diff --git a/galaxy.yml b/galaxy.yml index 5285a76..e849d7f 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,7 +1,7 @@ namespace: "robertdebock" name: "development_environment" description: Install everything you need to develop Ansible roles. -version: "2.2.2" +version: "2.2.4" readme: "README.md" authors: - "Robert de Bock" diff --git a/roles/ansible/.ansible-lint b/roles/ansible/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/ansible/.ansible-lint +++ b/roles/ansible/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/ansible/.github/ISSUE_TEMPLATE/bug_report.md b/roles/ansible/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/ansible/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/ansible/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/ansible/.github/workflows/galaxy.yml b/roles/ansible/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/ansible/.github/workflows/galaxy.yml +++ b/roles/ansible/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/ansible/.github/workflows/molecule.yml b/roles/ansible/.github/workflows/molecule.yml index 711c0ee..f0b406a 100644 --- a/roles/ansible/.github/workflows/molecule.yml +++ b/roles/ansible/.github/workflows/molecule.yml @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -35,20 +35,24 @@ jobs: config: - image: "alpine" tag: "latest" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -61,7 +65,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/ansible/.gitignore b/roles/ansible/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/ansible/.gitignore +++ b/roles/ansible/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/ansible/.travis.yml b/roles/ansible/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/ansible/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/ansible/LICENSE b/roles/ansible/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/ansible/LICENSE +++ b/roles/ansible/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/ansible/README.md b/roles/ansible/README.md index e5f0d3a..0170cdf 100644 --- a/roles/ansible/README.md +++ b/roles/ansible/README.md @@ -8,7 +8,7 @@ Install and configure ansible on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.ansible ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -39,7 +39,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for ansible @@ -61,16 +61,16 @@ ansible_configuration: - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-ansible/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) -| [robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| +|[robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip)| ## [Context](#context) @@ -87,10 +87,10 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |el|8| -|debian|buster, bullseye| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -98,14 +98,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| amazonlinux:1 | No package matching 'python3-pip' | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-ansible/issues) @@ -113,7 +105,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/ansible/meta/.galaxy_install_info b/roles/ansible/meta/.galaxy_install_info index 600039b..ed1483a 100644 --- a/roles/ansible/meta/.galaxy_install_info +++ b/roles/ansible/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:14 2021 -version: 3.0.2 +install_date: Wed Aug 3 07:06:57 2022 +version: 3.1.4 diff --git a/roles/ansible/meta/exception.yml b/roles/ansible/meta/exception.yml deleted file mode 100644 index 95e813f..0000000 --- a/roles/ansible/meta/exception.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -exceptions: - - variation: amazonlinux:1 - reason: "No package matching 'python3-pip'" diff --git a/roles/ansible/meta/main.yml b/roles/ansible/meta/main.yml index 9620ceb..77cb709 100644 --- a/roles/ansible/meta/main.yml +++ b/roles/ansible/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: ansible description: Install and configure ansible on your system. license: Apache-2.0 @@ -16,8 +17,7 @@ galaxy_info: - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -26,8 +26,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - ansible diff --git a/roles/ansible/molecule/default/molecule.yml b/roles/ansible/molecule/default/molecule.yml index 6240c30..cd64e40 100644 --- a/roles/ansible/molecule/default/molecule.yml +++ b/roles/ansible/molecule/default/molecule.yml @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/ansible/molecule/default/verify.yml b/roles/ansible/molecule/default/verify.yml index 4733d21..ed0f522 100644 --- a/roles/ansible/molecule/default/verify.yml +++ b/roles/ansible/molecule/default/verify.yml @@ -6,6 +6,7 @@ tasks: - name: run ansible - shell: ansible --version > ansible.version + ansible.builtin.shell: + cmd: ansible --version > ansible.version args: creates: ansible.version diff --git a/roles/ansible/tasks/main.yml b/roles/ansible/tasks/main.yml index 738c030..c1f2d53 100644 --- a/roles/ansible/tasks/main.yml +++ b/roles/ansible/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for ansible -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost diff --git a/roles/ansible/tox.ini b/roles/ansible/tox.ini index f57553b..88f8545 100644 --- a/roles/ansible/tox.ini +++ b/roles/ansible/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/ansible_lint/.ansible-lint b/roles/ansible_lint/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/ansible_lint/.ansible-lint +++ b/roles/ansible_lint/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/ansible_lint/.github/ISSUE_TEMPLATE/bug_report.md b/roles/ansible_lint/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/ansible_lint/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/ansible_lint/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/ansible_lint/.github/workflows/galaxy.yml b/roles/ansible_lint/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/ansible_lint/.github/workflows/galaxy.yml +++ b/roles/ansible_lint/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/ansible_lint/.github/workflows/molecule.yml b/roles/ansible_lint/.github/workflows/molecule.yml index 1fcbed7..0754332 100644 --- a/roles/ansible_lint/.github/workflows/molecule.yml +++ b/roles/ansible_lint/.github/workflows/molecule.yml @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -33,18 +33,22 @@ jobs: fail-fast: false matrix: config: - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -57,7 +61,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/ansible_lint/.gitignore b/roles/ansible_lint/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/ansible_lint/.gitignore +++ b/roles/ansible_lint/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/ansible_lint/.travis.yml b/roles/ansible_lint/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/ansible_lint/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/ansible_lint/LICENSE b/roles/ansible_lint/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/ansible_lint/LICENSE +++ b/roles/ansible_lint/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/ansible_lint/README.md b/roles/ansible_lint/README.md index 71300a7..749163b 100644 --- a/roles/ansible_lint/README.md +++ b/roles/ansible_lint/README.md @@ -8,7 +8,7 @@ Install ansible-lint on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.ansible_lint ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -42,16 +42,16 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-ansible_lint/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) -| [robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| +|[robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip)| ## [Context](#context) @@ -69,7 +69,7 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |el|8| |debian|all| |fedora|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -77,15 +77,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| amazonlinux:1 | No package matching 'python3-pip' | -| amazonlinux | No module named pkg_resources | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-ansible_lint/issues) @@ -93,7 +84,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/ansible_lint/meta/.galaxy_install_info b/roles/ansible_lint/meta/.galaxy_install_info index 2af0e02..61907a2 100644 --- a/roles/ansible_lint/meta/.galaxy_install_info +++ b/roles/ansible_lint/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:18 2021 -version: 3.0.1 +install_date: Wed Aug 3 07:06:59 2022 +version: 3.1.2 diff --git a/roles/ansible_lint/meta/exception.yml b/roles/ansible_lint/meta/exception.yml deleted file mode 100644 index 0f73f3c..0000000 --- a/roles/ansible_lint/meta/exception.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -exceptions: - - variation: amazonlinux:1 - reason: "No package matching 'python3-pip'" - - variation: amazonlinux - reason: "No module named pkg_resources" diff --git a/roles/ansible_lint/meta/main.yml b/roles/ansible_lint/meta/main.yml index 53b5281..c3ffbc9 100644 --- a/roles/ansible_lint/meta/main.yml +++ b/roles/ansible_lint/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: ansible_lint description: Install ansible-lint on your system. license: Apache-2.0 @@ -19,8 +20,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - ansiblelint diff --git a/roles/ansible_lint/molecule/default/molecule.yml b/roles/ansible_lint/molecule/default/molecule.yml index e40d794..03c3f5d 100644 --- a/roles/ansible_lint/molecule/default/molecule.yml +++ b/roles/ansible_lint/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -13,7 +14,7 @@ lint: | driver: name: docker platforms: - - name: "ansible_lint-${image:-fedora}-${tag:-latest}${TOX_ENVNAME}" + - name: "ansiblelint-${image:-fedora}-${tag:-latest}${TOX_ENVNAME}" image: "${namespace:-robertdebock}/${image:-fedora}:${tag:-latest}" command: /sbin/init volumes: @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/ansible_lint/molecule/default/verify.yml b/roles/ansible_lint/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/ansible_lint/molecule/default/verify.yml +++ b/roles/ansible_lint/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/ansible_lint/requirements.yml b/roles/ansible_lint/requirements.yml index d7e7d73..73c9163 100644 --- a/roles/ansible_lint/requirements.yml +++ b/roles/ansible_lint/requirements.yml @@ -4,3 +4,4 @@ roles: - name: robertdebock.buildtools - name: robertdebock.epel - name: robertdebock.python_pip +collections: diff --git a/roles/ansible_lint/tox.ini b/roles/ansible_lint/tox.ini index f57553b..88f8545 100644 --- a/roles/ansible_lint/tox.ini +++ b/roles/ansible_lint/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/ara/.ansible-lint b/roles/ara/.ansible-lint index 7a17121..22c6c7e 100644 --- a/roles/ara/.ansible-lint +++ b/roles/ara/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/ara/.github/ISSUE_TEMPLATE/bug_report.md b/roles/ara/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/ara/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/ara/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/ara/.github/workflows/molecule.yml b/roles/ara/.github/workflows/molecule.yml index b6587d7..e42e499 100644 --- a/roles/ara/.github/workflows/molecule.yml +++ b/roles/ara/.github/workflows/molecule.yml @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@2.7.2 with: command: lint test: @@ -33,16 +33,18 @@ jobs: fail-fast: false matrix: config: - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "34" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" tag: "bionic" steps: @@ -55,7 +57,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@2.7.2 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/ara/.gitignore b/roles/ara/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/ara/.gitignore +++ b/roles/ara/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/ara/.travis.yml b/roles/ara/.travis.yml index 21201e1..3fcce0a 100644 --- a/roles/ara/.travis.yml +++ b/roles/ara/.travis.yml @@ -18,8 +18,7 @@ cache: install: - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint + - pip install ansible ansible-lint yamllint script: - yamllint . diff --git a/roles/ara/README.md b/roles/ara/README.md index d8c04ce..ac1dba0 100644 --- a/roles/ara/README.md +++ b/roles/ara/README.md @@ -8,7 +8,7 @@ Install and configure ara on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.ara ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -39,7 +39,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for ara @@ -66,17 +66,17 @@ ara_user: root - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-ara/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) -| [robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip) -| [robertdebock.service](https://galaxy.ansible.com/robertdebock/service) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-service/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-service/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-service/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-service) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| +|[robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip)| +|[robertdebock.service](https://galaxy.ansible.com/robertdebock/service)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-service/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-service/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-service/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-service)| ## [Context](#context) @@ -92,7 +92,7 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| |el|8| -|debian|buster, bullseye| +|debian|all| |fedora|all| |ubuntu|bionic| @@ -104,7 +104,7 @@ The minimum version of Ansible required is 2.10, tests have been done to: ## [Exceptions](#exceptions) -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: +Some roles can't run on a specific distribution or version. Here are some exceptions. | variation | reason | |---------------------------|------------------------| @@ -120,7 +120,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/ara/handlers/main.yml b/roles/ara/handlers/main.yml index a87f64a..a40e7ed 100644 --- a/roles/ara/handlers/main.yml +++ b/roles/ara/handlers/main.yml @@ -6,6 +6,7 @@ name: ara state: restarted become: yes + become_user: root when: - not ansible_check_mode | bool @@ -13,5 +14,6 @@ ansible.builtin.systemd: daemon_reload: yes become: yes + become_user: root notify: - restart ara diff --git a/roles/ara/meta/.galaxy_install_info b/roles/ara/meta/.galaxy_install_info index 166850e..87d1cce 100644 --- a/roles/ara/meta/.galaxy_install_info +++ b/roles/ara/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:21 2021 -version: 3.0.3 +install_date: Wed Aug 3 07:07:01 2022 +version: 3.1.1 diff --git a/roles/ara/meta/main.yml b/roles/ara/meta/main.yml index ea8d1df..4a7b9ae 100644 --- a/roles/ara/meta/main.yml +++ b/roles/ara/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: ara description: Install and configure ara on your system. license: Apache-2.0 @@ -13,8 +14,7 @@ galaxy_info: - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all diff --git a/roles/ara/molecule/default/molecule.yml b/roles/ara/molecule/default/molecule.yml index 7cbac1b..937f201 100644 --- a/roles/ara/molecule/default/molecule.yml +++ b/roles/ara/molecule/default/molecule.yml @@ -6,11 +6,11 @@ dependency: name: galaxy options: role-file: requirements.yml - requirements-file: requirements.yml lint: | set -e yamllint . ansible-lint + ansible-later driver: name: docker platforms: @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/ara/molecule/default/verify.yml b/roles/ara/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/ara/molecule/default/verify.yml +++ b/roles/ara/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/ara/tasks/main.yml b/roles/ara/tasks/main.yml index 5d3277a..4c6514f 100644 --- a/roles/ara/tasks/main.yml +++ b/roles/ara/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for ara -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -24,11 +24,11 @@ - name: find callback_plugins path block: - name: try python2 - ansible.builtin.command: "{{ ara_setup_command_python2 }}" + ansible.builtin.command: + cmd: "{{ ara_setup_command_python2 }}" register: ara_callback_plugins changed_when: no check_mode: no - rescue: - name: try python3 ansible.builtin.command: "{{ ara_setup_command_python3 }}" diff --git a/roles/ara/tox.ini b/roles/ara/tox.ini index f57553b..c1ade81 100644 --- a/roles/ara/tox.ini +++ b/roles/ara/tox.ini @@ -3,16 +3,15 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{39}-ansible-{2.9,2.10,2.11} skipsdist = true [testenv] deps = 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 2.10: ansible-base == 2.10.* + 2.11: ansible-core == 2.11.* molecule[docker] docker == 4.* ansible-lint == 5.* @@ -23,4 +22,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/ara/vars/main.yml b/roles/ara/vars/main.yml index 666fdaf..48c04ca 100644 --- a/roles/ara/vars/main.yml +++ b/roles/ara/vars/main.yml @@ -4,9 +4,10 @@ _ara_binary_location: default: /usr/bin Debian: /usr/local/bin - RedHat: /usr/local/bin + RedHat: &redhat_binary_location /usr/local/bin + Rocky: *redhat_binary_location -ara_binary_location: "{{ _ara_binary_location[ansible_os_family] | default(_ara_binary_location['default']) }}" +ara_binary_location: "{{ _ara_binary_location[ansible_os_family] | default(_ara_binary_location['default'] ) }}" ara_setup_command_python2: python -m ara.setup.callback_plugins ara_setup_command_python3: python3 -m ara.setup.callback_plugins diff --git a/roles/atom/.ansible-lint b/roles/atom/.ansible-lint index 7a17121..22c6c7e 100644 --- a/roles/atom/.ansible-lint +++ b/roles/atom/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/atom/.github/ISSUE_TEMPLATE/bug_report.md b/roles/atom/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/atom/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/atom/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/atom/.github/workflows/molecule.yml b/roles/atom/.github/workflows/molecule.yml index 54b2c5e..70cde0e 100644 --- a/roles/atom/.github/workflows/molecule.yml +++ b/roles/atom/.github/workflows/molecule.yml @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@2.7.2 with: command: lint test: @@ -33,16 +33,18 @@ jobs: fail-fast: false matrix: config: - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" + - image: "debian" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "34" - image: "fedora" tag: "latest" - - image: "opensuse" - tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" tag: "latest" - image: "ubuntu" @@ -57,7 +59,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@2.7.2 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/atom/.gitignore b/roles/atom/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/atom/.gitignore +++ b/roles/atom/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/atom/.travis.yml b/roles/atom/.travis.yml index 21201e1..3fcce0a 100644 --- a/roles/atom/.travis.yml +++ b/roles/atom/.travis.yml @@ -18,8 +18,7 @@ cache: install: - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint + - pip install ansible ansible-lint yamllint script: - yamllint . diff --git a/roles/atom/README.md b/roles/atom/README.md index f21b6ea..e8b89c6 100644 --- a/roles/atom/README.md +++ b/roles/atom/README.md @@ -8,7 +8,7 @@ Install atom on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.atom ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -36,7 +36,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for atom @@ -52,13 +52,13 @@ atom_apm_packages: - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-atom/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -74,10 +74,9 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| |el|8| -|debian|buster| +|debian|all| |fedora|all| -|opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -87,7 +86,7 @@ The minimum version of Ansible required is 2.10, tests have been done to: ## [Exceptions](#exceptions) -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: +Some roles can't run on a specific distribution or version. Here are some exceptions. | variation | reason | |---------------------------|------------------------| @@ -102,7 +101,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/atom/meta/.galaxy_install_info b/roles/atom/meta/.galaxy_install_info index aec17fd..d93decf 100644 --- a/roles/atom/meta/.galaxy_install_info +++ b/roles/atom/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:24 2021 -version: 3.0.3 +install_date: Wed Aug 3 07:07:03 2022 +version: 3.1.3 diff --git a/roles/atom/meta/main.yml b/roles/atom/meta/main.yml index 23ef5f7..697984d 100644 --- a/roles/atom/meta/main.yml +++ b/roles/atom/meta/main.yml @@ -13,18 +13,14 @@ galaxy_info: versions: - 8 - name: Debian - versions: - - buster - - name: Fedora versions: - all - - name: OpenSUSE + - name: Fedora versions: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - atom diff --git a/roles/atom/molecule/default/molecule.yml b/roles/atom/molecule/default/molecule.yml index 60cbc1e..c2f839a 100644 --- a/roles/atom/molecule/default/molecule.yml +++ b/roles/atom/molecule/default/molecule.yml @@ -6,11 +6,11 @@ dependency: name: galaxy options: role-file: requirements.yml - requirements-file: requirements.yml lint: | set -e yamllint . ansible-lint + ansible-later driver: name: docker platforms: @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/atom/molecule/default/verify.yml b/roles/atom/molecule/default/verify.yml index 303c2a7..4e7f052 100644 --- a/roles/atom/molecule/default/verify.yml +++ b/roles/atom/molecule/default/verify.yml @@ -6,4 +6,8 @@ tasks: - name: check if atom exists works - command: file /usr/bin/atom + ansible.builtin.stat: + path: /usr/bin/atom + register: atom_test_one + failed_when: + - not atom_test_one.stat.exists diff --git a/roles/atom/tasks/main.yml b/roles/atom/tasks/main.yml index 567f8e9..54aaf2b 100644 --- a/roles/atom/tasks/main.yml +++ b/roles/atom/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for atom -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -18,7 +18,7 @@ ansible.builtin.get_url: url: "{{ atom_package_url }}" dest: "/tmp/{{ atom_package }}" - checksum: "{{ atom_checksum }}" + # checksum: "{{ atom_checksum }}" validate_certs: no when: - ansible_pkg_mgr in [ "apt", "dnf", "yum", "zypper" ] @@ -55,7 +55,7 @@ - ansible_pkg_mgr == "zypper" - name: install apm packages - ansible.builtin.command: apm install {{ item }} - args: + ansible.builtin.command: + cmd: apm install {{ item }} creates: /root/.atom/packages/linter loop: "{{ atom_apm_packages }}" diff --git a/roles/atom/tox.ini b/roles/atom/tox.ini index f57553b..c1ade81 100644 --- a/roles/atom/tox.ini +++ b/roles/atom/tox.ini @@ -3,16 +3,15 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{39}-ansible-{2.9,2.10,2.11} skipsdist = true [testenv] deps = 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 2.10: ansible-base == 2.10.* + 2.11: ansible-core == 2.11.* molecule[docker] docker == 4.* ansible-lint == 5.* @@ -23,4 +22,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/atom/vars/main.yml b/roles/atom/vars/main.yml index f637038..7543b1e 100644 --- a/roles/atom/vars/main.yml +++ b/roles/atom/vars/main.yml @@ -19,14 +19,3 @@ _atom_package: atom_package_url: '{{ _atom_package[ansible_pkg_mgr]["url"] }}' atom_package: "{{ _atom_package[ansible_pkg_mgr]['name'] }}" - -# The checksum of the downloaded artifact, this speeds up the execution of the -# role on second runs as it calculates the (local) checksum and uses the results -# to see if the artifact would need to be downloaded again. -_atom_checksum: - dnf: &rpmchecksum "sha256:e68d293033741f1f76650b73ea896dbfa94f2ebcaef9330a25001362f5523b7e" - yum: *rpmchecksum - zypper: *rpmchecksum - apt: "sha256:e1c650fcfdfc09aafef0ecfe041d254ad9007fb3ca797dafd21c8333fd0b1340" - -atom_checksum: "{{ _atom_checksum[ansible_pkg_mgr] }}" diff --git a/roles/bootstrap/.ansible-lint b/roles/bootstrap/.ansible-lint index 7a17121..22c6c7e 100644 --- a/roles/bootstrap/.ansible-lint +++ b/roles/bootstrap/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/bootstrap/.github/ISSUE_TEMPLATE/bug_report.md b/roles/bootstrap/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/bootstrap/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/bootstrap/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/bootstrap/.github/workflows/molecule.yml b/roles/bootstrap/.github/workflows/molecule.yml index dd9107f..96a8167 100644 --- a/roles/bootstrap/.github/workflows/molecule.yml +++ b/roles/bootstrap/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '2 2 2 * *' + - cron: '3 2 2 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -33,20 +33,24 @@ jobs: fail-fast: false matrix: config: + - image: "alpine" + tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" + - image: "enterpriselinux" tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "34" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" @@ -63,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/bootstrap/.gitignore b/roles/bootstrap/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/bootstrap/.gitignore +++ b/roles/bootstrap/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/bootstrap/.travis.yml b/roles/bootstrap/.travis.yml index 21201e1..3fcce0a 100644 --- a/roles/bootstrap/.travis.yml +++ b/roles/bootstrap/.travis.yml @@ -18,8 +18,7 @@ cache: install: - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint + - pip install ansible ansible-lint yamllint script: - yamllint . diff --git a/roles/bootstrap/LICENSE b/roles/bootstrap/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/bootstrap/LICENSE +++ b/roles/bootstrap/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/bootstrap/README.md b/roles/bootstrap/README.md index fd155f5..e4e165f 100644 --- a/roles/bootstrap/README.md +++ b/roles/bootstrap/README.md @@ -8,12 +8,19 @@ Prepare your system to be managed by Ansible. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge hosts: all - become: yes + # This role installs packages using the `raw` module and needs to connect as + # `root`. (`sudo` is not available before bootstrapping.) All tasks in the + # role have `become` set to `no`, so you can use either `no` or `yes` for + # `become`, the role will not use become (so `sudo`) for any task. + become: yes # `no` will also work. + # This role installs python, gathering facts can't be done before `python` is + # installed. This role runs the `setup` module, so facts will be available + # after running the role. gather_facts: no roles: @@ -24,14 +31,11 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for bootstrap -# The user to use to connect to machines. -bootstrap_user: root - # Do you want to wait for the host to be available? bootstrap_wait_for_host: no @@ -57,12 +61,13 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| +|alpine|all| |amazon|Candidate| |el|7, 8| |debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -72,7 +77,7 @@ The minimum version of Ansible required is 2.10, tests have been done to: ## [Exceptions](#exceptions) -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: +Some roles can't run on a specific distribution or version. Here are some exceptions. | variation | reason | |---------------------------|------------------------| @@ -85,17 +90,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [rembik](https://github.com/rembik) -- [jellevandehaterd](https://github.com/jellevandehaterd) -- [fzarifian](https://github.com/fzarifian) -- [kmonticolo](https://github.com/kmonticolo) -- [CrystalStiletto](https://github.com/CrystalStiletto) -- [infothrill](https://github.com/infothrill) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/bootstrap/defaults/main.yml b/roles/bootstrap/defaults/main.yml index 6c8972a..6791ca5 100644 --- a/roles/bootstrap/defaults/main.yml +++ b/roles/bootstrap/defaults/main.yml @@ -1,9 +1,6 @@ --- # defaults file for bootstrap -# The user to use to connect to machines. -bootstrap_user: root - # Do you want to wait for the host to be available? bootstrap_wait_for_host: no diff --git a/roles/bootstrap/meta/.galaxy_install_info b/roles/bootstrap/meta/.galaxy_install_info index bf763d7..189483c 100644 --- a/roles/bootstrap/meta/.galaxy_install_info +++ b/roles/bootstrap/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:27 2021 -version: 5.0.3 +install_date: Wed Aug 3 07:07:05 2022 +version: 6.0.3 diff --git a/roles/bootstrap/meta/main.yml b/roles/bootstrap/meta/main.yml index 22b8b53..a7958ce 100644 --- a/roles/bootstrap/meta/main.yml +++ b/roles/bootstrap/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: bootstrap description: Prepare your system to be managed by Ansible. license: Apache-2.0 @@ -8,10 +9,9 @@ galaxy_info: min_ansible_version: "2.10" platforms: - # Broken: idempotence, gather_facts: Failed to create temporary directory. - # - name: Alpine - # versions: - # - all + - name: Alpine + versions: + - all - name: Amazon versions: - Candidate @@ -30,8 +30,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - bootstrap diff --git a/roles/bootstrap/molecule/default/converge.yml b/roles/bootstrap/molecule/default/converge.yml index 3cd3d54..44852b5 100644 --- a/roles/bootstrap/molecule/default/converge.yml +++ b/roles/bootstrap/molecule/default/converge.yml @@ -1,7 +1,14 @@ --- - name: Converge hosts: all - become: yes + # This role installs packages using the `raw` module and needs to connect as + # `root`. (`sudo` is not available before bootstrapping.) All tasks in the + # role have `become` set to `no`, so you can use either `no` or `yes` for + # `become`, the role will not use become (so `sudo`) for any task. + become: yes # `no` will also work. + # This role installs python, gathering facts can't be done before `python` is + # installed. This role runs the `setup` module, so facts will be available + # after running the role. gather_facts: no roles: diff --git a/roles/bootstrap/molecule/default/molecule.yml b/roles/bootstrap/molecule/default/molecule.yml index 82a49e1..1e24c87 100644 --- a/roles/bootstrap/molecule/default/molecule.yml +++ b/roles/bootstrap/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/bootstrap/molecule/default/verify.yml b/roles/bootstrap/molecule/default/verify.yml index ff3ec4e..4eb13b9 100644 --- a/roles/bootstrap/molecule/default/verify.yml +++ b/roles/bootstrap/molecule/default/verify.yml @@ -6,9 +6,9 @@ tasks: - name: test connection - ping: + ansible.builtin.ping: - name: try the package module - package: + ansible.builtin.package: name: gzip state: present diff --git a/roles/bootstrap/tasks/assert.yml b/roles/bootstrap/tasks/assert.yml index 7e50081..4e0b3c0 100644 --- a/roles/bootstrap/tasks/assert.yml +++ b/roles/bootstrap/tasks/assert.yml @@ -1,12 +1,5 @@ --- -- name: test if bootstrap_user is set correctly - ansible.builtin.assert: - that: - - bootstrap_user is defined - - bootstrap_user is string - quiet: yes - - name: test if bootstrap_wait_for_host is set correctly ansible.builtin.assert: that: diff --git a/roles/bootstrap/tasks/gather_facts.yml b/roles/bootstrap/tasks/gather_facts.yml index e9bb2bf..310a164 100644 --- a/roles/bootstrap/tasks/gather_facts.yml +++ b/roles/bootstrap/tasks/gather_facts.yml @@ -1,12 +1,11 @@ --- + - name: lookup bootstrap facts - become: no ansible.builtin.raw: "cat /etc/os-release" + become: no check_mode: no register: bootstrap_facts changed_when: no - vars: - ansible_user: "{{ bootstrap_user }}" - name: set bootstrap facts (I) ansible.builtin.set_fact: @@ -18,6 +17,7 @@ - bootstrap_facts.rc == 0 - bootstrap_distribution is not defined - bootstrap_facts.stdout is regex('PRETTY_NAME=.'~ bootstrap_search[item] | default(item) ~'.*') + become: no - name: set bootstrap facts (II) ansible.builtin.set_fact: @@ -27,3 +27,4 @@ label: "{{ item.key }}" when: - bootstrap_distribution in item.value + become: no diff --git a/roles/bootstrap/tasks/main.yml b/roles/bootstrap/tasks/main.yml index 9d0134d..43c2bc0 100644 --- a/roles/bootstrap/tasks/main.yml +++ b/roles/bootstrap/tasks/main.yml @@ -1,20 +1,19 @@ --- # tasks file for bootstrap -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost -- name: wait for host +- name: wait for port to be available ansible.builtin.wait_for: port: "{{ ansible_port | default('22') }}" - host: "{{ (ansible_ssh_host | default(ansible_host) | default(inventory_hostname)) }}" - connection: local + timeout: "{{ bootstrap_timeout }}" become: no when: - ansible_connection is defined - - ansible_connection not in [ "docker", "container" ] + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] - bootstrap_wait_for_host | bool - name: prepare system @@ -26,33 +25,28 @@ changed_when: no rescue: - name: gather bootstrap facts - ansible.builtin.include_tasks: gather_facts.yml + ansible.builtin.include_tasks: + file: gather_facts.yml - - name: install bootstrap packages + - name: install bootstrap packages (raw) ansible.builtin.raw: "{{ bootstrap_install.raw }}" register: bootstrap_install_packages changed_when: - (bootstrap_install.stdout_regex in bootstrap_install_packages.stdout and bootstrap_os_family in [ "Alpine", "Archlinux", "Gentoo" ]) or (bootstrap_install.stdout_regex not in bootstrap_install_packages.stdout and - bootstrap_os_family in [ "Debian", "RedHat", "Suse" ]) - vars: - ansible_user: "{{ bootstrap_user }}" - always: - - name: set bootstrap_ansible_user - ansible.builtin.set_fact: - bootstrap_ansible_user: "{{ ansible_user | default(omit) if bootstrap_connect is succeeded else bootstrap_user }}" - changed_when: no + bootstrap_os_family in [ "Debian", "RedHat", "Rocky", "Suse" ]) + become: no + - name: ensure system is prepared block: - name: gather ansible facts ansible.builtin.setup: - - name: install bootstrap packages + - name: install bootstrap packages (package) ansible.builtin.package: name: "{{ item }}" state: present loop: "{{ bootstrap_facts_packages.split() }}" - vars: - ansible_user: "{{ bootstrap_ansible_user | default(omit) }}" + become: no diff --git a/roles/bootstrap/tox.ini b/roles/bootstrap/tox.ini index f57553b..88f8545 100644 --- a/roles/bootstrap/tox.ini +++ b/roles/bootstrap/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/bootstrap/vars/main.yml b/roles/bootstrap/vars/main.yml index f5bc44a..0973917 100644 --- a/roles/bootstrap/vars/main.yml +++ b/roles/bootstrap/vars/main.yml @@ -6,7 +6,7 @@ _bootstrap_packages: Archlinux: python sudo Debian: python3 sudo gnupg python3-apt Gentoo: python sudo gentoolkit - RedHat: python3 sudo + RedHat: &redhat_packages python3 sudo Suse: python3 python3-xml sudo Amazon: python sudo CentOS_7: python sudo @@ -14,6 +14,11 @@ _bootstrap_packages: Debian_9: python sudo gnupg RedHat_7: python sudo +# Map the right set of packages, based on gathered bootstrap facts. +bootstrap_packages: "{{ _bootstrap_packages[bootstrap_distribution ~'_'~ bootstrap_distribution_major_version]|default( + _bootstrap_packages[bootstrap_distribution] )|default( + _bootstrap_packages[bootstrap_os_family] ) }}" + _bootstrap_install: Alpine: raw: "LANG=C apk update ; apk add {{ bootstrap_packages }}" @@ -35,18 +40,25 @@ _bootstrap_install: raw: "LANG=C zypper -n install {{ bootstrap_packages }}" stdout_regex: 'Nothing' +# Map the right install command, based on gathered bootstrap facts. +bootstrap_install: "{{ _bootstrap_install[bootstrap_distribution ~'_'~ bootstrap_distribution_major_version]|default( + _bootstrap_install[bootstrap_distribution] )|default( + _bootstrap_install[bootstrap_os_family] ) }}" + # See URL for available OS families and search queries # https://github.com/ansible/ansible/blob/devel/lib/ansible/module_utils/facts/system/distribution.py bootstrap_os_family_map: Alpine: [Alpine] Archlinux: [Archlinux, Antergos, Manjaro] Debian: [Debian, Ubuntu, Raspbian, Neon, KDE neon, - Linux Mint, SteamOS, Devuan, Kali, 'Cumulus Linux'] + Linux Mint, SteamOS, Devuan, Kali, Cumulus Linux, + 'Pop!_OS', Parrot, Pardus GNU/Linux] Gentoo: [Gentoo, Funtoo] RedHat: [RedHat, Fedora, CentOS, Scientific, SLC, - Ascendos, CloudLinux, PSBM, OracleLinux, OVS, - OEL, Amazon, Virtuozzo, XenServer, Alibaba] - Suse: [SLED, 'openSUSE Tumbleweed', 'openSUSE Leap', + Ascendos, CloudLinux, PSBM, Rocky, OracleLinux, + OVS, OEL, Amazon, Virtuozzo, XenServer, Alibaba, + EulerOS, openEuler, AlmaLinux] + Suse: [SLED, openSUSE Tumbleweed, openSUSE Leap, SLES_SAP, SUSE_LINUX, SLES, openSUSE, SuSE] bootstrap_search: @@ -54,17 +66,7 @@ bootstrap_search: OracleLinux: 'Oracle Linux' RedHat: 'Red Hat' -# Map the right set of packages, based on gathered bootstrap facts. -bootstrap_packages: "{{ _bootstrap_packages[bootstrap_distribution ~'_'~ bootstrap_distribution_major_version]|default( - _bootstrap_packages[bootstrap_distribution])|default( - _bootstrap_packages[bootstrap_os_family]) }}" - -# Map the right install command, based on gathered bootstrap facts. -bootstrap_install: "{{ _bootstrap_install[bootstrap_distribution ~'_'~ bootstrap_distribution_major_version]|default( - _bootstrap_install[bootstrap_distribution])|default( - _bootstrap_install[bootstrap_os_family]) }}" - # Map the right set of packages, based on gathered ansible_facts. bootstrap_facts_packages: "{{ _bootstrap_packages[ansible_distribution ~'_'~ ansible_distribution_major_version]|default( - _bootstrap_packages[ansible_distribution])|default( - _bootstrap_packages[ansible_os_family]) }}" + _bootstrap_packages[ansible_distribution] )|default( + _bootstrap_packages[ansible_os_family] ) }}" diff --git a/roles/buildtools/.ansible-lint b/roles/buildtools/.ansible-lint index 7a17121..4aa401e 100644 --- a/roles/buildtools/.ansible-lint +++ b/roles/buildtools/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml @@ -10,3 +10,5 @@ exclude_paths: - ./molecule/default/collections.yml - ./.tox - ./.cache + - ./.github + - ./requirements.yml diff --git a/roles/buildtools/.github/ISSUE_TEMPLATE/bug_report.md b/roles/buildtools/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/buildtools/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/buildtools/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/buildtools/.github/workflows/galaxy.yml b/roles/buildtools/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/buildtools/.github/workflows/galaxy.yml +++ b/roles/buildtools/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/buildtools/.github/workflows/molecule.yml b/roles/buildtools/.github/workflows/molecule.yml index 1334938..5db7507 100644 --- a/roles/buildtools/.github/workflows/molecule.yml +++ b/roles/buildtools/.github/workflows/molecule.yml @@ -11,20 +11,16 @@ on: - '*' pull_request: schedule: - - cron: '2 2 2 * *' + - cron: '3 2 2 * *' jobs: lint: runs-on: ubuntu-20.04 steps: - name: checkout - uses: actions/checkout@v2 - with: - path: "${{ github.repository }}" - - name: molecule - uses: robertdebock/molecule-action@2.6.16 - with: - command: lint + uses: actions/checkout@v3 + - name: ansible-lint + uses: ansible-community/ansible-lint-action@main test: needs: - lint @@ -37,27 +33,29 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: "${{ github.repository }}" - name: disable apparmor for mysql @@ -65,7 +63,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.8 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/buildtools/.gitignore b/roles/buildtools/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/buildtools/.gitignore +++ b/roles/buildtools/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/buildtools/.travis.yml b/roles/buildtools/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/buildtools/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/buildtools/LICENSE b/roles/buildtools/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/buildtools/LICENSE +++ b/roles/buildtools/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/buildtools/README.md b/roles/buildtools/README.md index 1c82beb..f77f32c 100644 --- a/roles/buildtools/README.md +++ b/roles/buildtools/README.md @@ -8,7 +8,7 @@ Install buildtools on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.buildtools ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -39,13 +39,13 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-buildtools/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -62,11 +62,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -74,14 +74,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| EL | No package matching 'bison' found available, installed or updated | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-buildtools/issues) @@ -89,7 +81,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/buildtools/meta/.galaxy_install_info b/roles/buildtools/meta/.galaxy_install_info index 05981e8..ea3380a 100644 --- a/roles/buildtools/meta/.galaxy_install_info +++ b/roles/buildtools/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:29 2021 -version: 3.0.1 +install_date: Wed Aug 3 07:07:07 2022 +version: 3.1.10 diff --git a/roles/buildtools/meta/exception.yml b/roles/buildtools/meta/exception.yml deleted file mode 100644 index 02f8e69..0000000 --- a/roles/buildtools/meta/exception.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -exceptions: - - variation: EL - reason: "No package matching 'bison' found available, installed or updated" diff --git a/roles/buildtools/meta/main.yml b/roles/buildtools/meta/main.yml index 69df952..7ef2391 100644 --- a/roles/buildtools/meta/main.yml +++ b/roles/buildtools/meta/main.yml @@ -1,6 +1,6 @@ --- galaxy_info: - author: Robert de Bock + author: robertdebock role_name: buildtools description: Install buildtools on your system. license: Apache-2.0 @@ -16,22 +16,19 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - - 8 + - "8" - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all - - name: OpenSUSE + - name: opensuse versions: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - development diff --git a/roles/buildtools/molecule/default/molecule.yml b/roles/buildtools/molecule/default/molecule.yml index 3f5da1e..2513eef 100644 --- a/roles/buildtools/molecule/default/molecule.yml +++ b/roles/buildtools/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/buildtools/molecule/default/verify.yml b/roles/buildtools/molecule/default/verify.yml index daf1c67..b8b3e7b 100644 --- a/roles/buildtools/molecule/default/verify.yml +++ b/roles/buildtools/molecule/default/verify.yml @@ -6,13 +6,17 @@ tasks: - name: run gcc - command: gcc --version + ansible.builtin.command: + cmd: gcc --version - name: run make - command: make --version + ansible.builtin.command: + cmd: make --version - name: run shasum - command: shasum --version + ansible.builtin.command: + cmd: shasum --version - name: run bison - command: bison --version + ansible.builtin.command: + cmd: bison --version diff --git a/roles/buildtools/requirements.yml b/roles/buildtools/requirements.yml index 11e3224..4aca381 100644 --- a/roles/buildtools/requirements.yml +++ b/roles/buildtools/requirements.yml @@ -1,3 +1,4 @@ --- roles: - name: robertdebock.bootstrap +collections: diff --git a/roles/buildtools/tox.ini b/roles/buildtools/tox.ini index f57553b..88f8545 100644 --- a/roles/buildtools/tox.ini +++ b/roles/buildtools/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/buildtools/vars/main.yml b/roles/buildtools/vars/main.yml index 192b0ef..68042c0 100644 --- a/roles/buildtools/vars/main.yml +++ b/roles/buildtools/vars/main.yml @@ -53,4 +53,4 @@ _buildtools_packages: - make - perl-Digest-SHA1 -buildtools_packages: "{{ _buildtools_packages[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_buildtools_packages[ansible_distribution] | default(_buildtools_packages[ansible_os_family] | default (_buildtools_packages['default']))) }}" +buildtools_packages: "{{ _buildtools_packages[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_buildtools_packages[ansible_distribution] | default(_buildtools_packages[ansible_os_family] | default (_buildtools_packages['default'] ))) }}" diff --git a/roles/common/.ansible-lint b/roles/common/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/common/.ansible-lint +++ b/roles/common/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/common/.github/ISSUE_TEMPLATE/bug_report.md b/roles/common/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/common/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/common/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/common/.github/workflows/galaxy.yml b/roles/common/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/common/.github/workflows/galaxy.yml +++ b/roles/common/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/common/.github/workflows/molecule.yml b/roles/common/.github/workflows/molecule.yml index ab65095..291aa44 100644 --- a/roles/common/.github/workflows/molecule.yml +++ b/roles/common/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '3 3 3 * *' + - cron: '5 3 3 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/common/.gitignore b/roles/common/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/common/.gitignore +++ b/roles/common/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/common/.travis.yml b/roles/common/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/common/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/common/INSTALL.md b/roles/common/INSTALL.md deleted file mode 100644 index b2bc1b1..0000000 --- a/roles/common/INSTALL.md +++ /dev/null @@ -1,21 +0,0 @@ -Installation -========= - -To use this Ansible role skeleton, as [described in Ansible Galaxy documentation](https://docs.ansible.com/ansible/latest/reference_appendices/galaxy.html#using-a-custom-role-skeleton): - -``` -export keep_trailing_newline=True -ansible-galaxy init --role-skeleton=/path/to/skeleton role_name -``` - -or add this to ansible.cfg: - -``` -[galaxy] -role_skeleton = /path/to/skeleton -role_skeleton_ignore = ^.git$,^.*/.git_keep$ -``` - -Followed by `ansible-galaxy init role_name`. - -Don't include `ansible-role` to the role name, for example use `java` instead of `ansible-role-java`. diff --git a/roles/common/LICENSE b/roles/common/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/common/LICENSE +++ b/roles/common/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/common/README.md b/roles/common/README.md index 51db327..cbfd4f8 100644 --- a/roles/common/README.md +++ b/roles/common/README.md @@ -8,7 +8,7 @@ The purpose of this role is to configure common things on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.common ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -36,7 +36,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for common @@ -60,13 +60,13 @@ common_reboot: yes - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-common/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -83,11 +83,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -95,14 +95,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| amazonlinux | set hostname: [Errno 2] No such file or directory: '/etc/sysconfig/network' | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-common/issues) @@ -110,12 +102,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [dmrub](https://github.com/dmrub) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/common/meta/.galaxy_install_info b/roles/common/meta/.galaxy_install_info index 849f418..be104c2 100644 --- a/roles/common/meta/.galaxy_install_info +++ b/roles/common/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:33 2021 -version: 4.0.2 +install_date: Wed Aug 3 07:07:10 2022 +version: 4.1.4 diff --git a/roles/common/meta/exception.yml b/roles/common/meta/exception.yml deleted file mode 100644 index 1c78591..0000000 --- a/roles/common/meta/exception.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -exceptions: - - variation: amazonlinux - reason: "set hostname: [Errno 2] No such file or directory: '/etc/sysconfig/network'" diff --git a/roles/common/meta/main.yml b/roles/common/meta/main.yml index 784cdc5..f6f1718 100644 --- a/roles/common/meta/main.yml +++ b/roles/common/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: common description: The purpose of this role is to configure common things on your system. license: Apache-2.0 @@ -16,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -30,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - common diff --git a/roles/common/molecule/default/molecule.yml b/roles/common/molecule/default/molecule.yml index 72dc57c..580e983 100644 --- a/roles/common/molecule/default/molecule.yml +++ b/roles/common/molecule/default/molecule.yml @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/common/molecule/default/verify.yml b/roles/common/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/common/molecule/default/verify.yml +++ b/roles/common/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 1a2e744..42c8b76 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for common -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -30,8 +30,7 @@ - gather facts when: - not common_check_for_network_manager.stat.exists - - ansible_connection != "docker" - + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] rescue: - name: comfort users ansible.builtin.debug: @@ -61,7 +60,7 @@ ansible.builtin.hostname: name: "{{ common_hostname }}" when: - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] notify: - reboot @@ -79,4 +78,4 @@ - "The file /etc/hosts could not be modified." - "This is likely because it is mapped from the Docker host to the Docker container." when: - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] diff --git a/roles/common/tox.ini b/roles/common/tox.ini index f57553b..88f8545 100644 --- a/roles/common/tox.ini +++ b/roles/common/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/common/vars/main.yml b/roles/common/vars/main.yml index 411c4c5..f60b56c 100644 --- a/roles/common/vars/main.yml +++ b/roles/common/vars/main.yml @@ -11,4 +11,4 @@ _common_requirements: CentOS: - dbus -common_requirements: "{{ _common_requirements[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_common_requirements[ansible_distribution] | default(_common_requirements['default'])) }}" +common_requirements: "{{ _common_requirements[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_common_requirements[ansible_distribution] | default(_common_requirements['default'] )) }}" diff --git a/roles/docker/.ansible-lint b/roles/docker/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/docker/.ansible-lint +++ b/roles/docker/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/docker/.github/ISSUE_TEMPLATE/bug_report.md b/roles/docker/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/docker/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/docker/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/docker/.github/workflows/galaxy.yml b/roles/docker/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/docker/.github/workflows/galaxy.yml +++ b/roles/docker/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/docker/.github/workflows/molecule.yml b/roles/docker/.github/workflows/molecule.yml index e93bf6c..919c577 100644 --- a/roles/docker/.github/workflows/molecule.yml +++ b/roles/docker/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '4 4 4 * *' + - cron: '7 4 4 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -35,18 +35,20 @@ jobs: config: - image: "alpine" tag: "latest" - - image: "centos" - tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -59,7 +61,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/docker/.gitignore b/roles/docker/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/docker/.gitignore +++ b/roles/docker/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/docker/.travis.yml b/roles/docker/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/docker/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/docker/LICENSE b/roles/docker/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/docker/LICENSE +++ b/roles/docker/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/docker/README.md b/roles/docker/README.md index c501aa5..28a598e 100644 --- a/roles/docker/README.md +++ b/roles/docker/README.md @@ -8,7 +8,7 @@ Install and configure Docker (non-CE) on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -18,9 +18,22 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea roles: - role: robertdebock.docker + docker_privileged_users: + - woody + - buzz + + tasks: + - name: Create test case users + ansible.builtin.user: + name: "{{ user }}" + loop: + - woody + - buzz + loop_control: + loop_var: user ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -38,22 +51,35 @@ The machine needs to be prepared in CI this is done using `molecule/resources/pr Also see a [full explanation and example](https://robertdebock.nl/how-to-use-these-roles.html) on how to use these roles. +## [Role Variables](#role-variables) + +The default values for the variables are set in `defaults/main.yml`: +```yaml +--- +# defaults file for docker + +# Add users to the privileged docker group. For example: +# docker_privileged_users: +# - UserA +# - UserB +docker_privileged_users: [] +``` ## [Requirements](#requirements) - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-docker/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) -| [robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| +|[robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip)| ## [Context](#context) @@ -69,10 +95,9 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| |alpine|all| -|el|8| -|debian|buster, bullseye| +|debian|all| |fedora|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -80,15 +105,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| Ubuntu | Unable to find any of pip2, pip to use. | -| amazonlinux | Required dependency (python_pip) does not work on amazonlinux. | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-docker/issues) @@ -96,7 +112,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index bd29ab8..3abffed 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -5,4 +5,4 @@ ansible.builtin.file: path: "{{ docker_socket }}" group: docker - mode: "0640" + mode: "0660" diff --git a/roles/docker/meta/.galaxy_install_info b/roles/docker/meta/.galaxy_install_info index 40336f7..e790c03 100644 --- a/roles/docker/meta/.galaxy_install_info +++ b/roles/docker/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:35 2021 -version: 3.0.0 +install_date: Wed Aug 3 07:07:12 2022 +version: 3.2.4 diff --git a/roles/docker/meta/exception.yml b/roles/docker/meta/exception.yml deleted file mode 100644 index 774cd36..0000000 --- a/roles/docker/meta/exception.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -exceptions: - - variation: Ubuntu - reason: "Unable to find any of pip2, pip to use." - - variation: amazonlinux - reason: "Required dependency (python_pip) does not work on amazonlinux." diff --git a/roles/docker/meta/main.yml b/roles/docker/meta/main.yml index 08f4bb3..fb6e248 100644 --- a/roles/docker/meta/main.yml +++ b/roles/docker/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: docker description: Install and configure Docker (non-CE) on your system. license: Apache-2.0 @@ -11,20 +12,15 @@ galaxy_info: - name: Alpine versions: - all - - name: EL - versions: - - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - docker diff --git a/roles/docker/meta/preferences.yml b/roles/docker/meta/preferences.yml index e7fdebf..f4de287 100644 --- a/roles/docker/meta/preferences.yml +++ b/roles/docker/meta/preferences.yml @@ -1,2 +1,3 @@ --- tox_parallel: yes +enterprise_linux: centos diff --git a/roles/docker/molecule/default/converge.yml b/roles/docker/molecule/default/converge.yml index bdbb251..6c9b0b2 100644 --- a/roles/docker/molecule/default/converge.yml +++ b/roles/docker/molecule/default/converge.yml @@ -6,3 +6,16 @@ roles: - role: ansible-role-docker + docker_privileged_users: + - woody + - buzz + + tasks: + - name: Create test case users + ansible.builtin.user: + name: "{{ user }}" + loop: + - woody + - buzz + loop_control: + loop_var: user diff --git a/roles/docker/molecule/default/molecule.yml b/roles/docker/molecule/default/molecule.yml index a01d6e6..531dddf 100644 --- a/roles/docker/molecule/default/molecule.yml +++ b/roles/docker/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/docker/molecule/default/verify.yml b/roles/docker/molecule/default/verify.yml index 091a21e..be7d6bd 100644 --- a/roles/docker/molecule/default/verify.yml +++ b/roles/docker/molecule/default/verify.yml @@ -5,11 +5,28 @@ gather_facts: no tasks: - - name: Create a container + - name: Check docker group configuration + ansible.builtin.lineinfile: + path: /etc/group + regex: '^docker:x:\d*:woody,buzz$' + state: absent + check_mode: yes + register: docker_group + changed_when: not docker_group is changed + failed_when: docker_group is changed + + - name: create a container docker_container: name: openssh image: robertdebock/docker-centos-openssh ports: - "2222:22" when: - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] + + - name: make sure we are not running podman + ansible.builtin.command: + cmd: docker --version + register: docker_test_one + failed_when: + - '"podman" in docker_test_one.stdout' diff --git a/roles/docker/requirements.yml b/roles/docker/requirements.yml index 672ffe7..fd6f2eb 100644 --- a/roles/docker/requirements.yml +++ b/roles/docker/requirements.yml @@ -5,3 +5,4 @@ roles: - name: robertdebock.core_dependencies - name: robertdebock.epel - name: robertdebock.python_pip +collections: diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index b26ce15..436af2c 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -11,10 +11,21 @@ name: "{{ docker_pip_packages }}" state: present -- name: add docker group +- name: create privileged docker user group ansible.builtin.group: name: docker - system: yes + state: present + +- name: add privileged users to the docker user group + ansible.builtin.user: + name: "{{ user }}" + groups: docker + append: yes + loop: "{{ docker_privileged_users }}" + loop_control: + loop_var: user + when: + - docker_privileged_users is defined - name: start and enable docker ansible.builtin.service: @@ -24,4 +35,4 @@ notify: - change group for docker socket when: - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] diff --git a/roles/docker/tox.ini b/roles/docker/tox.ini index f57553b..88f8545 100644 --- a/roles/docker/tox.ini +++ b/roles/docker/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/docker/vars/main.yml b/roles/docker/vars/main.yml index 22d3ac3..9f94ac5 100644 --- a/roles/docker/vars/main.yml +++ b/roles/docker/vars/main.yml @@ -4,28 +4,22 @@ _docker_packages: default: - docker - Alpine: - - docker - RedHat-7: - - docker-io - RedHat-8: - - podman-docker Debian: - docker.io + RedHat-7: + - docker-io + RedHat: + - moby-engine -docker_packages: "{{ _docker_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_docker_packages[ansible_os_family] | default(_docker_packages['default'])) }}" +docker_packages: "{{ _docker_packages[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_docker_packages[ansible_os_family] | default(_docker_packages['default'] )) }}" docker_pip_packages: - docker _docker_service: default: docker - RedHat-8: io.podman + RedHat: "docker" -docker_service: "{{ _docker_service[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_docker_service['default']) }}" +docker_service: "{{ _docker_service[ansible_os_family] | default(_docker_service['default'] ) }}" -_docker_socket: - default: /var/run/docker.sock - RedHat-8: /var/run/podman/io.podman - -docker_socket: "{{ _docker_socket[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_docker_socket['default']) }}" +docker_socket: /var/run/docker.sock diff --git a/roles/epel/.ansible-lint b/roles/epel/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/epel/.ansible-lint +++ b/roles/epel/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/epel/.github/ISSUE_TEMPLATE/bug_report.md b/roles/epel/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/epel/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/epel/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/epel/.github/workflows/galaxy.yml b/roles/epel/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/epel/.github/workflows/galaxy.yml +++ b/roles/epel/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/epel/.github/workflows/molecule.yml b/roles/epel/.github/workflows/molecule.yml index 7d57c9e..e3087f9 100644 --- a/roles/epel/.github/workflows/molecule.yml +++ b/roles/epel/.github/workflows/molecule.yml @@ -11,18 +11,18 @@ on: - '*' pull_request: schedule: - - cron: '5 5 5 * *' + - cron: '9 5 5 * *' jobs: lint: runs-on: ubuntu-20.04 steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -35,9 +35,9 @@ jobs: config: - image: "amazonlinux" tag: "latest" - - image: "centos" + - image: "enterpriselinux" tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" steps: - name: checkout @@ -49,7 +49,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/epel/.gitignore b/roles/epel/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/epel/.gitignore +++ b/roles/epel/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/epel/.travis.yml b/roles/epel/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/epel/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/epel/LICENSE b/roles/epel/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/epel/LICENSE +++ b/roles/epel/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/epel/README.md b/roles/epel/README.md index 824f87e..afe5878 100644 --- a/roles/epel/README.md +++ b/roles/epel/README.md @@ -8,7 +8,7 @@ Install epel on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.epel ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -39,13 +39,13 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-epel/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -70,16 +70,14 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-epel/issues) ## [License](#license) Apache-2.0 - ## [Author Information](#author-information) -[robertdebock](https://robertdebock.nl/) +[Robert de Bock](https://robertdebock.nl/) Please consider [sponsoring me](https://github.com/sponsors/robertdebock). diff --git a/roles/epel/handlers/main.yml b/roles/epel/handlers/main.yml index a5091ab..4acf3db 100644 --- a/roles/epel/handlers/main.yml +++ b/roles/epel/handlers/main.yml @@ -1,6 +1,6 @@ --- # handlers file for epel -- name: yum update cache - ansible.builtin.yum: +- name: update package cache + ansible.builtin.package: update_cache: yes diff --git a/roles/epel/meta/.galaxy_install_info b/roles/epel/meta/.galaxy_install_info index 1292ef8..6dfe983 100644 --- a/roles/epel/meta/.galaxy_install_info +++ b/roles/epel/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:38 2021 -version: 3.0.2 +install_date: Wed Aug 3 07:07:13 2022 +version: 4.0.0 diff --git a/roles/epel/meta/main.yml b/roles/epel/meta/main.yml index 3180474..756c754 100644 --- a/roles/epel/meta/main.yml +++ b/roles/epel/meta/main.yml @@ -1,7 +1,8 @@ --- galaxy_info: - author: robertdebock - ansible_role: epel + author: Robert de Bock + namespace: robertdebock + role_name: epel description: Install epel on your system. license: Apache-2.0 company: none diff --git a/roles/epel/molecule/default/molecule.yml b/roles/epel/molecule/default/molecule.yml index 868eb55..e9ecdd2 100644 --- a/roles/epel/molecule/default/molecule.yml +++ b/roles/epel/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/epel/molecule/default/verify.yml b/roles/epel/molecule/default/verify.yml index 8a418ca..1299785 100644 --- a/roles/epel/molecule/default/verify.yml +++ b/roles/epel/molecule/default/verify.yml @@ -6,6 +6,6 @@ tasks: - name: install a package from epel - package: + ansible.builtin.package: name: aalib state: present diff --git a/roles/epel/requirements.yml b/roles/epel/requirements.yml index 11e3224..4aca381 100644 --- a/roles/epel/requirements.yml +++ b/roles/epel/requirements.yml @@ -1,3 +1,4 @@ --- roles: - name: robertdebock.bootstrap +collections: diff --git a/roles/epel/tasks/main.yml b/roles/epel/tasks/main.yml index 4c3d691..aa1ff7d 100644 --- a/roles/epel/tasks/main.yml +++ b/roles/epel/tasks/main.yml @@ -13,9 +13,18 @@ name: "{{ epel_url }}" state: present notify: - - yum update cache + - update package cache + + - name: install epel-next-release + ansible.builtin.package: + name: "{{ epel_next_url }}" + state: present + when: + - epel_next + notify: + - update package cache when: - (ansible_distribution == "Amazon" and ansible_distribution_major_version == "2") or - (ansible_distribution in [ "CentOS", "RedHat" ] and + (ansible_os_family == "RedHat" and ansible_distribution_major_version in [ "7", "8" ]) diff --git a/roles/epel/tox.ini b/roles/epel/tox.ini index f57553b..88f8545 100644 --- a/roles/epel/tox.ini +++ b/roles/epel/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/epel/vars/main.yml b/roles/epel/vars/main.yml index 1b61542..71d4d50 100644 --- a/roles/epel/vars/main.yml +++ b/roles/epel/vars/main.yml @@ -6,8 +6,18 @@ _epel_version: Amazon-2018: 6 Amazon-2: 7 -epel_version: "{{ _epel_version[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_epel_version['default']) }}" +epel_version: "{{ _epel_version[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_epel_version['default'] ) }}" epel_url: "https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ epel_version }}.noarch.rpm" +epel_next_url: "https://dl.fedoraproject.org/pub/epel/epel-next-release-latest-{{ epel_version }}.noarch.rpm" + epel_gpg_key: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ epel_version }}" + +# Whether to install the new `epel-next` repository. This is only installed by default +# on CentOS Stream, as per https://docs.fedoraproject.org/en-US/epel/#_quickstart. +_epel_next: + default: no + Stream: yes + +epel_next: "{{ _epel_next[ansible_distribution_release] | default(_epel_next['default'] ) }}" diff --git a/roles/fail2ban/.ansible-lint b/roles/fail2ban/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/fail2ban/.ansible-lint +++ b/roles/fail2ban/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/fail2ban/.github/ISSUE_TEMPLATE/bug_report.md b/roles/fail2ban/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/fail2ban/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/fail2ban/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/fail2ban/.github/workflows/galaxy.yml b/roles/fail2ban/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/fail2ban/.github/workflows/galaxy.yml +++ b/roles/fail2ban/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/fail2ban/.github/workflows/molecule.yml b/roles/fail2ban/.github/workflows/molecule.yml index edd43ea..19cf11f 100644 --- a/roles/fail2ban/.github/workflows/molecule.yml +++ b/roles/fail2ban/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '6 6 6 * *' + - cron: '11 6 6 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -35,20 +35,22 @@ jobs: config: - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -61,7 +63,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/fail2ban/.gitignore b/roles/fail2ban/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/fail2ban/.gitignore +++ b/roles/fail2ban/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/fail2ban/.travis.yml b/roles/fail2ban/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/fail2ban/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/fail2ban/LICENSE b/roles/fail2ban/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/fail2ban/LICENSE +++ b/roles/fail2ban/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/fail2ban/README.md b/roles/fail2ban/README.md index 260c456..17df5df 100644 --- a/roles/fail2ban/README.md +++ b/roles/fail2ban/README.md @@ -8,7 +8,7 @@ Install and configure fail2ban on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.fail2ban ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -37,7 +37,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for fail2ban @@ -65,20 +65,23 @@ fail2ban_jail_configuration: [] # - option: ignoreself # value: "true" # section: DEFAULT + +# Path to directory containing filters to copy in filter.d +# fail2ban_filterd_path: ``` ## [Requirements](#requirements) - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-fail2ban/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| ## [Context](#context) @@ -94,10 +97,10 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -105,16 +108,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| alpine | Service `fail2ban' needs non existent service `logger' | -| amazonlinux:1 | Based on EL6, not supported since 2020Q4. | -| opensuse | The package fail2ban depends on python2, we switched to python3. | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-fail2ban/issues) @@ -122,14 +115,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [j8r](https://github.com/j8r) -- [Pandemonium1986](https://github.com/Pandemonium1986) -- [rgevaert](https://github.com/rgevaert) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/fail2ban/defaults/main.yml b/roles/fail2ban/defaults/main.yml index 4f68b47..5f777ff 100644 --- a/roles/fail2ban/defaults/main.yml +++ b/roles/fail2ban/defaults/main.yml @@ -24,3 +24,6 @@ fail2ban_jail_configuration: [] # - option: ignoreself # value: "true" # section: DEFAULT + +# Path to directory containing filters to copy in filter.d +# fail2ban_filterd_path: diff --git a/roles/fail2ban/meta/.galaxy_install_info b/roles/fail2ban/meta/.galaxy_install_info index 7b0b91d..f5b796b 100644 --- a/roles/fail2ban/meta/.galaxy_install_info +++ b/roles/fail2ban/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:40 2021 -version: 4.0.0 +install_date: Wed Aug 3 07:07:15 2022 +version: 4.2.3 diff --git a/roles/fail2ban/meta/exception.yml b/roles/fail2ban/meta/exception.yml deleted file mode 100644 index 49888ff..0000000 --- a/roles/fail2ban/meta/exception.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -exceptions: - - variation: alpine - reason: "Service `fail2ban' needs non existent service `logger'" - - variation: amazonlinux:1 - reason: "Based on EL6, not supported since 2020Q4." - - variation: opensuse - reason: "The package fail2ban depends on python2, we switched to python3." diff --git a/roles/fail2ban/meta/main.yml b/roles/fail2ban/meta/main.yml index c396fb0..5e03670 100644 --- a/roles/fail2ban/meta/main.yml +++ b/roles/fail2ban/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: fail2ban description: Install and configure fail2ban on your system. license: Apache-2.0 @@ -13,19 +14,16 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - fail2ban diff --git a/roles/fail2ban/molecule/default/molecule.yml b/roles/fail2ban/molecule/default/molecule.yml index 1c7ceec..73a1f59 100644 --- a/roles/fail2ban/molecule/default/molecule.yml +++ b/roles/fail2ban/molecule/default/molecule.yml @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/fail2ban/molecule/default/verify.yml b/roles/fail2ban/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/fail2ban/molecule/default/verify.yml +++ b/roles/fail2ban/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/fail2ban/tasks/assert.yml b/roles/fail2ban/tasks/assert.yml index e30a2c1..aeda70e 100644 --- a/roles/fail2ban/tasks/assert.yml +++ b/roles/fail2ban/tasks/assert.yml @@ -90,7 +90,6 @@ label: "{{ item.option }}" when: - fail2ban_configuration is defined - - fail2ban_configuration is iterable - name: test if fail2ban_jail_configuration is set correctly ansible.builtin.assert: @@ -106,4 +105,11 @@ label: "{{ item.option }}" when: - fail2ban_jail_configuration is defined - - fail2ban_jail_configuration is iterable + +- name: test if item in fail2ban_filterd_path is set correctly + ansible.builtin.assert: + that: + - fail2ban_filterd_path is string + quiet: yes + when: + - fail2ban_filterd_path is defined diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml index bb289db..6e219d0 100644 --- a/roles/fail2ban/tasks/main.yml +++ b/roles/fail2ban/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for fail2ban -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -11,9 +11,20 @@ name: "{{ fail2ban_packages }}" state: present -- name: configure fail2ban.conf +- name: copy filters in filter.d + ansible.builtin.copy: + src: "{{ fail2ban_filterd_path }}" + dest: /etc/fail2ban/filter.d/ + owner: root + group: root + mode: "0640" + when: fail2ban_filterd_path is defined + notify: + - restart fail2ban + +- name: configure fail2ban.local community.general.ini_file: - path: /etc/fail2ban/fail2ban.conf + path: /etc/fail2ban/fail2ban.local section: "{{ item.section }}" option: "{{ item.option }}" value: "{{ item.value }}" diff --git a/roles/fail2ban/tox.ini b/roles/fail2ban/tox.ini index f57553b..88f8545 100644 --- a/roles/fail2ban/tox.ini +++ b/roles/fail2ban/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/git/.ansible-lint b/roles/git/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/git/.ansible-lint +++ b/roles/git/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/git/.github/ISSUE_TEMPLATE/bug_report.md b/roles/git/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/git/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/git/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/git/.github/workflows/galaxy.yml b/roles/git/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/git/.github/workflows/galaxy.yml +++ b/roles/git/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/git/.github/workflows/molecule.yml b/roles/git/.github/workflows/molecule.yml index cd4b23b..3439369 100644 --- a/roles/git/.github/workflows/molecule.yml +++ b/roles/git/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '7 7 7 * *' + - cron: '13 7 7 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/git/.gitignore b/roles/git/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/git/.gitignore +++ b/roles/git/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/git/.travis.yml b/roles/git/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/git/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/git/LICENSE b/roles/git/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/git/LICENSE +++ b/roles/git/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/git/README.md b/roles/git/README.md index 6836e6e..d8cf767 100644 --- a/roles/git/README.md +++ b/roles/git/README.md @@ -8,7 +8,7 @@ Install and configure git on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -28,13 +28,13 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea force: yes - repo: https://github.com/robertdebock/robertdebock.bootstrap dest: bootstrap-version - version: 2.11.1 + version: "2.11.1" roles: - role: robertdebock.git ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -51,7 +51,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for git @@ -77,7 +77,7 @@ git_force: no # git_repositories: # - repo: https://github.com/robertdebock/ansible-role-bootstrap.git # dest: bootstrap -# version: 2.2.4 +# version: "2.2.4" # - repo: ssh://git@github.com/robertdebock/ansible-role-java.git # dest: java # - repo: ssh://git@github.com/robertdebock/ansible-role-tomcat.git @@ -89,13 +89,13 @@ git_force: no - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-git/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -112,11 +112,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -125,19 +125,12 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-git/issues) ## [License](#license) Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [langouste](https://github.com/langouste) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/git/defaults/main.yml b/roles/git/defaults/main.yml index 05092aa..b04229a 100644 --- a/roles/git/defaults/main.yml +++ b/roles/git/defaults/main.yml @@ -22,7 +22,7 @@ git_force: no # git_repositories: # - repo: https://github.com/robertdebock/ansible-role-bootstrap.git # dest: bootstrap -# version: 2.2.4 +# version: "2.2.4" # - repo: ssh://git@github.com/robertdebock/ansible-role-java.git # dest: java # - repo: ssh://git@github.com/robertdebock/ansible-role-tomcat.git diff --git a/roles/git/meta/.galaxy_install_info b/roles/git/meta/.galaxy_install_info index 6bbeada..ea70052 100644 --- a/roles/git/meta/.galaxy_install_info +++ b/roles/git/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:42 2021 -version: 4.0.0 +install_date: Wed Aug 3 07:07:17 2022 +version: 4.1.4 diff --git a/roles/git/meta/main.yml b/roles/git/meta/main.yml index 9758172..3387180 100644 --- a/roles/git/meta/main.yml +++ b/roles/git/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: git description: Install and configure git on your system. license: Apache-2.0 @@ -16,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -30,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - git diff --git a/roles/git/molecule/default/converge.yml b/roles/git/molecule/default/converge.yml index f356762..12e472f 100644 --- a/roles/git/molecule/default/converge.yml +++ b/roles/git/molecule/default/converge.yml @@ -16,7 +16,7 @@ force: yes - repo: https://github.com/robertdebock/ansible-role-bootstrap dest: bootstrap-version - version: 2.11.1 + version: "2.11.1" roles: - role: ansible-role-git diff --git a/roles/git/molecule/default/molecule.yml b/roles/git/molecule/default/molecule.yml index cec1865..4a58837 100644 --- a/roles/git/molecule/default/molecule.yml +++ b/roles/git/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/git/molecule/default/verify.yml b/roles/git/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/git/molecule/default/verify.yml +++ b/roles/git/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/git/requirements.yml b/roles/git/requirements.yml index 11e3224..4aca381 100644 --- a/roles/git/requirements.yml +++ b/roles/git/requirements.yml @@ -1,3 +1,4 @@ --- roles: - name: robertdebock.bootstrap +collections: diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml index b0bc5b4..5941578 100644 --- a/roles/git/tasks/main.yml +++ b/roles/git/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for git -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -61,6 +61,8 @@ version: "{{ item.version | default('HEAD') }}" force: "{{ item.force | default(git_force) }}" loop: "{{ git_repositories }}" + loop_control: + label: "{{ item.dest }}" become: yes become_user: "{{ git_username }}" when: @@ -68,5 +70,3 @@ - git_repository_destination is defined - git_username is defined - getent_passwd[git_username] != none - loop_control: - label: "{{ item.dest }}" diff --git a/roles/git/tox.ini b/roles/git/tox.ini index f57553b..88f8545 100644 --- a/roles/git/tox.ini +++ b/roles/git/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/investigate/.ansible-lint b/roles/investigate/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/investigate/.ansible-lint +++ b/roles/investigate/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/investigate/.github/ISSUE_TEMPLATE/bug_report.md b/roles/investigate/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/investigate/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/investigate/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/investigate/.github/workflows/galaxy.yml b/roles/investigate/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/investigate/.github/workflows/galaxy.yml +++ b/roles/investigate/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/investigate/.github/workflows/molecule.yml b/roles/investigate/.github/workflows/molecule.yml index ca5edfb..a52ae69 100644 --- a/roles/investigate/.github/workflows/molecule.yml +++ b/roles/investigate/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '9 9 9 * *' + - cron: '17 9 9 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/investigate/.gitignore b/roles/investigate/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/investigate/.gitignore +++ b/roles/investigate/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/investigate/.travis.yml b/roles/investigate/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/investigate/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/investigate/LICENSE b/roles/investigate/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/investigate/LICENSE +++ b/roles/investigate/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/investigate/README.md b/roles/investigate/README.md index 4140ce1..c269bb4 100644 --- a/roles/investigate/README.md +++ b/roles/investigate/README.md @@ -8,7 +8,7 @@ Install and configure investigation tools on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.investigate ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -40,14 +40,14 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-investigate/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| ## [Context](#context) @@ -64,11 +64,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -77,14 +77,12 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-investigate/issues) ## [License](#license) Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/investigate/meta/.galaxy_install_info b/roles/investigate/meta/.galaxy_install_info index 6f42f06..d050118 100644 --- a/roles/investigate/meta/.galaxy_install_info +++ b/roles/investigate/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:43 2021 -version: 3.0.1 +install_date: Wed Aug 3 07:07:18 2022 +version: 3.1.3 diff --git a/roles/investigate/meta/main.yml b/roles/investigate/meta/main.yml index 79fcf70..b29dadd 100644 --- a/roles/investigate/meta/main.yml +++ b/roles/investigate/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: investigate description: Install and configure investigation tools on your system. license: Apache-2.0 @@ -16,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -30,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - investigate diff --git a/roles/investigate/molecule/default/molecule.yml b/roles/investigate/molecule/default/molecule.yml index 7f19236..3a2b89e 100644 --- a/roles/investigate/molecule/default/molecule.yml +++ b/roles/investigate/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/investigate/molecule/default/verify.yml b/roles/investigate/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/investigate/molecule/default/verify.yml +++ b/roles/investigate/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/investigate/requirements.yml b/roles/investigate/requirements.yml index fc519c4..25dabda 100644 --- a/roles/investigate/requirements.yml +++ b/roles/investigate/requirements.yml @@ -2,3 +2,4 @@ roles: - name: robertdebock.bootstrap - name: robertdebock.epel +collections: diff --git a/roles/investigate/tox.ini b/roles/investigate/tox.ini index f57553b..88f8545 100644 --- a/roles/investigate/tox.ini +++ b/roles/investigate/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/molecule/.ansible-lint b/roles/molecule/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/molecule/.ansible-lint +++ b/roles/molecule/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/molecule/.github/ISSUE_TEMPLATE/bug_report.md b/roles/molecule/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/molecule/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/molecule/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/molecule/.github/workflows/galaxy.yml b/roles/molecule/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/molecule/.github/workflows/galaxy.yml +++ b/roles/molecule/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/molecule/.github/workflows/molecule.yml b/roles/molecule/.github/workflows/molecule.yml index c8d6596..f46faac 100644 --- a/roles/molecule/.github/workflows/molecule.yml +++ b/roles/molecule/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '13 13 13 * *' + - cron: '25 13 13 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -33,18 +33,20 @@ jobs: fail-fast: false matrix: config: - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" - tag: "latest" + tag: "focal" steps: - name: checkout uses: actions/checkout@v2 @@ -55,7 +57,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/molecule/.gitignore b/roles/molecule/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/molecule/.gitignore +++ b/roles/molecule/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/molecule/.travis.yml b/roles/molecule/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/molecule/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/molecule/LICENSE b/roles/molecule/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/molecule/LICENSE +++ b/roles/molecule/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/molecule/README.md b/roles/molecule/README.md index 79a7efa..e7e08b9 100644 --- a/roles/molecule/README.md +++ b/roles/molecule/README.md @@ -8,7 +8,7 @@ Install Molecule on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.molecule ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -39,7 +39,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for molecule @@ -47,22 +47,23 @@ These variables are set in `defaults/main.yml`: # If you need to give extra options to pip, use `molecule_extra_args`. For # example: # molecule_extra_args: "--user" +molecule_extra_args: "" ``` ## [Requirements](#requirements) - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-molecule/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) -| [robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| +|[robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip)| ## [Context](#context) @@ -78,7 +79,7 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| |el|8| -|debian|buster, bullseye| +|debian|all| |fedora|all| |ubuntu|focal| @@ -88,17 +89,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| centos:7 | install_requires' must be a string or list of strings containing valid project/version requirement specifiers | -| amazonlinux | Dependency (python_pip) not available | -| opensuse | UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 13: ordinal not in range(128) | -| alpine | error: [Errno 2] No such file or directory: 'cargo' | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-molecule/issues) @@ -106,7 +96,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/molecule/defaults/main.yml b/roles/molecule/defaults/main.yml index b115b32..8c698f3 100644 --- a/roles/molecule/defaults/main.yml +++ b/roles/molecule/defaults/main.yml @@ -4,3 +4,4 @@ # If you need to give extra options to pip, use `molecule_extra_args`. For # example: # molecule_extra_args: "--user" +molecule_extra_args: "" diff --git a/roles/molecule/meta/.galaxy_install_info b/roles/molecule/meta/.galaxy_install_info index 797f44c..8bf81db 100644 --- a/roles/molecule/meta/.galaxy_install_info +++ b/roles/molecule/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:45 2021 -version: 3.0.0 +install_date: Wed Aug 3 07:07:19 2022 +version: 4.0.1 diff --git a/roles/molecule/meta/exception.yml b/roles/molecule/meta/exception.yml deleted file mode 100644 index 1157580..0000000 --- a/roles/molecule/meta/exception.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -exceptions: - - variation: centos:7 - reason: "install_requires' must be a string or list of strings containing valid project/version requirement specifiers" - - variation: amazonlinux - reason: Dependency (python_pip) not available - - variation: opensuse - reason: "UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 13: ordinal not in range(128)" - - variation: alpine - reason: "error: [Errno 2] No such file or directory: 'cargo'" diff --git a/roles/molecule/meta/main.yml b/roles/molecule/meta/main.yml index 5ee6dd7..8df01fa 100644 --- a/roles/molecule/meta/main.yml +++ b/roles/molecule/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: molecule description: Install Molecule on your system. license: Apache-2.0 @@ -13,8 +14,7 @@ galaxy_info: - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all diff --git a/roles/molecule/molecule/default/molecule.yml b/roles/molecule/molecule/default/molecule.yml index 1b31a88..83e5b01 100644 --- a/roles/molecule/molecule/default/molecule.yml +++ b/roles/molecule/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/molecule/molecule/default/verify.yml b/roles/molecule/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/molecule/molecule/default/verify.yml +++ b/roles/molecule/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/molecule/requirements.yml b/roles/molecule/requirements.yml index d7e7d73..73c9163 100644 --- a/roles/molecule/requirements.yml +++ b/roles/molecule/requirements.yml @@ -4,3 +4,4 @@ roles: - name: robertdebock.buildtools - name: robertdebock.epel - name: robertdebock.python_pip +collections: diff --git a/roles/molecule/tasks/main.yml b/roles/molecule/tasks/main.yml index d9878ac..2c234ba 100644 --- a/roles/molecule/tasks/main.yml +++ b/roles/molecule/tasks/main.yml @@ -6,9 +6,10 @@ name: "{{ molecule_requirements }}" state: present become: yes + become_user: root - name: install molecule ansible.builtin.pip: - name: molecule[ansible,docker,lint] + name: molecule[ansible-core,docker,lint] state: present extra_args: "{{ molecule_extra_args | default(omit) }}" diff --git a/roles/molecule/tox.ini b/roles/molecule/tox.ini index f57553b..88f8545 100644 --- a/roles/molecule/tox.ini +++ b/roles/molecule/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/molecule/vars/main.yml b/roles/molecule/vars/main.yml index 07d17be..8bf70b6 100644 --- a/roles/molecule/vars/main.yml +++ b/roles/molecule/vars/main.yml @@ -14,4 +14,4 @@ _molecule_requirements: Suse: - python3-devel -molecule_requirements: "{{ _molecule_requirements[ansible_os_family] | default(_molecule_requirements['default']) }}" +molecule_requirements: "{{ _molecule_requirements[ansible_os_family] | default(_molecule_requirements['default'] ) }}" diff --git a/roles/postfix/.ansible-lint b/roles/postfix/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/postfix/.ansible-lint +++ b/roles/postfix/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/postfix/.github/ISSUE_TEMPLATE/bug_report.md b/roles/postfix/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/postfix/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/postfix/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/postfix/.github/workflows/galaxy.yml b/roles/postfix/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/postfix/.github/workflows/galaxy.yml +++ b/roles/postfix/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/postfix/.github/workflows/molecule.yml b/roles/postfix/.github/workflows/molecule.yml index 498027d..71f7d3b 100644 --- a/roles/postfix/.github/workflows/molecule.yml +++ b/roles/postfix/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '16 16 16 * *' + - cron: '31 16 16 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -35,20 +35,24 @@ jobs: config: - image: "amazonlinux" tag: "1" - - image: "centos" + - image: "enterpriselinux" tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -61,7 +65,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/postfix/.gitignore b/roles/postfix/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/postfix/.gitignore +++ b/roles/postfix/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/postfix/.travis.yml b/roles/postfix/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/postfix/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/postfix/LICENSE b/roles/postfix/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/postfix/LICENSE +++ b/roles/postfix/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/postfix/README.md b/roles/postfix/README.md index d419b41..6e9a1be 100644 --- a/roles/postfix/README.md +++ b/roles/postfix/README.md @@ -8,7 +8,7 @@ Install and configure postfix on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -22,12 +22,15 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea postfix_myhostname: "smtp.example.com" postfix_mydomain: "example.com" postfix_myorigin: "example.com" + postfix_mynetworks: + - 127.0.0.0/8 + - 192.168.0.0/16 postfix_aliases: - name: root destination: test@example.com ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -44,7 +47,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for postfix @@ -61,12 +64,16 @@ postfix_inet_interfaces: "loopback-only" # Enable IPv4, and IPv6 if supported - if IPV4 only set to ipv4 postfix_inet_protocols: all +# Set a banner +postfix_banner: "$myhostname ESMTP $mail_name" + # The distination tells Postfix what mails to accept mail for. postfix_mydestination: $mydomain, $myhostname, localhost.$mydomain, localhost # To accept email from other machines, set the mynetworks to something like -# "192.168.0.0/24". -postfix_mynetworks: "127.0.0.0/8" +# "- 192.168.0.0/24". +postfix_mynetworks: + - 127.0.0.0/8 # These settings change the role of the postfix server to a relay host. # postfix_relay_domains: "$mydestination" @@ -94,6 +101,10 @@ postfix_smtpd_recipient_restrictions: postfix_smtpd_sender_restrictions: - reject_unknown_sender_domain +# The default SMTP TLS security level for the Postfix SMTP client +# Valid values are: dane, encrypt, fingerprint, may, none, secure, verify +postfix_smtp_tls_security_level: none + # To enable spamassassin, ensure spamassassin is installed, # (hint: role: robertdebock.spamassassin) and set these two variables: # postfix_spamassassin: enabled @@ -124,20 +135,146 @@ postfix_smtpd_sender_restrictions: # You can disable SSL/TLS versions here. # postfix_tls_protocols: '!SSLv2, !SSLv3, !TLSv1, !TLSv1.1' + +# You can supply a transport_maps Jinja2 template here +# postfix_transport_maps_template: /path/to/transport.j2 + +# You can supply a header_checks Jinja2 template here +# postfix_header_checks_template: /path/to/header_checks.j2 + +# Whether or not to use the local biff service. +# postfix_biff: yes + +# With locally submitted mail, append the string ".$mydomain" to addresses that have no ".domain" information +# postfix_append_dot_mydomain: no + +# The alias databases that are used for local(8) delivery +# postfix_alias_maps: "hash:/etc/aliases" + +# A prefix that the virtual(8) delivery agent prepends to all pathname results from $virtual_mailbox_maps table lookups. +# postfix_virtual_mailbox_base: /var/mail + +# Optional lookup tables with all valid addresses in the domains that match $virtual_mailbox_domains. +# postfix_virtual_mailbox_maps: mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf + +# Postfix is final destination for the specified list of domains; mail is delivered via the $virtual_transport mail delivery transport +# postfix_virtual_mailbox_domains: "$virtual_mailbox_maps" + +# Postfix is final destination for the specified list of virtual alias domains, that is, domains for which all addresses are aliased to addresses in other local or remote domains. +# postfix_virtual_alias_domains: "$virtual_alias_maps" + +# Optional lookup tables that alias specific mail addresses or domains to other local or remote address. +# postix_virtual_alias_maps: "$virtual_maps" + +# Lookup tables with the per-recipient user ID that the virtual(8) delivery agent uses while writing to the recipient's mailbox. +# postfix_virtual_uid_maps: "static:2000" + +# Lookup tables with the per-recipient group ID for virtual(8) mailbox delivery. +# postfix_virtual_gid_maps: "static:2000" + +# Enable SASL authentication in the Postfix SMTP server. +# postfix_smtpd_sasl_auth_enable: yes + +# The name of the Postfix SMTP server's local SASL authentication realm. +# postfix_smtpd_sasl_local_domain: $myhostname + +# Postfix SMTP server SASL security options; as of Postfix 2.3 the list of available features depends on the SASL server implementation that is selected with smtpd_sasl_type. +# postfix_smtpd_sasl_security_options: noanonymous + +# Report the SASL authenticated user name in the smtpd(8) Received message header. +# postfix_smtpd_sasl_authenticated_header: yes + +# Enable interoperability with remote SMTP clients that implement an obsolete version of the AUTH command (RFC 4954). +# postfix_broken_sasl_auth_clients: no + +# A file containing (PEM format) CA certificates of root CAs trusted to sign either remote SMTP client certificates or intermediate CA certificates. +# postfix_smtpd_tls_CAfile: /etc/letsencrypt/live/smtp.syhosting.ch/chain.pem + +# File with the Postfix SMTP server RSA certificate in PEM format. +# postfix_smtpd_tls_cert_file: /etc/letsencrypt/live/smtp.syhosting.ch/cert.pem + +# File with the Postfix SMTP server RSA private key in PEM format. +# postfix_smtpd_tls_key_file: /etc/letsencrypt/live/smtp.syhosting.ch/privkey.pem + +# Request that the Postfix SMTP server produces Received: message headers that include information about the protocol and cipher used, as well as the remote SMTP client CommonName and client certificate issuer CommonName. +# postfix_smtpd_tls_received_header: yes + +# The default SMTP TLS security level for the Postfix SMTP client; when a non-empty value is specified, this overrides the obsolete parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername. +# postfix_smtpd_tls_security_level: may + +# Ask a remote SMTP client for a client certificate. +# postfix_smtpd_tls_ask_ccert: yes + +# Enable additional Postfix SMTP server logging of TLS activity. +# postfix_smtpd_tls_loglevel: 1 + +# Name of the file containing the optional Postfix SMTP server TLS session cache. +# postfix_smtpd_tls_session_cache_database: btree:/var/lib/postfix/smtpd_tls_session_cache + +# A file containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates. +# postfix_smtp_tls_CAfile: /etc/letsencrypt/live/smtp.syhosting.ch/chain.pem + +# File with the Postfix SMTP client RSA certificate in PEM format. +# postfix_smtp_tls_cert_file: /etc/letsencrypt/live/smtp.syhosting.ch/cert.pem + +# File with the Postfix SMTP client RSA private key in PEM format. +# postfix_smtp_tls_key_file: /etc/letsencrypt/live/smtp.syhosting.ch/privkey.pem + +# Name of the file containing the optional Postfix SMTP client TLS session cache. +# postfix_smtp_tls_session_cache_database: btree:/var/lib/postfix/smtp_tls_session_cache + +# The external entropy source for the in-memory tlsmgr(8) pseudo random number generator (PRNG) pool. +# postfix_tls_random_source: dev:/dev/urandom + +# TLS protocols accepted by the Postfix SMTP server with mandatory TLS encryption. +# postfix_smtpd_tls_mandatory_protocols: TLSv1 + +# TLS protocols that the Postfix SMTP client will use with mandatory TLS encryption. +# postfix_smtp_tls_mandatory_protocols: TLSv1 + +# The default mail delivery transport and next-hop destination for final delivery to domains listed with $virtual_mailbox_domains. +# postfix_virtual_transport: maildrop1 + +# Optional pathname of a mailbox file relative to a local(8) user's home directory. +# postfix_home_mailbox: Maildir/ + +# The maximal size in bytes of a message, including envelope information. +# postfix_message_size_limit: 10240000 + +# Require that a remote SMTP client introduces itself with the HELO or EHLO command before sending the MAIL command or other commands that require EHLO negotiation. +# postfix_smtpd_helo_required: no + +# The time unit over which client connection rates and other rates are calculated. +# postfix_anvil_rate_time_unit: 60s + +# The maximal number of connection attempts any client is allowed to make to this service per time unit. +# postfix_smtpd_client_connection_rate_limit: 10 + +# How many simultaneous connections any client is allowed to make to this service. +# postfix_smtpd_client_connection_count_limit: 10 + +# Consider a bounce message as undeliverable, when delivery fails with a temporary error, and the time in the queue has reached the bounce_queue_lifetime limit. +# postfix_bounce_queue_lifetime: 5d + +# The location of Postfix README files that describe how to build, configure or operate a specific Postfix subsystem or feature. +# postfix_readme_directory: /usr/share/doc/postfix + +# The location of Postfix HTML files that describe how to build, configure or operate a specific Postfix subsystem or feature. +# postfix_html_directory: /usr/share/doc/postfix/html ``` ## [Requirements](#requirements) - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-postfix/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies)| ## [Context](#context) @@ -154,9 +291,9 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |amazon|2018.03| |el|7, 8| -|debian|buster, bullseye| -|fedora|32, 33| -|ubuntu|focal, bionic| +|debian|all| +|fedora|all| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -164,15 +301,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| opensuse | Not idempotent on configure postfix (main.cf) and configure postfix | -| alpine | 451, 4.3.0 : Temporary lookup failure | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-postfix/issues) @@ -180,12 +308,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [benformosa](https://github.com/benformosa) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/postfix/defaults/main.yml b/roles/postfix/defaults/main.yml index 22e7e2b..edb993a 100644 --- a/roles/postfix/defaults/main.yml +++ b/roles/postfix/defaults/main.yml @@ -13,12 +13,16 @@ postfix_inet_interfaces: "loopback-only" # Enable IPv4, and IPv6 if supported - if IPV4 only set to ipv4 postfix_inet_protocols: all +# Set a banner +postfix_banner: "$myhostname ESMTP $mail_name" + # The distination tells Postfix what mails to accept mail for. postfix_mydestination: $mydomain, $myhostname, localhost.$mydomain, localhost # To accept email from other machines, set the mynetworks to something like -# "192.168.0.0/24". -postfix_mynetworks: "127.0.0.0/8" +# "- 192.168.0.0/24". +postfix_mynetworks: + - 127.0.0.0/8 # These settings change the role of the postfix server to a relay host. # postfix_relay_domains: "$mydestination" @@ -46,6 +50,10 @@ postfix_smtpd_recipient_restrictions: postfix_smtpd_sender_restrictions: - reject_unknown_sender_domain +# The default SMTP TLS security level for the Postfix SMTP client +# Valid values are: dane, encrypt, fingerprint, may, none, secure, verify +postfix_smtp_tls_security_level: none + # To enable spamassassin, ensure spamassassin is installed, # (hint: role: robertdebock.spamassassin) and set these two variables: # postfix_spamassassin: enabled @@ -76,3 +84,129 @@ postfix_smtpd_sender_restrictions: # You can disable SSL/TLS versions here. # postfix_tls_protocols: '!SSLv2, !SSLv3, !TLSv1, !TLSv1.1' + +# You can supply a transport_maps Jinja2 template here +# postfix_transport_maps_template: /path/to/transport.j2 + +# You can supply a header_checks Jinja2 template here +# postfix_header_checks_template: /path/to/header_checks.j2 + +# Whether or not to use the local biff service. +# postfix_biff: yes + +# With locally submitted mail, append the string ".$mydomain" to addresses that have no ".domain" information +# postfix_append_dot_mydomain: no + +# The alias databases that are used for local(8) delivery +# postfix_alias_maps: "hash:/etc/aliases" + +# A prefix that the virtual(8) delivery agent prepends to all pathname results from $virtual_mailbox_maps table lookups. +# postfix_virtual_mailbox_base: /var/mail + +# Optional lookup tables with all valid addresses in the domains that match $virtual_mailbox_domains. +# postfix_virtual_mailbox_maps: mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf + +# Postfix is final destination for the specified list of domains; mail is delivered via the $virtual_transport mail delivery transport +# postfix_virtual_mailbox_domains: "$virtual_mailbox_maps" + +# Postfix is final destination for the specified list of virtual alias domains, that is, domains for which all addresses are aliased to addresses in other local or remote domains. +# postfix_virtual_alias_domains: "$virtual_alias_maps" + +# Optional lookup tables that alias specific mail addresses or domains to other local or remote address. +# postix_virtual_alias_maps: "$virtual_maps" + +# Lookup tables with the per-recipient user ID that the virtual(8) delivery agent uses while writing to the recipient's mailbox. +# postfix_virtual_uid_maps: "static:2000" + +# Lookup tables with the per-recipient group ID for virtual(8) mailbox delivery. +# postfix_virtual_gid_maps: "static:2000" + +# Enable SASL authentication in the Postfix SMTP server. +# postfix_smtpd_sasl_auth_enable: yes + +# The name of the Postfix SMTP server's local SASL authentication realm. +# postfix_smtpd_sasl_local_domain: $myhostname + +# Postfix SMTP server SASL security options; as of Postfix 2.3 the list of available features depends on the SASL server implementation that is selected with smtpd_sasl_type. +# postfix_smtpd_sasl_security_options: noanonymous + +# Report the SASL authenticated user name in the smtpd(8) Received message header. +# postfix_smtpd_sasl_authenticated_header: yes + +# Enable interoperability with remote SMTP clients that implement an obsolete version of the AUTH command (RFC 4954). +# postfix_broken_sasl_auth_clients: no + +# A file containing (PEM format) CA certificates of root CAs trusted to sign either remote SMTP client certificates or intermediate CA certificates. +# postfix_smtpd_tls_CAfile: /etc/letsencrypt/live/smtp.syhosting.ch/chain.pem + +# File with the Postfix SMTP server RSA certificate in PEM format. +# postfix_smtpd_tls_cert_file: /etc/letsencrypt/live/smtp.syhosting.ch/cert.pem + +# File with the Postfix SMTP server RSA private key in PEM format. +# postfix_smtpd_tls_key_file: /etc/letsencrypt/live/smtp.syhosting.ch/privkey.pem + +# Request that the Postfix SMTP server produces Received: message headers that include information about the protocol and cipher used, as well as the remote SMTP client CommonName and client certificate issuer CommonName. +# postfix_smtpd_tls_received_header: yes + +# The default SMTP TLS security level for the Postfix SMTP client; when a non-empty value is specified, this overrides the obsolete parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername. +# postfix_smtpd_tls_security_level: may + +# Ask a remote SMTP client for a client certificate. +# postfix_smtpd_tls_ask_ccert: yes + +# Enable additional Postfix SMTP server logging of TLS activity. +# postfix_smtpd_tls_loglevel: 1 + +# Name of the file containing the optional Postfix SMTP server TLS session cache. +# postfix_smtpd_tls_session_cache_database: btree:/var/lib/postfix/smtpd_tls_session_cache + +# A file containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates. +# postfix_smtp_tls_CAfile: /etc/letsencrypt/live/smtp.syhosting.ch/chain.pem + +# File with the Postfix SMTP client RSA certificate in PEM format. +# postfix_smtp_tls_cert_file: /etc/letsencrypt/live/smtp.syhosting.ch/cert.pem + +# File with the Postfix SMTP client RSA private key in PEM format. +# postfix_smtp_tls_key_file: /etc/letsencrypt/live/smtp.syhosting.ch/privkey.pem + +# Name of the file containing the optional Postfix SMTP client TLS session cache. +# postfix_smtp_tls_session_cache_database: btree:/var/lib/postfix/smtp_tls_session_cache + +# The external entropy source for the in-memory tlsmgr(8) pseudo random number generator (PRNG) pool. +# postfix_tls_random_source: dev:/dev/urandom + +# TLS protocols accepted by the Postfix SMTP server with mandatory TLS encryption. +# postfix_smtpd_tls_mandatory_protocols: TLSv1 + +# TLS protocols that the Postfix SMTP client will use with mandatory TLS encryption. +# postfix_smtp_tls_mandatory_protocols: TLSv1 + +# The default mail delivery transport and next-hop destination for final delivery to domains listed with $virtual_mailbox_domains. +# postfix_virtual_transport: maildrop1 + +# Optional pathname of a mailbox file relative to a local(8) user's home directory. +# postfix_home_mailbox: Maildir/ + +# The maximal size in bytes of a message, including envelope information. +# postfix_message_size_limit: 10240000 + +# Require that a remote SMTP client introduces itself with the HELO or EHLO command before sending the MAIL command or other commands that require EHLO negotiation. +# postfix_smtpd_helo_required: no + +# The time unit over which client connection rates and other rates are calculated. +# postfix_anvil_rate_time_unit: 60s + +# The maximal number of connection attempts any client is allowed to make to this service per time unit. +# postfix_smtpd_client_connection_rate_limit: 10 + +# How many simultaneous connections any client is allowed to make to this service. +# postfix_smtpd_client_connection_count_limit: 10 + +# Consider a bounce message as undeliverable, when delivery fails with a temporary error, and the time in the queue has reached the bounce_queue_lifetime limit. +# postfix_bounce_queue_lifetime: 5d + +# The location of Postfix README files that describe how to build, configure or operate a specific Postfix subsystem or feature. +# postfix_readme_directory: /usr/share/doc/postfix + +# The location of Postfix HTML files that describe how to build, configure or operate a specific Postfix subsystem or feature. +# postfix_html_directory: /usr/share/doc/postfix/html diff --git a/roles/postfix/handlers/main.yml b/roles/postfix/handlers/main.yml index 47b4ace..13b7de2 100644 --- a/roles/postfix/handlers/main.yml +++ b/roles/postfix/handlers/main.yml @@ -2,13 +2,25 @@ # handlers file for postfix - name: rebuild alias database - ansible.builtin.command: postmap "{{ postfix_alias_path }}" + ansible.builtin.command: + cmd: postmap "{{ postfix_alias_path }}" - name: rebuild sender_access database - ansible.builtin.command: postmap "{{ postfix_sender_access_path }}" + ansible.builtin.command: + cmd: postmap "{{ postfix_sender_access_path }}" - name: rebuild recipient_access database - ansible.builtin.command: postmap "{{ postfix_recipient_access_path }}" + ansible.builtin.command: + cmd: postmap "{{ postfix_recipient_access_path }}" + +- name: rebuild transport_maps database + ansible.builtin.command: + cmd: postmap /etc/postfix/transport + +- name: validate configuration + ansible.builtin.command: + cmd: postconf + changed_when: no - name: reload postfix ansible.builtin.service: diff --git a/roles/postfix/meta/.galaxy_install_info b/roles/postfix/meta/.galaxy_install_info index 7906a99..09e44af 100644 --- a/roles/postfix/meta/.galaxy_install_info +++ b/roles/postfix/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:50 2021 -version: 4.2.0 +install_date: Wed Aug 3 07:07:20 2022 +version: 5.2.2 diff --git a/roles/postfix/meta/exception.yml b/roles/postfix/meta/exception.yml deleted file mode 100644 index d70b96a..0000000 --- a/roles/postfix/meta/exception.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -exceptions: - - variation: opensuse - reason: "Not idempotent on configure postfix (main.cf) and configure postfix" - - variation: alpine - reason: "451, 4.3.0 : Temporary lookup failure" diff --git a/roles/postfix/meta/main.yml b/roles/postfix/meta/main.yml index 51388aa..20d91ec 100644 --- a/roles/postfix/meta/main.yml +++ b/roles/postfix/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: postfix description: Install and configure postfix on your system. license: Apache-2.0 @@ -17,16 +18,13 @@ galaxy_info: - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - - 32 - - 33 + - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - installer diff --git a/roles/postfix/molecule/default/converge.yml b/roles/postfix/molecule/default/converge.yml index a707cea..4bc0ac0 100644 --- a/roles/postfix/molecule/default/converge.yml +++ b/roles/postfix/molecule/default/converge.yml @@ -10,6 +10,9 @@ postfix_myhostname: "smtp.example.com" postfix_mydomain: "example.com" postfix_myorigin: "example.com" + postfix_mynetworks: + - 127.0.0.0/8 + - 192.168.0.0/16 postfix_aliases: - name: root destination: test@example.com diff --git a/roles/postfix/molecule/default/molecule.yml b/roles/postfix/molecule/default/molecule.yml index 94c0003..4460610 100644 --- a/roles/postfix/molecule/default/molecule.yml +++ b/roles/postfix/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/postfix/molecule/default/verify.yml b/roles/postfix/molecule/default/verify.yml index ce34a00..bd6b315 100644 --- a/roles/postfix/molecule/default/verify.yml +++ b/roles/postfix/molecule/default/verify.yml @@ -6,11 +6,11 @@ tasks: - name: check if port 25 is open - wait_for: + ansible.builtin.wait_for: port: 25 - name: check if a mail can be sent - mail: + community.general.mail: from: "Robert de Bock " to: "Robert de Bock " subject: Testing ansible-role-postfix. diff --git a/roles/postfix/requirements.yml b/roles/postfix/requirements.yml index e540ea4..906029a 100644 --- a/roles/postfix/requirements.yml +++ b/roles/postfix/requirements.yml @@ -2,3 +2,4 @@ roles: - name: robertdebock.bootstrap - name: robertdebock.core_dependencies +collections: diff --git a/roles/postfix/tasks/assert.yml b/roles/postfix/tasks/assert.yml index 1b67d2c..3f2d3d6 100644 --- a/roles/postfix/tasks/assert.yml +++ b/roles/postfix/tasks/assert.yml @@ -28,6 +28,14 @@ - postfix_inet_interfaces is string quiet: yes +- name: test if postfix_banner is set correctly + ansible.builtin.assert: + that: + - postfix_banner is string + quiet: yes + when: + - postfix_banner is defined + - name: test if postfix_mydestination is set correctly ansible.builtin.assert: that: @@ -39,7 +47,7 @@ ansible.builtin.assert: that: - postfix_mynetworks is defined - - postfix_mynetworks is string + - postfix_mynetworks is iterable quiet: yes - name: test if postfix_smtpd_recipient_restrictions is set correctly @@ -56,10 +64,327 @@ - postfix_smtpd_sender_restrictions is iterable quiet: yes -- name: test if postfix_smtpd_sender_restrictions is set correctly +- name: test if postfix_tls_protocols is set correctly ansible.builtin.assert: that: - postfix_tls_protocols is string quiet: yes when: - postfix_tls_protocols is defined + +- name: test if postfix_smtp_tls_security_level is set correctly + ansible.builtin.assert: + that: + - postfix_smtp_tls_security_level is defined + - postfix_smtp_tls_security_level is string + - postfix_smtp_tls_security_level in [ "dane", "encrypt", "fingerprint", "may", "none", "secure", "verify" ] + quiet: yes + +- name: test if postfix_biff is set correctly + ansible.builtin.assert: + that: + - postfix_biff is boolean + quiet: yes + when: + - postfix_biff is defined + +- name: test if postfix_append_dot_mydomain is set correctly + ansible.builtin.assert: + that: + - postfix_append_dot_mydomain is boolean + quiet: yes + when: + - postfix_append_dot_mydomain is defined + +- name: test if postfix_alias_maps is set correctly + ansible.builtin.assert: + that: + - postfix_alias_maps is string + quiet: yes + when: + - postfix_alias_maps is defined + +- name: test if postfix_virtual_mailbox_base is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_mailbox_base is string + quiet: yes + when: + - postfix_virtual_mailbox_base is defined + +- name: test if postfix_virtual_mailbox_maps is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_mailbox_maps is string + quiet: yes + when: + - postfix_virtual_mailbox_maps is defined + +- name: test if postfix_virtual_mailbox_domains is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_mailbox_domains is string + quiet: yes + when: + - postfix_virtual_mailbox_domains is defined + +- name: test if postfix_virtual_alias_domains is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_alias_domains is string + quiet: yes + when: + - postfix_virtual_alias_domains is defined + +- name: test if postfix_virtual_alias_maps is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_alias_maps is string + quiet: yes + when: + - postfix_virtual_alias_maps is defined + +- name: test if postfix_virtual_uid_maps is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_uid_maps is string + quiet: yes + when: + - postfix_virtual_uid_maps is defined + +- name: test if postfix_virtual_gid_maps is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_gid_maps is string + quiet: yes + when: + - postfix_virtual_gid_maps is defined + +- name: test if postfix_smtpd_sasl_auth_enable is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_sasl_auth_enable is boolean + quiet: yes + when: + - postfix_smtpd_sasl_auth_enable is defined + +- name: test if postfix_smtpd_sasl_local_domain is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_sasl_local_domain is string + quiet: yes + when: + - postfix_smtpd_sasl_local_domain is defined + +- name: test if postfix_smtpd_sasl_security_options is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_sasl_security_options is string + - postfix_smtpd_sasl_security_options in [ "noplaintext", "noactive", "nodictionary", "noanonymous", "forward_secrecy", "mutual_auth" ] + quiet: yes + when: + - postfix_smtpd_sasl_security_options is defined + +- name: test if postfix_smtpd_sasl_authenticated_header is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_sasl_authenticated_header is boolean + quiet: yes + when: + - postfix_smtpd_sasl_authenticated_header is defined + +- name: test if postfix_broken_sasl_auth_clients is set correctly + ansible.builtin.assert: + that: + - postfix_broken_sasl_auth_clients is boolean + quiet: yes + when: + - postfix_broken_sasl_auth_clients is defined + +- name: test if postfix_smtpd_tls_cert_file is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_cert_file is string + quiet: yes + when: + - postfix_smtpd_tls_cert_file is defined + +- name: test if postfix_smtpd_tls_key_file is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_key_file is string + quiet: yes + when: + - postfix_smtpd_tls_key_file is defined + +- name: test if postfix_smtpd_tls_received_header is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_received_header is boolean + quiet: yes + when: + - postfix_smtpd_tls_received_header is defined + +- name: test if postfix_smtpd_tls_security_level is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_security_level is string + - postfix_smtpd_tls_security_level in [ "dane", "encrypt", "fingerprint", "may", "none", "secure", "verify" ] + quiet: yes + when: + - postfix_smtpd_tls_security_level is defined + +- name: test if postfix_smtpd_tls_ask_ccert is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_ask_ccert is boolean + quiet: yes + when: + - postfix_smtpd_tls_ask_ccert is defined + +- name: test if postfix_smtpd_tls_loglevel is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_loglevel is number + - postfix_smtpd_tls_loglevel in [ 0, 1, 2, 3, 4 ] + quiet: yes + when: + - postfix_smtpd_tls_loglevel is defined + +- name: test if postfix_smtpd_tls_session_cache_database is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_session_cache_database is string + quiet: yes + when: + - postfix_smtpd_tls_session_cache_database is defined + +- name: test if postfix_smtp_tls_cert_file is set correctly + ansible.builtin.assert: + that: + - postfix_smtp_tls_cert_file is string + quiet: yes + when: + - postfix_smtp_tls_cert_file is defined + +- name: test if postfix_smtp_tls_key_file is set correctly + ansible.builtin.assert: + that: + - postfix_smtp_tls_key_file is string + quiet: yes + when: + - postfix_smtp_tls_key_file is defined + +- name: test if postfix_smtp_tls_session_cache_database is set correctly + ansible.builtin.assert: + that: + - postfix_smtp_tls_session_cache_database is string + quiet: yes + when: + - postfix_smtp_tls_session_cache_database is defined + +- name: test if postfix_tls_random_source is set correctly + ansible.builtin.assert: + that: + - postfix_tls_random_source is string + quiet: yes + when: + - postfix_tls_random_source is defined + +- name: test if postfix_smtpd_tls_mandatory_protocols is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_tls_mandatory_protocols is string + - postfix_smtpd_tls_mandatory_protocols in [ "SSLv2", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" ] + quiet: yes + when: + - postfix_smtpd_tls_mandatory_protocols is defined + +- name: test if postfix_smtp_tls_mandatory_protocols is set correctly + ansible.builtin.assert: + that: + - postfix_smtp_tls_mandatory_protocols is string + - postfix_smtp_tls_mandatory_protocols in [ "SSLv2", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" ] + quiet: yes + when: + - postfix_smtp_tls_mandatory_protocols is defined + +- name: test if postfix_virtual_transport is set correctly + ansible.builtin.assert: + that: + - postfix_virtual_transport is string + quiet: yes + when: + - postfix_virtual_transport is defined + +- name: test if postfix_home_mailbox is set correctly + ansible.builtin.assert: + that: + - postfix_home_mailbox is string + quiet: yes + when: + - postfix_home_mailbox is defined + +- name: test if postfix_message_size_limit is set correctly + ansible.builtin.assert: + that: + - postfix_message_size_limit is number + quiet: yes + when: + - postfix_message_size_limit is defined + +- name: test if postfix_smtpd_helo_required is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_helo_required is boolean + quiet: yes + when: + - postfix_smtpd_helo_required is defined + +- name: test if postfix_anvil_rate_time_unit is set correctly + ansible.builtin.assert: + that: + - postfix_anvil_rate_time_unit is string + quiet: yes + when: + - postfix_anvil_rate_time_unit is defined + +- name: test if postfix_smtpd_client_connection_rate_limit is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_client_connection_rate_limit is number + quiet: yes + when: + - postfix_smtpd_client_connection_rate_limit is defined + +- name: test if postfix_smtpd_client_connection_count_limit is set correctly + ansible.builtin.assert: + that: + - postfix_smtpd_client_connection_count_limit is number + quiet: yes + when: + - postfix_smtpd_client_connection_count_limit is defined + +- name: test if postfix_bounce_queue_lifetime is set correctly + ansible.builtin.assert: + that: + - postfix_bounce_queue_lifetime is string + quiet: yes + when: + - postfix_bounce_queue_lifetime is defined + +- name: test if postfix_readme_directory is set correctly + ansible.builtin.assert: + that: + - postfix_readme_directory is string + quiet: yes + when: + - postfix_readme_directory is defined + +- name: test if postfix_html_directory is set correctly + ansible.builtin.assert: + that: + - postfix_html_directory is string + quiet: yes + when: + - postfix_html_directory is defined diff --git a/roles/postfix/tasks/main.yml b/roles/postfix/tasks/main.yml index c1027c6..35737dd 100644 --- a/roles/postfix/tasks/main.yml +++ b/roles/postfix/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for postfix -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -17,9 +17,40 @@ - name: install postfix ansible.builtin.package: - name: "{{ postfix_packages }}" + name: postfix state: present +- name: install postfix-mysql + ansible.builtin.package: + name: postfix-mysql + state: present + when: + - (postfix_virtual_mailbox_maps is defined and "'mysql' in postfix_virtual_mailbox_maps) or + (postfix_virtual_mailbox_domains is defined and 'mysql' in postfix_virtual_mailbox_domains) or + (postix_virtual_alias_maps is defined and 'mysql' in postix_virtual_alias_maps") + +- name: configure postfix (transport_maps) + ansible.builtin.template: + src: "{{ postfix_transport_maps_template }}" + dest: /etc/postfix/transport + mode: "0644" + notify: + - validate configuration + - rebuild transport_maps database + when: + - postfix_transport_maps_template is defined + +- name: configure postfix (header_checks) + ansible.builtin.template: + src: "{{ postfix_header_checks_template }}" + dest: /etc/postfix/header_checks + mode: "0644" + notify: + - validate configuration + - reload postfix + when: + - postfix_header_checks_template is defined + - name: configure postfix (main.cf) ansible.builtin.template: src: main.cf.j2 @@ -27,6 +58,7 @@ validate: postconf -d -c %s mode: "0644" notify: + - validate configuration - reload postfix - name: configure postfix (master.cf) @@ -36,9 +68,10 @@ validate: postconf -d -c %s mode: "0644" notify: + - validate configuration - restart postfix -- name: force all notified handlers to run +- name: flush handlers ansible.builtin.meta: flush_handlers - name: configure aliases @@ -83,12 +116,13 @@ - postfix_recipient_access is defined loop: "{{ postfix_recipient_access }}" notify: + - validate configuration - rebuild recipient_access database - reload postfix loop_control: label: "{{ item.domain }}" -- name: force all notified handlers to run +- name: flush handlers again ansible.builtin.meta: flush_handlers - name: start and enable postfix diff --git a/roles/postfix/templates/main.cf.j2 b/roles/postfix/templates/main.cf.j2 index f8feb31..d5780a9 100644 --- a/roles/postfix/templates/main.cf.j2 +++ b/roles/postfix/templates/main.cf.j2 @@ -272,7 +272,7 @@ unknown_local_recipient_reject_code = 550 #mynetworks = 168.100.189.0/28, 127.0.0.0/8 #mynetworks = $config_directory/mynetworks #mynetworks = hash:/etc/postfix/network_table -mynetworks = {{ postfix_mynetworks }} +mynetworks = {% for network in postfix_mynetworks %}{{ network }}{% if not loop.last %}, {% endif %}{% endfor %} # The relay_domains parameter restricts what destinations this system will # relay mail to. See the smtpd_recipient_restrictions description in @@ -415,7 +415,10 @@ relayhost = {{ postfix_relayhost|replace("'", "") }} # "postfix reload" to eliminate the delay. # #alias_maps = dbm:/etc/aliases -alias_maps = hash:/etc/aliases +{% if postfix_alias_maps is defined %} +alias_maps = {{ postfix_alias_maps }} +{% endif %} + #alias_maps = hash:/etc/aliases, nis:mail.aliases #alias_maps = netinfo:/aliases @@ -579,6 +582,10 @@ alias_database = hash:/etc/aliases # #header_checks = regexp:/etc/postfix/header_checks +{% if postfix_header_checks_template is defined %} +header_checks = regexp:/etc/postfix/header_checks +{% endif %} + # FAST ETRN SERVICE # # Postfix maintains per-destination logfiles with information about @@ -603,6 +610,7 @@ alias_database = hash:/etc/aliases # #smtpd_banner = $myhostname ESMTP $mail_name #smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) +smtpd_banner = {{ postfix_banner }} # PARALLEL DELIVERY TO THE SAME DESTINATION # @@ -695,7 +703,9 @@ setgid_group = {{ postfix_group }} # html_directory: The location of the Postfix HTML documentation. # -html_directory = no +{% if postfix_html_directory is defined %} +html_directory = {{ postfix_html_directory }} +{% endif %} # manpage_directory: The location of the Postfix on-line manual pages. # @@ -708,7 +718,9 @@ sample_directory = /usr/share/doc/postfix-2.10.1/samples # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES +{% if postfix_readme_directory is defined %} +readme_directory = {{ postfix_readme_directory }} +{% endif %} # content_filter: An optional filter to classify content. {% if postfix_clamav is defined and postfix_clamav == "enabled" %} @@ -725,3 +737,153 @@ smtpd_tls_protocols = {{ postfix_tls_protocols }} smtp_tls_mandatory_protocols = {{ postfix_tls_protocols }} smtp_tls_protocols = {{ postfix_tls_protocols }} {% endif %} + +# The default SMTP TLS security level for the Postfix SMTP client +smtp_tls_security_level = {{ postfix_smtp_tls_security_level }} + +# Optional lookup tables with mappings from recipient address to (message delivery transport, next-hop destination). +# transport_maps = hash:/etc/postfix/transport +{% if postfix_transport_maps_template is defined %} +transport_maps = hash:/etc/postfix/transport +{% endif %} + +{% if postfix_biff is defined %} +biff = {% if postfix_biff %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_append_dot_mydomain is defined %} +append_dot_mydomain = {% if postfix_append_dot_mydomain %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_virtual_mailbox_base is defined %} +virtual_mailbox_base = {{ postfix_virtual_mailbox_base }} +{% endif %} + +{% if postfix_virtual_mailbox_maps is defined %} +virtual_mailbox_maps = {{ postfix_virtual_mailbox_maps }} +{% endif %} + +{% if postfix_virtual_mailbox_domains is defined %} +virtual_mailbox_domains = {{ postfix_virtual_mailbox_domains }} +{% endif %} + +{% if postfix_virtual_alias_domains is defined %} +virtual_alias_domains = {{ postfix_virtual_alias_domains }} +{% endif %} + +{% if postix_virtual_alias_maps is defined %} +virtual_alias_maps = {{ postix_virtual_alias_maps }} +{% endif %} + +{% if postfix_virtual_uid_maps is defined %} +virtual_uid_maps = {{ postfix_virtual_uid_maps }} +{% endif %} + +{% if postfix_virtual_gid_maps is defined %} +virtual_gid_maps = {{ postfix_virtual_gid_maps }} +{% endif %} + +{% if postfix_smtpd_sasl_auth_enable is defined %} +smtpd_sasl_auth_enable = {% if postfix_smtpd_sasl_auth_enable %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_smtpd_sasl_local_domain is defined %} +smtpd_sasl_local_domain = {{ postfix_smtpd_sasl_local_domain }} +{% endif %} + +{% if postfix_smtpd_sasl_security_options is defined %} +smtpd_sasl_security_options = {{ postfix_smtpd_sasl_security_options }} +{% endif %} + +{% if postfix_smtpd_sasl_authenticated_header is defined %} +smtpd_sasl_authenticated_header = {% if postfix_smtpd_sasl_authenticated_header %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_broken_sasl_auth_clients is defined %} +broken_sasl_auth_clients = {% if postfix_broken_sasl_auth_clients %}yes{% else %}no{% endif %} + +{% endif %} + +{% if postfix_smtpd_tls_cert_file is defined %} +smtpd_tls_cert_file = {{ postfix_smtpd_tls_cert_file }} +{% endif %} + +{% if postfix_smtpd_tls_key_file is defined %} +smtpd_tls_key_file = {{ postfix_smtpd_tls_key_file }} +{% endif %} + +{% if postfix_smtpd_tls_received_header is defined %} +smtpd_tls_received_header = {% if postfix_smtpd_tls_received_header %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_smtpd_tls_security_level is defined %} +smtpd_tls_security_level = {{ postfix_smtpd_tls_security_level }} +{% endif %} + +{% if postfix_smtpd_tls_ask_ccert is defined %} +smtpd_tls_ask_ccert = {% if postfix_smtpd_tls_ask_ccert %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_smtpd_tls_loglevel is defined %} +smtpd_tls_loglevel = {{ postfix_smtpd_tls_loglevel }} +{% endif %} + +{% if postfix_smtpd_tls_session_cache_database is defined %} +smtpd_tls_session_cache_database = {{ postfix_smtpd_tls_session_cache_database }} +{% endif %} + +{% if postfix_smtp_tls_cert_file is defined %} +smtp_tls_cert_file = {{ postfix_smtp_tls_cert_file }} +{% endif %} + +{% if postfix_smtp_tls_key_file is defined %} +smtp_tls_key_file = {{ postfix_smtp_tls_key_file }} +{% endif %} + +{% if postfix_smtp_tls_session_cache_database is defined %} +smtp_tls_session_cache_database = {{ postfix_smtp_tls_session_cache_database }} +{% endif %} + +{% if postfix_tls_random_source is defined %} +tls_random_source = {{ postfix_tls_random_source }} +{% endif %} + +{% if postfix_smtpd_tls_mandatory_protocols is defined %} +smtpd_tls_mandatory_protocols = {{ postfix_smtpd_tls_mandatory_protocols }} +{% endif %} + +{% if postfix_smtp_tls_mandatory_protocols is defined %} +smtp_tls_mandatory_protocols = {{ postfix_smtp_tls_mandatory_protocols }} +{% endif %} + +{% if postfix_virtual_transport is defined %} +virtual_transport = {{ postfix_virtual_transport }} +{% endif %} + +{% if postfix_home_mailbox is defined %} +home_mailbox = {{ postfix_home_mailbox }} +{% endif %} + +{% if postfix_message_size_limit is defined %} +message_size_limit = {{ postfix_message_size_limit }} +{% endif %} + +{% if postfix_smtpd_helo_required is defined %} +smtpd_helo_required = {% if postfix_smtpd_helo_required %}yes{% else %}no{% endif %} +{% endif %} + +{% if postfix_anvil_rate_time_unit is defined %} +anvil_rate_time_unit = {{ postfix_anvil_rate_time_unit }} +{% endif %} + +{% if postfix_smtpd_client_connection_rate_limit is defined %} +smtpd_client_connection_rate_limit = {{ postfix_smtpd_client_connection_rate_limit }} +{% endif %} + +{% if postfix_smtpd_client_connection_count_limit is defined %} +smtpd_client_connection_count_limit = {{ postfix_smtpd_client_connection_count_limit }} +{% endif %} + +{% if postfix_bounce_queue_lifetime is defined %} +bounce_queue_lifetime = {{ postfix_bounce_queue_lifetime }} +{% endif %} diff --git a/roles/postfix/tox.ini b/roles/postfix/tox.ini index f57553b..88f8545 100644 --- a/roles/postfix/tox.ini +++ b/roles/postfix/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/postfix/vars/main.yml b/roles/postfix/vars/main.yml index d5afff9..29f2677 100644 --- a/roles/postfix/vars/main.yml +++ b/roles/postfix/vars/main.yml @@ -1,9 +1,6 @@ --- # vars file for postfix -postfix_packages: - - postfix - postfix_service: postfix _postfix_daemon_directory: @@ -11,13 +8,13 @@ _postfix_daemon_directory: Debian: /usr/lib/postfix/sbin Suse: /usr/lib/postfix/bin -postfix_daemon_directory: "{{_postfix_daemon_directory[ansible_os_family] | default(_postfix_daemon_directory['default']) }}" +postfix_daemon_directory: "{{ _postfix_daemon_directory[ansible_os_family] | default(_postfix_daemon_directory['default'] ) }}" _postfix_alias_path: default: /etc/aliases Alpine: /etc/postfix/aliases -postfix_alias_path: "{{ _postfix_alias_path[ansible_os_family] | default(_postfix_alias_path['default']) }}" +postfix_alias_path: "{{ _postfix_alias_path[ansible_os_family] | default(_postfix_alias_path['default'] ) }}" postfix_recipient_access_path: /etc/postfix/recipient_access @@ -27,4 +24,4 @@ _postfix_group: default: postdrop Suse: maildrop -postfix_group: "{{ _postfix_group[ansible_os_family] | default(_postfix_group['default']) }}" +postfix_group: "{{ _postfix_group[ansible_os_family] | default(_postfix_group['default'] ) }}" diff --git a/roles/python_pip/.ansible-lint b/roles/python_pip/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/python_pip/.ansible-lint +++ b/roles/python_pip/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/python_pip/.github/ISSUE_TEMPLATE/bug_report.md b/roles/python_pip/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/python_pip/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/python_pip/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/python_pip/.github/workflows/galaxy.yml b/roles/python_pip/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/python_pip/.github/workflows/galaxy.yml +++ b/roles/python_pip/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/python_pip/.github/workflows/molecule.yml b/roles/python_pip/.github/workflows/molecule.yml index bf5d267..d4cda30 100644 --- a/roles/python_pip/.github/workflows/molecule.yml +++ b/roles/python_pip/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '16 16 16 * *' + - cron: '31 16 16 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -33,20 +33,28 @@ jobs: fail-fast: false matrix: config: - - image: "centos" + - image: "alpine" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" + - image: "enterpriselinux" + tag: "7" + - image: "enterpriselinux" + tag: "latest" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -59,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/python_pip/.gitignore b/roles/python_pip/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/python_pip/.gitignore +++ b/roles/python_pip/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/python_pip/.travis.yml b/roles/python_pip/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/python_pip/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/python_pip/LICENSE b/roles/python_pip/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/python_pip/LICENSE +++ b/roles/python_pip/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/python_pip/README.md b/roles/python_pip/README.md index b6349ad..bcb5577 100644 --- a/roles/python_pip/README.md +++ b/roles/python_pip/README.md @@ -8,7 +8,7 @@ Install pythons pip on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.python_pip ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -38,7 +38,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for python_pip @@ -54,21 +54,24 @@ python_pip_modules: [] # You can have this role update pip, using pip. python_pip_update: yes + +# You can use something other than the default pip binary. +# python_pip_executable: pip3 ``` ## [Requirements](#requirements) - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-python_pip/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| ## [Context](#context) @@ -83,28 +86,19 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| -|el|8| -|debian|buster, bullseye| -|fedora|32, 33| +|alpine|all| +|debian|all| +|el|all| +|fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| -The minimum version of Ansible required is 2.1, tests have been done to: +The minimum version of Ansible required is 2.10, tests have been done to: - The previous version. - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| amazonlinux | python2 is installed already. | -| alpine | Failed to create temporary directory. | -| centos:7 | CentOS 7 uses python2, which is EOL. | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-python_pip/issues) @@ -112,12 +106,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [rohankrishnadev](https://github.com/rohankrishnadev) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/python_pip/meta/.galaxy_install_info b/roles/python_pip/meta/.galaxy_install_info index e870578..e2f2cb4 100644 --- a/roles/python_pip/meta/.galaxy_install_info +++ b/roles/python_pip/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:52 2021 -version: 4.1.0 +install_date: Wed Aug 3 07:07:22 2022 +version: 4.3.1 diff --git a/roles/python_pip/meta/exception.yml b/roles/python_pip/meta/exception.yml deleted file mode 100644 index fd14022..0000000 --- a/roles/python_pip/meta/exception.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -exceptions: - - variation: amazonlinux - reason: "python2 is installed already." - - variation: alpine - reason: "Failed to create temporary directory." - - variation: "centos:7" - reason: "CentOS 7 uses python2, which is EOL." diff --git a/roles/python_pip/meta/main.yml b/roles/python_pip/meta/main.yml index e7a0020..4b68c6c 100644 --- a/roles/python_pip/meta/main.yml +++ b/roles/python_pip/meta/main.yml @@ -6,27 +6,27 @@ galaxy_info: description: Install pythons pip on your system. license: Apache-2.0 company: none - min_ansible_version: 2.10 + min_ansible_version: "2.10" platforms: - - name: EL + - name: Alpine versions: - - 8 + - all - name: Debian versions: - - buster - - bullseye + - all + - name: EL + versions: + - all - name: Fedora versions: - - 32 - - 33 + - all - name: OpenSUSE versions: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - python diff --git a/roles/python_pip/molecule/default/molecule.yml b/roles/python_pip/molecule/default/molecule.yml index 2eab685..fd03c29 100644 --- a/roles/python_pip/molecule/default/molecule.yml +++ b/roles/python_pip/molecule/default/molecule.yml @@ -14,7 +14,7 @@ lint: | driver: name: docker platforms: - - name: "python_pip-${image:-fedora}-${tag:-latest}${TOX_ENVNAME}" + - name: "pythonpip-${image:-fedora}-${tag:-latest}${TOX_ENVNAME}" image: "${namespace:-robertdebock}/${image:-fedora}:${tag:-latest}" command: /sbin/init volumes: @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/python_pip/molecule/default/verify.yml b/roles/python_pip/molecule/default/verify.yml index 7358f6b..87cc789 100644 --- a/roles/python_pip/molecule/default/verify.yml +++ b/roles/python_pip/molecule/default/verify.yml @@ -6,28 +6,28 @@ tasks: - name: install pip module - pip: + ansible.builtin.pip: name: docker state: present - name: check if bootstrap still works. - include_role: + ansible.builtin.include_role: name: robertdebock.bootstrap - name: remove pip module - pip: + ansible.builtin.pip: name: docker state: absent - name: check if requested modules can be installed - include_role: + ansible.builtin.include_role: name: ansible-role-python_pip vars: python_pip_modules: - name: docker - name: check if requested modules can be removed - include_role: + ansible.builtin.include_role: name: ansible-role-python_pip vars: python_pip_modules: @@ -35,14 +35,15 @@ state: absent - name: check if pyOpenSSL can be installed - pip: + ansible.builtin.pip: name: pyOpenSSL state: present notify: - remove pyOpenSSL handlers: + - name: remove pyOpenSSL - pip: + ansible.builtin.pip: name: pyOpenSSL state: absent diff --git a/roles/python_pip/tasks/assert.yml b/roles/python_pip/tasks/assert.yml index 8421073..555ddec 100644 --- a/roles/python_pip/tasks/assert.yml +++ b/roles/python_pip/tasks/assert.yml @@ -28,7 +28,7 @@ when: - item.state is defined -- name: test if item.name in python_pip_modules is set correctly +- name: test if item.version in python_pip_modules is set correctly ansible.builtin.assert: that: - item.version is string diff --git a/roles/python_pip/tasks/main.yml b/roles/python_pip/tasks/main.yml index 26a3ec8..bd2f3b4 100644 --- a/roles/python_pip/tasks/main.yml +++ b/roles/python_pip/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for python_pip -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -33,14 +33,20 @@ - name: update pip ansible.builtin.pip: - name: - - pip - - setuptools - state: latest # noqa package-latest + name: "{{ python_pip_pip_package }}" + state: "{{ python_pip_pip_state }}" # noqa package-latest executable: "{{ python_pip_executable | default(omit) }}" when: - python_pip_update | bool +# - name: update setuptools +# ansible.builtin.pip: +# name: setuptools +# state: latest # noqa package-latest +# executable: "{{ python_pip_executable | default(omit) }}" +# when: +# - python_pip_update | bool + - name: install requested modules ansible.builtin.pip: name: "{{ item.name }}" diff --git a/roles/python_pip/tox.ini b/roles/python_pip/tox.ini index f57553b..88f8545 100644 --- a/roles/python_pip/tox.ini +++ b/roles/python_pip/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/python_pip/vars/main.yml b/roles/python_pip/vars/main.yml index 00232dc..a2dbed0 100644 --- a/roles/python_pip/vars/main.yml +++ b/roles/python_pip/vars/main.yml @@ -2,18 +2,33 @@ # vars file for python_pip _python_pip_packages: - Alpine: - - py3-pip - - py3-setuptools - - python3-dev - Debian: - - python3-pip - - python3-setuptools - RedHat: - - python3-pip - - python3-setuptools - Suse: - - python3-pip - - python3-setuptools + 2: + default: + - python-pip + - python-setuptools + 3: + default: + - python3-pip + - python3-setuptools + Alpine: + - py3-pip + - py3-setuptools + - python3-dev -python_pip_packages: "{{ _python_pip_packages[ansible_os_family] | default(_python_pip_packages['default']) }}" +# Find the list of packages, based on the mapping above and the used python +# version used for running Ansible. +python_pip_packages: "{{ _python_pip_packages[ansible_python.version.major | int][ansible_os_family] | default(_python_pip_packages[ansible_python.version.major | int]['default'] | default(_python_pip_packages['3']['default'] )) }}" + +_python_pip_pip_package: + default: + - pip + RedHat-7: + - pip==20.3.4 + +python_pip_pip_package: "{{ _python_pip_pip_package[ansible_os_family ~ '-' ~ ansible_distribution_major_version] | default(_python_pip_pip_package['default'] ) }}" + +_python_pip_pip_state: + default: latest + RedHat-7: present + +python_pip_pip_state: "{{ _python_pip_pip_state[ansible_os_family] | default(_python_pip_pip_state['default'] ) }}" diff --git a/roles/reboot/.ansible-lint b/roles/reboot/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/reboot/.ansible-lint +++ b/roles/reboot/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/reboot/.github/ISSUE_TEMPLATE/bug_report.md b/roles/reboot/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/reboot/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/reboot/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/reboot/.github/workflows/galaxy.yml b/roles/reboot/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/reboot/.github/workflows/galaxy.yml +++ b/roles/reboot/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/reboot/.github/workflows/molecule.yml b/roles/reboot/.github/workflows/molecule.yml index 18cf994..51be384 100644 --- a/roles/reboot/.github/workflows/molecule.yml +++ b/roles/reboot/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '18 18 18 * *' + - cron: '35 18 18 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/reboot/.gitignore b/roles/reboot/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/reboot/.gitignore +++ b/roles/reboot/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/reboot/.travis.yml b/roles/reboot/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/reboot/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/reboot/LICENSE b/roles/reboot/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/reboot/LICENSE +++ b/roles/reboot/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/reboot/README.md b/roles/reboot/README.md index 3095185..f93fab4 100644 --- a/roles/reboot/README.md +++ b/roles/reboot/README.md @@ -8,7 +8,7 @@ The purpose of this role is to reboot your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.reboot ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -36,7 +36,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for reboot @@ -59,13 +59,13 @@ reboot_message: "Ansible role robertdebock.reboot initiated a reboot." - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-reboot/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -82,11 +82,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -95,20 +95,12 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-reboot/issues) ## [License](#license) Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [aisbergg](https://github.com/aisbergg) -- [richardlock](https://github.com/richardlock) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/reboot/meta/.galaxy_install_info b/roles/reboot/meta/.galaxy_install_info index 2f753e9..3d43079 100644 --- a/roles/reboot/meta/.galaxy_install_info +++ b/roles/reboot/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:55 2021 -version: 3.0.2 +install_date: Wed Aug 3 07:07:23 2022 +version: 3.2.1 diff --git a/roles/reboot/meta/main.yml b/roles/reboot/meta/main.yml index ad0bf7c..8e36398 100644 --- a/roles/reboot/meta/main.yml +++ b/roles/reboot/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: reboot description: The purpose of this role is to reboot your system. license: Apache-2.0 @@ -16,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -30,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - reboot diff --git a/roles/reboot/molecule/default/molecule.yml b/roles/reboot/molecule/default/molecule.yml index a42c832..f6624f5 100644 --- a/roles/reboot/molecule/default/molecule.yml +++ b/roles/reboot/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/reboot/molecule/default/verify.yml b/roles/reboot/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/reboot/molecule/default/verify.yml +++ b/roles/reboot/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/reboot/requirements.yml b/roles/reboot/requirements.yml index 11e3224..4aca381 100644 --- a/roles/reboot/requirements.yml +++ b/roles/reboot/requirements.yml @@ -1,3 +1,4 @@ --- roles: - name: robertdebock.bootstrap +collections: diff --git a/roles/reboot/tasks/main.yml b/roles/reboot/tasks/main.yml index b8c84e1..48dbb85 100644 --- a/roles/reboot/tasks/main.yml +++ b/roles/reboot/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for reboot -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -19,7 +19,8 @@ register: reboot_rhel_needs_restarting_executable - name: see if a reboot is required (rhel) - ansible.builtin.command: needs-restarting -r + ansible.builtin.command: + cmd: needs-restarting -r check_mode: no register: reboot_rhel_needsrestarting changed_when: @@ -29,8 +30,8 @@ when: - reboot_rhel_needs_restarting_executable.stat.exists when: - - ansible_connection != "docker" - - ansible_os_family == "RedHat" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] + - ansible_os_family in [ "RedHat", "Rocky" ] - name: configure debian block: @@ -40,7 +41,8 @@ register: reboot_debian_needsrestart_executable - name: see if a reboot is required (debian) - ansible.builtin.command: needrestart -b + ansible.builtin.command: + cmd: needrestart -b check_mode: no register: reboot_debian_needrestarting changed_when: @@ -48,13 +50,16 @@ when: - reboot_debian_needsrestart_executable.stat.exists when: - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] - ansible_os_family == "Debian" - name: include reboot - ansible.builtin.include_tasks: reboot.yml + ansible.builtin.include_tasks: + file: reboot.yml when: - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] - (reboot_always | bool) or (reboot_rhel_needsrestarting.changed | default(no)) or (reboot_debian_needrestarting.changed | default(no)) + tags: + - skip_ansible_later diff --git a/roles/reboot/tasks/reboot.yml b/roles/reboot/tasks/reboot.yml index 309c714..6986714 100644 --- a/roles/reboot/tasks/reboot.yml +++ b/roles/reboot/tasks/reboot.yml @@ -3,7 +3,8 @@ ansible.builtin.meta: flush_handlers - name: reboot the machine - ansible.builtin.shell: "(sleep {{ reboot_delay }} && {{ reboot_command }} &)" # noqa 301 This was before the reboot module existed. + ansible.builtin.shell: + cmd: "(sleep {{ reboot_delay }} && {{ reboot_command }} &)" # noqa 301 This was before the reboot module existed. async: 1 poll: 0 ignore_errors: yes @@ -13,7 +14,7 @@ seconds: "{{ reboot_delay }}" - name: 2 wait for the machine to be up - ansible.builtin.wait_for: + ansible.builtin.wait_for_connection: delay: "{{ reboot_up_delay }}" - name: 3 gather facts after reboot diff --git a/roles/reboot/tox.ini b/roles/reboot/tox.ini index f57553b..88f8545 100644 --- a/roles/reboot/tox.ini +++ b/roles/reboot/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/reboot/vars/main.yml b/roles/reboot/vars/main.yml index 2ca3545..975f6c2 100644 --- a/roles/reboot/vars/main.yml +++ b/roles/reboot/vars/main.yml @@ -8,10 +8,10 @@ _reboot_requirements: Fedora: dnf-utils Ubuntu: needrestart -reboot_requirements: "{{ _reboot_requirements[ansible_distribution] | default(_reboot_requirements['default']) }}" +reboot_requirements: "{{ _reboot_requirements[ansible_distribution] | default(_reboot_requirements['default'] ) }}" _reboot_command: default: shutdown -r now {{ reboot_message }} Alpine: reboot -reboot_command: "{{ _reboot_command[ansible_os_family] | default(_reboot_command['default']) }}" +reboot_command: "{{ _reboot_command[ansible_os_family] | default(_reboot_command['default'] ) }}" diff --git a/roles/requirements.yml b/roles/requirements.yml index cabb0af..47523a8 100644 --- a/roles/requirements.yml +++ b/roles/requirements.yml @@ -11,6 +11,8 @@ name: bootstrap - src: robertdebock.buildtools name: buildtools +- src: robertdebock.code + name: code - src: robertdebock.common name: common - src: robertdebock.docker diff --git a/roles/ruby/.ansible-lint b/roles/ruby/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/ruby/.ansible-lint +++ b/roles/ruby/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/ruby/.github/ISSUE_TEMPLATE/bug_report.md b/roles/ruby/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/ruby/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/ruby/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/ruby/.github/workflows/galaxy.yml b/roles/ruby/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/ruby/.github/workflows/galaxy.yml +++ b/roles/ruby/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/ruby/.github/workflows/molecule.yml b/roles/ruby/.github/workflows/molecule.yml index 18cf994..51be384 100644 --- a/roles/ruby/.github/workflows/molecule.yml +++ b/roles/ruby/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '18 18 18 * *' + - cron: '35 18 18 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/ruby/.gitignore b/roles/ruby/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/ruby/.gitignore +++ b/roles/ruby/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/ruby/.travis.yml b/roles/ruby/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/ruby/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/ruby/LICENSE b/roles/ruby/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/ruby/LICENSE +++ b/roles/ruby/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/ruby/README.md b/roles/ruby/README.md index d4ab45e..e3f42cd 100644 --- a/roles/ruby/README.md +++ b/roles/ruby/README.md @@ -8,7 +8,7 @@ Install ruby on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.ruby ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -39,13 +39,13 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-ruby/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -62,11 +62,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -75,14 +75,12 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-ruby/issues) ## [License](#license) Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/ruby/meta/.galaxy_install_info b/roles/ruby/meta/.galaxy_install_info index 5214de1..375a4a3 100644 --- a/roles/ruby/meta/.galaxy_install_info +++ b/roles/ruby/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 06:59:58 2021 -version: 3.0.0 +install_date: Wed Aug 3 07:07:24 2022 +version: 3.1.2 diff --git a/roles/ruby/meta/main.yml b/roles/ruby/meta/main.yml index 6588169..36054d3 100644 --- a/roles/ruby/meta/main.yml +++ b/roles/ruby/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: ruby description: Install ruby on your system. license: Apache-2.0 @@ -16,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -30,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - ruby diff --git a/roles/ruby/molecule/default/molecule.yml b/roles/ruby/molecule/default/molecule.yml index c205e89..03483eb 100644 --- a/roles/ruby/molecule/default/molecule.yml +++ b/roles/ruby/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/ruby/molecule/default/verify.yml b/roles/ruby/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/ruby/molecule/default/verify.yml +++ b/roles/ruby/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/ruby/requirements.yml b/roles/ruby/requirements.yml index 11e3224..4aca381 100644 --- a/roles/ruby/requirements.yml +++ b/roles/ruby/requirements.yml @@ -1,3 +1,4 @@ --- roles: - name: robertdebock.bootstrap +collections: diff --git a/roles/ruby/tox.ini b/roles/ruby/tox.ini index f57553b..88f8545 100644 --- a/roles/ruby/tox.ini +++ b/roles/ruby/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/service/.ansible-lint b/roles/service/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/service/.ansible-lint +++ b/roles/service/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/service/.github/ISSUE_TEMPLATE/bug_report.md b/roles/service/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/service/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/service/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/service/.github/workflows/galaxy.yml b/roles/service/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/service/.github/workflows/galaxy.yml +++ b/roles/service/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/service/.github/workflows/molecule.yml b/roles/service/.github/workflows/molecule.yml index 5fd95f0..64dc05c 100644 --- a/roles/service/.github/workflows/molecule.yml +++ b/roles/service/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '19 19 19 * *' + - cron: '37 19 19 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -33,22 +33,24 @@ jobs: fail-fast: false matrix: config: - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -61,7 +63,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/service/.gitignore b/roles/service/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/service/.gitignore +++ b/roles/service/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/service/.travis.yml b/roles/service/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/service/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/service/LICENSE b/roles/service/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/service/LICENSE +++ b/roles/service/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/service/README.md b/roles/service/README.md index 445e83b..ef46c99 100644 --- a/roles/service/README.md +++ b/roles/service/README.md @@ -8,7 +8,7 @@ Add custom services to your Linux system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -70,7 +70,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea environmentfile: /environmentfile.txt ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -84,7 +84,7 @@ The machine needs to be prepared in CI this is done using `molecule/resources/pr post_tasks: - name: place /environmentfile.txt - copy: + ansible.builtin.copy: content: "value=variable" dest: /environmentfile.txt mode: "0644" @@ -94,7 +94,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for service @@ -122,19 +122,20 @@ These variables are set in `defaults/main.yml`: # - after: Start after the mentioned service. # - restart_mode: The mode to use, for example "always". # - restart_seconds: The time to allow restart to finish. +service_list: [] ``` ## [Requirements](#requirements) - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-service/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -149,11 +150,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -162,19 +163,12 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-service/issues) ## [License](#license) Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [githengi](https://github.com/githengi) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/service/defaults/main.yml b/roles/service/defaults/main.yml index 3f8950a..a54221b 100644 --- a/roles/service/defaults/main.yml +++ b/roles/service/defaults/main.yml @@ -24,3 +24,4 @@ # - after: Start after the mentioned service. # - restart_mode: The mode to use, for example "always". # - restart_seconds: The time to allow restart to finish. +service_list: [] diff --git a/roles/service/meta/.galaxy_install_info b/roles/service/meta/.galaxy_install_info index 3408834..a52d4e4 100644 --- a/roles/service/meta/.galaxy_install_info +++ b/roles/service/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 07:00:00 2021 -version: 3.0.0 +install_date: Wed Aug 3 07:07:26 2022 +version: 3.1.3 diff --git a/roles/service/meta/main.yml b/roles/service/meta/main.yml index 77b95c1..bf20174 100644 --- a/roles/service/meta/main.yml +++ b/roles/service/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: service description: Add custom services to your Linux system. license: Apache-2.0 @@ -10,12 +11,10 @@ galaxy_info: platforms: - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -24,8 +23,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - service diff --git a/roles/service/molecule/default/molecule.yml b/roles/service/molecule/default/molecule.yml index 2dce3c5..be3ae62 100644 --- a/roles/service/molecule/default/molecule.yml +++ b/roles/service/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/service/molecule/default/prepare.yml b/roles/service/molecule/default/prepare.yml index 84471e0..b67aca0 100644 --- a/roles/service/molecule/default/prepare.yml +++ b/roles/service/molecule/default/prepare.yml @@ -10,7 +10,7 @@ post_tasks: - name: place /environmentfile.txt - copy: + ansible.builtin.copy: content: "value=variable" dest: /environmentfile.txt mode: "0644" diff --git a/roles/service/molecule/default/verify.yml b/roles/service/molecule/default/verify.yml index b57c495..8b4ddf7 100644 --- a/roles/service/molecule/default/verify.yml +++ b/roles/service/molecule/default/verify.yml @@ -10,7 +10,7 @@ tasks: - name: check simple-service - service: + ansible.builtin.service: name: simple-service state: started enabled: yes @@ -20,7 +20,7 @@ - service_check_simple_service is changed - name: check stopped-service - service: + ansible.builtin.service: name: stopped-service state: stopped enabled: no diff --git a/roles/service/requirements.yml b/roles/service/requirements.yml index 11e3224..4aca381 100644 --- a/roles/service/requirements.yml +++ b/roles/service/requirements.yml @@ -1,3 +1,4 @@ --- roles: - name: robertdebock.bootstrap +collections: diff --git a/roles/service/tasks/main.yml b/roles/service/tasks/main.yml index b61fbdf..8852be4 100644 --- a/roles/service/tasks/main.yml +++ b/roles/service/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for service -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost diff --git a/roles/service/tox.ini b/roles/service/tox.ini index f57553b..88f8545 100644 --- a/roles/service/tox.ini +++ b/roles/service/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/service/vars/main.yml b/roles/service/vars/main.yml index 3b47cb9..8527959 100644 --- a/roles/service/vars/main.yml +++ b/roles/service/vars/main.yml @@ -14,4 +14,4 @@ _service_required_packages: Suse: - psmisc -service_required_packages: "{{ _service_required_packages[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_service_required_packages[ansible_os_family] | default(_service_required_packages['default'])) }}" +service_required_packages: "{{ _service_required_packages[ansible_distribution ~ '-' ~ ansible_distribution_major_version] | default(_service_required_packages[ansible_os_family] | default(_service_required_packages['default'] )) }}" diff --git a/roles/travis/.ansible-lint b/roles/travis/.ansible-lint index 7a17121..22c6c7e 100644 --- a/roles/travis/.ansible-lint +++ b/roles/travis/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/travis/.github/ISSUE_TEMPLATE/bug_report.md b/roles/travis/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/travis/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/travis/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/travis/.github/workflows/molecule.yml b/roles/travis/.github/workflows/molecule.yml index dfe56d7..806e729 100644 --- a/roles/travis/.github/workflows/molecule.yml +++ b/roles/travis/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '20 20 20 * *' + - cron: '39 20 20 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@2.7.2 with: command: lint test: @@ -35,12 +35,12 @@ jobs: config: - image: "alpine" tag: "latest" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "opensuse" tag: "latest" - image: "ubuntu" @@ -57,7 +57,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@2.7.2 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/travis/.gitignore b/roles/travis/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/travis/.gitignore +++ b/roles/travis/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/travis/.travis.yml b/roles/travis/.travis.yml index 21201e1..3fcce0a 100644 --- a/roles/travis/.travis.yml +++ b/roles/travis/.travis.yml @@ -18,8 +18,7 @@ cache: install: - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint + - pip install ansible ansible-lint yamllint script: - yamllint . diff --git a/roles/travis/README.md b/roles/travis/README.md index 2a419f8..f854948 100644 --- a/roles/travis/README.md +++ b/roles/travis/README.md @@ -8,7 +8,7 @@ Installs travis on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.travis ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -41,15 +41,15 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-travis/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.ruby](https://galaxy.ansible.com/robertdebock/ruby) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-ruby/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-ruby/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-ruby/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-ruby) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.ruby](https://galaxy.ansible.com/robertdebock/ruby)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-ruby/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-ruby/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ruby/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-ruby)| ## [Context](#context) @@ -66,9 +66,9 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |el|8| -|debian|buster, bullseye| +|debian|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -78,7 +78,7 @@ The minimum version of Ansible required is 2.10, tests have been done to: ## [Exceptions](#exceptions) -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: +Some roles can't run on a specific distribution or version. Here are some exceptions. | variation | reason | |---------------------------|------------------------| @@ -93,7 +93,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/travis/meta/.galaxy_install_info b/roles/travis/meta/.galaxy_install_info index 4236eeb..6c1a075 100644 --- a/roles/travis/meta/.galaxy_install_info +++ b/roles/travis/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 07:00:02 2021 -version: 4.0.1 +install_date: Wed Aug 3 07:07:27 2022 +version: 4.1.1 diff --git a/roles/travis/meta/main.yml b/roles/travis/meta/main.yml index 95a96f7..3f8bade 100644 --- a/roles/travis/meta/main.yml +++ b/roles/travis/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: travis description: Installs travis on your system. license: Apache-2.0 @@ -16,15 +17,13 @@ galaxy_info: - 8 - name: Debian versions: - - buster - - bullseye + - all - name: OpenSUSE versions: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - travis diff --git a/roles/travis/molecule/default/molecule.yml b/roles/travis/molecule/default/molecule.yml index 4ecf3b8..4d39899 100644 --- a/roles/travis/molecule/default/molecule.yml +++ b/roles/travis/molecule/default/molecule.yml @@ -6,11 +6,11 @@ dependency: name: galaxy options: role-file: requirements.yml - requirements-file: requirements.yml lint: | set -e yamllint . ansible-lint + ansible-later driver: name: docker platforms: @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/travis/molecule/default/verify.yml b/roles/travis/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/travis/molecule/default/verify.yml +++ b/roles/travis/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/travis/tox.ini b/roles/travis/tox.ini index f57553b..c1ade81 100644 --- a/roles/travis/tox.ini +++ b/roles/travis/tox.ini @@ -3,16 +3,15 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{39}-ansible-{2.9,2.10,2.11} skipsdist = true [testenv] deps = 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 2.10: ansible-base == 2.10.* + 2.11: ansible-core == 2.11.* molecule[docker] docker == 4.* ansible-lint == 5.* @@ -23,4 +22,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/travis/vars/main.yml b/roles/travis/vars/main.yml index 97c1b65..23d1739 100644 --- a/roles/travis/vars/main.yml +++ b/roles/travis/vars/main.yml @@ -7,11 +7,12 @@ _travis_requirements: - ruby-dev Debian: - ruby-dev - RedHat: + RedHat: &redhat_requirements - ruby-devel + Rocky: *redhat_requirements Suse: - ruby-devel -travis_requirements: "{{ _travis_requirements[ansible_os_family] | default(_travis_requirements['default']) }}" +travis_requirements: "{{ _travis_requirements[ansible_os_family] | default(_travis_requirements['default'] ) }}" travis_package: travis diff --git a/roles/update/.ansible-lint b/roles/update/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/update/.ansible-lint +++ b/roles/update/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/update/.github/ISSUE_TEMPLATE/bug_report.md b/roles/update/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/update/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/update/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/update/.github/workflows/galaxy.yml b/roles/update/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/update/.github/workflows/galaxy.yml +++ b/roles/update/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/update/.github/workflows/molecule.yml b/roles/update/.github/workflows/molecule.yml index bd9805e..f4b1832 100644 --- a/roles/update/.github/workflows/molecule.yml +++ b/roles/update/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '21 21 21 * *' + - cron: '41 21 21 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/update/.gitignore b/roles/update/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/update/.gitignore +++ b/roles/update/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/update/.travis.yml b/roles/update/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/update/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/update/LICENSE b/roles/update/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/update/LICENSE +++ b/roles/update/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/update/README.md b/roles/update/README.md index c5ccbd5..7d861f5 100644 --- a/roles/update/README.md +++ b/roles/update/README.md @@ -8,7 +8,7 @@ Install updates on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.update ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -36,7 +36,7 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for update @@ -60,13 +60,13 @@ update_reboot: yes - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-update/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| ## [Context](#context) @@ -83,11 +83,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -95,14 +95,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| Archlinux & Ansible 2.7 | New-style module did not handle its own exit | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-update/issues) @@ -110,12 +102,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [ahnooie](https://github.com/ahnooie) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/update/handlers/main.yml b/roles/update/handlers/main.yml index bf3f59b..cb9daf1 100644 --- a/roles/update/handlers/main.yml +++ b/roles/update/handlers/main.yml @@ -5,4 +5,4 @@ ansible.builtin.reboot: when: - update_reboot | bool - - ansible_connection != "docker" + - ansible_connection not in [ "container", "docker", "community.docker.docker" ] diff --git a/roles/update/meta/.galaxy_install_info b/roles/update/meta/.galaxy_install_info index ca298ed..66e9988 100644 --- a/roles/update/meta/.galaxy_install_info +++ b/roles/update/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 07:00:05 2021 -version: master +install_date: Wed Aug 3 07:07:28 2022 +version: 3.1.4 diff --git a/roles/update/meta/exception.yml b/roles/update/meta/exception.yml deleted file mode 100644 index 6da44d3..0000000 --- a/roles/update/meta/exception.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -exceptions: - - variation: Archlinux & Ansible 2.7 - reason: New-style module did not handle its own exit diff --git a/roles/update/meta/main.yml b/roles/update/meta/main.yml index 7cbbd54..ad457d2 100644 --- a/roles/update/meta/main.yml +++ b/roles/update/meta/main.yml @@ -17,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -31,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - update diff --git a/roles/update/molecule/default/molecule.yml b/roles/update/molecule/default/molecule.yml index c3cafde..c3c5b0a 100644 --- a/roles/update/molecule/default/molecule.yml +++ b/roles/update/molecule/default/molecule.yml @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/update/molecule/default/verify.yml b/roles/update/molecule/default/verify.yml index b9dc6f8..37f1090 100644 --- a/roles/update/molecule/default/verify.yml +++ b/roles/update/molecule/default/verify.yml @@ -6,4 +6,4 @@ tasks: - name: check if connection still works - ping: + ansible.builtin.ping: diff --git a/roles/update/tasks/main.yml b/roles/update/tasks/main.yml index 468dd6d..da8eb9f 100644 --- a/roles/update/tasks/main.yml +++ b/roles/update/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for update -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -36,22 +36,18 @@ autoremove: "{{ update_autoremove }}" when: - ansible_pkg_mgr == "apt" - - update_autoremove == "yes" - tags: - - skip_ansible_lint + - update_autoremove when: - ansible_pkg_mgr == "apt" - name: update all software (dnf) ansible.builtin.dnf: name: "*" - state: latest + state: latest # noqa package-latest This role is to update packages. notify: - reboot when: - ansible_pkg_mgr == "dnf" - tags: - - skip_ansible_lint - name: update all software (pacman) community.general.pacman: @@ -61,36 +57,30 @@ - reboot when: - ansible_pkg_mgr == "pacman" - tags: - - skip_ansible_lint - name: configure yum block: - name: update all software (yum/6) ansible.builtin.yum: name: "*" - state: latest + state: latest # noqa package-latest This role is to update packages. notify: - reboot when: - ansible_distribution_major_version == "6" - tags: - - skip_ansible_lint - - name: configure 7 - block: - - name: update all software (yum/7) - ansible.builtin.yum: - name: "*" - state: latest - notify: - - reboot - tags: - - skip_ansible_lint + - name: update all software (yum/7) + ansible.builtin.yum: + name: "*" + state: latest # noqa package-latest This role is to update packages. + notify: + - reboot + when: + - ansible_distribution_major_version == "7" - - name: install yum-utils - ansible.builtin.package: - name: yum-utils + - name: install yum-utils + ansible.builtin.package: + name: yum-utils when: - ansible_distribution_major_version == "7" when: @@ -99,10 +89,8 @@ - name: update all software (zypper) community.general.zypper: name: "*" - state: latest + state: latest # noqa package-latest This role is to update packages. notify: - reboot when: - ansible_pkg_mgr == "zypper" - tags: - - skip_ansible_lint diff --git a/roles/update/tox.ini b/roles/update/tox.ini index f57553b..88f8545 100644 --- a/roles/update/tox.ini +++ b/roles/update/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/users/.ansible-lint b/roles/users/.ansible-lint index 57f681e..cbd9e6c 100644 --- a/roles/users/.ansible-lint +++ b/roles/users/.ansible-lint @@ -1,3 +1,4 @@ +--- # # Ansible managed # diff --git a/roles/users/.github/ISSUE_TEMPLATE/bug_report.md b/roles/users/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/users/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/users/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/users/.github/workflows/galaxy.yml b/roles/users/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/users/.github/workflows/galaxy.yml +++ b/roles/users/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/users/.github/workflows/molecule.yml b/roles/users/.github/workflows/molecule.yml index bd9805e..f4b1832 100644 --- a/roles/users/.github/workflows/molecule.yml +++ b/roles/users/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '21 21 21 * *' + - cron: '41 21 21 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -37,22 +37,24 @@ jobs: tag: "latest" - image: "amazonlinux" tag: "latest" - - image: "centos" - tag: "7" - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -65,7 +67,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/users/.gitignore b/roles/users/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/users/.gitignore +++ b/roles/users/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/users/.travis.yml b/roles/users/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/users/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/users/LICENSE b/roles/users/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/users/LICENSE +++ b/roles/users/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/users/README.md b/roles/users/README.md index 7e45f9a..1ad1b1e 100644 --- a/roles/users/README.md +++ b/roles/users/README.md @@ -8,7 +8,7 @@ The purpose of this role is to add users and groups on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -18,34 +18,69 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea roles: - role: robertdebock.users + # You can create groups: users_group_list: - name: robertdb gid: 1024 - name: users + # You can also remove groups. - name: notgroup state: absent + # A system group is also possible. - name: systemgroup system: yes + # You can create users. users_user_list: - name: root cron_allow: yes + # You can remove authorized keys. + unauthorized_keys: + - "ssh-rsa XYZYX54321" - name: robertdb comment: Robert de Bock uid: 1024 + # The `group` and `groups` listed here should exist. group: robertdb + # groups: A comma separated string of groups, i.e.: + # groups: users,wheel groups: users cron_allow: yes sudo_options: "ALL=(ALL) NOPASSWD: ALL" + # Adding an authorized key. authorized_keys: - "ssh-rsa ABC123" + # EPOCH timestamp when an account should expire. + # Typically a positive value like: `1641971487`. + # The value `-1` removes the expiry time. expires: -1 password_validity_days: 9 + # Test username with dots + - name: robert.d.b + comment: Robert de Bock with dots in username + uid: 1025 + # The `group` and `groups` listed here should exist. + group: robertdb + # groups: A comma separated string of groups, i.e.: + # groups: users,wheel + groups: users + cron_allow: yes + sudo_options: "ALL=(ALL) NOPASSWD: ALL" + # Adding an authorized key. + authorized_keys: + - "ssh-rsa ABC123" + # EPOCH timestamp when an account should expire. + # Typically a positive value like: `1641971487`. + # The value `-1` removes the expiry time. + expires: -1 + password_validity_days: 9 + # Here a user is removed. - name: notuser state: absent - name: keyuser manage_ssh_key: yes - name: privkeyuser + # This user will have ssh-keys generated. manage_ssh_key: yes copy_private_key: yes - name: multiplekeys @@ -53,16 +88,24 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - "ssh-rsa ABC1234" - "ssh-rsa ABC12345" - name: passuser + # You can set a password. (Hashed and salted.) password: "$6$mysecretsalt$qJbapG68nyRab3gxvKWPUcs2g3t0oMHSHMnSKecYNpSi3CuZm.GbBqXO8BE6EI6P1JUefhA0qvD7b5LSh./PU1" update_password: on_create - name: remotekey authorized_keys: + # You can also download a public key from a URL. - "https://raw.githubusercontent.com/shaanr/smdb/master/file.pub" - name: systemuser system: yes + - name: multisudo + # An account that can run just a few commands without a password. + sudo_options: + - "ALL= NOPASSWD: /usr/bin/systemctl restart httpd" + - "ALL= NOPASSWD: /usr/bin/systemctl start httpd" + - "ALL= NOPASSWD: /usr/bin/systemctl stop httpd" ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -73,13 +116,20 @@ The machine needs to be prepared in CI this is done using `molecule/resources/pr roles: - role: robertdebock.bootstrap - role: robertdebock.core_dependencies + + tasks: + - name: Set authorized keys for root + ansible.posix.authorized_key: + user: root + state: present + key: "ssh-rsa XYZYX54321" ``` Also see a [full explanation and example](https://robertdebock.nl/how-to-use-these-roles.html) on how to use these roles. ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for users @@ -101,14 +151,14 @@ users_create_home: yes - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-users/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies)| ## [Context](#context) @@ -125,11 +175,11 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |---------|----| |alpine|all| |amazon|Candidate| -|el|7, 8| -|debian|buster, bullseye| +|el|8| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -138,21 +188,12 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The development version. - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-users/issues) ## [License](#license) Apache-2.0 -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -- [aindenko](https://github.com/aindenko) -- [jkirk](https://github.com/jkirk) -- [icklers](https://github.com/icklers) - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/users/meta/.galaxy_install_info b/roles/users/meta/.galaxy_install_info index 15b37e6..abcbf4e 100644 --- a/roles/users/meta/.galaxy_install_info +++ b/roles/users/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 07:00:08 2021 -version: master +install_date: Wed Aug 3 07:07:30 2022 +version: 5.4.3 diff --git a/roles/users/meta/main.yml b/roles/users/meta/main.yml index 3777302..4c14698 100644 --- a/roles/users/meta/main.yml +++ b/roles/users/meta/main.yml @@ -17,12 +17,10 @@ galaxy_info: - Candidate - name: EL versions: - - 7 - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -31,8 +29,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - users diff --git a/roles/users/molecule/default/converge.yml b/roles/users/molecule/default/converge.yml index 5dd90cd..ad80980 100644 --- a/roles/users/molecule/default/converge.yml +++ b/roles/users/molecule/default/converge.yml @@ -6,34 +6,69 @@ roles: - role: ansible-role-users + # You can create groups: users_group_list: - name: robertdb gid: 1024 - name: users + # You can also remove groups. - name: notgroup state: absent + # A system group is also possible. - name: systemgroup system: yes + # You can create users. users_user_list: - name: root cron_allow: yes + # You can remove authorized keys. + unauthorized_keys: + - "ssh-rsa XYZYX54321" - name: robertdb comment: Robert de Bock uid: 1024 + # The `group` and `groups` listed here should exist. group: robertdb + # groups: A comma separated string of groups, i.e.: + # groups: users,wheel groups: users cron_allow: yes sudo_options: "ALL=(ALL) NOPASSWD: ALL" + # Adding an authorized key. authorized_keys: - "ssh-rsa ABC123" + # EPOCH timestamp when an account should expire. + # Typically a positive value like: `1641971487`. + # The value `-1` removes the expiry time. expires: -1 password_validity_days: 9 + # Test username with dots + - name: robert.d.b + comment: Robert de Bock with dots in username + uid: 1025 + # The `group` and `groups` listed here should exist. + group: robertdb + # groups: A comma separated string of groups, i.e.: + # groups: users,wheel + groups: users + cron_allow: yes + sudo_options: "ALL=(ALL) NOPASSWD: ALL" + # Adding an authorized key. + authorized_keys: + - "ssh-rsa ABC123" + # EPOCH timestamp when an account should expire. + # Typically a positive value like: `1641971487`. + # The value `-1` removes the expiry time. + expires: -1 + password_validity_days: 9 + # Here a user is removed. - name: notuser state: absent - name: keyuser manage_ssh_key: yes - name: privkeyuser + # This user will have ssh-keys generated. manage_ssh_key: yes copy_private_key: yes - name: multiplekeys @@ -41,10 +76,18 @@ - "ssh-rsa ABC1234" - "ssh-rsa ABC12345" - name: passuser + # You can set a password. (Hashed and salted.) password: "$6$mysecretsalt$qJbapG68nyRab3gxvKWPUcs2g3t0oMHSHMnSKecYNpSi3CuZm.GbBqXO8BE6EI6P1JUefhA0qvD7b5LSh./PU1" update_password: on_create - name: remotekey authorized_keys: + # You can also download a public key from a URL. - "https://raw.githubusercontent.com/shaanr/smdb/master/file.pub" - name: systemuser system: yes + - name: multisudo + # An account that can run just a few commands without a password. + sudo_options: + - "ALL= NOPASSWD: /usr/bin/systemctl restart httpd" + - "ALL= NOPASSWD: /usr/bin/systemctl start httpd" + - "ALL= NOPASSWD: /usr/bin/systemctl stop httpd" diff --git a/roles/users/molecule/default/molecule.yml b/roles/users/molecule/default/molecule.yml index b4d0cdc..01cc046 100644 --- a/roles/users/molecule/default/molecule.yml +++ b/roles/users/molecule/default/molecule.yml @@ -6,6 +6,7 @@ dependency: name: galaxy options: role-file: requirements.yml + requirements-file: requirements.yml lint: | set -e yamllint . @@ -22,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/users/molecule/default/prepare.yml b/roles/users/molecule/default/prepare.yml index 193d278..dc9b1bf 100644 --- a/roles/users/molecule/default/prepare.yml +++ b/roles/users/molecule/default/prepare.yml @@ -7,3 +7,10 @@ roles: - role: robertdebock.bootstrap - role: robertdebock.core_dependencies + + tasks: + - name: Set authorized keys for root + ansible.posix.authorized_key: + user: root + state: present + key: "ssh-rsa XYZYX54321" diff --git a/roles/users/molecule/default/verify.yml b/roles/users/molecule/default/verify.yml index 7d4355f..536d85d 100644 --- a/roles/users/molecule/default/verify.yml +++ b/roles/users/molecule/default/verify.yml @@ -6,16 +6,25 @@ tasks: - name: record status of .ssh - stat: + ansible.builtin.stat: path: /home/keyuser/.ssh register: result failed_when: - not result.stat.exists - name: check if user notuser does not exist - user: + ansible.builtin.user: name: notuser state: absent register: users_check_user_notuser failed_when: - users_check_user_notuser is changed + + - name: check if unauthorized keys are deleted + ansible.posix.authorized_key: + user: root + state: absent + key: "ssh-rsa XYZYX54321" + register: users_check_unauthorized_keys + failed_when: + - users_check_unauthorized_keys is changed diff --git a/roles/users/requirements.yml b/roles/users/requirements.yml index e540ea4..6f61900 100644 --- a/roles/users/requirements.yml +++ b/roles/users/requirements.yml @@ -2,3 +2,5 @@ roles: - name: robertdebock.bootstrap - name: robertdebock.core_dependencies +collections: + - name: ansible.posix diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index a65140b..2933bc6 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for users -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost @@ -12,7 +12,8 @@ state: present - name: loop over users_group_list - ansible.builtin.include: group.yml + ansible.builtin.include_tasks: + file: group.yml loop: "{{ users_group_list }}" loop_control: label: "{{ group.name }}" @@ -21,7 +22,8 @@ - users_group_list is defined - name: loop over users_user_list - ansible.builtin.include: user.yml + ansible.builtin.include_tasks: + file: user.yml loop: "{{ users_user_list }}" loop_control: label: "{{ user.name }}" @@ -33,7 +35,7 @@ ansible.builtin.template: src: cron.allow.j2 dest: /etc/cron.allow - mode: "0640" + mode: "0644" when: - users_cron_allow | bool diff --git a/roles/users/tasks/user.yml b/roles/users/tasks/user.yml index 7719992..192c01f 100644 --- a/roles/users/tasks/user.yml +++ b/roles/users/tasks/user.yml @@ -1,5 +1,6 @@ --- # tasks file for users + - name: create local ssh_key_directory ansible.builtin.file: path: "{{ users_ssh_key_directory }}" @@ -31,8 +32,9 @@ - name: set sudo options for {{ user.name }} ansible.builtin.template: src: sudo.j2 - dest: "/etc/sudoers.d/{{ user.name }}" + dest: '/etc/sudoers.d/{{ user.name | replace(".", "dot") }}' mode: "0640" + validate: /usr/sbin/visudo -cf %s when: - user.sudo_options is defined loop_control: @@ -40,16 +42,22 @@ - name: remove sudo options for {{ user.name }} ansible.builtin.file: - path: "/etc/sudoers.d/{{ user.name }}" + path: '/etc/sudoers.d/{{ user.name | replace(".", "dot") }}' state: absent when: - user.sudo_options is not defined loop_control: label: "{{ user.name }}" +- name: ensure the sudoers.d directory is checked for user sudoers files (will be put after EOF if not exists) + ansible.builtin.lineinfile: + path: /etc/sudoers + state: present + line: '#includedir /etc/sudoers.d' + - name: generate private ssh key for {{ user.name }} - ansible.builtin.command: "{{ users_ssh_keygen_command }}" - args: + ansible.builtin.command: + cmd: "{{ users_ssh_keygen_command }}" creates: "{{ users_ssh_key_directory }}/{{ user.name }}" when: - user.manage_ssh_key is defined @@ -60,8 +68,8 @@ become: no - name: generate public ssh key for {{ user.name }} - ansible.builtin.shell: "{{ users_ssh_keygen_pubkey_command }} > {{ users_ssh_key_directory }}/{{ user.name }}.pub" - args: + ansible.builtin.shell: + cmd: "{{ users_ssh_keygen_pubkey_command }} > {{ users_ssh_key_directory }}/{{ user.name }}.pub" creates: "{{ users_ssh_key_directory }}/{{ user.name }}.pub" when: - user.manage_ssh_key is defined @@ -72,11 +80,11 @@ become: no - name: convert ssh key to ppk for {{ user.name }} - ansible.builtin.shell: > - ssh-keygen -e -f "{{ users_ssh_key_directory }}/{{ user.name }}" - -C "Generated by Ansible role robertdebock.users" - > "{{ users_ssh_key_directory }}/{{ user.name }}.ppk" - args: + ansible.builtin.shell: + cmd: > + ssh-keygen -e -f "{{ users_ssh_key_directory }}/{{ user.name }}" + -C "Generated by Ansible role robertdebock.users" + > "{{ users_ssh_key_directory }}/{{ user.name }}.ppk" creates: "{{ users_ssh_key_directory }}/{{ user.name }}.ppk" when: - user.manage_ssh_key is defined @@ -95,15 +103,28 @@ - user.manage_ssh_key is defined - user.manage_ssh_key -- name: loop over authorized_keys for {{ user.name }} - ansible.builtin.include: user_authorized_key.yml +- name: Deploy authorized keys for {{ user.name }} + ansible.posix.authorized_key: + user: "{{ user.name }}" + state: present + key: "{{ item }}" loop: "{{ user.authorized_keys }}" loop_control: label: "{{ user.name }}" - loop_var: authorized_key when: - user.authorized_keys is defined +- name: Remove unauthorized keys for {{ user.name }} + ansible.posix.authorized_key: + user: "{{ user.name }}" + state: absent + key: "{{ item }}" + loop: "{{ user.unauthorized_keys }}" + loop_control: + label: "{{ user.name }}" + when: + - user.unauthorized_keys is defined + - name: copy generated private ssh key for {{ user.name }} ansible.builtin.copy: src: "{{ users_ssh_key_directory }}/{{ user.name }}" @@ -119,7 +140,8 @@ label: "{{ user.name }}" - name: check users password valid time - command: awk 'BEGIN { FS = ":" } $1 == "{{ user.name }}" { print $5 }' /etc/shadow + ansible.builtin.command: + cmd: awk 'BEGIN { FS = ":" } $1 == "{{ user.name }}" { print $5 }' /etc/shadow register: users_pw_valid changed_when: no check_mode: no @@ -128,7 +150,8 @@ user.state is not defined - name: set users password valid time - command: chage -M "{{ user.password_validity_days }}" "{{ user.name }}" + ansible.builtin.command: + cmd: chage -M "{{ user.password_validity_days }}" "{{ user.name }}" when: - user.password_validity_days is defined - users_pw_valid.stdout is defined diff --git a/roles/users/tasks/user_authorized_key.yml b/roles/users/tasks/user_authorized_key.yml deleted file mode 100644 index 306c625..0000000 --- a/roles/users/tasks/user_authorized_key.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: place authorized_key for {{ user.name }} - authorized_key: - user: "{{ user.name }}" - state: present - key: "{{ item }}" - loop: "{{ user.authorized_keys }}" - loop_control: - label: "{{ user.name }}" diff --git a/roles/users/templates/sudo.j2 b/roles/users/templates/sudo.j2 index 43459cc..a384864 100644 --- a/roles/users/templates/sudo.j2 +++ b/roles/users/templates/sudo.j2 @@ -1,2 +1,8 @@ {{ ansible_managed | comment }} +{% if user.sudo_options is iterable and user.sudo_options is not string %} +{% for sudo_option in user.sudo_options %} +{{ user.name }} {{ sudo_option }} +{% endfor %} +{% else %} {{ user.name }} {{ user.sudo_options }} +{% endif %} diff --git a/roles/users/tox.ini b/roles/users/tox.ini index f57553b..88f8545 100644 --- a/roles/users/tox.ini +++ b/roles/users/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/users/vars/main.yml b/roles/users/vars/main.yml index 85127ff..d639dd0 100644 --- a/roles/users/vars/main.yml +++ b/roles/users/vars/main.yml @@ -8,7 +8,7 @@ _users_requirements: Suse: - shadow -users_requirements: "{{ _users_requirements[ansible_os_family] | default(_users_requirements['default']) }}" +users_requirements: "{{ _users_requirements[ansible_os_family] | default(_users_requirements['default'] ) }}" users_ssh_keygen_command: ssh-keygen -f {{ users_ssh_key_directory }}/{{ user.name }} -N "" -C "Generated by Ansible role robertdebock.users" users_ssh_keygen_pubkey_command: ssh-keygen -y -f {{ users_ssh_key_directory }}/{{ user.name }} diff --git a/roles/vagrant/.ansible-lint b/roles/vagrant/.ansible-lint index 7a17121..cbd9e6c 100644 --- a/roles/vagrant/.ansible-lint +++ b/roles/vagrant/.ansible-lint @@ -1,8 +1,8 @@ +--- # # Ansible managed # exclude_paths: - - ./meta/exception.yml - ./meta/preferences.yml - ./molecule/default/prepare.yml - ./molecule/default/converge.yml diff --git a/roles/vagrant/.github/ISSUE_TEMPLATE/bug_report.md b/roles/vagrant/.github/ISSUE_TEMPLATE/bug_report.md index f39b5dc..4bb9d98 100644 --- a/roles/vagrant/.github/ISSUE_TEMPLATE/bug_report.md +++ b/roles/vagrant/.github/ISSUE_TEMPLATE/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/roles/vagrant/.github/workflows/galaxy.yml b/roles/vagrant/.github/workflows/galaxy.yml index 1d36b74..092e544 100644 --- a/roles/vagrant/.github/workflows/galaxy.yml +++ b/roles/vagrant/.github/workflows/galaxy.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} diff --git a/roles/vagrant/.github/workflows/molecule.yml b/roles/vagrant/.github/workflows/molecule.yml index cd0f101..9984ab2 100644 --- a/roles/vagrant/.github/workflows/molecule.yml +++ b/roles/vagrant/.github/workflows/molecule.yml @@ -11,7 +11,7 @@ on: - '*' pull_request: schedule: - - cron: '23 22 22 * *' + - cron: '43 22 22 * *' jobs: lint: @@ -22,7 +22,7 @@ jobs: with: path: "${{ github.repository }}" - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: command: lint test: @@ -33,20 +33,24 @@ jobs: fail-fast: false matrix: config: - - image: "centos" + - image: "enterpriselinux" tag: "latest" - image: "debian" tag: "latest" - image: "debian" - tag: "bullseye" + tag: "bookworm" - image: "fedora" - tag: "32" + tag: "35" - image: "fedora" tag: "latest" + - image: "fedora" + tag: "rawhide" - image: "opensuse" tag: "latest" - image: "ubuntu" tag: "latest" + - image: "ubuntu" + tag: "focal" - image: "ubuntu" tag: "bionic" steps: @@ -59,7 +63,7 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@4.0.7 with: image: ${{ matrix.config.image }} tag: ${{ matrix.config.tag }} diff --git a/roles/vagrant/.gitignore b/roles/vagrant/.gitignore index c15d16a..ad73ff6 100644 --- a/roles/vagrant/.gitignore +++ b/roles/vagrant/.gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/roles/vagrant/.travis.yml b/roles/vagrant/.travis.yml deleted file mode 100644 index 21201e1..0000000 --- a/roles/vagrant/.travis.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# -# Ansible managed -# -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/roles/vagrant/LICENSE b/roles/vagrant/LICENSE index e770af8..5c7d4d5 100644 --- a/roles/vagrant/LICENSE +++ b/roles/vagrant/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2021 Robert de Bock (robert@meinit.nl) + Copyright 2022 Robert de Bock (robert@meinit.nl) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/roles/vagrant/README.md b/roles/vagrant/README.md index 070e81e..e99cf96 100644 --- a/roles/vagrant/README.md +++ b/roles/vagrant/README.md @@ -8,7 +8,7 @@ Install vagrant on your system. ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from `molecule/default/converge.yml` and is tested on each push, pull request and release. ```yaml --- - name: Converge @@ -20,7 +20,7 @@ This example is taken from `molecule/resources/converge.yml` and is tested on ea - role: robertdebock.vagrant ``` -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using `molecule/default/prepare.yml`: ```yaml --- - name: Prepare @@ -40,13 +40,13 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in `defaults/main.yml`: ```yaml --- # defaults file for vagrant # The version of vagrant to install. See https://releases.hashicorp.com/vagrant/ . -vagrant_version: 2.2.9 +vagrant_version: "2.2.19" # The location to unpack the .tar.xz, if applicable. vagrant_unarchive_dest: /usr/local/bin @@ -56,17 +56,17 @@ vagrant_unarchive_dest: /usr/local/bin - pip packages listed in [requirements.txt](https://github.com/robertdebock/ansible-role-vagrant/blob/master/requirements.txt). -## [Status of requirements](#status-of-requirements) +## [Status of used roles](#status-of-requirements) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| -| [robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap) -| [robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools) -| [robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies) -| [robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel) -| [robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip) | [![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions) | [![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip) +|[robertdebock.bootstrap](https://galaxy.ansible.com/robertdebock/bootstrap)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-bootstrap/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-bootstrap/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-bootstrap/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-bootstrap)| +|[robertdebock.buildtools](https://galaxy.ansible.com/robertdebock/buildtools)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-buildtools/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-buildtools/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-buildtools/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-buildtools)| +|[robertdebock.core_dependencies](https://galaxy.ansible.com/robertdebock/core_dependencies)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-core_dependencies/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-core_dependencies/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-core_dependencies/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-core_dependencies)| +|[robertdebock.epel](https://galaxy.ansible.com/robertdebock/epel)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-epel/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-epel/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-epel/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-epel)| +|[robertdebock.python_pip](https://galaxy.ansible.com/robertdebock/python_pip)|[![Build Status GitHub](https://github.com/robertdebock/ansible-role-python_pip/workflows/Ansible%20Molecule/badge.svg)](https://github.com/robertdebock/ansible-role-python_pip/actions)|[![Build Status GitLab ](https://gitlab.com/robertdebock/ansible-role-python_pip/badges/master/pipeline.svg)](https://gitlab.com/robertdebock/ansible-role-python_pip)| ## [Context](#context) @@ -82,10 +82,10 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| |el|8| -|debian|buster, bullseye| +|debian|all| |fedora|all| |opensuse|all| -|ubuntu|focal, bionic| +|ubuntu|all| The minimum version of Ansible required is 2.10, tests have been done to: @@ -93,14 +93,6 @@ The minimum version of Ansible required is 2.10, tests have been done to: - The current version. - The development version. -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -| alpine | Dependency not available: python_pip | - If you find issues, please register them in [GitHub](https://github.com/robertdebock/ansible-role-vagrant/issues) @@ -108,7 +100,6 @@ If you find issues, please register them in [GitHub](https://github.com/robertde Apache-2.0 - ## [Author Information](#author-information) [Robert de Bock](https://robertdebock.nl/) diff --git a/roles/vagrant/defaults/main.yml b/roles/vagrant/defaults/main.yml index 43a0472..f52cc02 100644 --- a/roles/vagrant/defaults/main.yml +++ b/roles/vagrant/defaults/main.yml @@ -2,7 +2,7 @@ # defaults file for vagrant # The version of vagrant to install. See https://releases.hashicorp.com/vagrant/ . -vagrant_version: 2.2.9 +vagrant_version: "2.2.19" # The location to unpack the .tar.xz, if applicable. vagrant_unarchive_dest: /usr/local/bin diff --git a/roles/vagrant/meta/.galaxy_install_info b/roles/vagrant/meta/.galaxy_install_info index f69ba41..e4c5f7c 100644 --- a/roles/vagrant/meta/.galaxy_install_info +++ b/roles/vagrant/meta/.galaxy_install_info @@ -1,2 +1,2 @@ -install_date: Sun Mar 21 07:00:09 2021 -version: 4.0.1 +install_date: Wed Aug 3 07:07:31 2022 +version: 4.1.3 diff --git a/roles/vagrant/meta/exception.yml b/roles/vagrant/meta/exception.yml deleted file mode 100644 index 5897a1b..0000000 --- a/roles/vagrant/meta/exception.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -exceptions: - - variation: alpine - reason: "Dependency not available: python_pip" diff --git a/roles/vagrant/meta/main.yml b/roles/vagrant/meta/main.yml index 62ee67e..fca41b1 100644 --- a/roles/vagrant/meta/main.yml +++ b/roles/vagrant/meta/main.yml @@ -1,6 +1,7 @@ --- galaxy_info: author: Robert de Bock + namespace: robertdebock role_name: vagrant description: Install vagrant on your system. license: Apache-2.0 @@ -13,8 +14,7 @@ galaxy_info: - 8 - name: Debian versions: - - buster - - bullseye + - all - name: Fedora versions: - all @@ -23,8 +23,7 @@ galaxy_info: - all - name: Ubuntu versions: - - focal - - bionic + - all galaxy_tags: - vagrant diff --git a/roles/vagrant/molecule/default/molecule.yml b/roles/vagrant/molecule/default/molecule.yml index c5fd6d3..0c54bac 100644 --- a/roles/vagrant/molecule/default/molecule.yml +++ b/roles/vagrant/molecule/default/molecule.yml @@ -23,9 +23,5 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes verifier: name: ansible diff --git a/roles/vagrant/molecule/default/verify.yml b/roles/vagrant/molecule/default/verify.yml index e71561d..c7118c4 100644 --- a/roles/vagrant/molecule/default/verify.yml +++ b/roles/vagrant/molecule/default/verify.yml @@ -6,4 +6,5 @@ tasks: - name: try vagrant - command: vagrant --version + ansible.builtin.command: + cmd: vagrant --version diff --git a/roles/vagrant/tasks/main.yml b/roles/vagrant/tasks/main.yml index 6a2f247..9092200 100644 --- a/roles/vagrant/tasks/main.yml +++ b/roles/vagrant/tasks/main.yml @@ -1,8 +1,8 @@ --- # tasks file for vagrant -- name: include assert.yml - import_tasks: assert.yml +- name: import assert.yml + ansible.builtin.import_tasks: assert.yml run_once: yes delegate_to: localhost diff --git a/roles/vagrant/tox.ini b/roles/vagrant/tox.ini index f57553b..88f8545 100644 --- a/roles/vagrant/tox.ini +++ b/roles/vagrant/tox.ini @@ -3,18 +3,16 @@ # [tox] minversion = 3.21.4 -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible-{4,5} skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + 4: ansible == 4.* + 5: ansible == 5.* molecule[docker] - docker == 4.* + docker == 5.* ansible-lint == 5.* commands = molecule test setenv = @@ -23,4 +21,4 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = namespace image tag DOCKER_HOST diff --git a/roles/vagrant/vars/main.yml b/roles/vagrant/vars/main.yml index bf24db5..945fe4f 100644 --- a/roles/vagrant/vars/main.yml +++ b/roles/vagrant/vars/main.yml @@ -10,7 +10,7 @@ _vagrant_package: zypper: "{{ vagrant_release_url }}/vagrant_{{ vagrant_version }}_{{ ansible_architecture }}.rpm" src: "{{ vagrant_release_url }}/vagrant_{{ vagrant_version }}_linux_amd64.zip" -vagrant_package: "{{ _vagrant_package[ansible_pkg_mgr] | default(_vagrant_package['src']) }}" +vagrant_package: "{{ _vagrant_package[ansible_pkg_mgr] | default(_vagrant_package['src'] ) }}" vagrant_pip_packages: - python-vagrant