From c9d89cf541f197177ca6fc9bcaa423f034e7889f Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 18 Feb 2024 13:53:53 +0100 Subject: [PATCH] ci: migrate to woodpecker --- .drone.jsonnet | 161 ----- .drone.yml | 187 ----- .gitignore | 2 - .later.yml | 4 - .markdownlint.yml | 7 + .prettierignore | 1 + .woodpecker/docs.yaml | 47 ++ .woodpecker/lint.yaml | 30 + .woodpecker/notify.yml | 26 + .woodpecker/test.yaml | 25 + README.md | 11 - meta/main.yml | 10 +- molecule/centos7/create.yml | 120 ---- molecule/centos7/destroy.yml | 78 --- molecule/centos7/molecule.yml | 24 - molecule/centos7/prepare.yml | 15 - molecule/centos7/tests/test_default.py | 16 - molecule/default | 1 - molecule/{centos7 => default}/converge.yml | 0 molecule/default/molecule.yml | 17 + molecule/default/prepare.yml | 11 + .../{rocky8 => default}/tests/test_default.py | 0 molecule/pytest.ini | 3 - molecule/requirements.yml | 5 +- molecule/rocky8/converge.yml | 5 - molecule/rocky8/create.yml | 120 ---- molecule/rocky8/destroy.yml | 78 --- molecule/rocky8/molecule.yml | 24 - molecule/rocky8/prepare.yml | 15 - pyproject.toml | 17 + pytestdebug.log | 645 ------------------ setup.cfg | 12 - tasks/main.yml | 55 +- 33 files changed, 212 insertions(+), 1560 deletions(-) delete mode 100644 .drone.jsonnet delete mode 100644 .drone.yml create mode 100644 .markdownlint.yml create mode 100644 .prettierignore create mode 100644 .woodpecker/docs.yaml create mode 100644 .woodpecker/lint.yaml create mode 100644 .woodpecker/notify.yml create mode 100644 .woodpecker/test.yaml delete mode 100644 molecule/centos7/create.yml delete mode 100644 molecule/centos7/destroy.yml delete mode 100644 molecule/centos7/molecule.yml delete mode 100644 molecule/centos7/prepare.yml delete mode 100644 molecule/centos7/tests/test_default.py delete mode 120000 molecule/default rename molecule/{centos7 => default}/converge.yml (100%) create mode 100644 molecule/default/molecule.yml create mode 100644 molecule/default/prepare.yml rename molecule/{rocky8 => default}/tests/test_default.py (100%) delete mode 100644 molecule/pytest.ini delete mode 100644 molecule/rocky8/converge.yml delete mode 100644 molecule/rocky8/create.yml delete mode 100644 molecule/rocky8/destroy.yml delete mode 100644 molecule/rocky8/molecule.yml delete mode 100644 molecule/rocky8/prepare.yml create mode 100644 pyproject.toml delete mode 100644 pytestdebug.log delete mode 100644 setup.cfg diff --git a/.drone.jsonnet b/.drone.jsonnet deleted file mode 100644 index a4051ea..0000000 --- a/.drone.jsonnet +++ /dev/null @@ -1,161 +0,0 @@ -local PipelineLinting = { - kind: 'pipeline', - name: 'linting', - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - name: 'ansible-later', - image: 'thegeeklab/ansible-later', - commands: [ - 'ansible-later', - ], - }, - { - name: 'python-format', - image: 'python:3.11', - environment: { - PY_COLORS: 1, - }, - commands: [ - 'pip install -qq yapf', - '[ -z "$(find . -type f -name *.py)" ] || (yapf -rd ./)', - ], - }, - { - name: 'python-flake8', - image: 'python:3.11', - environment: { - PY_COLORS: 1, - }, - commands: [ - 'pip install -qq flake8', - 'flake8', - ], - }, - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, -}; - -local PipelineDeployment(scenario='centos7') = { - kind: 'pipeline', - name: 'testing-' + scenario, - platform: { - os: 'linux', - arch: 'amd64', - }, - concurrency: { - limit: 1, - }, - workspace: { - base: '/drone/src', - path: '${DRONE_REPO_NAME}', - }, - steps: [ - { - name: 'ansible-molecule', - image: 'thegeeklab/molecule:4', - environment: { - HCLOUD_TOKEN: { from_secret: 'hcloud_token' }, - }, - commands: [ - 'molecule test -s ' + scenario, - ], - }, - ], - depends_on: [ - 'linting', - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, -}; - -local PipelineDocumentation = { - kind: 'pipeline', - name: 'documentation', - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - name: 'generate', - image: 'thegeeklab/ansible-doctor', - environment: { - ANSIBLE_DOCTOR_LOG_LEVEL: 'INFO', - ANSIBLE_DOCTOR_FORCE_OVERWRITE: true, - ANSIBLE_DOCTOR_EXCLUDE_FILES: 'molecule/', - ANSIBLE_DOCTOR_TEMPLATE: 'hugo-book', - ANSIBLE_DOCTOR_ROLE_NAME: '${DRONE_REPO_NAME#*.}', - ANSIBLE_DOCTOR_OUTPUT_DIR: '_docs/', - }, - }, - { - name: 'publish', - image: 'plugins/gh-pages', - settings: { - remote_url: 'https://gitea.rknet.org/ansible/${DRONE_REPO_NAME}', - netrc_machine: 'gitea.rknet.org', - username: { from_secret: 'gitea_username' }, - password: { from_secret: 'gitea_token' }, - pages_directory: '_docs/', - target_branch: 'docs', - }, - when: { - ref: ['refs/heads/main'], - }, - }, - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, - depends_on: [ - 'testing-centos7', - 'testing-rocky8', - ], -}; - -local PipelineNotification = { - kind: 'pipeline', - name: 'notification', - platform: { - os: 'linux', - arch: 'amd64', - }, - clone: { - disable: true, - }, - steps: [ - { - name: 'matrix', - image: 'thegeeklab/drone-matrix', - settings: { - homeserver: { from_secret: 'matrix_homeserver' }, - roomid: { from_secret: 'matrix_roomid' }, - template: 'Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}', - username: { from_secret: 'matrix_username' }, - password: { from_secret: 'matrix_password' }, - }, - }, - ], - depends_on: [ - 'documentation', - ], - trigger: { - status: ['success', 'failure'], - ref: ['refs/heads/main', 'refs/tags/**'], - }, -}; - -[ - PipelineLinting, - PipelineDeployment(scenario='centos7'), - PipelineDeployment(scenario='rocky8'), - PipelineDocumentation, - PipelineNotification, -] diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 327b2a1..0000000 --- a/.drone.yml +++ /dev/null @@ -1,187 +0,0 @@ ---- -kind: pipeline -name: linting - -platform: - os: linux - arch: amd64 - -steps: - - name: ansible-later - image: thegeeklab/ansible-later - commands: - - ansible-later - - - name: python-format - image: python:3.11 - commands: - - pip install -qq yapf - - "[ -z \"$(find . -type f -name *.py)\" ] || (yapf -rd ./)" - environment: - PY_COLORS: 1 - - - name: python-flake8 - image: python:3.11 - commands: - - pip install -qq flake8 - - flake8 - environment: - PY_COLORS: 1 - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - ---- -kind: pipeline -name: testing-centos7 - -platform: - os: linux - arch: amd64 - -concurrency: - limit: 1 - -workspace: - base: /drone/src - path: ${DRONE_REPO_NAME} - -steps: - - name: ansible-molecule - image: thegeeklab/molecule:4 - commands: - - molecule test -s centos7 - environment: - HCLOUD_TOKEN: - from_secret: hcloud_token - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - linting - ---- -kind: pipeline -name: testing-rocky8 - -platform: - os: linux - arch: amd64 - -concurrency: - limit: 1 - -workspace: - base: /drone/src - path: ${DRONE_REPO_NAME} - -steps: - - name: ansible-molecule - image: thegeeklab/molecule:4 - commands: - - molecule test -s rocky8 - environment: - HCLOUD_TOKEN: - from_secret: hcloud_token - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - linting - ---- -kind: pipeline -name: documentation - -platform: - os: linux - arch: amd64 - -steps: - - name: generate - image: thegeeklab/ansible-doctor - environment: - ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/ - ANSIBLE_DOCTOR_FORCE_OVERWRITE: true - ANSIBLE_DOCTOR_LOG_LEVEL: INFO - ANSIBLE_DOCTOR_OUTPUT_DIR: _docs/ - ANSIBLE_DOCTOR_ROLE_NAME: ${DRONE_REPO_NAME#*.} - ANSIBLE_DOCTOR_TEMPLATE: hugo-book - - - name: publish - image: plugins/gh-pages - settings: - netrc_machine: gitea.rknet.org - pages_directory: _docs/ - password: - from_secret: gitea_token - remote_url: https://gitea.rknet.org/ansible/${DRONE_REPO_NAME} - target_branch: docs - username: - from_secret: gitea_username - when: - ref: - - refs/heads/main - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - testing-centos7 - - testing-rocky8 - ---- -kind: pipeline -name: notification - -platform: - os: linux - arch: amd64 - -clone: - disable: true - -steps: - - name: matrix - image: thegeeklab/drone-matrix - settings: - homeserver: - from_secret: matrix_homeserver - password: - from_secret: matrix_password - roomid: - from_secret: matrix_roomid - template: "Status: **{{ .Build.Status }}**
Build: [{{ .Repo.Owner }}/{{ .Repo.Name }}]({{ .Build.Link }}){{ if .Build.Branch }} ({{ .Build.Branch }}){{ end }} by {{ .Commit.Author }}
Message: {{ .Commit.Message.Title }}" - username: - from_secret: matrix_username - -trigger: - ref: - - refs/heads/main - - refs/tags/** - status: - - success - - failure - -depends_on: - - documentation - ---- -kind: signature -hmac: 32eeea3ed510da5eac9b739b1cf3b09c99cf7222cb1a51a621359c2676da0532 - -... diff --git a/.gitignore b/.gitignore index f64e8e3..d97b7cd 100644 --- a/.gitignore +++ b/.gitignore @@ -9,5 +9,3 @@ __pycache__/ *.py[cod] *$py.class -# ---> Docs -/_docs diff --git a/.later.yml b/.later.yml index 0efe5d5..2703cb9 100644 --- a/.later.yml +++ b/.later.yml @@ -10,10 +10,6 @@ ansible: rules: exclude_files: - - molecule/ - "LICENSE*" - "**/*.md" - "**/*.ini" - - exclude_filter: - - LINT0009 diff --git a/.markdownlint.yml b/.markdownlint.yml new file mode 100644 index 0000000..da116c7 --- /dev/null +++ b/.markdownlint.yml @@ -0,0 +1,7 @@ +--- +default: True +MD013: False +MD041: False +MD024: False +MD004: + style: dash diff --git a/.prettierignore b/.prettierignore new file mode 100644 index 0000000..6b1d0bf --- /dev/null +++ b/.prettierignore @@ -0,0 +1 @@ +LICENSE diff --git a/.woodpecker/docs.yaml b/.woodpecker/docs.yaml new file mode 100644 index 0000000..f053ca8 --- /dev/null +++ b/.woodpecker/docs.yaml @@ -0,0 +1,47 @@ +--- +when: + - event: [pull_request] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +steps: + - name: generate + image: quay.io/thegeeklab/ansible-doctor + environment: + ANSIBLE_DOCTOR_EXCLUDE_FILES: molecule/ + ANSIBLE_DOCTOR_FORCE_OVERWRITE: "true" + ANSIBLE_DOCTOR_LOG_LEVEL: INFO + ANSIBLE_DOCTOR_ROLE_NAME: ${CI_REPO_NAME} + ANSIBLE_DOCTOR_TEMPLATE: readme + + - name: format + image: quay.io/thegeeklab/alpine-tools + commands: + - prettier -w README.md + + - name: diff + image: quay.io/thegeeklab/alpine-tools + commands: + - git diff --color=always README.md + + - name: publish + image: quay.io/thegeeklab/wp-git-action + settings: + action: + - commit + - push + author_email: ci-bot@rknet.org + author_name: ci-bot + branch: main + message: "[skip ci] automated docs update" + netrc_machine: gitea.rknet.org + netrc_password: + from_secret: gitea_token + when: + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +depends_on: + - test diff --git a/.woodpecker/lint.yaml b/.woodpecker/lint.yaml new file mode 100644 index 0000000..ca4facd --- /dev/null +++ b/.woodpecker/lint.yaml @@ -0,0 +1,30 @@ +--- +when: + - event: [pull_request, tag] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +steps: + - name: ansible-later + image: quay.io/thegeeklab/ansible-later:4 + commands: + - ansible-later + environment: + FORCE_COLOR: "1" + + - name: python-format + image: docker.io/python:3.12 + commands: + - pip install -qq ruff + - ruff format --check --diff . + environment: + PY_COLORS: "1" + + - name: python-lint + image: docker.io/python:3.12 + commands: + - pip install -qq ruff + - ruff . + environment: + PY_COLORS: "1" diff --git a/.woodpecker/notify.yml b/.woodpecker/notify.yml new file mode 100644 index 0000000..9957125 --- /dev/null +++ b/.woodpecker/notify.yml @@ -0,0 +1,26 @@ +--- +when: + - event: [tag] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +runs_on: [success, failure] + +steps: + - name: matrix + image: quay.io/thegeeklab/wp-matrix + settings: + homeserver: + from_secret: matrix_homeserver + password: + from_secret: matrix_password + roomid: + from_secret: matrix_roomid + username: + from_secret: matrix_username + when: + - status: [success, failure] + +depends_on: + - docs diff --git a/.woodpecker/test.yaml b/.woodpecker/test.yaml new file mode 100644 index 0000000..a4991f7 --- /dev/null +++ b/.woodpecker/test.yaml @@ -0,0 +1,25 @@ +--- +when: + - event: [pull_request, tag] + - event: [push, manual] + branch: + - ${CI_REPO_DEFAULT_BRANCH} + +variables: + - &molecule_base + image: quay.io/thegeeklab/molecule:6 + group: molecule + secrets: + - source: molecule_hcloud_token + target: HCLOUD_TOKEN + environment: + PY_COLORS: "1" + +steps: + - name: molecule-default + <<: *molecule_base + commands: + - molecule test -s default + +depends_on: + - lint diff --git a/README.md b/README.md index 9f7885e..a1e3c8b 100644 --- a/README.md +++ b/README.md @@ -1,12 +1 @@ # xoxys.pam - -[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.pam?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.pam) -[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE) - -Configure pam stack. - -You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/system/pam/). - -## License - -This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. diff --git a/meta/main.yml b/meta/main.yml index c8bc6f7..2211d7c 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,4 +1,3 @@ -# Standards: 0.2 --- galaxy_info: # @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys) @@ -6,19 +5,18 @@ galaxy_info: namespace: xoxys role_name: pam # @meta description: > - # [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.pam) - # [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.pam?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.pam) - # [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.pam/src/branch/main/LICENSE) + # [![Build Status](https://ci.rknet.org/api/badges/ansible/xoxys.pam/status.svg)](https://ci.rknet.org/repos/ansible/xoxys.pam) + # [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg?label=license)](https://gitea.rknet.org/ansible/xoxys.pam/src/branch/main/LICENSE) # # Configure pam stack. # @end description: Configure pam stack license: MIT - min_ansible_version: 2.10 + min_ansible_version: "2.10" platforms: - name: EL versions: - - 7 + - "9" galaxy_tags: - pam dependencies: [] diff --git a/molecule/centos7/create.yml b/molecule/centos7/create.yml deleted file mode 100644 index 8b945cd..0000000 --- a/molecule/centos7/create.yml +++ /dev/null @@ -1,120 +0,0 @@ ---- -- name: Create - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - vars: - ssh_port: 22 - ssh_user: root - ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key" - tasks: - - name: Create SSH key - user: - name: "{{ lookup('env', 'USER') }}" - generate_ssh_key: true - ssh_key_file: "{{ ssh_path }}" - force: true - register: generated_ssh_key - - - name: Register the SSH key name - set_fact: - ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}" - - - name: Register SSH key for test instance(s) - hcloud_ssh_key: - name: "{{ ssh_key_name }}" - public_key: "{{ generated_ssh_key.ssh_public_key }}" - state: present - - - name: Create molecule instance(s) - hcloud_server: - name: "{{ item.name }}" - server_type: "{{ item.server_type }}" - ssh_keys: - - "{{ ssh_key_name }}" - image: "{{ item.image }}" - location: "{{ item.location | default(omit) }}" - datacenter: "{{ item.datacenter | default(omit) }}" - user_data: "{{ item.user_data | default(omit) }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: present - register: server - loop: "{{ molecule_yml.platforms }}" - async: 7200 - poll: 0 - - - name: Wait for instance(s) creation to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_jobs - until: hetzner_jobs.finished - retries: 300 - loop: "{{ server.results }}" - - - name: Create volume(s) - hcloud_volume: - name: "{{ item.name }}" - server: "{{ item.name }}" - location: "{{ item.location | default(omit) }}" - size: "{{ item.volume_size | default(10) }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: "present" - loop: "{{ molecule_yml.platforms }}" - when: item.volume | default(False) | bool - register: volumes - async: 7200 - poll: 0 - - - name: Wait for volume(s) creation to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_volumes - until: hetzner_volumes.finished - retries: 300 - when: volumes.changed - loop: "{{ volumes.results }}" - - # Mandatory configuration for Molecule to function. - - - name: Populate instance config dict - set_fact: - instance_conf_dict: - { - "instance": "{{ item.hcloud_server.name }}", - "ssh_key_name": "{{ ssh_key_name }}", - "address": "{{ item.hcloud_server.ipv4_address }}", - "user": "{{ ssh_user }}", - "port": "{{ ssh_port }}", - "identity_file": "{{ ssh_path }}", - "volume": "{{ item.item.item.volume | default(False) | bool }}", - } - loop: "{{ hetzner_jobs.results }}" - register: instance_config_dict - when: server.changed | bool - - - name: Convert instance config dict to a list - set_fact: - instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}" - when: server.changed | bool - - - name: Dump instance config - copy: - content: | - # Molecule managed - - {{ instance_conf | to_nice_yaml(indent=2) }} - dest: "{{ molecule_instance_config }}" - when: server.changed | bool - - - name: Wait for SSH - wait_for: - port: "{{ ssh_port }}" - host: "{{ item.address }}" - search_regex: SSH - delay: 10 - loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}" - - - name: Wait for VM to settle down - pause: - seconds: 30 diff --git a/molecule/centos7/destroy.yml b/molecule/centos7/destroy.yml deleted file mode 100644 index 6454c71..0000000 --- a/molecule/centos7/destroy.yml +++ /dev/null @@ -1,78 +0,0 @@ ---- -- name: Destroy - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - tasks: - - name: Check existing instance config file - stat: - path: "{{ molecule_instance_config }}" - register: cfg - - - name: Populate the instance config - set_fact: - instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}" - - - name: Destroy molecule instance(s) - hcloud_server: - name: "{{ item.instance }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: absent - register: server - loop: "{{ instance_conf }}" - async: 7200 - poll: 0 - - - name: Wait for instance(s) deletion to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_jobs - until: hetzner_jobs.finished - retries: 300 - loop: "{{ server.results }}" - - - pause: - seconds: 5 - - - name: Destroy volume(s) - hcloud_volume: - name: "{{ item.instance }}" - server: "{{ item.instance }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: "absent" - register: volumes - loop: "{{ instance_conf }}" - when: item.volume | default(False) | bool - async: 7200 - poll: 0 - - - name: Wait for volume(s) deletion to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_volumes - until: hetzner_volumes.finished - retries: 300 - when: volumes.changed - loop: "{{ volumes.results }}" - - - name: Remove registered SSH key - hcloud_ssh_key: - name: "{{ instance_conf[0].ssh_key_name }}" - state: absent - when: (instance_conf | default([])) | length > 0 - - # Mandatory configuration for Molecule to function. - - - name: Populate instance config - set_fact: - instance_conf: {} - - - name: Dump instance config - copy: - content: | - # Molecule managed - - {{ instance_conf | to_nice_yaml(indent=2) }} - dest: "{{ molecule_instance_config }}" - when: server.changed | bool diff --git a/molecule/centos7/molecule.yml b/molecule/centos7/molecule.yml deleted file mode 100644 index ebd3f07..0000000 --- a/molecule/centos7/molecule.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -dependency: - name: galaxy - options: - role-file: molecule/requirements.yml - requirements-file: molecule/requirements.yml - env: - ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false" -driver: - name: delegated -platforms: - - name: centos7-pam - image: centos-7 - server_type: cx11 -lint: | - /usr/local/bin/flake8 -provisioner: - name: ansible - env: - ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter} - ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library} - log: False -verifier: - name: testinfra diff --git a/molecule/centos7/prepare.yml b/molecule/centos7/prepare.yml deleted file mode 100644 index 183f4d3..0000000 --- a/molecule/centos7/prepare.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Prepare - hosts: all - gather_facts: false - tasks: - - name: Bootstrap python for Ansible - raw: | - command -v python3 python || ( - (test -e /usr/bin/dnf && sudo dnf install -y python3) || - (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || - (test -e /usr/bin/yum && sudo yum -y -qq install python3) || - echo "Warning: Python not boostrapped due to unknown platform." - ) - become: true - changed_when: false diff --git a/molecule/centos7/tests/test_default.py b/molecule/centos7/tests/test_default.py deleted file mode 100644 index 4cd5a87..0000000 --- a/molecule/centos7/tests/test_default.py +++ /dev/null @@ -1,16 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ["MOLECULE_INVENTORY_FILE"] -).get_hosts("all") - - -def test_pam_config(host): - auth = host.file("/etc/pam.d/system-auth") - - assert auth.contains("auth sufficient pam_unix.so nullok try_first_pass") - assert auth.contains( - "password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok" - ) diff --git a/molecule/default b/molecule/default deleted file mode 120000 index 62ea184..0000000 --- a/molecule/default +++ /dev/null @@ -1 +0,0 @@ -rocky8 \ No newline at end of file diff --git a/molecule/centos7/converge.yml b/molecule/default/converge.yml similarity index 100% rename from molecule/centos7/converge.yml rename to molecule/default/converge.yml diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml new file mode 100644 index 0000000..a4598cf --- /dev/null +++ b/molecule/default/molecule.yml @@ -0,0 +1,17 @@ +--- +driver: + name: molecule_hetznercloud +dependency: + name: galaxy + options: + role-file: molecule/requirements.yml + requirements-file: molecule/requirements.yml +platforms: + - name: "rocky9-pam" + server_type: "cx11" + image: "rocky-9" +provisioner: + name: ansible + log: False +verifier: + name: testinfra diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml new file mode 100644 index 0000000..0df1d77 --- /dev/null +++ b/molecule/default/prepare.yml @@ -0,0 +1,11 @@ +--- +- name: Prepare + hosts: all + gather_facts: False + tasks: + - name: Bootstrap Python for Ansible + ansible.builtin.raw: | + command -v python3 python || + ((test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || + echo "Warning: Python not boostrapped due to unknown platform.") + changed_when: False diff --git a/molecule/rocky8/tests/test_default.py b/molecule/default/tests/test_default.py similarity index 100% rename from molecule/rocky8/tests/test_default.py rename to molecule/default/tests/test_default.py diff --git a/molecule/pytest.ini b/molecule/pytest.ini deleted file mode 100644 index c24fe5b..0000000 --- a/molecule/pytest.ini +++ /dev/null @@ -1,3 +0,0 @@ -[pytest] -filterwarnings = - ignore::DeprecationWarning diff --git a/molecule/requirements.yml b/molecule/requirements.yml index 46da115..7d35793 100644 --- a/molecule/requirements.yml +++ b/molecule/requirements.yml @@ -1,6 +1,3 @@ --- -collections: - - name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v2.1.1/xoxys-general-2.1.1.tar.gz - - name: community.general - +collections: [] roles: [] diff --git a/molecule/rocky8/converge.yml b/molecule/rocky8/converge.yml deleted file mode 100644 index d0fc7a8..0000000 --- a/molecule/rocky8/converge.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- name: Converge - hosts: all - roles: - - role: xoxys.pam diff --git a/molecule/rocky8/create.yml b/molecule/rocky8/create.yml deleted file mode 100644 index 8b945cd..0000000 --- a/molecule/rocky8/create.yml +++ /dev/null @@ -1,120 +0,0 @@ ---- -- name: Create - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - vars: - ssh_port: 22 - ssh_user: root - ssh_path: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key" - tasks: - - name: Create SSH key - user: - name: "{{ lookup('env', 'USER') }}" - generate_ssh_key: true - ssh_key_file: "{{ ssh_path }}" - force: true - register: generated_ssh_key - - - name: Register the SSH key name - set_fact: - ssh_key_name: "molecule-generated-{{ 12345 | random | to_uuid }}" - - - name: Register SSH key for test instance(s) - hcloud_ssh_key: - name: "{{ ssh_key_name }}" - public_key: "{{ generated_ssh_key.ssh_public_key }}" - state: present - - - name: Create molecule instance(s) - hcloud_server: - name: "{{ item.name }}" - server_type: "{{ item.server_type }}" - ssh_keys: - - "{{ ssh_key_name }}" - image: "{{ item.image }}" - location: "{{ item.location | default(omit) }}" - datacenter: "{{ item.datacenter | default(omit) }}" - user_data: "{{ item.user_data | default(omit) }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: present - register: server - loop: "{{ molecule_yml.platforms }}" - async: 7200 - poll: 0 - - - name: Wait for instance(s) creation to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_jobs - until: hetzner_jobs.finished - retries: 300 - loop: "{{ server.results }}" - - - name: Create volume(s) - hcloud_volume: - name: "{{ item.name }}" - server: "{{ item.name }}" - location: "{{ item.location | default(omit) }}" - size: "{{ item.volume_size | default(10) }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: "present" - loop: "{{ molecule_yml.platforms }}" - when: item.volume | default(False) | bool - register: volumes - async: 7200 - poll: 0 - - - name: Wait for volume(s) creation to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_volumes - until: hetzner_volumes.finished - retries: 300 - when: volumes.changed - loop: "{{ volumes.results }}" - - # Mandatory configuration for Molecule to function. - - - name: Populate instance config dict - set_fact: - instance_conf_dict: - { - "instance": "{{ item.hcloud_server.name }}", - "ssh_key_name": "{{ ssh_key_name }}", - "address": "{{ item.hcloud_server.ipv4_address }}", - "user": "{{ ssh_user }}", - "port": "{{ ssh_port }}", - "identity_file": "{{ ssh_path }}", - "volume": "{{ item.item.item.volume | default(False) | bool }}", - } - loop: "{{ hetzner_jobs.results }}" - register: instance_config_dict - when: server.changed | bool - - - name: Convert instance config dict to a list - set_fact: - instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}" - when: server.changed | bool - - - name: Dump instance config - copy: - content: | - # Molecule managed - - {{ instance_conf | to_nice_yaml(indent=2) }} - dest: "{{ molecule_instance_config }}" - when: server.changed | bool - - - name: Wait for SSH - wait_for: - port: "{{ ssh_port }}" - host: "{{ item.address }}" - search_regex: SSH - delay: 10 - loop: "{{ lookup('file', molecule_instance_config) | from_yaml }}" - - - name: Wait for VM to settle down - pause: - seconds: 30 diff --git a/molecule/rocky8/destroy.yml b/molecule/rocky8/destroy.yml deleted file mode 100644 index 6454c71..0000000 --- a/molecule/rocky8/destroy.yml +++ /dev/null @@ -1,78 +0,0 @@ ---- -- name: Destroy - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - tasks: - - name: Check existing instance config file - stat: - path: "{{ molecule_instance_config }}" - register: cfg - - - name: Populate the instance config - set_fact: - instance_conf: "{{ (lookup('file', molecule_instance_config) | from_yaml) if cfg.stat.exists else [] }}" - - - name: Destroy molecule instance(s) - hcloud_server: - name: "{{ item.instance }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: absent - register: server - loop: "{{ instance_conf }}" - async: 7200 - poll: 0 - - - name: Wait for instance(s) deletion to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_jobs - until: hetzner_jobs.finished - retries: 300 - loop: "{{ server.results }}" - - - pause: - seconds: 5 - - - name: Destroy volume(s) - hcloud_volume: - name: "{{ item.instance }}" - server: "{{ item.instance }}" - api_token: "{{ lookup('env', 'HCLOUD_TOKEN') }}" - state: "absent" - register: volumes - loop: "{{ instance_conf }}" - when: item.volume | default(False) | bool - async: 7200 - poll: 0 - - - name: Wait for volume(s) deletion to complete - async_status: - jid: "{{ item.ansible_job_id }}" - register: hetzner_volumes - until: hetzner_volumes.finished - retries: 300 - when: volumes.changed - loop: "{{ volumes.results }}" - - - name: Remove registered SSH key - hcloud_ssh_key: - name: "{{ instance_conf[0].ssh_key_name }}" - state: absent - when: (instance_conf | default([])) | length > 0 - - # Mandatory configuration for Molecule to function. - - - name: Populate instance config - set_fact: - instance_conf: {} - - - name: Dump instance config - copy: - content: | - # Molecule managed - - {{ instance_conf | to_nice_yaml(indent=2) }} - dest: "{{ molecule_instance_config }}" - when: server.changed | bool diff --git a/molecule/rocky8/molecule.yml b/molecule/rocky8/molecule.yml deleted file mode 100644 index bd9ce89..0000000 --- a/molecule/rocky8/molecule.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -dependency: - name: galaxy - options: - role-file: molecule/requirements.yml - requirements-file: molecule/requirements.yml - env: - ANSIBLE_GALAXY_DISPLAY_PROGRESS: "false" -driver: - name: delegated -platforms: - - name: rocky8-pam - image: rocky-8 - server_type: cx11 -lint: | - /usr/local/bin/flake8 -provisioner: - name: ansible - env: - ANSIBLE_FILTER_PLUGINS: ${ANSIBLE_FILTER_PLUGINS:-./plugins/filter} - ANSIBLE_LIBRARY: ${ANSIBLE_LIBRARY:-./library} - log: False -verifier: - name: testinfra diff --git a/molecule/rocky8/prepare.yml b/molecule/rocky8/prepare.yml deleted file mode 100644 index 183f4d3..0000000 --- a/molecule/rocky8/prepare.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- name: Prepare - hosts: all - gather_facts: false - tasks: - - name: Bootstrap python for Ansible - raw: | - command -v python3 python || ( - (test -e /usr/bin/dnf && sudo dnf install -y python3) || - (test -e /usr/bin/apt && (apt -y update && apt install -y python-minimal)) || - (test -e /usr/bin/yum && sudo yum -y -qq install python3) || - echo "Warning: Python not boostrapped due to unknown platform." - ) - become: true - changed_when: false diff --git a/pyproject.toml b/pyproject.toml new file mode 100644 index 0000000..7193140 --- /dev/null +++ b/pyproject.toml @@ -0,0 +1,17 @@ +[tool.ruff] +exclude = [".git", "__pycache__"] + +line-length = 99 +indent-width = 4 + +[tool.ruff.lint] +ignore = ["W191", "E111", "E114", "E117", "S101", "S105"] +select = ["F", "E", "I", "W", "S"] + +[tool.ruff.format] +quote-style = "double" +indent-style = "space" +line-ending = "lf" + +[tool.pytest.ini_options] +filterwarnings = ["ignore::FutureWarning", "ignore::DeprecationWarning"] diff --git a/pytestdebug.log b/pytestdebug.log deleted file mode 100644 index 8ce7738..0000000 --- a/pytestdebug.log +++ /dev/null @@ -1,645 +0,0 @@ -versions pytest-6.2.5, py-1.10.0, python-3.9.7.final.0 -cwd=/home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam -args=('--ansible-inventory', '/home/rknet/rkau2905/.cache/molecule/xoxys.pam/rocky8/inventory', '--connection', 'ansible', '--debug', '-p', 'no:cacheprovider', '/home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py', '-vvv') - - pytest_cmdline_main [hook] - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_configure [hook] - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - early skip of rewriting module: email.parser [assertion] - early skip of rewriting module: email.feedparser [assertion] - early skip of rewriting module: email.errors [assertion] - early skip of rewriting module: email._policybase [assertion] - early skip of rewriting module: email.header [assertion] - early skip of rewriting module: email.quoprimime [assertion] - early skip of rewriting module: email.base64mime [assertion] - early skip of rewriting module: email.charset [assertion] - early skip of rewriting module: email.encoders [assertion] - early skip of rewriting module: quopri [assertion] - early skip of rewriting module: email.utils [assertion] - early skip of rewriting module: email._parseaddr [assertion] - early skip of rewriting module: calendar [assertion] - early skip of rewriting module: email.message [assertion] - early skip of rewriting module: uu [assertion] - early skip of rewriting module: email._encoded_words [assertion] - early skip of rewriting module: email.iterators [assertion] - pytest_metadata [hook] - metadata: {'Python': '3.9.7', 'Platform': 'Linux-5.14.9-200.fc34.x86_64-x86_64-with-glibc2.33', 'Packages': {'pytest': '6.2.5', 'py': '1.10.0', 'pluggy': '0.13.1'}, 'Plugins': {'metadata': '1.11.0', 'forked': '1.3.0', 'xdist': '2.3.0', 'verbose-parametrize': '1.7.0', 'testinfra': '6.4.0', 'plus': '0.2', 'mock': '3.6.1', 'html': '3.1.1', 'cov': '2.12.1', 'flaky': '3.7.0'}} - finish pytest_metadata --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - early skip of rewriting module: faulthandler [assertion] - pytest_configure [hook] - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - finish pytest_configure --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.faulthandler.FaultHandlerHooks object at 0x7f7ba3b151f0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - early skip of rewriting module: pdb [assertion] - early skip of rewriting module: cmd [assertion] - early skip of rewriting module: code [assertion] - early skip of rewriting module: codeop [assertion] - pytest_plugin_registered [hook] - plugin: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.config.Config object at 0x7f7ba4a9ca30> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: > err=> in_=> _state='suspended' _in_suspended=False> _capture_fixture=None> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: testsfailed=0 testscollected=0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.faulthandler.FaultHandlerHooks object at 0x7f7ba3b151f0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.terminal.TerminalReporter object at 0x7f7ba3b156a0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.logging.LoggingPlugin object at 0x7f7ba3b42b20> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - finish pytest_configure --> [] [hook] - pytest_sessionstart [hook] - session: testsfailed=0 testscollected=0> - pytest_plugin_registered [hook] - plugin: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.config.Config object at 0x7f7ba4a9ca30> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: > err=> in_=> _state='suspended' _in_suspended=False> _capture_fixture=None> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: testsfailed=0 testscollected=0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.faulthandler.FaultHandlerHooks object at 0x7f7ba3b151f0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.terminal.TerminalReporter object at 0x7f7ba3b156a0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.logging.LoggingPlugin object at 0x7f7ba3b42b20> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_plugin_registered [hook] - plugin: <_pytest.fixtures.FixtureManager object at 0x7f7ba3b8e6d0> - manager: <_pytest.config.PytestPluginManager object at 0x7f7ba49edc40> - finish pytest_plugin_registered --> [] [hook] - pytest_report_header [hook] - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - startdir: /home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam - finish pytest_report_header --> [['rootdir: /home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule, configfile: pytest.ini', 'plugins: metadata-1.11.0, forked-1.3.0, xdist-2.3.0, verbose-parametrize-1.7.0, testinfra-6.4.0, plus-0.2, mock-3.6.1, html-3.1.1, cov-2.12.1, flaky-3.7.0'], "metadata: {'Python': '3.9.7', 'Platform': 'Linux-5.14.9-200.fc34.x86_64-x86_64-with-glibc2.33', 'Packages': {'pytest': '6.2.5', 'py': '1.10.0', 'pluggy': '0.13.1'}, 'Plugins': {'metadata': '1.11.0', 'forked': '1.3.0', 'xdist': '2.3.0', 'verbose-parametrize': '1.7.0', 'testinfra': '6.4.0', 'plus': '0.2', 'mock': '3.6.1', 'html': '3.1.1', 'cov': '2.12.1', 'flaky': '3.7.0'}}", ['using: pytest-6.2.5 pylib-1.10.0', 'setuptools registered plugins:', ' pytest-metadata-1.11.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_metadata/plugin.py', ' pytest-forked-1.3.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_forked/__init__.py', ' pytest-xdist-2.3.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/xdist/plugin.py', ' pytest-xdist-2.3.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/xdist/looponfail.py', ' pytest-verbose-parametrize-1.7.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_verbose_parametrize.py', ' pytest-testinfra-6.4.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/plugin.py', ' pytest-plus-0.2 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_plus/__init__.py', ' pytest-mock-3.6.1 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_mock/__init__.py', ' pytest-html-3.1.1 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_html/plugin.py', ' pytest-cov-2.12.1 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/pytest_cov/plugin.py', ' flaky-3.7.0 at /home/rknet/rkau2905/.local/lib/python3.9/site-packages/flaky/flaky_pytest_plugin.py']] [hook] - finish pytest_sessionstart --> [] [hook] - pytest_collection [hook] - session: testsfailed=0 testscollected=0> - perform_collect testsfailed=0 testscollected=0> ['/home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py'] [collection] - pytest_collectstart [hook] - collector: testsfailed=0 testscollected=0> - finish pytest_collectstart --> [] [hook] - pytest_make_collect_report [hook] - collector: testsfailed=0 testscollected=0> - processing argument (local('/home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py'), []) [collection] - pytest_collect_file [hook] - path: /home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py - parent: testsfailed=0 testscollected=0> - pytest_pycollect_makemodule [hook] - path: /home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py - parent: testsfailed=0 testscollected=0> - finish pytest_pycollect_makemodule --> [hook] - finish pytest_collect_file --> [] [hook] - matchnodes [] [] [collection] - matchnodes finished -> 1 nodes [collection] - finish pytest_make_collect_report --> [hook] - pytest_collectreport [hook] - report: - finish pytest_collectreport --> [] [hook] - genitems [collection] - pytest_collectstart [hook] - collector: - finish pytest_collectstart --> [] [hook] - pytest_make_collect_report [hook] - collector: - find_module called for: test_default [assertion] - matched test file (was specified on cmdline): '/home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py' [assertion] - rewriting PosixPath('/home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam/molecule/rocky8/tests/test_default.py') [assertion] - matched marked file 'testinfra.utils' (from 'testinfra') [assertion] - find_module called for: testinfra.utils [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/utils/__init__.py [assertion] - matched marked file 'testinfra.utils.ansible_runner' (from 'testinfra') [assertion] - find_module called for: testinfra.utils.ansible_runner [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/utils/ansible_runner.py [assertion] - early skip of rewriting module: ipaddress [assertion] - matched marked file 'testinfra.backend.local' (from 'testinfra') [assertion] - find_module called for: testinfra.backend.local [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/backend/local.py [assertion] - matched marked file 'testinfra.backend.base' (from 'testinfra') [assertion] - find_module called for: testinfra.backend.base [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/backend/base.py [assertion] - pytest_pycollect_makeitem [hook] - collector: - name: @py_builtins - obj: - finish pytest_pycollect_makeitem --> None [hook] - pytest_pycollect_makeitem [hook] - collector: - name: @pytest_ar - obj: - finish pytest_pycollect_makeitem --> None [hook] - pytest_pycollect_makeitem [hook] - collector: - name: os - obj: - finish pytest_pycollect_makeitem --> None [hook] - pytest_pycollect_makeitem [hook] - collector: - name: testinfra - obj: - finish pytest_pycollect_makeitem --> None [hook] - pytest_pycollect_makeitem [hook] - collector: - name: testinfra_hosts - obj: ['rocky8-pam'] - finish pytest_pycollect_makeitem --> None [hook] - pytest_pycollect_makeitem [hook] - collector: - name: test_pam_config - obj: - pytest_generate_tests [hook] - metafunc: <_pytest.python.Metafunc object at 0x7f7ba3adceb0> - matched marked file 'testinfra.backend.ansible' (from 'testinfra') [assertion] - find_module called for: testinfra.backend.ansible [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/backend/ansible.py [assertion] - early skip of rewriting module: encodings.unicode_escape [assertion] - finish pytest_generate_tests --> [] [hook] - finish pytest_pycollect_makeitem --> [] [hook] - finish pytest_make_collect_report --> [hook] - genitems [collection] - pytest_itemcollected [hook] - item: - finish pytest_itemcollected --> [] [hook] - pytest_collectreport [hook] - report: - finish pytest_collectreport --> [] [hook] - pytest_collection_modifyitems [hook] - session: testsfailed=0 testscollected=0> - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - items: [] - finish pytest_collection_modifyitems --> [] [hook] - pytest_collection_finish [hook] - session: testsfailed=0 testscollected=0> - pytest_report_collectionfinish [hook] - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - startdir: /home/rknet/rkau2905/Devel/private/ansible/roles/xoxys.pam - items: [] - finish pytest_report_collectionfinish --> [] [hook] - finish pytest_collection_finish --> [] [hook] - finish pytest_collection --> None [hook] - pytest_runtestloop [hook] - session: testsfailed=0 testscollected=1> - pytest_runtest_protocol [hook] - item: - nextitem: None - pytest_runtest_logstart [hook] - nodeid: rocky8/tests/test_default.py::test_pam_config[ansible://rocky8-pam] - location: ('rocky8/tests/test_default.py', 9, 'test_pam_config[ansible://rocky8-pam]') - finish pytest_runtest_logstart --> [] [hook] - pytest_runtest_setup [hook] - item: - pytest_fixture_setup [hook] - fixturedef: - request: > - finish pytest_fixture_setup --> [hook] - pytest_fixture_setup [hook] - fixturedef: - request: > - finish pytest_fixture_setup --> [hook] - finish pytest_runtest_setup --> [] [hook] - pytest_runtest_makereport [hook] - item: - call: - finish pytest_runtest_makereport --> [hook] - pytest_runtest_logreport [hook] - report: - pytest_report_teststatus [hook] - report: - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - finish pytest_report_teststatus --> ('', '', '') [hook] - finish pytest_runtest_logreport --> [] [hook] - pytest_runtest_call [hook] - item: - pytest_pyfunc_call [hook] - pyfuncitem: - matched marked file 'testinfra.modules.file' (from 'testinfra') [assertion] - find_module called for: testinfra.modules.file [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/modules/file.py [assertion] - matched marked file 'testinfra.modules.base' (from 'testinfra') [assertion] - find_module called for: testinfra.modules.base [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/modules/base.py [assertion] - matched marked file 'testinfra.modules.systeminfo' (from 'testinfra') [assertion] - find_module called for: testinfra.modules.systeminfo [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/modules/systeminfo.py [assertion] - matched marked file 'testinfra.backend.ssh' (from 'testinfra') [assertion] - find_module called for: testinfra.backend.ssh [assertion] - found cached rewritten pyc for /home/rknet/rkau2905/.local/lib/python3.9/site-packages/testinfra/backend/ssh.py [assertion] - finish pytest_pyfunc_call --> True [hook] - finish pytest_runtest_call --> [] [hook] - pytest_runtest_makereport [hook] - item: - call: - finish pytest_runtest_makereport --> [hook] - pytest_runtest_logreport [hook] - report: - pytest_report_teststatus [hook] - report: - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - finish pytest_report_teststatus --> ('passed', '.', 'PASSED') [hook] - finish pytest_runtest_logreport --> [] [hook] - pytest_runtest_teardown [hook] - item: - nextitem: None - pytest_fixture_post_finalizer [hook] - fixturedef: - request: > - finish pytest_fixture_post_finalizer --> [] [hook] - pytest_fixture_post_finalizer [hook] - fixturedef: - request: > - finish pytest_fixture_post_finalizer --> [] [hook] - pytest_fixture_post_finalizer [hook] - fixturedef: - request: > - finish pytest_fixture_post_finalizer --> [] [hook] - finish pytest_runtest_teardown --> [] [hook] - pytest_runtest_makereport [hook] - item: - call: - finish pytest_runtest_makereport --> [hook] - pytest_runtest_logreport [hook] - report: - pytest_report_teststatus [hook] - report: - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - finish pytest_report_teststatus --> ('', '', '') [hook] - finish pytest_runtest_logreport --> [] [hook] - pytest_runtest_logfinish [hook] - nodeid: rocky8/tests/test_default.py::test_pam_config[ansible://rocky8-pam] - location: ('rocky8/tests/test_default.py', 9, 'test_pam_config[ansible://rocky8-pam]') - finish pytest_runtest_logfinish --> [] [hook] - finish pytest_runtest_protocol --> True [hook] - finish pytest_runtestloop --> True [hook] - pytest_sessionfinish [hook] - session: - exitstatus: 0 - pytest_terminal_summary [hook] - terminalreporter: <_pytest.terminal.TerminalReporter object at 0x7f7ba3b156a0> - exitstatus: 0 - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - finish pytest_terminal_summary --> [] [hook] - finish pytest_sessionfinish --> [] [hook] - pytest_unconfigure [hook] - config: <_pytest.config.Config object at 0x7f7ba4a9ca30> - finish pytest_unconfigure --> [] [hook] diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index 2bb8674..0000000 --- a/setup.cfg +++ /dev/null @@ -1,12 +0,0 @@ -[flake8] -ignore = D100, D101, D102, D103, D105, D107, E402, W503 -max-line-length = 99 -inline-quotes = double -exclude = .git,.tox,__pycache__,build,dist,tests,*.pyc,*.egg-info,.cache,.eggs,env* - -[yapf] -based_on_style = google -column_limit = 99 -dedent_closing_brackets = true -coalesce_brackets = true -split_before_logical_operator = true diff --git a/tasks/main.yml b/tasks/main.yml index 37e5585..b47984b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,31 +1,28 @@ --- -- block: - - name: Set pam module configuration - pamd: - name: "{{ item.name | default('system-auth') }}" - type: "{{ item.type | default('auth') }}" - module_path: "{{ item.module_path | default('pam_unix.so') }}" - control: "{{ item.control }}" - new_type: "{{ item.new_type | default(omit) }}" - new_module_path: "{{ item.new_module_path | default(omit) }}" - new_control: "{{ item.new_control | default(omit) }}" - state: "{{ item.state | default('args_present') }}" - module_arguments: "{{ item.module_arguments | default(omit) }}" - loop: "{{ pam_settings + pam_settings_extra }}" - loop_control: - label: "{{ item.name | default('system-auth') }}:{{ item.state | default('args_present') }}: {{ item.new_type | default(item.type) | default('auth') }} {{ item.new_control | default(item.control) }} {{ item.new_module_path | default(item.module_path) | default('pam_unix.so') }} {{ item.module_arguments | default([]) | join(' ') }}" +- name: Set pam module configuration + community.general.pamd: + name: "{{ item.name | default('system-auth') }}" + type: "{{ item.type | default('auth') }}" + module_path: "{{ item.module_path | default('pam_unix.so') }}" + control: "{{ item.control }}" + new_type: "{{ item.new_type | default(omit) }}" + new_module_path: "{{ item.new_module_path | default(omit) }}" + new_control: "{{ item.new_control | default(omit) }}" + state: "{{ item.state | default('args_present') }}" + module_arguments: "{{ item.module_arguments | default(omit) }}" + loop: "{{ pam_settings + pam_settings_extra }}" + loop_control: + label: "{{ item.name | default('system-auth') }}:{{ item.state | default('args_present') }}: {{ item.new_type | default(item.type) | default('auth') }} {{ item.new_control | default(item.control) }} {{ item.new_module_path | default(item.module_path) | default('pam_unix.so') }} {{ item.module_arguments | default([]) | join(' ') }}" - - name: Auto-update items with state before/after - pamd: - name: "{{ item.name | default('system-auth') }}" - type: "{{ item.new_type }}" - module_path: "{{ item.new_module_path }}" - control: "{{ item.new_control }}" - state: updated - module_arguments: "{{ item.module_arguments | default(omit) }}" - loop: "{{ pam_settings + pam_settings_extra }}" - loop_control: - label: "{{ item.name | default('system-auth') }}:{{ item.state | default('args_present') }}: {{ item.new_type | default(item.type) | default('auth') }} {{ item.new_control | default(item.control) }} {{ item.new_module_path | default(item.module_path) | default('pam_unix.so') }} {{ item.module_arguments | default([]) | join(' ') }}" - when: item.state | default("args_present") == "before" or item.state | default("args_present") == "after" - become: True - become_user: root +- name: Auto-update items with state before/after + community.general.pamd: + name: "{{ item.name | default('system-auth') }}" + type: "{{ item.new_type }}" + module_path: "{{ item.new_module_path }}" + control: "{{ item.new_control }}" + state: updated + module_arguments: "{{ item.module_arguments | default(omit) }}" + loop: "{{ pam_settings + pam_settings_extra }}" + loop_control: + label: "{{ item.name | default('system-auth') }}:{{ item.state | default('args_present') }}: {{ item.new_type | default(item.type) | default('auth') }} {{ item.new_control | default(item.control) }} {{ item.new_module_path | default(item.module_path) | default('pam_unix.so') }} {{ item.module_arguments | default([]) | join(' ') }}" + when: item.state | default("args_present") == "before" or item.state | default("args_present") == "after"