diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml new file mode 100644 index 0000000..158c92f --- /dev/null +++ b/.github/workflows/shellcheck.yml @@ -0,0 +1,13 @@ +--- + +name: 'shellcheck' +on: + push: + +jobs: + shellcheck: + name: shellcheck + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: ludeeus/action-shellcheck@master diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml new file mode 100644 index 0000000..741797e --- /dev/null +++ b/.github/workflows/yamllint.yml @@ -0,0 +1,13 @@ +--- + +name: 'yamllint' +on: + push: + +jobs: + yamllint: + name: yamllint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: karancode/yamllint-github-action@master diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..1277c0a --- /dev/null +++ b/.yamllint @@ -0,0 +1,15 @@ +--- +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable + +ignore: | + vars/vault.yml diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e770af8 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2021 Robert de Bock (robert@meinit.nl) + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/README-gitlab.md b/README-gitlab.md new file mode 100644 index 0000000..7e7ed63 --- /dev/null +++ b/README-gitlab.md @@ -0,0 +1,18 @@ +# Usage + +``` +./gitlab.yml --ask-vault-password -e role=ansible-role-xyz +``` + +## Bulk + +To update all roles: + +``` +echo "PASSWORD" > /tmp/bla.txt + +ls -d ../ansible-role-* | cut -d/ -f2 | while read role ; do + echo "${role}" + ./gitlab.yml --vault-password-file=/tmp/bla.txt -e role="${role}" +done +``` diff --git a/README.md b/README.md index 7b6ba46..f95c7b6 100644 --- a/README.md +++ b/README.md @@ -7,13 +7,11 @@ Generate documentation and continuous integration files for an Ansible Role. This script loads input from: - meta/main.yml* -- meta/version.yml -- meta/exception.yml - meta/preferences.yml - defaults/main.yml - requirements.yml - molecule/default/prepare.yml -- molecule/default/playbook.yml* +- molecule/default/converge.yml* - molecule/default/verify.yml - generate_modules.sh - secure.yml @@ -70,37 +68,25 @@ author: Robert de Bock (robert@meinit.nl) author_website: "https://robertdebock.nl/" ``` -## meta/version.yml - -This optional file can be placed when a role contains a version. - -```yaml ---- -project_name: Ansible -reference: "defaults/main.yml" -versions: - - name: ansible - url: "https://github.com/ansible/ansible/releases" -``` - -## meta/exception.yml - -This optional file describes why some build are excepted. - -```yaml ---- -exceptions: - - variation: alpine - reason: "Not idempotent" -``` - ## meta/preferences.yml This optional file describes how Travis, Tox and Molecule should behave. +|parameter |type |default|description | +|--------------------|---------------|-------|-----------------------------------------------------------------------------------------| +|tox_ansible_versions|list of strings|not set|What versions should Tox test? (Default: all.) | +|github_variables_mapping|list|not set|A list of `name` and `variable`, `name` refers to the GitHub exposed name, `variable` refers to the name you'd like to pass to molecule, tox and Ansible.| + +# Example + ```yaml --- -travis_parallel: no -tox_versions: - - current +tox_ansible_versions: + - 7 +github_variables_mapping: + - name: secrets.VAULT_LICENSE + variable: VAULT_LICENCE + - name: secrets.MY_VAR + variable: someTHING + ``` diff --git a/community.general.sh b/community.general.sh new file mode 100755 index 0000000..ac03579 --- /dev/null +++ b/community.general.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +if [ -f requirements.yml ] ; then + if ! grep 'collections:' requirements.yml > /dev/null ; then + echo "Adding collections header to requirements." + echo "collections:" >> requirements.yml + fi + if ! grep -- ' - name: community.general' requirements.yml > /dev/null ; then + echo "Adding community.general to requirement." + echo " - name: community.general" >> requirements.yml + fi +fi + diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..4cc766a --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,3 @@ +--- + +gitlab_runner_id: 18209306 diff --git a/files/bug_report.md b/files/bug_report.md index f39b5dc..4bb9d98 100644 --- a/files/bug_report.md +++ b/files/bug_report.md @@ -5,6 +5,7 @@ about: Create a report to help me improve --- ## Describe the bug + A clear and concise description of what the bug is. ## Playbook diff --git a/files/gitignore b/files/gitignore index c15d16a..ad73ff6 100644 --- a/files/gitignore +++ b/files/gitignore @@ -3,3 +3,4 @@ *.swp .tox .cache +.DS_Store diff --git a/files/pre-commit-config.yaml b/files/pre-commit-config.yaml index 5e991a7..7beec98 100644 --- a/files/pre-commit-config.yaml +++ b/files/pre-commit-config.yaml @@ -1,26 +1,24 @@ --- repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.4.0 + rev: v4.3.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer - id: check-added-large-files - repo: https://github.com/adrienverge/yamllint - rev: v1.26.0 + rev: v1.26.3 hooks: - id: yamllint args: [-c=.yamllint] - - repo: https://github.com/ansible/ansible-lint - rev: v5.0.1 - hooks: - - id: ansible-lint - pass_filenames: false - - repo: https://github.com/robertdebock/pre-commit - rev: v1.1.2 + rev: v1.5.2 hooks: - id: ansible_role_find_unused_variable - id: ansible_role_find_empty_files + - id: ansible_role_find_empty_directories + - id: ansible_role_find_undefined_handlers + - id: ansible_role_find_unquoted_values + - id: ansible_role_find_horizontal_when diff --git a/generate.yml b/generate.yml index b97deff..610b260 100755 --- a/generate.yml +++ b/generate.yml @@ -1,6 +1,6 @@ #!/usr/bin/env ansible-playbook --- -- name: generate all files +- name: Generate all files hosts: localhost become: no gather_facts: yes @@ -11,117 +11,94 @@ - vars/main.yml tasks: - - name: set role_path and role_name - set_fact: + - name: Set role_path and role_name + ansible.builtin.set_fact: role_path: "{{ lookup('env', 'PWD') }}" role_name: "{{ lookup('env', 'PWD') | basename | regex_replace('ansible-role-') }}" - - name: load meta/main.yml - include_vars: + - name: Load meta/main.yml + ansible.builtin.include_vars: file: "{{ role_path }}/meta/main.yml" name: meta - - name: check meta/version.yml - stat: - path: "{{ role_path }}/meta/version.yml" - register: versionymlstat - - - name: load meta/version.yml - include_vars: - file: "{{ role_path }}/meta/version.yml" - register: versionyml - when: - - versionymlstat.stat.exists | bool - - name: check meta/exception.yml - stat: - path: "{{ role_path }}/meta/exception.yml" - register: exceptionymlstat - - - name: load meta/exception.yml - include_vars: - file: "{{ role_path }}/meta/exception.yml" - register: exceptionyml - when: - - exceptionymlstat.stat.exists | bool - - - name: check meta/preferences.yml - stat: + - name: Check meta/preferences.yml + ansible.builtin.stat: path: "{{ role_path }}/meta/preferences.yml" register: preferencesymlstat - - name: load meta/preferences.yml - include_vars: + - name: Load meta/preferences.yml + ansible.builtin.include_vars: file: "{{ role_path }}/meta/preferences.yml" when: - - preferencesymlstat.stat.exists | bool + - preferencesymlstat.stat.exists | bool - - name: check defaults/main.yml - stat: + - name: Check defaults/main.yml + ansible.builtin.stat: path: "{{ role_path }}/defaults/main.yml" register: defaultsmainyml - - name: load defaults/main.yml - slurp: + - name: Load defaults/main.yml + ansible.builtin.slurp: src: "{{ role_path }}/defaults/main.yml" register: variables when: - defaultsmainyml.stat.exists | bool - - name: check requirements.yml - stat: + - name: Check requirements.yml + ansible.builtin.stat: path: "{{ role_path }}/requirements.yml" register: check_requirements - - name: load requirements.yml - include_vars: + - name: Load requirements.yml + ansible.builtin.include_vars: file: "{{ role_path }}/requirements.yml" name: requirements when: - check_requirements.stat.exists | bool - - name: load molecule/default/converge.yml - slurp: + - name: Load molecule/default/converge.yml + ansible.builtin.slurp: src: "{{ role_path }}/molecule/default/converge.yml" register: example - - name: check molecule/default/prepare.yml - stat: + - name: Check molecule/default/prepare.yml + ansible.builtin.stat: path: "{{ role_path }}/molecule/default/prepare.yml" register: check_prepare - - name: load molecule/default/prepare.yml - slurp: + - name: Load molecule/default/prepare.yml + ansible.builtin.slurp: src: "{{ role_path }}/molecule/default/prepare.yml" register: prepare when: - check_prepare.stat.exists | bool - - name: check molecule/default/verify.yml - stat: + - name: Check molecule/default/verify.yml + ansible.builtin.stat: path: "{{ role_path }}/molecule/default/verify.yml" register: verify - - name: load molecule/default/verify.yml - slurp: + - name: Load molecule/default/verify.yml + ansible.builtin.slurp: src: "{{ role_path }}/molecule/default/verify.yml" register: verifyyml when: - verify.stat.exists | bool - - name: load galaxy_id - shell: "set -o pipefail ; ansible-galaxy info robertdebock.{{ role_name }} | grep ' id: ' | awk '{print $NF}'" + - name: Check molecule/default/defaults.yml + ansible.builtin.stat: + path: "{{ role_path }}/molecule/default/defaults.yml" + register: defaults + + - name: Load galaxy_id + ansible.builtin.shell: + cmd: "set -o pipefail ; ansible-galaxy info robertdebock.{{ role_name }} | grep ' id: ' | awk '{print $NF}'" register: galaxy_id changed_when: no failed_when: no - - name: load github contributors - uri: - url: "https://api.github.com/repos/robertdebock/ansible-role-{{ role_name }}/contributors" - register: github_contributors - failed_when: no - - - name: create .github directories - file: + - name: Create .github directories + ansible.builtin.file: path: "{{ role_path }}/{{ item }}" state: directory mode: "0755" @@ -130,8 +107,8 @@ - .github/workflows - .github/ISSUE_TEMPLATE - - name: copy file - copy: + - name: Copy file + ansible.builtin.copy: src: "{{ playbook_dir }}/files/{{ item.source }}" dest: "{{ role_path }}/{{ item.dest | default(item.source) }}" mode: "{{ item.mode | default('0644') }}" @@ -148,15 +125,13 @@ dest: .github/FUNDING.yml - source: pre-commit-config.yaml dest: .pre-commit-config.yaml - - source: collections.yml - dest: molecule/default/collections.yml loop_control: label: "{{ item.source }}" - - name: render file - template: + - name: Render file + ansible.builtin.template: src: "{{ playbook_dir }}/templates/{{ item.source }}.j2" - dest: "{{ role_path }}/{{ item.dest | default (item.source) }}" + dest: "{{ role_path }}/{{ item.dest | default(item.source) }}" mode: "0644" with_items: - source: ansible-lint @@ -167,8 +142,6 @@ - source: LICENSE-2.0.txt dest: LICENSE - source: SECURITY.md - - source: travis.yml - dest: .travis.yml - source: molecule.yml dest: molecule/default/molecule.yml - source: README.md @@ -187,7 +160,7 @@ loop_control: label: "{{ item.source }}" - - name: pre-commit install - command: pre-commit install - args: + - name: Install pre-commit + ansible.builtin.command: + cmd: pre-commit install creates: .git/hooks/pre-commit diff --git a/get-galaxy-platforms.py b/get-galaxy-platforms.py new file mode 100755 index 0000000..294ce03 --- /dev/null +++ b/get-galaxy-platforms.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python3 + +# Stolen from David: https://raw.githubusercontent.com/dmsimard/ansible-sandbox/master/get-galaxy-platforms/get-galaxy-platforms.py + +# Copyright 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +# Queries the Galaxy API to get all the platforms while handling server-side pagination +import json +import requests + +GALAXY = "https://galaxy.ansible.com" +PLATFORMS_ENDPOINT = GALAXY + "/api/v1/platforms" + +session = requests.Session() + +def get_platforms(): + page = session.get(PLATFORMS_ENDPOINT).json() + yield page["results"] + + while page["next_link"] is not None: + next_url = GALAXY + page['next_link'] + page = session.get(next_url).json() + yield page["results"] + +def main(): + platforms = {} + for results in get_platforms(): + for result in results: + name = result["name"] + version = result["release"] + if name not in platforms: + platforms[name] = { + "name": name, + "versions": [] + } + if version not in platforms[name]["versions"]: + platforms[name]["versions"].append(version) + + print(json.dumps(platforms, indent=2)) + +if __name__ == "__main__": + main() diff --git a/github.yml b/github.yml new file mode 100755 index 0000000..4d8f201 --- /dev/null +++ b/github.yml @@ -0,0 +1,96 @@ +#!/usr/bin/env ansible-playbook +--- +- name: github + hosts: localhost + become: no + gather_facts: no + + vars_files: + # - defaults/main.yml + - vars/main.yml + - vars/vault.yml + + pre_tasks: + - name: see if all variables are set + assert: + that: + - github_namespace is defined + - repo is defined + - github_token is defined + quiet: yes + + tasks: + - name: list webhooks + uri: + url: "https://api.github.com/repos/{{ github_namespace }}/{{ repo }}/hooks" + headers: + Accept: "application/vnd.github+json" + Authorization: "Bearer {{ github_token }}" + register: github_webhooks + + - name: show delivery url for gitlab webhook + set_fact: + deliveries_url: "{{ item.deliveries_url }}" + loop: "{{ github_webhooks.json }}" + loop_control: + label: "{{ item.id }}" + when: + - '"gitlab.com" in item.config.url' + + - name: list delivery + uri: + url: "{{ deliveries_url }}" + headers: + Accept: "application/vnd.github+json" + Authorization: "Bearer {{ github_token }}" + register: deliveries + + - name: add repo to github-okay.txt + lineinfile: + line: "{{ repo }}" + path: github-okay.txt + create: yes + loop: "{{ deliveries.json }}" + loop_control: + label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}" + when: + - item.event == "push" + - item.status_code == 200 + + - name: remove repo from github-okay.txt + lineinfile: + line: "{{ repo }}" + path: github-okay.txt + state: absent + create: yes + loop: "{{ deliveries.json }}" + loop_control: + label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}" + when: + - item.event == "push" + - item.status_code != 200 + + - name: add repo to github-fail.txt + lineinfile: + line: "{{ repo }}" + path: github-fail.txt + create: yes + loop: "{{ deliveries.json }}" + loop_control: + label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}" + when: + - item.event == "push" + - item.status_code != 200 + + - name: remove repo from github-fail.txt + lineinfile: + line: "{{ repo }}" + path: github-fail.txt + state: absent + create: yes + loop: "{{ deliveries.json }}" + loop_control: + label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}" + when: + - item.event == "push" + - item.status_code == 200 diff --git a/gitlab-delete-project.yml b/gitlab-delete-project.yml new file mode 100755 index 0000000..b488056 --- /dev/null +++ b/gitlab-delete-project.yml @@ -0,0 +1,35 @@ +#!/usr/bin/env ansible-playbook +--- +- name: delete a gitlab repository + hosts: localhost + become: no + gather_facts: no + + vars: + namespace: robertdebock-iac + + vars_files: + - vars/main.yml + - vars/vault.yml + + tasks: + - name: see if all variables are set + assert: + that: + - namespace is defined + - role is defined + quiet: yes + + - name: urlencode path + set_fact: + encoded_path: "{{ namespace + '%2F' + role }}" + + - name: delete project + uri: + url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}" + method: DELETE + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + status_code: + - 202 + - 404 diff --git a/gitlab-import.yml b/gitlab-import.yml new file mode 100755 index 0000000..0ecee69 --- /dev/null +++ b/gitlab-import.yml @@ -0,0 +1,45 @@ +#!/usr/bin/env ansible-playbook +--- +- name: Import repository into gitlab project + hosts: localhost + become: no + gather_facts: no + + vars: + github_owner: robertdebock + gitlab_namespace: robertdebock-iac + + vars_files: + - defaults/main.yml + - vars/main.yml + - vars/vault.yml + + tasks: + - name: see if all variables are set + assert: + that: + - gitlab_namespace is defined + - github_owner is defined + - role is defined + quiet: yes + + - name: Get GitHub repo information + uri: + url: "https://api.github.com/repos/{{ github_owner }}/{{ role }}" + headers: + Authorization: "Bearer {{ github_token }}" + register: github_repo + + - name: Import repository + uri: + url: "https://gitlab.com/api/v4/import/github" + method: POST + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + body_format: json + body: + personal_access_token: "{{ github_token }}" + repo_id: "{{ github_repo.json.id }}" + target_namespace: "{{ gitlab_namespace }}" + status_code: + - 201 diff --git a/gitlab-pipeline-trigger.yml b/gitlab-pipeline-trigger.yml new file mode 100755 index 0000000..a9648e5 --- /dev/null +++ b/gitlab-pipeline-trigger.yml @@ -0,0 +1,62 @@ +#!/usr/bin/env ansible-playbook +--- +- name: Kick off a pipeline for a GitLab project + hosts: localhost + become: no + gather_facts: no + + vars: + gitlab_namespace: robertdebock-iac + + vars_files: + - defaults/main.yml + - vars/main.yml + - vars/vault.yml + + tasks: + - name: see if all variables are set + assert: + that: + - gitlab_namespace is defined + - role is defined + quiet: yes + + - name: Get GitLab project number + uri: + url: https://gitlab.com/api/v4/projects/{{ gitlab_namespace }}%2F{{ role }} + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + register: gitlab_project_details + + - name: Create pipeline trigger + uri: + url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_details.json.id }}/triggers" + method: POST + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + body_format: form-urlencoded + body: + description: "Ansible" + status_code: + - 201 + register: pipeline_trigger + + - name: Trigger pipeline + uri: + url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_details.json.id }}/trigger/pipeline" + method: POST + body_format: form-urlencoded + body: + token: "{{ pipeline_trigger.json.token }}" + ref: master + status_code: + - 201 + + - name: Delete pipeline trigger + uri: + url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_details.json.id }}/triggers/{{ pipeline_trigger.json.id }}" + method: DELETE + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + status_code: + - 204 diff --git a/gitlab-public.yml b/gitlab-public.yml new file mode 100755 index 0000000..e742f0c --- /dev/null +++ b/gitlab-public.yml @@ -0,0 +1,54 @@ +#!/usr/bin/env ansible-playbook +--- +- name: Create a pull mirror gitlab project + hosts: localhost + become: no + gather_facts: no + + vars: + github_owner: robertdebock + gitlab_namespace: robertdebock-iac + + vars_files: + - defaults/main.yml + - vars/main.yml + - vars/vault.yml + + tasks: + - name: see if all variables are set + assert: + that: + - github_owner is defined + - role is defined + quiet: yes + + - name: Get a detailed list of owned GitLab projects + uri: + url: "https://gitlab.com/api/v4/projects?owned=true&search={{ role }}" + method: GET + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + return_content: yes + register: gitlab_projects + + - name: Pick project_ids from GitLab projects + set_fact: + gitlab_projects: "{{ gitlab_projects.json | selectattr('name', 'equalto', role) | list }}" + + - name: pick a single project. + set_fact: + gitlab_project_id: "{{ gitlab_projects[0].id }}" + + - name: Patch existing project to mirror + uri: + url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_id }}" + method: PUT + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + body_format: json + body: + visibility: public + status_code: + - 200 + register: create_project + changed_when: yes diff --git a/gitlab-pull-mirror.yml b/gitlab-pull-mirror.yml new file mode 100755 index 0000000..97d6f78 --- /dev/null +++ b/gitlab-pull-mirror.yml @@ -0,0 +1,68 @@ +#!/usr/bin/env ansible-playbook +--- +- name: Create a pull mirror gitlab project + hosts: localhost + become: no + gather_facts: no + + vars: + github_owner: robertdebock + gitlab_namespace: robertdebock-iac + + vars_files: + - defaults/main.yml + - vars/main.yml + - vars/vault.yml + + tasks: + - name: see if all variables are set + assert: + that: + - gitlab_namespace is defined + - github_owner is defined + - role is defined + quiet: yes + + - name: Get GitHub repo information + uri: + url: "https://api.github.com/repos/{{ github_owner }}/{{ role }}" + headers: + Authorization: "Bearer {{ github_token }}" + register: github_repo + + - name: Get details of GitLab project + uri: + url: "https://gitlab.com/api/v4/projects?owned=true&search={{ role }}" + method: GET + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + return_content: yes + register: gitlab_projects + + - name: Pick project_ids from GitLab project + set_fact: + gitlab_projects: "{{ gitlab_projects.json | selectattr('name', 'equalto', role) | list }}" + + - name: pick a single project. + set_fact: + gitlab_project_id: "{{ gitlab_projects[0].id }}" + + - name: Patch existing project to mirror + uri: + url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_id }}" + method: PUT + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + body_format: json + body: + import_url: "{{ github_repo.json.clone_url }}" + mirror: true + mirror_trigger_builds: true + status_code: + - 200 + register: create_project + changed_when: yes + + # - name: Show shit + # debug: + # msg: "{{ create_project }}" diff --git a/gitlab.yml b/gitlab.yml index f0f7dac..0a32c68 100755 --- a/gitlab.yml +++ b/gitlab.yml @@ -1,19 +1,20 @@ #!/usr/bin/env ansible-playbook --- -- name: configure GitLab repository +- name: configure gitlab repository hosts: localhost become: no gather_facts: no vars: - namespace: robertdebock + namespace: robertdebock-iac vars_files: + - defaults/main.yml - vars/main.yml - vars/vault.yml tasks: - - name: see if all veriables are set + - name: see if all variables are set assert: that: - namespace is defined @@ -55,6 +56,26 @@ protects: true masked: true + - name: list pipeline schedules + uri: + url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules" + method: GET + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + register: gitlab_schedules + + - name: delete all pipeline schedules + uri: + url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules/{{ item.id }}" + method: DELETE + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + status_code: + - 204 + loop: "{{ gitlab_schedules.json }}" + loop_control: + label: "{{ item.id }}" + - name: create a new pipeline schedule uri: url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules" @@ -67,5 +88,41 @@ body: description: "Monthly test" ref: master - cron: '{{ letter_minute_mapping[role[0]] }} {{ letter_hour_mapping[role[0]] }} {{ letter_day_mapping[role[0]] }} * *' + cron: "{{ letter_minute_mapping[role[14]] | default('13') }} {{ letter_hour_mapping[role[14]] }} {{ letter_day_mapping[role[13]] }} * *" cron_timezone: Amsterdam + + - name: disable runnner + uri: + url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/runners/{{ gitlab_runner_id }}" + method: DELETE + body_format: json + status_code: + - 204 + - 404 + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + body: + runner_id: "{{ gitlab_runner_id }}" + +# - name: enable cloudtop runnner +# uri: +# url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/runners" +# method: POST +# body_format: json +# status_code: +# - 201 +# - 400 +# headers: +# PRIVATE-TOKEN: "{{ gitlab_private_token }}" +# body: +# runner_id: "{{ gitlab_runner_id }}" + + - name: disable shared runnners + uri: + url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}" + method: PUT + body_format: json + headers: + PRIVATE-TOKEN: "{{ gitlab_private_token }}" + body: + shared_runners_enabled: false diff --git a/indexer.sh b/indexer.sh index 158a757..a981aa9 100755 --- a/indexer.sh +++ b/indexer.sh @@ -1,22 +1,16 @@ -#!/bin/sh +#!/bin/sh -x # A script to regenerate a list of roles and their CI status. -# Where are the roles stored locally? -directory="/home/robertdb/Documents/github.com/robertdebock" - -# What is the pattern of the directory names? -pattern="ansible-role-" - # Print the header of the table. echo "|Role name|GitHub Action|GitLab CI|Version|" echo "|---------|-------------|---------|-------|" # Loop over the found roles. -cd ${directory} ; ls -d "${pattern}"* | while read rolename ; do +find ~/Documents/github.com/robertdebock/ansible-role-* | awk 'BEGIN { FS="/" } ; { print $NF }' | while read -r rolename ; do # Find the short name, i.e. "httpd" instead of "ansible-role-httpd" - shortrolename=$(echo "${rolename}" | sed "s/^${pattern}//") + shortrolename=$(echo "${rolename}" | sed "s/^ansible-role//") # Save the markdown per column in a variable, better readable loop. galaxy="[${shortrolename}](https://galaxy.ansible.com/robertdebock/${shortrolename})" diff --git a/templates/README.md.j2 b/templates/README.md.j2 index ce6b180..7f208f4 100644 --- a/templates/README.md.j2 +++ b/templates/README.md.j2 @@ -4,16 +4,18 @@ |GitHub|GitLab|Quality|Downloads|Version| |------|------|-------|---------|-------| -|[![github](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/actions)|[![gitlab](https://gitlab.com/{{ github_namespace }}/ansible-role-{{ role_name }}/badges/master/pipeline.svg)](https://gitlab.com/{{ github_namespace }}/ansible-role-{{ role_name }})|[![quality](https://img.shields.io/ansible/quality/{{ galaxy_id.stdout | default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![downloads](https://img.shields.io/ansible/role/d/{{ galaxy_id.stdout |default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![Version](https://img.shields.io/github/release/{{ github_namespace }}/ansible-role-{{ role_name }}.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/releases/)| +|[![github](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/actions)|[![gitlab](https://gitlab.com/{{ gitlab_namespace }}/ansible-role-{{ role_name }}/badges/master/pipeline.svg)](https://gitlab.com/{{ gitlab_namespace }}/ansible-role-{{ role_name }})|[![quality](https://img.shields.io/ansible/quality/{{ galaxy_id.stdout | default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![downloads](https://img.shields.io/ansible/role/d/{{ galaxy_id.stdout |default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![Version](https://img.shields.io/github/release/{{ github_namespace }}/ansible-role-{{ role_name }}.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/releases/)| ## [Example Playbook](#example-playbook) -This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. +This example is taken from [`molecule/default/converge.yml`](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release. + ```yaml {{ example.content | b64decode | regex_replace('ansible-role-', galaxy_namespace ~ '.') }}``` {% if prepare.content is defined %} -The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: +The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/molecule/default/prepare.yml): + ```yaml {{ prepare.content | b64decode | regex_replace('ansible-role-', galaxy_namespace ~ '.') }}``` @@ -23,7 +25,8 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the {% if variables.content is defined %} ## [Role Variables](#role-variables) -These variables are set in `defaults/main.yml`: +The default values for the variables are set in [`defaults/main.yml`](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/defaults/main.yml): + ```yaml {{ variables.content | b64decode }}``` {% endif %} @@ -32,15 +35,15 @@ These variables are set in `defaults/main.yml`: - pip packages listed in [requirements.txt](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/requirements.txt). -{% if requirements is defined %} -## [Status of requirements](#status-of-requirements) +{% if requirements is defined and requirements.roles is defined %} +## [State of used roles](#state-of-used-roles) -The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. +The following roles are used to prepare a system. You can prepare your system in another way. | Requirement | GitHub | GitLab | |-------------|--------|--------| {% for requirement in requirements.roles %} -| [{{ requirement.name }}](https://galaxy.ansible.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.') }}) | [![Build Status GitHub](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/actions) | [![Build Status GitLab ](https://gitlab.com/{{ github_namespace }}/ansible-role-{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/badges/master/pipeline.svg)](https://gitlab.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}) +|[{{ requirement.name }}](https://galaxy.ansible.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.') }})|[![Build Status GitHub](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/actions)|[![Build Status GitLab](https://gitlab.com/{{ gitlab_namespace }}/{{ requirement.name | regex_replace(galaxy_namespace + '\.', 'ansible-role-') }}/badges/master/pipeline.svg)](https://gitlab.com/{{ gitlab_namespace }}/{{ requirement.name | regex_replace(galaxy_namespace + '\.', 'ansible-role-') }})| {% endfor %} {% endif %} @@ -52,6 +55,7 @@ Most roles require some kind of preparation, this is done in `molecule/default/p {% for dependency in meta.dependencies %} - {{ dependency }} {% endfor %} + {% endif %} ## [Context](#context) @@ -67,7 +71,7 @@ This role has been tested on these [container images](https://hub.docker.com/u/r |container|tags| |---------|----| {% for platform in meta.galaxy_info.platforms %} -|{{ platform.name | lower }}|{% for version in platform.versions %}{{ version }}{% if not loop.last %}, {% endif %}{% endfor %}| +|[{{ platform.name }}]({{ image_docker_hub_url_mapping[platform.name | lower] }})|{% for version in platform.versions %}{{ version }}{% if not loop.last %}, {% endif %}{% endfor %}| {% endfor %} The minimum version of Ansible required is {{ meta.galaxy_info.min_ansible_version }}, tests have been done to: @@ -76,47 +80,11 @@ The minimum version of Ansible required is {{ meta.galaxy_info.min_ansible_versi - The current version. - The development version. -{% if exceptions is defined %} -## [Exceptions](#exceptions) - -Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work: - -| variation | reason | -|---------------------------|------------------------| -{% for exception in exceptions %}| {{ exception.variation }} | {{ exception.reason }} | -{% endfor %}{% endif %} - -{% if versions is defined %} -## [Included version(s)](#included-versions) - -This role [refers to a version]({{ reference }}) released by {{ project_name }}. Check the released version(s) here: -{% for version in versions %} -- [{{ version.name }}]({{ version.url }}). -{% endfor %} - -This version reference means a role may get outdated. Monthly tests occur to see if [bit-rot](https://en.wikipedia.org/wiki/Software_rot) occured. If you however find a problem, please create an issue, I'll get on it as soon as possible.{% endif %} - If you find issues, please register them in [GitHub](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/issues) ## [License](#license) -{{ meta.galaxy_info.license }} - -{% if github_contributors is defined %} -{% if github_contributors.json is defined %} -{% if github_contributors.json | length > 1 %} -## [Contributors](#contributors) - -I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate. - -{% for contributor in github_contributors.json %}{% if contributor.login is defined %}{% if contributor.login != "robertdebock" %} -- [{{ contributor.login }}](https://github.com/{{ contributor.login }}) -{% endif %} -{% endif %} -{% endfor %} -{% endif %} -{% endif %} -{% endif %} +[{{ meta.galaxy_info.license }}](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/LICENSE). ## [Author Information](#author-information) diff --git a/templates/ansible-lint.j2 b/templates/ansible-lint.j2 index 9e2e361..81399f6 100644 --- a/templates/ansible-lint.j2 +++ b/templates/ansible-lint.j2 @@ -1,12 +1,7 @@ +--- {{ ansible_managed | comment }} -{% if versionymlstat.stat.exists or exceptionymlstat.stat.exists or preferencesymlstat.stat.exists or verify.stat.exists %} +{% if preferencesymlstat.stat.exists or verify.stat.exists %} exclude_paths: -{% if versionymlstat.stat.exists %} - - ./meta/version.yml -{% endif %} -{% if exceptionymlstat.stat.exists %} - - ./meta/exception.yml -{% endif %} {% if preferencesymlstat.stat.exists %} - ./meta/preferences.yml {% endif %} @@ -15,7 +10,12 @@ exclude_paths: {% if verify.stat.exists %} - ./molecule/default/verify.yml {% endif %} +{% if defaults.stat.exists %} + - ./molecule/default/defaults.yml +{% endif %} {% endif %} - ./molecule/default/collections.yml - ./.tox - ./.cache + - ./.github + - ./requirements.yml diff --git a/templates/galaxy.yml.j2 b/templates/galaxy.yml.j2 index 1fb67de..85269f4 100644 --- a/templates/galaxy.yml.j2 +++ b/templates/galaxy.yml.j2 @@ -11,6 +11,6 @@ jobs: runs-on: ubuntu-20.04 steps: - name: galaxy - uses: robertdebock/galaxy-action@1.1.0 + uses: robertdebock/galaxy-action@1.2.0 with: galaxy_api_key: {% raw %}${{ secrets.galaxy_api_key }}{% endraw %} diff --git a/templates/gitlab-ci.yml.j2 b/templates/gitlab-ci.yml.j2 index 7da8918..114bc9d 100644 --- a/templates/gitlab-ci.yml.j2 +++ b/templates/gitlab-ci.yml.j2 @@ -1,16 +1,13 @@ --- -image: robertdebock/github-action-molecule:3.0.6 - -services: - - docker:dind +image: "robertdebock/github-action-molecule:5.0.0" variables: - DOCKER_HOST: "tcp://docker:2375" PY_COLORS: 1 molecule: script: - - image=${image} tag=${tag} molecule test + - if [ -f tox.ini ] ; then tox ; fi + - if [ ! -f tox.ini ] ; then molecule test ; fi rules: - if: $CI_COMMIT_REF_NAME == "master" retry: 1 @@ -27,6 +24,6 @@ molecule: galaxy: script: - - ansible-galaxy role import --api-key ${GALAXY_API_KEY} ${CI_PROJECT_NAMESPACE} ${CI_PROJECT_NAME} + - ansible-galaxy role import --api-key ${GALAXY_API_KEY} {{ galaxy_namespace }} ${CI_PROJECT_NAME} rules: - if: $CI_COMMIT_TAG != null diff --git a/templates/molecule-action.yml.j2 b/templates/molecule-action.yml.j2 index 4706393..05a4bd9 100644 --- a/templates/molecule-action.yml.j2 +++ b/templates/molecule-action.yml.j2 @@ -16,14 +16,9 @@ jobs: runs-on: ubuntu-20.04 steps: - name: checkout - uses: actions/checkout@v2 - with: - path: {% raw %}"${{ github.repository }}"{% endraw %} - - - name: molecule - uses: robertdebock/molecule-action@2.6.16 - with: - command: lint + uses: actions/checkout@v3 + - name: ansible-lint + uses: ansible-community/ansible-lint-action@main test: needs: - lint @@ -42,7 +37,7 @@ jobs: {% endfor %} steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: {% raw %}"${{ github.repository }}"{% endraw %} @@ -51,8 +46,15 @@ jobs: - name: parse apparmor for mysql run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld - name: molecule - uses: robertdebock/molecule-action@2.6.16 + uses: robertdebock/molecule-action@5.0.2 with: image: {% raw %}${{ matrix.config.image }}{% endraw %} tag: {% raw %}${{ matrix.config.tag }}{% endraw %} + +{% if github_variables_mapping is defined %} + env: +{% for item in github_variables_mapping %} + {{ item.variable }}: {% raw %}${{ {%endraw %}{{ item.name }} {% raw %}}}{% endraw %} +{% endfor %} +{% endif %} diff --git a/templates/molecule.yml.j2 b/templates/molecule.yml.j2 index 0ba89ab..19cb639 100644 --- a/templates/molecule.yml.j2 +++ b/templates/molecule.yml.j2 @@ -4,9 +4,7 @@ dependency: name: galaxy options: role-file: requirements.yml -{% if requirements.collections is defined %} requirements-file: requirements.yml -{% endif %} lint: | set -e yamllint . @@ -14,7 +12,7 @@ lint: | driver: name: docker platforms: - - name: "{{ role_name }}-${image:-{{ docker_image }}}-${tag:-{{ docker_tag }}}${TOX_ENVNAME}" + - name: "{{ role_name | regex_replace('_', '') }}-${image:-{{ docker_image }}}-${tag:-{{ docker_tag }}}${TOX_ENVNAME}" image: "${namespace:-{{ docker_namespace }}}/${image:-{{ docker_image }}}:${tag:-{{ docker_tag }}}" command: /sbin/init volumes: @@ -23,10 +21,12 @@ platforms: pre_build_image: yes provisioner: name: ansible - config_options: - defaults: - stdout_callback: yaml - bin_ansible_callbacks: yes +{% if github_variables_mapping is defined %} + env: +{% for item in github_variables_mapping %} + {{ item.variable }}: "{% raw %}${{% endraw %}{{ item.variable }}{% raw %}}{% endraw %}" +{% endfor %} +{% endif %} {% if verify.stat.exists %} verifier: name: ansible diff --git a/templates/requirements2png.yml.j2 b/templates/requirements2png.yml.j2 index b0baa12..20e53be 100644 --- a/templates/requirements2png.yml.j2 +++ b/templates/requirements2png.yml.j2 @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: {% raw %}${{ github.repository }}{% endraw %} diff --git a/templates/tox.ini.j2 b/templates/tox.ini.j2 index 91f799b..8fd34d6 100644 --- a/templates/tox.ini.j2 +++ b/templates/tox.ini.j2 @@ -1,23 +1,21 @@ {{ ansible_managed | comment }} [tox] -minversion = 3.21.4 -{% if tox_versions is defined %} -envlist = py{39}-ansible-{% raw %}{{% endraw %}{% for version in tox_versions %}{{ version }}{% if not loop.last %},{% endif %}{% endfor %}{% raw %}}{% endraw %} +minversion = 4.2.4 +{% if tox_ansible_versions is defined %} +envlist = py{310}-ansible{% raw %}{{% endraw %}{% for version in tox_ansible_versions %}{{ version }}{% if not loop.last %},{% endif %}{% endfor %}{% raw %}}{% endraw %} {% else %} -# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. -envlist = py{39}-ansible-{2.9,2.10} +envlist = py{310}-ansible{5,6,7} {% endif %} - skipsdist = true [testenv] deps = - 2.9: ansible == 2.9.* - 2.10: ansible == 2.10.* - 2.11: git+https://github.com/ansible/ansible.git@devel + ansible5: ansible == 5.* + ansible6: ansible == 6.* + ansible7: ansible == 7.* molecule[docker] - docker == 4.* - ansible-lint == 5.* + docker == 6.* + ansible-lint == 6.* commands = molecule test setenv = TOX_ENVNAME={envname} @@ -25,4 +23,13 @@ setenv = ANSIBLE_FORCE_COLOR=1 ANSIBLE_ROLES_PATH=../ -passenv = namespace image tag +passenv = + namespace + image + tag + DOCKER_HOST +{% if github_variables_mapping is defined %} +{% for item in github_variables_mapping %} + {{ item.variable }} +{% endfor %} +{% endif %} diff --git a/templates/travis.yml.j2 b/templates/travis.yml.j2 deleted file mode 100644 index 981fedd..0000000 --- a/templates/travis.yml.j2 +++ /dev/null @@ -1,28 +0,0 @@ ---- -{{ ansible_managed | comment }} -language: python - -os: linux -dist: xenial - -python: - - "3.9" - -services: - - docker - -cache: - - pip - -install: - - pip install --upgrade pip - - pip install yamllint - - pip install ansible-lint - -script: - - yamllint . - - ansible-lint - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ - email: false diff --git a/vars/main.yml b/vars/main.yml index 4640a44..355b029 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -15,6 +15,9 @@ galaxy_namespace: robertdebock # Your username/organization name on GitHub. github_namespace: robertdebock +# Your username/group on GitLab. +gitlab_namespace: robertdebock-iac + # Your name and optionally email-address. author: Robert de Bock (robert@meinit.nl) @@ -26,11 +29,21 @@ platform_image_mapping: Amazon: amazonlinux Archlinux: archlinux Debian: debian - EL: centos + EL: "{{ enterprise_linux | default('enterpriselinux') }}" Fedora: fedora - OpenSUSE: opensuse + opensuse: opensuse Ubuntu: ubuntu +image_docker_hub_url_mapping: + alpine: "https://hub.docker.com/repository/docker/robertdebock/alpine/general" + amazon: "https://hub.docker.com/repository/docker/robertdebock/amazonlinux/general" + archlinux: "https://hub.docker.com/repository/docker/robertdebock/archlinux/general" + debian: "https://hub.docker.com/repository/docker/robertdebock/debian/general" + el: "https://hub.docker.com/repository/docker/robertdebock/enterpriselinux/general" + fedora: "https://hub.docker.com/repository/docker/robertdebock/fedora/general" + opensuse: "https://hub.docker.com/repository/docker/robertdebock/opensuse/general" + ubuntu: "https://hub.docker.com/repository/docker/robertdebock/ubuntu/general" + # This maps the Galaxy distribution and version to Docker images. distribution_version_mapping: Alpine: @@ -40,7 +53,7 @@ distribution_version_mapping: all: - 1 - latest - 2018.03: + "2018.03": - 1 Candidate: - latest @@ -50,41 +63,45 @@ distribution_version_mapping: Debian: all: - latest - - bullseye - buster: - - latest + - bookworm bullseye: - - bullseye + - latest + bookworm: + - bookworm EL: all: - 7 + - 8 - latest - 7: + "7": - 7 - 8: + "8": + - 8 + "9": - latest Fedora: all: - - 32 + - 36 - latest - # RawHide has package-GPG issues. - # - rawhide - 32: - - 32 - 33: + - rawhide + "36": + - 36 + "37": - latest - # RawHide has package-GPG issues. - # 34: - # - rawhide - OpenSUSE: + "38": + - rawhide + opensuse: all: - latest Ubuntu: all: - latest + - focal - bionic - focal: + jammy: - latest + focal: + - focal bionic: - bionic @@ -166,38 +183,38 @@ letter_hour_mapping: letter_minute_mapping: a: 1 - b: 2 - c: 3 - d: 4 - e: 5 - f: 6 - g: 7 - h: 8 - i: 9 - j: 10 - k: 11 - l: 12 - m: 13 - n: 14 - o: 15 - p: 16 - q: 17 - r: 18 - s: 19 - t: 20 - u: 21 - v: 23 - w: 24 - x: 25 - y: 26 - z: 27 - 0: 28 - 1: 29 - 2: 30 - 3: 31 - 4: 32 - 5: 33 - 6: 34 - 7: 35 - 8: 36 - 9: 37 + b: 3 + c: 5 + d: 7 + e: 9 + f: 11 + g: 13 + h: 15 + i: 17 + j: 19 + k: 21 + l: 23 + m: 25 + n: 27 + o: 29 + p: 31 + q: 33 + r: 35 + s: 37 + t: 39 + u: 41 + v: 43 + w: 45 + x: 47 + y: 49 + z: 51 + 0: 53 + 1: 55 + 2: 57 + 3: 59 + 4: 59 + 5: 59 + 6: 59 + 7: 59 + 8: 59 + 9: 59 diff --git a/vars/vault.yml b/vars/vault.yml index f681e5d..6a020b7 100644 --- a/vars/vault.yml +++ b/vars/vault.yml @@ -1,10 +1,14 @@ $ANSIBLE_VAULT;1.1;AES256 -63333963376266386263383966303436353065346139656263333133346433333064633032663938 -3236306464376332383938356264333933633938626435330a373939643261356639373539656333 -31633035633131386363613233653436646338333537613665383337613461643161636332333332 -6135333135636334620a353963383037653830633136333930663439353665323064303234373666 -65313339393334333831316335353831343264373833373131613162646334323362636466326165 -34373062373331666234353338376339663939313463323437323166346432383130323939376437 -34623265396265326538663731306333323435646430373935633738653034323463373261313832 -35613036636566303036363131343762643665616638353837363439613430386533356663346538 -36306661346266653739623937653635323037633232623562396665646238373238 +35626138373665613930386237633532396164326166376163316366366432393338303535303163 +6435353933333036376462376232366338616335356631310a633732336234386438303761666332 +33643039346337393637346535343966616237376532646561363765663639356138353766303239 +6333313664656339360a393362326563643366376531366563373363396530666138663431346261 +30333566626130363638333162623537316539656264393238656136336431366133636330393635 +61366365613938343063353631633466623466623634343062656233303663663166313836346432 +35386133356664393235373364343534306635326365346465623462376162396539646538613664 +33666562633565643732613637313730306465663730363263346665663064326363396164616165 +61323535346661633364643663623730623662373765663861323236613164623266663361653734 +62666439353333666333323432613439393336643536663237393734313234376532333532353339 +65616634616230613632326162313962373665396265343838333363623437353238633231356262 +33353131616565353065346131636133313833633539323832376262386438303333363763613039 +3235