gitadmin
/
ansible-generator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:robertdebock/ansible-generator

This commit is contained in:
Robert de Bock 2023-02-23 08:58:04 +01:00
parent e19dbd9601 0ca1125aa8
commit fa7d821966
32 changed files with 976 additions and 308 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/shellcheck.yml vendored Normal file
View File

@ -0,0 +1,13 @@
---
name: 'shellcheck'
on:
push:
jobs:
shellcheck:
name: shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: ludeeus/action-shellcheck@master

13
.github/workflows/yamllint.yml vendored Normal file
View File

@ -0,0 +1,13 @@
---
name: 'yamllint'
on:
push:
jobs:
yamllint:
name: yamllint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: karancode/yamllint-github-action@master

15
.yamllint Normal file
View File

@ -0,0 +1,15 @@
---
extends: default
rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
line-length: disable
truthy: disable
ignore: |
vars/vault.yml

202
LICENSE Normal file
View File

@ -0,0 +1,202 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2021 Robert de Bock (robert@meinit.nl)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

18
README-gitlab.md Normal file
View File

@ -0,0 +1,18 @@
# Usage
```
./gitlab.yml --ask-vault-password -e role=ansible-role-xyz
```
## Bulk
To update all roles:
```
echo "PASSWORD" > /tmp/bla.txt
ls -d ../ansible-role-* | cut -d/ -f2 | while read role ; do
echo "${role}"
./gitlab.yml --vault-password-file=/tmp/bla.txt -e role="${role}"
done
```

46
README.md
View File

@ -7,13 +7,11 @@ Generate documentation and continuous integration files for an Ansible Role.
This script loads input from: This script loads input from:
- meta/main.yml* - meta/main.yml*
- meta/version.yml
- meta/exception.yml
- meta/preferences.yml - meta/preferences.yml
- defaults/main.yml - defaults/main.yml
- requirements.yml - requirements.yml
- molecule/default/prepare.yml - molecule/default/prepare.yml
- molecule/default/playbook.yml* - molecule/default/converge.yml*
- molecule/default/verify.yml - molecule/default/verify.yml
- generate_modules.sh - generate_modules.sh
- secure.yml - secure.yml
@ -70,37 +68,25 @@ author: Robert de Bock (robert@meinit.nl)
author_website: "https://robertdebock.nl/" author_website: "https://robertdebock.nl/"
``` ```
## meta/version.yml
This optional file can be placed when a role contains a version.
```yaml
---
project_name: Ansible
reference: "defaults/main.yml"
versions:
- name: ansible
url: "https://github.com/ansible/ansible/releases"
```
## meta/exception.yml
This optional file describes why some build are excepted.
```yaml
---
exceptions:
- variation: alpine
reason: "Not idempotent"
```
## meta/preferences.yml ## meta/preferences.yml
This optional file describes how Travis, Tox and Molecule should behave. This optional file describes how Travis, Tox and Molecule should behave.
|parameter |type |default|description |
|--------------------|---------------|-------|-----------------------------------------------------------------------------------------|
|tox_ansible_versions|list of strings|not set|What versions should Tox test? (Default: all.) |
|github_variables_mapping|list|not set|A list of `name` and `variable`, `name` refers to the GitHub exposed name, `variable` refers to the name you'd like to pass to molecule, tox and Ansible.|
# Example
```yaml ```yaml
--- ---
travis_parallel: no tox_ansible_versions:
tox_versions: - 7
- current github_variables_mapping:
- name: secrets.VAULT_LICENSE
variable: VAULT_LICENCE
- name: secrets.MY_VAR
variable: someTHING
``` ```

13
community.general.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/sh
if [ -f requirements.yml ] ; then
if ! grep 'collections:' requirements.yml > /dev/null ; then
echo "Adding collections header to requirements."
echo "collections:" >> requirements.yml
fi
if ! grep -- ' - name: community.general' requirements.yml > /dev/null ; then
echo "Adding community.general to requirement."
echo " - name: community.general" >> requirements.yml
fi
fi

3
defaults/main.yml Normal file
View File

@ -0,0 +1,3 @@
---
gitlab_runner_id: 18209306

1
files/bug_report.md
View File

@ -5,6 +5,7 @@ about: Create a report to help me improve
--- ---
## Describe the bug ## Describe the bug
A clear and concise description of what the bug is. A clear and concise description of what the bug is.
## Playbook ## Playbook

1
files/gitignore
View File

@ -3,3 +3,4 @@
*.swp *.swp
.tox .tox
.cache .cache
.DS_Store

16
files/pre-commit-config.yaml
View File

@ -1,26 +1,24 @@
--- ---
repos: repos:
- repo: https://github.com/pre-commit/pre-commit-hooks - repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.4.0 rev: v4.3.0
hooks: hooks:
- id: trailing-whitespace - id: trailing-whitespace
- id: end-of-file-fixer - id: end-of-file-fixer
- id: check-added-large-files - id: check-added-large-files
- repo: https://github.com/adrienverge/yamllint - repo: https://github.com/adrienverge/yamllint
rev: v1.26.0 rev: v1.26.3
hooks: hooks:
- id: yamllint - id: yamllint
args: [-c=.yamllint] args: [-c=.yamllint]
- repo: https://github.com/ansible/ansible-lint
rev: v5.0.1
hooks:
- id: ansible-lint
pass_filenames: false
- repo: https://github.com/robertdebock/pre-commit - repo: https://github.com/robertdebock/pre-commit
rev: v1.1.2 rev: v1.5.2
hooks: hooks:
- id: ansible_role_find_unused_variable - id: ansible_role_find_unused_variable
- id: ansible_role_find_empty_files - id: ansible_role_find_empty_files
- id: ansible_role_find_empty_directories
- id: ansible_role_find_undefined_handlers
- id: ansible_role_find_unquoted_values
- id: ansible_role_find_horizontal_when

119
generate.yml
View File

@ -1,6 +1,6 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- name: generate all files - name: Generate all files
hosts: localhost hosts: localhost
become: no become: no
gather_facts: yes gather_facts: yes
@ -11,117 +11,94 @@
- vars/main.yml - vars/main.yml
tasks: tasks:
- name: set role_path and role_name - name: Set role_path and role_name
set_fact: ansible.builtin.set_fact:
role_path: "{{ lookup('env', 'PWD') }}" role_path: "{{ lookup('env', 'PWD') }}"
role_name: "{{ lookup('env', 'PWD') | basename | regex_replace('ansible-role-') }}" role_name: "{{ lookup('env', 'PWD') | basename | regex_replace('ansible-role-') }}"
- name: load meta/main.yml - name: Load meta/main.yml
include_vars: ansible.builtin.include_vars:
file: "{{ role_path }}/meta/main.yml" file: "{{ role_path }}/meta/main.yml"
name: meta name: meta
- name: check meta/version.yml - name: Check meta/preferences.yml
stat: ansible.builtin.stat:
path: "{{ role_path }}/meta/version.yml"
register: versionymlstat
- name: load meta/version.yml
include_vars:
file: "{{ role_path }}/meta/version.yml"
register: versionyml
when:
- versionymlstat.stat.exists | bool
- name: check meta/exception.yml
stat:
path: "{{ role_path }}/meta/exception.yml"
register: exceptionymlstat
- name: load meta/exception.yml
include_vars:
file: "{{ role_path }}/meta/exception.yml"
register: exceptionyml
when:
- exceptionymlstat.stat.exists | bool
- name: check meta/preferences.yml
stat:
path: "{{ role_path }}/meta/preferences.yml" path: "{{ role_path }}/meta/preferences.yml"
register: preferencesymlstat register: preferencesymlstat
- name: load meta/preferences.yml - name: Load meta/preferences.yml
include_vars: ansible.builtin.include_vars:
file: "{{ role_path }}/meta/preferences.yml" file: "{{ role_path }}/meta/preferences.yml"
when: when:
- preferencesymlstat.stat.exists | bool - preferencesymlstat.stat.exists | bool
- name: check defaults/main.yml - name: Check defaults/main.yml
stat: ansible.builtin.stat:
path: "{{ role_path }}/defaults/main.yml" path: "{{ role_path }}/defaults/main.yml"
register: defaultsmainyml register: defaultsmainyml
- name: load defaults/main.yml - name: Load defaults/main.yml
slurp: ansible.builtin.slurp:
src: "{{ role_path }}/defaults/main.yml" src: "{{ role_path }}/defaults/main.yml"
register: variables register: variables
when: when:
- defaultsmainyml.stat.exists | bool - defaultsmainyml.stat.exists | bool
- name: check requirements.yml - name: Check requirements.yml
stat: ansible.builtin.stat:
path: "{{ role_path }}/requirements.yml" path: "{{ role_path }}/requirements.yml"
register: check_requirements register: check_requirements
- name: load requirements.yml - name: Load requirements.yml
include_vars: ansible.builtin.include_vars:
file: "{{ role_path }}/requirements.yml" file: "{{ role_path }}/requirements.yml"
name: requirements name: requirements
when: when:
- check_requirements.stat.exists | bool - check_requirements.stat.exists | bool
- name: load molecule/default/converge.yml - name: Load molecule/default/converge.yml
slurp: ansible.builtin.slurp:
src: "{{ role_path }}/molecule/default/converge.yml" src: "{{ role_path }}/molecule/default/converge.yml"
register: example register: example
- name: check molecule/default/prepare.yml - name: Check molecule/default/prepare.yml
stat: ansible.builtin.stat:
path: "{{ role_path }}/molecule/default/prepare.yml" path: "{{ role_path }}/molecule/default/prepare.yml"
register: check_prepare register: check_prepare
- name: load molecule/default/prepare.yml - name: Load molecule/default/prepare.yml
slurp: ansible.builtin.slurp:
src: "{{ role_path }}/molecule/default/prepare.yml" src: "{{ role_path }}/molecule/default/prepare.yml"
register: prepare register: prepare
when: when:
- check_prepare.stat.exists | bool - check_prepare.stat.exists | bool
- name: check molecule/default/verify.yml - name: Check molecule/default/verify.yml
stat: ansible.builtin.stat:
path: "{{ role_path }}/molecule/default/verify.yml" path: "{{ role_path }}/molecule/default/verify.yml"
register: verify register: verify
- name: load molecule/default/verify.yml - name: Load molecule/default/verify.yml
slurp: ansible.builtin.slurp:
src: "{{ role_path }}/molecule/default/verify.yml" src: "{{ role_path }}/molecule/default/verify.yml"
register: verifyyml register: verifyyml
when: when:
- verify.stat.exists | bool - verify.stat.exists | bool
- name: load galaxy_id - name: Check molecule/default/defaults.yml
shell: "set -o pipefail ; ansible-galaxy info robertdebock.{{ role_name }} | grep ' id: ' | awk '{print $NF}'" ansible.builtin.stat:
path: "{{ role_path }}/molecule/default/defaults.yml"
register: defaults
- name: Load galaxy_id
ansible.builtin.shell:
cmd: "set -o pipefail ; ansible-galaxy info robertdebock.{{ role_name }} | grep ' id: ' | awk '{print $NF}'"
register: galaxy_id register: galaxy_id
changed_when: no changed_when: no
failed_when: no failed_when: no
- name: load github contributors - name: Create .github directories
uri: ansible.builtin.file:
url: "https://api.github.com/repos/robertdebock/ansible-role-{{ role_name }}/contributors"
register: github_contributors
failed_when: no
- name: create .github directories
file:
path: "{{ role_path }}/{{ item }}" path: "{{ role_path }}/{{ item }}"
state: directory state: directory
mode: "0755" mode: "0755"
@ -130,8 +107,8 @@
- .github/workflows - .github/workflows
- .github/ISSUE_TEMPLATE - .github/ISSUE_TEMPLATE
- name: copy file - name: Copy file
copy: ansible.builtin.copy:
src: "{{ playbook_dir }}/files/{{ item.source }}" src: "{{ playbook_dir }}/files/{{ item.source }}"
dest: "{{ role_path }}/{{ item.dest | default(item.source) }}" dest: "{{ role_path }}/{{ item.dest | default(item.source) }}"
mode: "{{ item.mode | default('0644') }}" mode: "{{ item.mode | default('0644') }}"
@ -148,15 +125,13 @@
dest: .github/FUNDING.yml dest: .github/FUNDING.yml
- source: pre-commit-config.yaml - source: pre-commit-config.yaml
dest: .pre-commit-config.yaml dest: .pre-commit-config.yaml
- source: collections.yml
dest: molecule/default/collections.yml
loop_control: loop_control:
label: "{{ item.source }}" label: "{{ item.source }}"
- name: render file - name: Render file
template: ansible.builtin.template:
src: "{{ playbook_dir }}/templates/{{ item.source }}.j2" src: "{{ playbook_dir }}/templates/{{ item.source }}.j2"
dest: "{{ role_path }}/{{ item.dest | default (item.source) }}" dest: "{{ role_path }}/{{ item.dest | default(item.source) }}"
mode: "0644" mode: "0644"
with_items: with_items:
- source: ansible-lint - source: ansible-lint
@ -167,8 +142,6 @@
- source: LICENSE-2.0.txt - source: LICENSE-2.0.txt
dest: LICENSE dest: LICENSE
- source: SECURITY.md - source: SECURITY.md
- source: travis.yml
dest: .travis.yml
- source: molecule.yml - source: molecule.yml
dest: molecule/default/molecule.yml dest: molecule/default/molecule.yml
- source: README.md - source: README.md
@ -187,7 +160,7 @@
loop_control: loop_control:
label: "{{ item.source }}" label: "{{ item.source }}"
- name: pre-commit install - name: Install pre-commit
command: pre-commit install ansible.builtin.command:
args: cmd: pre-commit install
creates: .git/hooks/pre-commit creates: .git/hooks/pre-commit

54
get-galaxy-platforms.py Executable file
View File

@ -0,0 +1,54 @@
#!/usr/bin/env python3
# Stolen from David: https://raw.githubusercontent.com/dmsimard/ansible-sandbox/master/get-galaxy-platforms/get-galaxy-platforms.py
# Copyright 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Queries the Galaxy API to get all the platforms while handling server-side pagination
import json
import requests
GALAXY = "https://galaxy.ansible.com"
PLATFORMS_ENDPOINT = GALAXY + "/api/v1/platforms"
session = requests.Session()
def get_platforms():
page = session.get(PLATFORMS_ENDPOINT).json()
yield page["results"]
while page["next_link"] is not None:
next_url = GALAXY + page['next_link']
page = session.get(next_url).json()
yield page["results"]
def main():
platforms = {}
for results in get_platforms():
for result in results:
name = result["name"]
version = result["release"]
if name not in platforms:
platforms[name] = {
"name": name,
"versions": []
}
if version not in platforms[name]["versions"]:
platforms[name]["versions"].append(version)
print(json.dumps(platforms, indent=2))
if __name__ == "__main__":
main()

96
github.yml Executable file
View File

@ -0,0 +1,96 @@
#!/usr/bin/env ansible-playbook
---
- name: github
hosts: localhost
become: no
gather_facts: no
vars_files:
# - defaults/main.yml
- vars/main.yml
- vars/vault.yml
pre_tasks:
- name: see if all variables are set
assert:
that:
- github_namespace is defined
- repo is defined
- github_token is defined
quiet: yes
tasks:
- name: list webhooks
uri:
url: "https://api.github.com/repos/{{ github_namespace }}/{{ repo }}/hooks"
headers:
Accept: "application/vnd.github+json"
Authorization: "Bearer {{ github_token }}"
register: github_webhooks
- name: show delivery url for gitlab webhook
set_fact:
deliveries_url: "{{ item.deliveries_url }}"
loop: "{{ github_webhooks.json }}"
loop_control:
label: "{{ item.id }}"
when:
- '"gitlab.com" in item.config.url'
- name: list delivery
uri:
url: "{{ deliveries_url }}"
headers:
Accept: "application/vnd.github+json"
Authorization: "Bearer {{ github_token }}"
register: deliveries
- name: add repo to github-okay.txt
lineinfile:
line: "{{ repo }}"
path: github-okay.txt
create: yes
loop: "{{ deliveries.json }}"
loop_control:
label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}"
when:
- item.event == "push"
- item.status_code == 200
- name: remove repo from github-okay.txt
lineinfile:
line: "{{ repo }}"
path: github-okay.txt
state: absent
create: yes
loop: "{{ deliveries.json }}"
loop_control:
label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}"
when:
- item.event == "push"
- item.status_code != 200
- name: add repo to github-fail.txt
lineinfile:
line: "{{ repo }}"
path: github-fail.txt
create: yes
loop: "{{ deliveries.json }}"
loop_control:
label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}"
when:
- item.event == "push"
- item.status_code != 200
- name: remove repo from github-fail.txt
lineinfile:
line: "{{ repo }}"
path: github-fail.txt
state: absent
create: yes
loop: "{{ deliveries.json }}"
loop_control:
label: "{{ repo }} - {{ item.id }} - {{ item.status_code }}"
when:
- item.event == "push"
- item.status_code == 200

35
gitlab-delete-project.yml Executable file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env ansible-playbook
---
- name: delete a gitlab repository
hosts: localhost
become: no
gather_facts: no
vars:
namespace: robertdebock-iac
vars_files:
- vars/main.yml
- vars/vault.yml
tasks:
- name: see if all variables are set
assert:
that:
- namespace is defined
- role is defined
quiet: yes
- name: urlencode path
set_fact:
encoded_path: "{{ namespace + '%2F' + role }}"
- name: delete project
uri:
url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}"
method: DELETE
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
status_code:
- 202
- 404

45
gitlab-import.yml Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/env ansible-playbook
---
- name: Import repository into gitlab project
hosts: localhost
become: no
gather_facts: no
vars:
github_owner: robertdebock
gitlab_namespace: robertdebock-iac
vars_files:
- defaults/main.yml
- vars/main.yml
- vars/vault.yml
tasks:
- name: see if all variables are set
assert:
that:
- gitlab_namespace is defined
- github_owner is defined
- role is defined
quiet: yes
- name: Get GitHub repo information
uri:
url: "https://api.github.com/repos/{{ github_owner }}/{{ role }}"
headers:
Authorization: "Bearer {{ github_token }}"
register: github_repo
- name: Import repository
uri:
url: "https://gitlab.com/api/v4/import/github"
method: POST
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
body_format: json
body:
personal_access_token: "{{ github_token }}"
repo_id: "{{ github_repo.json.id }}"
target_namespace: "{{ gitlab_namespace }}"
status_code:
- 201

62
gitlab-pipeline-trigger.yml Executable file
View File

@ -0,0 +1,62 @@
#!/usr/bin/env ansible-playbook
---
- name: Kick off a pipeline for a GitLab project
hosts: localhost
become: no
gather_facts: no
vars:
gitlab_namespace: robertdebock-iac
vars_files:
- defaults/main.yml
- vars/main.yml
- vars/vault.yml
tasks:
- name: see if all variables are set
assert:
that:
- gitlab_namespace is defined
- role is defined
quiet: yes
- name: Get GitLab project number
uri:
url: https://gitlab.com/api/v4/projects/{{ gitlab_namespace }}%2F{{ role }}
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
register: gitlab_project_details
- name: Create pipeline trigger
uri:
url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_details.json.id }}/triggers"
method: POST
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
body_format: form-urlencoded
body:
description: "Ansible"
status_code:
- 201
register: pipeline_trigger
- name: Trigger pipeline
uri:
url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_details.json.id }}/trigger/pipeline"
method: POST
body_format: form-urlencoded
body:
token: "{{ pipeline_trigger.json.token }}"
ref: master
status_code:
- 201
- name: Delete pipeline trigger
uri:
url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_details.json.id }}/triggers/{{ pipeline_trigger.json.id }}"
method: DELETE
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
status_code:
- 204

54
gitlab-public.yml Executable file
View File

@ -0,0 +1,54 @@
#!/usr/bin/env ansible-playbook
---
- name: Create a pull mirror gitlab project
hosts: localhost
become: no
gather_facts: no
vars:
github_owner: robertdebock
gitlab_namespace: robertdebock-iac
vars_files:
- defaults/main.yml
- vars/main.yml
- vars/vault.yml
tasks:
- name: see if all variables are set
assert:
that:
- github_owner is defined
- role is defined
quiet: yes
- name: Get a detailed list of owned GitLab projects
uri:
url: "https://gitlab.com/api/v4/projects?owned=true&search={{ role }}"
method: GET
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
return_content: yes
register: gitlab_projects
- name: Pick project_ids from GitLab projects
set_fact:
gitlab_projects: "{{ gitlab_projects.json | selectattr('name', 'equalto', role) | list }}"
- name: pick a single project.
set_fact:
gitlab_project_id: "{{ gitlab_projects[0].id }}"
- name: Patch existing project to mirror
uri:
url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_id }}"
method: PUT
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
body_format: json
body:
visibility: public
status_code:
- 200
register: create_project
changed_when: yes

68
gitlab-pull-mirror.yml Executable file
View File

@ -0,0 +1,68 @@
#!/usr/bin/env ansible-playbook
---
- name: Create a pull mirror gitlab project
hosts: localhost
become: no
gather_facts: no
vars:
github_owner: robertdebock
gitlab_namespace: robertdebock-iac
vars_files:
- defaults/main.yml
- vars/main.yml
- vars/vault.yml
tasks:
- name: see if all variables are set
assert:
that:
- gitlab_namespace is defined
- github_owner is defined
- role is defined
quiet: yes
- name: Get GitHub repo information
uri:
url: "https://api.github.com/repos/{{ github_owner }}/{{ role }}"
headers:
Authorization: "Bearer {{ github_token }}"
register: github_repo
- name: Get details of GitLab project
uri:
url: "https://gitlab.com/api/v4/projects?owned=true&search={{ role }}"
method: GET
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
return_content: yes
register: gitlab_projects
- name: Pick project_ids from GitLab project
set_fact:
gitlab_projects: "{{ gitlab_projects.json | selectattr('name', 'equalto', role) | list }}"
- name: pick a single project.
set_fact:
gitlab_project_id: "{{ gitlab_projects[0].id }}"
- name: Patch existing project to mirror
uri:
url: "https://gitlab.com/api/v4/projects/{{ gitlab_project_id }}"
method: PUT
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
body_format: json
body:
import_url: "{{ github_repo.json.clone_url }}"
mirror: true
mirror_trigger_builds: true
status_code:
- 200
register: create_project
changed_when: yes
# - name: Show shit
# debug:
# msg: "{{ create_project }}"

65
gitlab.yml
View File

@ -1,19 +1,20 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
- name: configure GitLab repository - name: configure gitlab repository
hosts: localhost hosts: localhost
become: no become: no
gather_facts: no gather_facts: no
vars: vars:
namespace: robertdebock namespace: robertdebock-iac
vars_files: vars_files:
- defaults/main.yml
- vars/main.yml - vars/main.yml
- vars/vault.yml - vars/vault.yml
tasks: tasks:
- name: see if all veriables are set - name: see if all variables are set
assert: assert:
that: that:
- namespace is defined - namespace is defined
@ -55,6 +56,26 @@
protects: true protects: true
masked: true masked: true
- name: list pipeline schedules
uri:
url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules"
method: GET
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
register: gitlab_schedules
- name: delete all pipeline schedules
uri:
url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules/{{ item.id }}"
method: DELETE
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
status_code:
- 204
loop: "{{ gitlab_schedules.json }}"
loop_control:
label: "{{ item.id }}"
- name: create a new pipeline schedule - name: create a new pipeline schedule
uri: uri:
url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules" url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/pipeline_schedules"
@ -67,5 +88,41 @@
body: body:
description: "Monthly test" description: "Monthly test"
ref: master ref: master
cron: '{{ letter_minute_mapping[role[0]] }} {{ letter_hour_mapping[role[0]] }} {{ letter_day_mapping[role[0]] }} * *' cron: "{{ letter_minute_mapping[role[14]] | default('13') }} {{ letter_hour_mapping[role[14]] }} {{ letter_day_mapping[role[13]] }} * *"
cron_timezone: Amsterdam cron_timezone: Amsterdam
- name: disable runnner
uri:
url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/runners/{{ gitlab_runner_id }}"
method: DELETE
body_format: json
status_code:
- 204
- 404
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
body:
runner_id: "{{ gitlab_runner_id }}"
# - name: enable cloudtop runnner
# uri:
# url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}/runners"
# method: POST
# body_format: json
# status_code:
# - 201
# - 400
# headers:
# PRIVATE-TOKEN: "{{ gitlab_private_token }}"
# body:
# runner_id: "{{ gitlab_runner_id }}"
- name: disable shared runnners
uri:
url: "https://gitlab.com/api/v4/projects/{{ encoded_path }}"
method: PUT
body_format: json
headers:
PRIVATE-TOKEN: "{{ gitlab_private_token }}"
body:
shared_runners_enabled: false

12
indexer.sh
View File

@ -1,22 +1,16 @@
#!/bin/sh #!/bin/sh -x
# A script to regenerate a list of roles and their CI status. # A script to regenerate a list of roles and their CI status.
# Where are the roles stored locally?
directory="/home/robertdb/Documents/github.com/robertdebock"
# What is the pattern of the directory names?
pattern="ansible-role-"
# Print the header of the table. # Print the header of the table.
echo "|Role name|GitHub Action|GitLab CI|Version|" echo "|Role name|GitHub Action|GitLab CI|Version|"
echo "|---------|-------------|---------|-------|" echo "|---------|-------------|---------|-------|"
# Loop over the found roles. # Loop over the found roles.
cd ${directory} ; ls -d "${pattern}"* | while read rolename ; do find ~/Documents/github.com/robertdebock/ansible-role-* | awk 'BEGIN { FS="/" } ; { print $NF }' | while read -r rolename ; do
# Find the short name, i.e. "httpd" instead of "ansible-role-httpd" # Find the short name, i.e. "httpd" instead of "ansible-role-httpd"
shortrolename=$(echo "${rolename}" | sed "s/^${pattern}//") shortrolename=$(echo "${rolename}" | sed "s/^ansible-role//")
# Save the markdown per column in a variable, better readable loop. # Save the markdown per column in a variable, better readable loop.
galaxy="[${shortrolename}](https://galaxy.ansible.com/robertdebock/${shortrolename})" galaxy="[${shortrolename}](https://galaxy.ansible.com/robertdebock/${shortrolename})"

60
templates/README.md.j2
View File

@ -4,16 +4,18 @@
|GitHub|GitLab|Quality|Downloads|Version| |GitHub|GitLab|Quality|Downloads|Version|
|------|------|-------|---------|-------| |------|------|-------|---------|-------|
|[![github](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/actions)|[![gitlab](https://gitlab.com/{{ github_namespace }}/ansible-role-{{ role_name }}/badges/master/pipeline.svg)](https://gitlab.com/{{ github_namespace }}/ansible-role-{{ role_name }})|[![quality](https://img.shields.io/ansible/quality/{{ galaxy_id.stdout | default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![downloads](https://img.shields.io/ansible/role/d/{{ galaxy_id.stdout |default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![Version](https://img.shields.io/github/release/{{ github_namespace }}/ansible-role-{{ role_name }}.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/releases/)| |[![github](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/actions)|[![gitlab](https://gitlab.com/{{ gitlab_namespace }}/ansible-role-{{ role_name }}/badges/master/pipeline.svg)](https://gitlab.com/{{ gitlab_namespace }}/ansible-role-{{ role_name }})|[![quality](https://img.shields.io/ansible/quality/{{ galaxy_id.stdout | default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![downloads](https://img.shields.io/ansible/role/d/{{ galaxy_id.stdout |default('unset') }})](https://galaxy.ansible.com/{{ github_namespace }}/{{ role_name }})|[![Version](https://img.shields.io/github/release/{{ github_namespace }}/ansible-role-{{ role_name }}.svg)](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/releases/)|
## [Example Playbook](#example-playbook) ## [Example Playbook](#example-playbook)
This example is taken from `molecule/resources/converge.yml` and is tested on each push, pull request and release. This example is taken from [`molecule/default/converge.yml`](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/molecule/default/converge.yml) and is tested on each push, pull request and release.
```yaml ```yaml
{{ example.content | b64decode | regex_replace('ansible-role-', galaxy_namespace ~ '.') }}``` {{ example.content | b64decode | regex_replace('ansible-role-', galaxy_namespace ~ '.') }}```
{% if prepare.content is defined %} {% if prepare.content is defined %}
The machine needs to be prepared in CI this is done using `molecule/resources/prepare.yml`: The machine needs to be prepared. In CI this is done using [`molecule/default/prepare.yml`](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/molecule/default/prepare.yml):
```yaml ```yaml
{{ prepare.content | b64decode | regex_replace('ansible-role-', galaxy_namespace ~ '.') }}``` {{ prepare.content | b64decode | regex_replace('ansible-role-', galaxy_namespace ~ '.') }}```
@ -23,7 +25,8 @@ Also see a [full explanation and example](https://robertdebock.nl/how-to-use-the
{% if variables.content is defined %} {% if variables.content is defined %}
## [Role Variables](#role-variables) ## [Role Variables](#role-variables)
These variables are set in `defaults/main.yml`: The default values for the variables are set in [`defaults/main.yml`](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/defaults/main.yml):
```yaml ```yaml
{{ variables.content | b64decode }}``` {{ variables.content | b64decode }}```
{% endif %} {% endif %}
@ -32,15 +35,15 @@ These variables are set in `defaults/main.yml`:
- pip packages listed in [requirements.txt](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/requirements.txt). - pip packages listed in [requirements.txt](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/requirements.txt).
{% if requirements is defined %} {% if requirements is defined and requirements.roles is defined %}
## [Status of requirements](#status-of-requirements) ## [State of used roles](#state-of-used-roles)
The following roles are used to prepare a system. You may choose to prepare your system in another way, I have tested these roles as well. The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab | | Requirement | GitHub | GitLab |
|-------------|--------|--------| |-------------|--------|--------|
{% for requirement in requirements.roles %} {% for requirement in requirements.roles %}
| [{{ requirement.name }}](https://galaxy.ansible.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.') }}) | [![Build Status GitHub](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/actions) | [![Build Status GitLab ](https://gitlab.com/{{ github_namespace }}/ansible-role-{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/badges/master/pipeline.svg)](https://gitlab.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}) |[{{ requirement.name }}](https://galaxy.ansible.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.') }})|[![Build Status GitHub](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/workflows/Ansible%20Molecule/badge.svg)](https://github.com/{{ github_namespace }}/{{ requirement.name | regex_replace(github_namespace + '\.', 'ansible-role-') }}/actions)|[![Build Status GitLab](https://gitlab.com/{{ gitlab_namespace }}/{{ requirement.name | regex_replace(galaxy_namespace + '\.', 'ansible-role-') }}/badges/master/pipeline.svg)](https://gitlab.com/{{ gitlab_namespace }}/{{ requirement.name | regex_replace(galaxy_namespace + '\.', 'ansible-role-') }})|
{% endfor %} {% endfor %}
{% endif %} {% endif %}
@ -52,6 +55,7 @@ Most roles require some kind of preparation, this is done in `molecule/default/p
{% for dependency in meta.dependencies %} {% for dependency in meta.dependencies %}
- {{ dependency }} - {{ dependency }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
## [Context](#context) ## [Context](#context)
@ -67,7 +71,7 @@ This role has been tested on these [container images](https://hub.docker.com/u/r
|container|tags| |container|tags|
|---------|----| |---------|----|
{% for platform in meta.galaxy_info.platforms %} {% for platform in meta.galaxy_info.platforms %}
|{{ platform.name | lower }}|{% for version in platform.versions %}{{ version }}{% if not loop.last %}, {% endif %}{% endfor %}| |[{{ platform.name }}]({{ image_docker_hub_url_mapping[platform.name | lower] }})|{% for version in platform.versions %}{{ version }}{% if not loop.last %}, {% endif %}{% endfor %}|
{% endfor %} {% endfor %}
The minimum version of Ansible required is {{ meta.galaxy_info.min_ansible_version }}, tests have been done to: The minimum version of Ansible required is {{ meta.galaxy_info.min_ansible_version }}, tests have been done to:
@ -76,47 +80,11 @@ The minimum version of Ansible required is {{ meta.galaxy_info.min_ansible_versi
- The current version. - The current version.
- The development version. - The development version.
{% if exceptions is defined %}
## [Exceptions](#exceptions)
Some variarations of the build matrix do not work. These are the variations and reasons why the build won't work:
| variation | reason |
|---------------------------|------------------------|
{% for exception in exceptions %}| {{ exception.variation }} | {{ exception.reason }} |
{% endfor %}{% endif %}
{% if versions is defined %}
## [Included version(s)](#included-versions)
This role [refers to a version]({{ reference }}) released by {{ project_name }}. Check the released version(s) here:
{% for version in versions %}
- [{{ version.name }}]({{ version.url }}).
{% endfor %}
This version reference means a role may get outdated. Monthly tests occur to see if [bit-rot](https://en.wikipedia.org/wiki/Software_rot) occured. If you however find a problem, please create an issue, I'll get on it as soon as possible.{% endif %}
If you find issues, please register them in [GitHub](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/issues) If you find issues, please register them in [GitHub](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/issues)
## [License](#license) ## [License](#license)
{{ meta.galaxy_info.license }} [{{ meta.galaxy_info.license }}](https://github.com/{{ github_namespace }}/ansible-role-{{ role_name }}/blob/master/LICENSE).
{% if github_contributors is defined %}
{% if github_contributors.json is defined %}
{% if github_contributors.json | length > 1 %}
## [Contributors](#contributors)
I'd like to thank everybody that made contributions to this repository. It motivates me, improves the code and is just fun to collaborate.
{% for contributor in github_contributors.json %}{% if contributor.login is defined %}{% if contributor.login != "robertdebock" %}
- [{{ contributor.login }}](https://github.com/{{ contributor.login }})
{% endif %}
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{% endif %}
## [Author Information](#author-information) ## [Author Information](#author-information)

14
templates/ansible-lint.j2
View File

@ -1,12 +1,7 @@
---
{{ ansible_managed | comment }} {{ ansible_managed | comment }}
{% if versionymlstat.stat.exists or exceptionymlstat.stat.exists or preferencesymlstat.stat.exists or verify.stat.exists %} {% if preferencesymlstat.stat.exists or verify.stat.exists %}
exclude_paths: exclude_paths:
{% if versionymlstat.stat.exists %}
- ./meta/version.yml
{% endif %}
{% if exceptionymlstat.stat.exists %}
- ./meta/exception.yml
{% endif %}
{% if preferencesymlstat.stat.exists %} {% if preferencesymlstat.stat.exists %}
- ./meta/preferences.yml - ./meta/preferences.yml
{% endif %} {% endif %}
@ -15,7 +10,12 @@ exclude_paths:
{% if verify.stat.exists %} {% if verify.stat.exists %}
- ./molecule/default/verify.yml - ./molecule/default/verify.yml
{% endif %} {% endif %}
{% if defaults.stat.exists %}
- ./molecule/default/defaults.yml
{% endif %}
{% endif %} {% endif %}
- ./molecule/default/collections.yml - ./molecule/default/collections.yml
- ./.tox - ./.tox
- ./.cache - ./.cache
- ./.github
- ./requirements.yml

2
templates/galaxy.yml.j2
View File

@ -11,6 +11,6 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: galaxy - name: galaxy
uses: robertdebock/galaxy-action@1.1.0 uses: robertdebock/galaxy-action@1.2.0
with: with:
galaxy_api_key: {% raw %}${{ secrets.galaxy_api_key }}{% endraw %} galaxy_api_key: {% raw %}${{ secrets.galaxy_api_key }}{% endraw %}

11
templates/gitlab-ci.yml.j2
View File

@ -1,16 +1,13 @@
--- ---
image: robertdebock/github-action-molecule:3.0.6 image: "robertdebock/github-action-molecule:5.0.0"
services:
- docker:dind
variables: variables:
DOCKER_HOST: "tcp://docker:2375"
PY_COLORS: 1 PY_COLORS: 1
molecule: molecule:
script: script:
- image=${image} tag=${tag} molecule test - if [ -f tox.ini ] ; then tox ; fi
- if [ ! -f tox.ini ] ; then molecule test ; fi
rules: rules:
- if: $CI_COMMIT_REF_NAME == "master" - if: $CI_COMMIT_REF_NAME == "master"
retry: 1 retry: 1
@ -27,6 +24,6 @@ molecule:
galaxy: galaxy:
script: script:
- ansible-galaxy role import --api-key ${GALAXY_API_KEY} ${CI_PROJECT_NAMESPACE} ${CI_PROJECT_NAME} - ansible-galaxy role import --api-key ${GALAXY_API_KEY} {{ galaxy_namespace }} ${CI_PROJECT_NAME}
rules: rules:
- if: $CI_COMMIT_TAG != null - if: $CI_COMMIT_TAG != null

22
templates/molecule-action.yml.j2
View File

@ -16,14 +16,9 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v2 uses: actions/checkout@v3
with: - name: ansible-lint
path: {% raw %}"${{ github.repository }}"{% endraw %} uses: ansible-community/ansible-lint-action@main
- name: molecule
uses: robertdebock/molecule-action@2.6.16
with:
command: lint
test: test:
needs: needs:
- lint - lint
@ -42,7 +37,7 @@ jobs:
{% endfor %} {% endfor %}
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v2 uses: actions/checkout@v3
with: with:
path: {% raw %}"${{ github.repository }}"{% endraw %} path: {% raw %}"${{ github.repository }}"{% endraw %}
@ -51,8 +46,15 @@ jobs:
- name: parse apparmor for mysql - name: parse apparmor for mysql
run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld run: sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- name: molecule - name: molecule
uses: robertdebock/molecule-action@2.6.16 uses: robertdebock/molecule-action@5.0.2
with: with:
image: {% raw %}${{ matrix.config.image }}{% endraw %} image: {% raw %}${{ matrix.config.image }}{% endraw %}
tag: {% raw %}${{ matrix.config.tag }}{% endraw %} tag: {% raw %}${{ matrix.config.tag }}{% endraw %}
{% if github_variables_mapping is defined %}
env:
{% for item in github_variables_mapping %}
{{ item.variable }}: {% raw %}${{ {%endraw %}{{ item.name }} {% raw %}}}{% endraw %}
{% endfor %}
{% endif %}

14
templates/molecule.yml.j2
View File

@ -4,9 +4,7 @@ dependency:
name: galaxy name: galaxy
options: options:
role-file: requirements.yml role-file: requirements.yml
{% if requirements.collections is defined %}
requirements-file: requirements.yml requirements-file: requirements.yml
{% endif %}
lint: | lint: |
set -e set -e
yamllint . yamllint .
@ -14,7 +12,7 @@ lint: |
driver: driver:
name: docker name: docker
platforms: platforms:
- name: "{{ role_name }}-${image:-{{ docker_image }}}-${tag:-{{ docker_tag }}}${TOX_ENVNAME}" - name: "{{ role_name | regex_replace('_', '') }}-${image:-{{ docker_image }}}-${tag:-{{ docker_tag }}}${TOX_ENVNAME}"
image: "${namespace:-{{ docker_namespace }}}/${image:-{{ docker_image }}}:${tag:-{{ docker_tag }}}" image: "${namespace:-{{ docker_namespace }}}/${image:-{{ docker_image }}}:${tag:-{{ docker_tag }}}"
command: /sbin/init command: /sbin/init
volumes: volumes:
@ -23,10 +21,12 @@ platforms:
pre_build_image: yes pre_build_image: yes
provisioner: provisioner:
name: ansible name: ansible
config_options: {% if github_variables_mapping is defined %}
defaults: env:
stdout_callback: yaml {% for item in github_variables_mapping %}
bin_ansible_callbacks: yes {{ item.variable }}: "{% raw %}${{% endraw %}{{ item.variable }}{% raw %}}{% endraw %}"
{% endfor %}
{% endif %}
{% if verify.stat.exists %} {% if verify.stat.exists %}
verifier: verifier:
name: ansible name: ansible

2
templates/requirements2png.yml.j2
View File

@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: checkout - name: checkout
uses: actions/checkout@v2 uses: actions/checkout@v3
with: with:
path: {% raw %}${{ github.repository }}{% endraw %} path: {% raw %}${{ github.repository }}{% endraw %}

31
templates/tox.ini.j2
View File

@ -1,23 +1,21 @@
{{ ansible_managed | comment }} {{ ansible_managed | comment }}
[tox] [tox]
minversion = 3.21.4 minversion = 4.2.4
{% if tox_versions is defined %} {% if tox_ansible_versions is defined %}
envlist = py{39}-ansible-{% raw %}{{% endraw %}{% for version in tox_versions %}{{ version }}{% if not loop.last %},{% endif %}{% endfor %}{% raw %}}{% endraw %} envlist = py{310}-ansible{% raw %}{{% endraw %}{% for version in tox_ansible_versions %}{{ version }}{% if not loop.last %},{% endif %}{% endfor %}{% raw %}}{% endraw %}
{% else %} {% else %}
# 2.11 has been disabled: couldn't resolve module/action 'docker_container'. envlist = py{310}-ansible{5,6,7}
envlist = py{39}-ansible-{2.9,2.10}
{% endif %} {% endif %}
skipsdist = true skipsdist = true
[testenv] [testenv]
deps = deps =
2.9: ansible == 2.9.* ansible5: ansible == 5.*
2.10: ansible == 2.10.* ansible6: ansible == 6.*
2.11: git+https://github.com/ansible/ansible.git@devel ansible7: ansible == 7.*
molecule[docker] molecule[docker]
docker == 4.* docker == 6.*
ansible-lint == 5.* ansible-lint == 6.*
commands = molecule test commands = molecule test
setenv = setenv =
TOX_ENVNAME={envname} TOX_ENVNAME={envname}
@ -25,4 +23,13 @@ setenv =
ANSIBLE_FORCE_COLOR=1 ANSIBLE_FORCE_COLOR=1
ANSIBLE_ROLES_PATH=../ ANSIBLE_ROLES_PATH=../
passenv = namespace image tag passenv =
namespace
image
tag
DOCKER_HOST
{% if github_variables_mapping is defined %}
{% for item in github_variables_mapping %}
{{ item.variable }}
{% endfor %}
{% endif %}

28
templates/travis.yml.j2
View File

@ -1,28 +0,0 @@
---
{{ ansible_managed | comment }}
language: python
os: linux
dist: xenial
python:
- "3.9"
services:
- docker
cache:
- pip
install:
- pip install --upgrade pip
- pip install yamllint
- pip install ansible-lint
script:
- yamllint .
- ansible-lint
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/
email: false

127
vars/main.yml
View File

@ -15,6 +15,9 @@ galaxy_namespace: robertdebock
# Your username/organization name on GitHub. # Your username/organization name on GitHub.
github_namespace: robertdebock github_namespace: robertdebock
# Your username/group on GitLab.
gitlab_namespace: robertdebock-iac
# Your name and optionally email-address. # Your name and optionally email-address.
author: Robert de Bock (robert@meinit.nl) author: Robert de Bock (robert@meinit.nl)
@ -26,11 +29,21 @@ platform_image_mapping:
Amazon: amazonlinux Amazon: amazonlinux
Archlinux: archlinux Archlinux: archlinux
Debian: debian Debian: debian
EL: centos EL: "{{ enterprise_linux | default('enterpriselinux') }}"
Fedora: fedora Fedora: fedora
OpenSUSE: opensuse opensuse: opensuse
Ubuntu: ubuntu Ubuntu: ubuntu
image_docker_hub_url_mapping:
alpine: "https://hub.docker.com/repository/docker/robertdebock/alpine/general"
amazon: "https://hub.docker.com/repository/docker/robertdebock/amazonlinux/general"
archlinux: "https://hub.docker.com/repository/docker/robertdebock/archlinux/general"
debian: "https://hub.docker.com/repository/docker/robertdebock/debian/general"
el: "https://hub.docker.com/repository/docker/robertdebock/enterpriselinux/general"
fedora: "https://hub.docker.com/repository/docker/robertdebock/fedora/general"
opensuse: "https://hub.docker.com/repository/docker/robertdebock/opensuse/general"
ubuntu: "https://hub.docker.com/repository/docker/robertdebock/ubuntu/general"
# This maps the Galaxy distribution and version to Docker images. # This maps the Galaxy distribution and version to Docker images.
distribution_version_mapping: distribution_version_mapping:
Alpine: Alpine:
@ -40,7 +53,7 @@ distribution_version_mapping:
all: all:
- 1 - 1
- latest - latest
2018.03: "2018.03":
- 1 - 1
Candidate: Candidate:
- latest - latest
@ -50,41 +63,45 @@ distribution_version_mapping:
Debian: Debian:
all: all:
- latest - latest
- bullseye - bookworm
buster:
- latest
bullseye: bullseye:
- bullseye - latest
bookworm:
- bookworm
EL: EL:
all: all:
- 7 - 7
- 8
- latest - latest
7: "7":
- 7 - 7
8: "8":
- 8
"9":
- latest - latest
Fedora: Fedora:
all: all:
- 32 - 36
- latest - latest
# RawHide has package-GPG issues. - rawhide
# - rawhide "36":
32: - 36
- 32 "37":
33:
- latest - latest
# RawHide has package-GPG issues. "38":
# 34: - rawhide
# - rawhide opensuse:
OpenSUSE:
all: all:
- latest - latest
Ubuntu: Ubuntu:
all: all:
- latest - latest
- focal
- bionic - bionic
focal: jammy:
- latest - latest
focal:
- focal
bionic: bionic:
- bionic - bionic
@ -166,38 +183,38 @@ letter_hour_mapping:
letter_minute_mapping: letter_minute_mapping:
a: 1 a: 1
b: 2 b: 3
c: 3 c: 5
d: 4 d: 7
e: 5 e: 9
f: 6 f: 11
g: 7 g: 13
h: 8 h: 15
i: 9 i: 17
j: 10 j: 19
k: 11 k: 21
l: 12 l: 23
m: 13 m: 25
n: 14 n: 27
o: 15 o: 29
p: 16 p: 31
q: 17 q: 33
r: 18 r: 35
s: 19 s: 37
t: 20 t: 39
u: 21 u: 41
v: 23 v: 43
w: 24 w: 45
x: 25 x: 47
y: 26 y: 49
z: 27 z: 51
0: 28 0: 53
1: 29 1: 55
2: 30 2: 57
3: 31 3: 59
4: 32 4: 59
5: 33 5: 59
6: 34 6: 59
7: 35 7: 59
8: 36 8: 59
9: 37 9: 59

22
vars/vault.yml
View File

@ -1,10 +1,14 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
63333963376266386263383966303436353065346139656263333133346433333064633032663938 35626138373665613930386237633532396164326166376163316366366432393338303535303163
3236306464376332383938356264333933633938626435330a373939643261356639373539656333 6435353933333036376462376232366338616335356631310a633732336234386438303761666332
31633035633131386363613233653436646338333537613665383337613461643161636332333332 33643039346337393637346535343966616237376532646561363765663639356138353766303239
6135333135636334620a353963383037653830633136333930663439353665323064303234373666 6333313664656339360a393362326563643366376531366563373363396530666138663431346261
65313339393334333831316335353831343264373833373131613162646334323362636466326165 30333566626130363638333162623537316539656264393238656136336431366133636330393635
34373062373331666234353338376339663939313463323437323166346432383130323939376437 61366365613938343063353631633466623466623634343062656233303663663166313836346432
34623265396265326538663731306333323435646430373935633738653034323463373261313832 35386133356664393235373364343534306635326365346465623462376162396539646538613664
35613036636566303036363131343762643665616638353837363439613430386533356663346538 33666562633565643732613637313730306465663730363263346665663064326363396164616165
36306661346266653739623937653635323037633232623562396665646238373238 61323535346661633364643663623730623662373765663861323236613164623266663361653734
62666439353333666333323432613439393336643536663237393734313234376532333532353339
65616634616230613632326162313962373665396265343838333363623437353238633231356262
33353131616565353065346131636133313833633539323832376262386438303333363763613039
3235