, etc)
- min_ansible_version: 2.10
+ license: MIT
+ min_ansible_version: '2.10'
galaxy_tags: []
dependencies: []
diff --git a/roles/dependencies/tasks/docker/install_compose.yml b/roles/dependencies/tasks/docker/install_compose.yml
index 38705d0..8c353a4 100644
--- a/roles/dependencies/tasks/docker/install_compose.yml
+++ b/roles/dependencies/tasks/docker/install_compose.yml
@@ -1,19 +1,20 @@
---
- name: DOCKER | COMPOSE | Check current docker-compose version.
- command: "{{ docker_compose_path }} --version"
+ ansible.builtin.command: "{{ docker_compose_path }} --version"
register: docker_compose_vsn
check_mode: false
changed_when: false
failed_when: false
-- set_fact:
+- name: Setting the docker compose version
+ ansible.builtin.set_fact:
docker_compose_current_version: "{{ docker_compose_vsn.stdout | regex_search('(\\d+(\\.\\d+)+)') }}"
when: >
docker_compose_vsn.stdout is defined
and (docker_compose_vsn.stdout | length > 0)
- name: DOCKER | COMPOSE | Delete existing docker-compose version if it's different.
- file:
+ ansible.builtin.file:
path: "{{ docker_compose_path }}"
state: absent
when: >
@@ -21,10 +22,10 @@
and (docker_compose_version | regex_replace('v', '')) not in docker_compose_current_version
- name: DOCKER | COMPOSE | Install Docker Compose (if configured).
- get_url:
+ ansible.builtin.get_url:
url: "{{ docker_compose_url }}"
dest: "{{ docker_compose_path }}"
- mode: 0755
+ mode: "0755"
when: >
(docker_compose_current_version is not defined)
or (docker_compose_current_version | length == 0)
diff --git a/roles/dependencies/tasks/docker/install_docker_users.yml b/roles/dependencies/tasks/docker/install_docker_users.yml
index 6304a0a..2f78a65 100644
--- a/roles/dependencies/tasks/docker/install_docker_users.yml
+++ b/roles/dependencies/tasks/docker/install_docker_users.yml
@@ -1,6 +1,7 @@
---
+
- name: DOCKER | USERS | Ensure docker users are added to the docker group.
- user:
+ ansible.builtin.user:
name: "{{ item }}"
groups: docker
append: true
@@ -8,4 +9,4 @@
become: true
- name: DOCKER | USERS | Reset ssh connection to apply user changes.
- meta: reset_connection
+ ansible.builtin.meta: reset_connection
diff --git a/roles/dependencies/tasks/docker/setup-Debian.yml b/roles/dependencies/tasks/docker/setup-Debian.yml
index afdc406..8835450 100644
--- a/roles/dependencies/tasks/docker/setup-Debian.yml
+++ b/roles/dependencies/tasks/docker/setup-Debian.yml
@@ -10,7 +10,7 @@
state: absent
- name: DOCKER | DEBIAN | Ensure the repo referencing the previous trusted.gpg.d key is not present
- apt_repository:
+ ansible.builtin.apt_repository:
repo: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/trusted.gpg.d/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
state: absent
filename: "{{ docker_apt_filename }}"
@@ -19,13 +19,13 @@
# See https://docs.docker.com/engine/install/debian/#uninstall-old-versions
- name: DOCKER | DEBIAN | Ensure old versions of Docker are not installed.
- package:
+ ansible.builtin.package:
name: "{{ docker_obsolete_packages }}"
state: absent
- name: DOCKER | DEBIAN | Ensure dependencies are installed.
become: true
- apt:
+ ansible.builtin.apt:
name:
- apt-transport-https
- ca-certificates
@@ -33,7 +33,7 @@
when: docker_add_repo | bool
- name: DOCKER | DEBIAN | Ensure directory exists for /etc/apt/keyrings
- file:
+ ansible.builtin.file:
path: /etc/apt/keyrings
state: directory
mode: "0755"
@@ -51,16 +51,21 @@
become: true
- name: DOCKER | DEBIAN | Ensure curl is present (on older systems without SNI).
- package: name=curl state=present
+ ansible.builtin.apt:
+ name: curl
+ state: present
when: add_repository_key is failed and docker_add_repo | bool
- name: DOCKER | DEBIAN | Add Docker apt key (alternative for older systems without SNI).
- shell: >
+ ansible.builtin.shell: >
+ set -o pipefail &&
curl -sSL {{ docker_apt_gpg_key }} | apt-key add -
when: add_repository_key is failed and docker_add_repo | bool
+ register: ret_add_docker_key
+ changed_when: ret_add_docker_key.rc != 0
- name: DOCKER | DEBIAN | Add Docker repository.
- apt_repository:
+ ansible.builtin.apt_repository:
repo: "{{ docker_apt_repository }}"
state: present
filename: "{{ docker_apt_filename }}"
diff --git a/roles/dependencies/tasks/docker/setup-RedHat.yml b/roles/dependencies/tasks/docker/setup-RedHat.yml
index 6a74fed..228585f 100644
--- a/roles/dependencies/tasks/docker/setup-RedHat.yml
+++ b/roles/dependencies/tasks/docker/setup-RedHat.yml
@@ -1,61 +1,61 @@
---
- name: DOCKER | RED-HAT | Ensure old versions of Docker are not installed.
- package:
+ ansible.builtin.package:
name:
- docker
- docker-common
- docker-engine
state: absent
-# - name: DOCKER | RED-HAT | Add Docker GPG key.
-# rpm_key:
-# key: "{{ docker_yum_gpg_key }}"
-# state: present
-# when: docker_add_repo | bool
+- name: DOCKER | RED-HAT | Add Docker GPG key.
+ ansible.builtin.rpm_key:
+ key: "{{ docker_yum_gpg_key }}"
+ state: present
+ when: docker_add_repo | bool
-# - name: DOCKER | RED-HAT | Add Docker repository.
-# get_url:
-# url: "{{ docker_yum_repo_url }}"
-# dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
-# owner: root
-# group: root
-# mode: 0644
-# when: docker_add_repo | bool
+- name: DOCKER | RED-HAT | Add Docker repository.
+ ansible.builtin.get_url:
+ url: "{{ docker_yum_repo_url }}"
+ dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
+ owner: root
+ group: root
+ mode: "0644"
+ when: docker_add_repo | bool
-# - name: DOCKER | RED-HAT | Configure Docker Nightly repo.
-# ini_file:
-# dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
-# section: 'docker-{{ docker_edition }}-nightly'
-# option: enabled
-# value: '{{ docker_yum_repo_enable_nightly }}'
-# mode: 0644
-# no_extra_spaces: true
-# when: docker_add_repo | bool
+- name: DOCKER | RED-HAT | Configure Docker Nightly repo.
+ community.general.ini_file:
+ dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
+ section: 'docker-{{ docker_edition }}-nightly'
+ option: enabled
+ value: '{{ docker_yum_repo_enable_nightly }}'
+ mode: "0644"
+ no_extra_spaces: true
+ when: docker_add_repo | bool
-# - name: DOCKER | RED-HAT | Configure Docker Test repo.
-# ini_file:
-# dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
-# section: 'docker-{{ docker_edition }}-test'
-# option: enabled
-# value: '{{ docker_yum_repo_enable_test }}'
-# mode: 0644
-# no_extra_spaces: true
-# when: docker_add_repo | bool
+- name: DOCKER | RED-HAT | Configure Docker Test repo.
+ community.general.ini_file:
+ dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
+ section: 'docker-{{ docker_edition }}-test'
+ option: enabled
+ value: '{{ docker_yum_repo_enable_test }}'
+ mode: "0644"
+ no_extra_spaces: true
+ when: docker_add_repo | bool
-# - name: DOCKER | RED-HAT | Configure containerd on RHEL 8.
-# block:
-# - name: Ensure runc is not installed.
-# package:
-# name: runc
-# state: absent
+- name: DOCKER | RED-HAT | Configure containerd on RHEL 8.
+ when: ansible_distribution_major_version | int == 8
+ block:
+ - name: Ensure runc is not installed.
+ ansible.builtin.package:
+ name: runc
+ state: absent
-# - name: Ensure container-selinux is installed.
-# package:
-# name: container-selinux
-# state: present
+ - name: Ensure container-selinux is installed.
+ ansible.builtin.package:
+ name: container-selinux
+ state: present
-# - name: Ensure containerd.io is installed.
-# package:
-# name: containerd.io
-# state: present
-# when: ansible_distribution_major_version | int == 8
+ - name: Ensure containerd.io is installed.
+ ansible.builtin.package:
+ name: containerd.io
+ state: present
diff --git a/roles/dependencies/tasks/install_docker.yml b/roles/dependencies/tasks/install_docker.yml
index 12526a5..b6403b0 100644
--- a/roles/dependencies/tasks/install_docker.yml
+++ b/roles/dependencies/tasks/install_docker.yml
@@ -1,76 +1,84 @@
---
+
- name: DOCKER | Load OS-specific vars.
- include_vars: "{{ lookup('first_found', params) }}"
+ ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
- - '{{ansible_distribution}}.yml'
- - '{{ansible_os_family}}.yml'
+ - '{{ ansible_distribution }}.yml'
+ - '{{ ansible_os_family }}.yml'
- main.yml
paths:
- 'vars'
-- include_tasks: docker/setup-RedHat.yml
+- name: Installing for RedHat OS family
+ ansible.builtin.include_tasks: docker/setup-RedHat.yml
when: ansible_os_family == 'RedHat'
-- include_tasks: docker/setup-Debian.yml
+- name: Installing for Debian OS family
+ ansible.builtin.include_tasks: docker/setup-Debian.yml
when: ansible_os_family == 'Debian'
- name: DOCKER | Install Docker packages.
- package:
+ ansible.builtin.package:
name: "{{ docker_packages }}"
state: "{{ docker_packages_state }}"
- notify: handler_restart_docker
+ notify: HANDLER_RESTART_DOCKER
ignore_errors: "{{ ansible_check_mode }}"
when: "ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']"
become: true
- name: DOCKER | Install Docker packages (with downgrade option).
- package:
+ ansible.builtin.package:
name: "{{ docker_packages }}"
state: "{{ docker_packages_state }}"
allow_downgrade: true
- notify: handler_restart_docker
+ notify: HANDLER_RESTART_DOCKER
ignore_errors: "{{ ansible_check_mode }}"
when: "ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
become: true
- name: DOCKER | Install docker-compose plugin.
- package:
+ ansible.builtin.package:
name: "{{ docker_compose_package }}"
state: "{{ docker_compose_package_state }}"
- notify: handler_restart_docker
+ notify: HANDLER_RESTART_DOCKER
ignore_errors: "{{ ansible_check_mode }}"
- when: "docker_install_compose_plugin | bool == true and (ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian'])"
+ when:
+ - docker_install_compose_plugin | bool
+ - ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']
become: true
- name: DOCKER | Install docker-compose-plugin (with downgrade option).
- package:
+ ansible.builtin.package:
name: "{{ docker_compose_package }}"
state: "{{ docker_compose_package_state }}"
allow_downgrade: true
- notify: handler_restart_docker
+ notify: HANDLER_RESTART_DOCKER
ignore_errors: "{{ ansible_check_mode }}"
- when: "docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
+ when:
+ - docker_install_compose_plugin | bool
+ - ansible_version.full is version_compare('2.12', '>=')
+ - ansible_os_family in ['RedHat', 'Debian']
become: true
- name: DOCKER | Ensure /etc/docker/ directory exists.
- file:
+ ansible.builtin.file:
path: /etc/docker
state: directory
- mode: 0755
+ mode: "0755"
when: docker_daemon_options.keys() | length > 0
- name: DOCKER | Configure Docker daemon options.
- copy:
+ ansible.builtin.copy:
content: "{{ docker_daemon_options | to_nice_json }}"
dest: /etc/docker/daemon.json
- mode: 0644
+ mode: "0644"
when: docker_daemon_options.keys() | length > 0
- notify: handler_restart_docker
+ notify: HANDLER_RESTART_DOCKER
- name: DOCKER | Ensure Docker is started and enabled at boot.
- service:
+ ansible.builtin.service:
name: docker
state: "{{ docker_service_state }}"
enabled: "{{ docker_service_enabled }}"
@@ -78,26 +86,27 @@
when: docker_service_manage | bool
- name: DOCKER | Ensure handlers are notified now to avoid firewall conflicts.
- meta: flush_handlers
+ ansible.builtin.meta: flush_handlers
-- include_tasks: docker/install_compose.yml
+- name: Installing 'docker compose'
+ ansible.builtin.include_tasks: docker/install_compose.yml
when: docker_install_compose | bool
- name: DOCKER | Get docker group info using getent.
- getent:
+ ansible.builtin.getent:
database: group
key: docker
split: ':'
when: docker_users | length > 0
- name: DOCKER | Check if there are any users to add to the docker group.
- set_fact:
+ ansible.builtin.set_fact:
at_least_one_user_to_modify: true
when:
- docker_users | length > 0
- item not in ansible_facts.getent_group["docker"][2]
with_items: "{{ docker_users }}"
-# - include_tasks: docker-users.yml
-- include_tasks: docker/install_docker_users.yml
+- name: DOCKER | Adding users to the docker group
+ ansible.builtin.include_tasks: docker/install_docker_users.yml
when: at_least_one_user_to_modify is defined
diff --git a/roles/dependencies/tasks/install_packages.yml b/roles/dependencies/tasks/install_packages.yml
index edb782f..46ff39a 100644
--- a/roles/dependencies/tasks/install_packages.yml
+++ b/roles/dependencies/tasks/install_packages.yml
@@ -1,8 +1,10 @@
---
-- name: INSTALL_PACAKAGES | Installing the packages from list
+- name: INSTALL_PACKAGES | Installing the packages from list
ansible.builtin.package:
- name: "{{item}}"
+ name: "{{ package_name }}"
state: present
- with_items: "{{os_dependencies_packages}}"
- become: true
\ No newline at end of file
+ loop: "{{ os_dependencies_packages }}"
+ loop_control:
+ loop_var: package_name
+ become: true
diff --git a/roles/dependencies/tasks/main.yml b/roles/dependencies/tasks/main.yml
index 2bf1447..1da7500 100644
--- a/roles/dependencies/tasks/main.yml
+++ b/roles/dependencies/tasks/main.yml
@@ -1,5 +1,8 @@
---
# tasks file for dependencies
-- import_tasks: install_packages.yml
-- import_tasks: install_docker.yml
+- name: Importing the 'install_packages.yml' tasks
+ ansible.builtin.import_tasks: install_packages.yml
+
+- name: Importing the 'install_docker.yml' tasks
+ ansible.builtin.import_tasks: install_docker.yml
diff --git a/roles/docker_containers/meta/main.yml b/roles/docker_containers/meta/main.yml
index 9831b4f..6bef252 100644
--- a/roles/docker_containers/meta/main.yml
+++ b/roles/docker_containers/meta/main.yml
@@ -3,7 +3,7 @@ galaxy_info:
description: Role to work with the containers for the c3InfoDesk sytems
author: fejao
company: cccv.de
- license: license (GPL-2.0-or-later, MIT, etc)
+ license: MIT
min_ansible_version: 2.10
galaxy_tags: []
diff --git a/roles/docker_images/meta/main.yml b/roles/docker_images/meta/main.yml
index fcbd3be..8362f7b 100644
--- a/roles/docker_images/meta/main.yml
+++ b/roles/docker_images/meta/main.yml
@@ -3,7 +3,7 @@ galaxy_info:
description: Role to clone the repositories used from c3InfoDesk sytems
author: fejao
company: cccv.de
- license: license (GPL-2.0-or-later, MIT, etc)
+ license: MIT
min_ansible_version: 2.10
galaxy_tags: []
--
GitLab
From 4b919c8af1ae40a3e5823db9509fd28ecb861987 Mon Sep 17 00:00:00 2001
From: fejao <mail@fejao.de>
Date: Mon, 27 Jan 2025 20:05:54 +0100
Subject: [PATCH 3/6] Adding .gitlab-ci.yml file
---
.gitlab-ci.yml | 119 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 119 insertions(+)
create mode 100644 .gitlab-ci.yml
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..6033b8e
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,119 @@
+# image: python:3.10.15-bullseye
+image: ansible:latest
+
+variables:
+ TEST_VAR_BUILD: "Building the application..."
+ DOC_PATH_TMP: tmp_docs
+ DOC_NAME: c3InfoDesk Printing
+ DOC_AUTHOR: fejao
+ DOC_VERSION: 1.0.0
+ DOC_LANGUAGE: english
+ # DOC_RETENTION: 1 day # <--- DON'T WORK :(
+ #####
+ #####
+ #####
+ PLAYBOOK_NAME_FOR_ROLE_TEST: "playbook_example_01_test.yml"
+
+stages:
+ - debug
+ - build
+ - test
+ - docs
+ - deploy
+
+###
+### DEBUG
+###
+runner-debug:
+ stage: debug
+ script:
+ - echo "Testing local gitlab-runner config..."
+ - echo $PWD
+ - echo "list local folder..."
+ - ls -hal
+
+###
+### BUILD
+###
+build:
+ stage: build
+ script:
+ - echo "Here should be the images build and pushed"
+
+###
+### TESTS
+###
+ansible-lint-test:
+ stage: test
+ before_script:
+ # - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
+ # - pip3 install -r ci-cd/requirements.txt
+ - pip3 install -r requirements.txt
+ script:
+ - echo "Running ansible-lint tests at the role-> 'test'"
+ # - pycodestyle -v --config=./src/pycodestyle.cfg src/
+ # - ansible-lint playbook_example_01_dependencies.yml
+ - ansible-lint $PLAYBOOK_NAME_FOR_ROLE_TEST
+ allow_failure: false
+
+# pylint:
+# stage: test
+# before_script:
+# - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
+# - pip3 install -r ci-cd/requirements.txt
+# script:
+# - echo "Running pylint tests..."
+# ### Fix pylint 'import-error' --> hardcode init-hook on .pylintrc :(
+# - cat .pylintrc | grep init-hook
+# - rm .pylintrc
+# - cp ci-cd/.pylintrc .
+# - cat .pylintrc | grep init-hook
+# ### RUN
+# - pylint src/
+# allow_failure: false
+
+# unit-tests:
+# stage: test
+# before_script:
+# - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
+# - pip3 install -r ci-cd/requirements.txt
+# script:
+# - echo "Running pep8 tests..."
+# - python3 -m pytest
+# allow_failure: false
+
+# ###
+# ### DOCS
+# ###
+# sphinx-docs:
+# stage: docs
+# before_script:
+# - pip3 install sphinx sphinx-rtd-theme
+# script:
+# - echo "Running sphinx-docs..."
+# - mkdir -vp $DOC_PATH_TMP
+# - cd $DOC_PATH_TMP
+# - sphinx-quickstart -p '$DOC_NAME' -a '$DOC_AUTHOR' -v '$DOC_VERSION' -l '$DOC_LANGUAGE' -q
+# - cd ..
+# - sphinx-apidoc -o $DOC_PATH_TMP .
+# - cd $DOC_PATH_TMP
+# - make html
+# artifacts:
+# paths:
+# - $DOC_PATH_TMP/*
+# # expire_in: '$DOC_RETENTION' # <--- DON'T WORK :(
+# expire_in: 1 day
+# allow_failure: false
+# only:
+# - main
+
+# ###
+# ### DEPLOY
+# ###
+# deploy:
+# stage: deploy
+# script:
+# - echo "Deploying the application..."
+# - echo "TODO --> where to deploy this?"
+# only:
+# - main
--
GitLab
From 12ec47118234d5270966135ce1a1d49a9ae12303 Mon Sep 17 00:00:00 2001
From: fejao <mail@fejao.de>
Date: Mon, 27 Jan 2025 20:12:23 +0100
Subject: [PATCH 4/6] Updating the .gitlab-ci.yml file
---
.gitlab-ci.yml | 5 +++--
requirements.txt | 1 +
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 6033b8e..8bcaf12 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,5 @@
-# image: python:3.10.15-bullseye
-image: ansible:latest
+image: python:3.10.15-bullseye
+# image: ansible:latest
variables:
TEST_VAR_BUILD: "Building the application..."
@@ -47,6 +47,7 @@ ansible-lint-test:
stage: test
before_script:
# - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
+ - apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
# - pip3 install -r ci-cd/requirements.txt
- pip3 install -r requirements.txt
script:
diff --git a/requirements.txt b/requirements.txt
index 7dca993..a42d9c6 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,3 @@
+ansible
ansible-dev-tools
ansible-lint
--
GitLab
From 3e0d152788f1ed2bc058f720ede52c0c3851c1ab Mon Sep 17 00:00:00 2001
From: fejao <mail@fejao.de>
Date: Mon, 27 Jan 2025 20:22:18 +0100
Subject: [PATCH 5/6] Updated the .gitlab-ci.yml file
---
.gitlab-ci.yml | 87 +++++++++++++-------------------------------------
1 file changed, 22 insertions(+), 65 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 8bcaf12..066904d 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -13,11 +13,14 @@ variables:
#####
#####
PLAYBOOK_NAME_FOR_ROLE_TEST: "playbook_example_01_test.yml"
+ PLAYBOOK_NAME_FOR_ROLE_DEPENDENCIES: "playbook_example_02_dependencies.yml"
+ PLAYBOOK_NAME_FOR_ROLE_CLONE_REPOSITORIES: "playbook_example_03_clone_repositories.yml"
stages:
- debug
- build
- test
+ - lint-tests
- docs
- deploy
@@ -44,77 +47,31 @@ build:
### TESTS
###
ansible-lint-test:
- stage: test
+ stage: lint-tests
before_script:
- # - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
- apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
- # - pip3 install -r ci-cd/requirements.txt
- pip3 install -r requirements.txt
script:
- echo "Running ansible-lint tests at the role-> 'test'"
- # - pycodestyle -v --config=./src/pycodestyle.cfg src/
- # - ansible-lint playbook_example_01_dependencies.yml
- ansible-lint $PLAYBOOK_NAME_FOR_ROLE_TEST
allow_failure: false
-# pylint:
-# stage: test
-# before_script:
-# - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
-# - pip3 install -r ci-cd/requirements.txt
-# script:
-# - echo "Running pylint tests..."
-# ### Fix pylint 'import-error' --> hardcode init-hook on .pylintrc :(
-# - cat .pylintrc | grep init-hook
-# - rm .pylintrc
-# - cp ci-cd/.pylintrc .
-# - cat .pylintrc | grep init-hook
-# ### RUN
-# - pylint src/
-# allow_failure: false
-
-# unit-tests:
-# stage: test
-# before_script:
-# - apt-get update && apt-get install -y python3-pip libcups2-dev && apt-get clean && rm -rf /var/lib/apt/lists/*
-# - pip3 install -r ci-cd/requirements.txt
-# script:
-# - echo "Running pep8 tests..."
-# - python3 -m pytest
-# allow_failure: false
-
-# ###
-# ### DOCS
-# ###
-# sphinx-docs:
-# stage: docs
-# before_script:
-# - pip3 install sphinx sphinx-rtd-theme
-# script:
-# - echo "Running sphinx-docs..."
-# - mkdir -vp $DOC_PATH_TMP
-# - cd $DOC_PATH_TMP
-# - sphinx-quickstart -p '$DOC_NAME' -a '$DOC_AUTHOR' -v '$DOC_VERSION' -l '$DOC_LANGUAGE' -q
-# - cd ..
-# - sphinx-apidoc -o $DOC_PATH_TMP .
-# - cd $DOC_PATH_TMP
-# - make html
-# artifacts:
-# paths:
-# - $DOC_PATH_TMP/*
-# # expire_in: '$DOC_RETENTION' # <--- DON'T WORK :(
-# expire_in: 1 day
-# allow_failure: false
-# only:
-# - main
+ansible-lint-dependencies:
+ stage: lint-tests
+ before_script:
+ - apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
+ - pip3 install -r requirements.txt
+ script:
+ - echo "Running ansible-lint tests at the role-> 'dependencies'"
+ - ansible-lint $PLAYBOOK_NAME_FOR_ROLE_DEPENDENCIES
+ allow_failure: false
-# ###
-# ### DEPLOY
-# ###
-# deploy:
-# stage: deploy
-# script:
-# - echo "Deploying the application..."
-# - echo "TODO --> where to deploy this?"
-# only:
-# - main
+ansible-lint-clone-repositories:
+ stage: lint-tests
+ before_script:
+ - apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
+ - pip3 install -r requirements.txt
+ script:
+ - echo "Running ansible-lint tests at the role-> 'clone_repositories'"
+ - ansible-lint $PLAYBOOK_NAME_FOR_ROLE_CLONE_REPOSITORIES
+ allow_failure: false
--
GitLab
From c825a3fc2dedfc9cc44e2bc01480556786fd91d8 Mon Sep 17 00:00:00 2001
From: fejao <mail@fejao.de>
Date: Mon, 27 Jan 2025 20:36:36 +0100
Subject: [PATCH 6/6] Updating .gitlab-ci.yml file
---
.gitlab-ci.yml | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 066904d..cddcc6a 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -14,7 +14,7 @@ variables:
#####
PLAYBOOK_NAME_FOR_ROLE_TEST: "playbook_example_01_test.yml"
PLAYBOOK_NAME_FOR_ROLE_DEPENDENCIES: "playbook_example_02_dependencies.yml"
- PLAYBOOK_NAME_FOR_ROLE_CLONE_REPOSITORIES: "playbook_example_03_clone_repositories.yml"
+ # PLAYBOOK_NAME_FOR_ROLE_CLONE_REPOSITORIES: "playbook_example_03_clone_repositories.yml"
stages:
- debug
@@ -46,7 +46,7 @@ build:
###
### TESTS
###
-ansible-lint-test:
+role-test:
stage: lint-tests
before_script:
- apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
@@ -56,7 +56,7 @@ ansible-lint-test:
- ansible-lint $PLAYBOOK_NAME_FOR_ROLE_TEST
allow_failure: false
-ansible-lint-dependencies:
+role-dependencies:
stage: lint-tests
before_script:
- apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
@@ -66,12 +66,12 @@ ansible-lint-dependencies:
- ansible-lint $PLAYBOOK_NAME_FOR_ROLE_DEPENDENCIES
allow_failure: false
-ansible-lint-clone-repositories:
- stage: lint-tests
- before_script:
- - apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
- - pip3 install -r requirements.txt
- script:
- - echo "Running ansible-lint tests at the role-> 'clone_repositories'"
- - ansible-lint $PLAYBOOK_NAME_FOR_ROLE_CLONE_REPOSITORIES
- allow_failure: false
+# role-clone-repositories:
+# stage: lint-tests
+# before_script:
+# - apt-get update && apt-get install -y python3-pip && apt-get clean && rm -rf /var/lib/apt/lists/*
+# - pip3 install -r requirements.txt
+# script:
+# - echo "Running ansible-lint tests at the role-> 'clone_repositories'"
+# - ansible-lint $PLAYBOOK_NAME_FOR_ROLE_CLONE_REPOSITORIES
+# allow_failure: false
--
GitLab