ansible/xoxys.podman
0
0
Fork 0
Code Issues Pull Requests Releases Activity

ci: add test for rocky9
All checks were successful
continuous-integration/drone/pr Build is passing
Details

Browse Source
This commit is contained in:
Robert Kaussow 2023-07-28 20:00:59 +02:00
parent acc47fe0b2
commit cad871a8cf
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
12 changed files with 86 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.drone.jsonnet
View File

@ -41,7 +41,7 @@ local PipelineLinting = {
},
};
local PipelineDeployment(scenario='rocky8') = {
local PipelineDeployment(scenario='rocky9') = {
kind: 'pipeline',
name: 'testing-' + scenario,
platform: {
@ -115,7 +115,7 @@ local PipelineDocumentation = {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
depends_on: [
'testing-rocky8',
'testing-rocky9',
],
};
@ -153,7 +153,7 @@ local PipelineNotification = {
[
PipelineLinting,
PipelineDeployment(scenario='rocky8'),
PipelineDeployment(scenario='rocky9'),
PipelineDocumentation,
PipelineNotification,
]

8
.drone.yml
View File

@ -36,7 +36,7 @@ trigger:
---
kind: pipeline
name: testing-rocky8
name: testing-rocky9
platform:
os: linux
@ -53,7 +53,7 @@ steps:
- name: ansible-molecule
image: thegeeklab/molecule:4
commands:
- molecule test -s rocky8
- molecule test -s rocky9
environment:
HCLOUD_TOKEN:
from_secret: hcloud_token
@ -107,7 +107,7 @@ trigger:
- refs/pull/**
depends_on:
- testing-rocky8
- testing-rocky9
---
kind: pipeline
@ -147,6 +147,6 @@ depends_on:
---
kind: signature
hmac: 0a198d7d6b43b7f522c4ee73dc7464ff4b5dc379f9555b4b49ea5b3dd6e8c1cb
hmac: c29456b152af21f872f70b8477cc3ac8edadb3e058c994cbc564319a66469851
...

2
molecule/default
View File

@ -1 +1 @@
rocky8
rocky9

0
molecule/rocky8/converge.yml → molecule/rocky9/converge.yml
View File

0
molecule/rocky8/create.yml → molecule/rocky9/create.yml
View File

1
molecule/rocky9/default Symbolic link
View File

@ -0,0 +1 @@
default

0
molecule/rocky8/destroy.yml → molecule/rocky9/destroy.yml
View File

4
molecule/rocky8/molecule.yml → molecule/rocky9/molecule.yml
View File

@ -9,8 +9,8 @@ dependency:
driver:
name: delegated
platforms:
- name: rocky8-podman
image: rocky-8
- name: rocky9-podman
image: rocky-9
server_type: cx11
lint: |
/usr/local/bin/flake8

0
molecule/rocky8/prepare.yml → molecule/rocky9/prepare.yml
View File

0
molecule/rocky8/tests/test_default.py → molecule/rocky9/tests/test_default.py
View File

76
tasks/main.yml
View File

@ -1,2 +1,76 @@
---
- include_tasks: setup.yml
- block:
- name: Ensure required packages are installed
package:
name: "{{ item }}"
state: "present"
loop:
- podman
- slirp4netns
- fuse-overlayfs
- crun
- container-selinux
- bash-completion
- name: Install Podman bash-completion
command:
cmd: "podman completion bash -f /etc/bash_completion.d/podman"
creates: "/etc/bash_completion.d/podman"
- name: Deploy container configuration
template:
src: etc/containers/containers.conf.j2
dest: /etc/containers/containers.conf
owner: root
group: root
mode: 0644
- name: Deploy storage configuration
template:
src: etc/containers/storage.conf.j2
dest: /etc/containers/storage.conf
owner: root
group: root
mode: 0644
- name: Set SELinux booleans
seboolean:
name: "{{ item.name }}"
state: "{{ item.state | bool }}"
persistent: "{{ item.persistent | default(True) | bool }}"
loop: "{{ podman_sebooleans }}"
loop_control:
label: "{{ item.name }}: {{ item.state | bool }}"
- name: Create journal log dir
file:
path: /var/log/journal
state: directory
owner: root
group: systemd-journal
mode: 02755
- name: Create home basedir for systemd users
file:
path: "{{ podman_systemd_home_basedir }}"
state: directory
owner: root
group: root
mode: 0755
register: __podman_home_basedir
become: True
become_user: root
- block:
- name: Set SELinux context for home basedir
command: semanage fcontext -a -e /home "{{ podman_systemd_home_basedir }}"
register: __podman_home_fcontext
failed_when:
- __podman_home_fcontext.rc != 0
- "'already exists' not in __podman_home_fcontext.stderr"
- name: Apply new SELinux file context to filesystem
command: restorecon -R "{{ podman_systemd_home_basedir }}"
when: __podman_home_basedir.changed
become: True
become_user: root

76
tasks/setup.yml
View File

@ -1,76 +0,0 @@
---
- block:
- name: Ensure required packages are installed
package:
name: "{{ item }}"
state: "present"
loop:
- podman
- slirp4netns
- fuse-overlayfs
- crun
- container-selinux
- bash-completion
- name: Install Podman bash-completion
command:
cmd: "podman completion bash -f /etc/bash_completion.d/podman"
creates: "/etc/bash_completion.d/podman"
- name: Deploy container configuration
template:
src: etc/containers/containers.conf.j2
dest: /etc/containers/containers.conf
owner: root
group: root
mode: 0644
- name: Deploy storage configuration
template:
src: etc/containers/storage.conf.j2
dest: /etc/containers/storage.conf
owner: root
group: root
mode: 0644
- name: Set SELinux booleans
seboolean:
name: "{{ item.name }}"
state: "{{ item.state | bool }}"
persistent: "{{ item.persistent | default(True) | bool }}"
loop: "{{ podman_sebooleans }}"
loop_control:
label: "{{ item.name }}: {{ item.state | bool }}"
- name: Create journal log dir
file:
path: /var/log/journal
state: directory
owner: root
group: systemd-journal
mode: 02755
- name: Create home basedir for systemd users
file:
path: "{{ podman_systemd_home_basedir }}"
state: directory
owner: root
group: root
mode: 0755
register: __podman_home_basedir
become: True
become_user: root
- block:
- name: Set SELinux context for home basedir
command: semanage fcontext -a -e /home "{{ podman_systemd_home_basedir }}"
register: __podman_home_fcontext
failed_when:
- __podman_home_fcontext.rc != 0
- "'already exists' not in __podman_home_fcontext.stderr"
- name: Apply new SELinux file context to filesystem
command: restorecon -R "{{ podman_systemd_home_basedir }}"
when: __podman_home_basedir.changed
become: True
become_user: root