diff --git a/.drone.jsonnet b/.drone.jsonnet index 8cd66b3..3e77a73 100644 --- a/.drone.jsonnet +++ b/.drone.jsonnet @@ -150,6 +150,7 @@ local PipelineNotification = { [ PipelineLinting, PipelineDeployment(scenario='centos7'), + PipelineDeployment(scenario='centos8'), PipelineDocumentation, PipelineNotification, ] diff --git a/.drone.yml b/.drone.yml index e6470a8..76a5e9a 100644 --- a/.drone.yml +++ b/.drone.yml @@ -53,6 +53,41 @@ trigger: depends_on: - linting +--- +kind: pipeline +name: testing-centos8 + +platform: + os: linux + arch: amd64 + +concurrency: + limit: 1 + +workspace: + base: /drone/src + path: xoxys.cacerts + +steps: +- name: ansible-molecule + image: xoxys/molecule:latest + commands: + - molecule test -scentos8 + environment: + DO_API_KEY: + from_secret: do_api_key + MOLECULE_CUSTOM_FILTERS_REPO: https://gitea.rknet.org/ansible/custom_filters + MOLECULE_CUSTOM_MODULES_REPO: https://gitea.rknet.org/ansible/custom_modules + USER: root + +trigger: + ref: + - refs/heads/master + - refs/tags/** + +depends_on: +- linting + --- kind: pipeline name: documentation @@ -147,6 +182,6 @@ depends_on: --- kind: signature -hmac: 49f8b7ecb844ecc1a436595ca6ec094da01db928bd6d91e6f70b414649177416 +hmac: 0f9bfc6e4f4ef03ebdc4fbe088559245ca33aeaa1e58368dffdf7673a7ba0f84 ... diff --git a/molecule/centos8/create.yml b/molecule/centos8/create.yml new file mode 100644 index 0000000..41f112d --- /dev/null +++ b/molecule/centos8/create.yml @@ -0,0 +1,87 @@ +--- +- name: Create + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ molecule_no_log }}" + vars: + ssh_user: root + ssh_port: 22 + + keypair_name: molecule_key + keypair_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key" + tasks: + - name: Create local keypair + user: + name: "{{ lookup('env', 'USER') }}" + generate_ssh_key: true + ssh_key_file: "{{ keypair_path }}" + register: local_keypair + + - name: Create remote keypair + digital_ocean_sshkey: + name: "{{ keypair_name }}" + ssh_pub_key: "{{ local_keypair.ssh_public_key }}" + state: present + register: remote_keypair + + - name: Create molecule instance(s) + digital_ocean_droplet: + name: "{{ item.name }}" + unique_name: true + region: "{{ item.region_id }}" + image: "{{ item.image_id }}" + size: "{{ item.size_id }}" + ssh_keys: "{{ remote_keypair.data.ssh_key.id }}" + wait: true + wait_timeout: 300 + state: present + register: server + loop: "{{ molecule_yml.platforms }}" + async: 7200 + poll: 0 + + - name: Wait for instance(s) creation to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: digitalocean_jobs + until: digitalocean_jobs.finished + retries: 300 + loop: "{{ server.results }}" + + # Mandatory configuration for Molecule to function. + + - name: Populate instance config dict + set_fact: + instance_conf_dict: { + 'instance': "{{ item.data.droplet.name }}", + 'address': "{{ item.data.ip_address }}", + 'user': "{{ ssh_user }}", + 'port': "{{ ssh_port }}", + 'identity_file': "{{ keypair_path }}", + 'droplet_id': "{{ item.data.droplet.id }}", + 'ssh_key_id': "{{ remote_keypair.data.ssh_key.id }}", + } + loop: "{{ digitalocean_jobs.results }}" + register: instance_config_dict + when: server.changed | bool + + - name: Convert instance config dict to a list + set_fact: + instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}" + when: server.changed | bool + + - name: Dump instance config + copy: + content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}" + dest: "{{ molecule_instance_config }}" + when: server.changed | bool + + - name: Wait for SSH + wait_for: + port: "{{ ssh_port }}" + host: "{{ item.address }}" + search_regex: SSH + delay: 10 + timeout: 320 + loop: "{{ lookup('file', molecule_instance_config) | molecule_from_yaml }}" diff --git a/molecule/centos8/destroy.yml b/molecule/centos8/destroy.yml new file mode 100644 index 0000000..19c8c93 --- /dev/null +++ b/molecule/centos8/destroy.yml @@ -0,0 +1,54 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + no_log: "{{ molecule_no_log }}" + tasks: + - block: + - name: Populate instance config + set_fact: + instance_conf: "{{ lookup('file', molecule_instance_config) | molecule_from_yaml }}" + skip_instances: false + rescue: + - name: Populate instance config when file missing + set_fact: + instance_conf: {} + skip_instances: true + + - name: Destroy molecule instance(s) + digital_ocean_droplet: + name: "{{ item.instance }}" + id: "{{ item.droplet_id }}" + state: absent + register: server + loop: "{{ instance_conf | flatten(levels=1) }}" + when: not skip_instances + async: 7200 + poll: 0 + + - name: Wait for instance(s) deletion to complete + async_status: + jid: "{{ item.ansible_job_id }}" + register: digitalocean_jobs + until: digitalocean_jobs.finished + retries: 300 + loop: "{{ server.results }}" + + - name: Delete remote keypair + digital_ocean_sshkey: + fingerprint: "{{ item.ssh_key_id }}" + state: absent + loop: "{{ instance_conf | flatten(levels=1) }}" + + # Mandatory configuration for Molecule to function. + + - name: Populate instance config + set_fact: + instance_conf: {} + + - name: Dump instance config + copy: + content: "{{ instance_conf | molecule_to_yaml | molecule_header }}" + dest: "{{ molecule_instance_config }}" + when: server.changed | bool diff --git a/molecule/centos8/molecule.yml b/molecule/centos8/molecule.yml new file mode 100644 index 0000000..38c2c16 --- /dev/null +++ b/molecule/centos8/molecule.yml @@ -0,0 +1,24 @@ +--- +dependency: + name: galaxy +driver: + name: digitalocean +platforms: + - name: centos8-cacerts + region_id: fra1 + image_id: centos-8-x64 + size_id: s-1vcpu-1gb +lint: + name: yamllint + enabled: False +provisioner: + name: ansible + lint: + name: ansible-lint + enabled: False +verifier: + name: testinfra + lint: + name: flake8 + options: + max-line-length: 120 diff --git a/molecule/centos8/playbook.yml b/molecule/centos8/playbook.yml new file mode 100644 index 0000000..5159684 --- /dev/null +++ b/molecule/centos8/playbook.yml @@ -0,0 +1,7 @@ +--- +- name: Converge + hosts: all + vars: + ansible_python_interpreter: /usr/libexec/platform-python + roles: + - role: xoxys.cacerts diff --git a/molecule/centos8/prepare.yml b/molecule/centos8/prepare.yml new file mode 100644 index 0000000..3f9135d --- /dev/null +++ b/molecule/centos8/prepare.yml @@ -0,0 +1,9 @@ +--- +- name: Prepare + hosts: all + gather_facts: false + tasks: + - name: Install python for Ansible + raw: test -e /usr/bin/python3 || (dnf -y install python3 && alternatives --set python /usr/bin/python3) + become: true + changed_when: false diff --git a/molecule/centos8/tests/test_default.py b/molecule/centos8/tests/test_default.py new file mode 100644 index 0000000..68bb8a4 --- /dev/null +++ b/molecule/centos8/tests/test_default.py @@ -0,0 +1,20 @@ +import os + +import testinfra.utils.ansible_runner + +import warnings +warnings.filterwarnings("ignore", category=DeprecationWarning) + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def test_cacerts_requirements(host): + base = host.file("/etc/pki/ca-trust/source/anchors") + command = "update-ca-trust" + + assert base.exists + assert base.is_directory + + assert host.exists(command) + assert host.run(command).rc == 0 diff --git a/molecule/default b/molecule/default index 2fdf3e8..575742e 120000 --- a/molecule/default +++ b/molecule/default @@ -1 +1 @@ -centos7 \ No newline at end of file +centos8 \ No newline at end of file