1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

CI: Add ArchLinux, Debian Bullseye, CentOS Stream 8, and Alpine 3 (#4222)

* Add ArchLinux, Debian Bullseye and CentOS Stream 8 to CI.

* Add Alpine to CI matrix as well.
This commit is contained in:
Felix Fontein 2022-02-21 21:14:45 +01:00 committed by GitHub
parent 2416b81aa4
commit a06903f33a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
56 changed files with 861 additions and 700 deletions

View file

@ -310,6 +310,8 @@ stages:
test: ubuntu1804 test: ubuntu1804
- name: Ubuntu 20.04 - name: Ubuntu 20.04
test: ubuntu2004 test: ubuntu2004
- name: Alpine 3
test: alpine3
groups: groups:
- 1 - 1
- 2 - 2
@ -348,6 +350,8 @@ stages:
test: fedora33 test: fedora33
- name: openSUSE 15 py2 - name: openSUSE 15 py2
test: opensuse15py2 test: opensuse15py2
- name: Alpine 3
test: alpine3
groups: groups:
- 2 - 2
- 3 - 3
@ -382,6 +386,26 @@ stages:
- 2 - 2
- 3 - 3
### Community Docker
- stage: Docker_community_devel
displayName: Docker (community images) devel
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: devel/linux-community/{0}
targets:
- name: Debian Bullseye
test: debian-bullseye/3.9
- name: ArchLinux
test: archlinux/3.10
- name: CentOS Stream 8
test: centos-stream8/3.8
groups:
- 1
- 2
- 3
### Cloud ### Cloud
- stage: Cloud_devel - stage: Cloud_devel
displayName: Cloud devel displayName: Cloud devel
@ -457,6 +481,7 @@ stages:
- Docker_2_10 - Docker_2_10
- Docker_2_11 - Docker_2_11
- Docker_2_12 - Docker_2_12
- Docker_community_devel
- Cloud_devel - Cloud_devel
- Cloud_2_9 - Cloud_2_9
- Cloud_2_10 - Cloud_2_10

View file

@ -68,4 +68,13 @@
# in chkconfig-1.7-2 fails when /etc/alternatives/dummy link is missing, # in chkconfig-1.7-2 fails when /etc/alternatives/dummy link is missing,
# error is: 'failed to read link /usr/bin/dummy: No such file or directory'. # error is: 'failed to read link /usr/bin/dummy: No such file or directory'.
# Moreover Fedora 24 is no longer maintained. # Moreover Fedora 24 is no longer maintained.
when: ansible_distribution != 'Fedora' or ansible_distribution_major_version|int > 24 #
# *Disable tests on Arch Linux*
# TODO: figure out whether there is an alternatives tool for Arch Linux
#
# *Disable tests on Alpine*
# TODO: figure out whether there is an alternatives tool for Alpine
when:
- ansible_distribution != 'Fedora' or ansible_distribution_major_version|int > 24
- ansible_distribution != 'Archlinux'
- ansible_distribution != 'Alpine'

View file

@ -15,6 +15,8 @@
when: when:
- not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int == 14) - not (ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int == 14)
- not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3) - not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and ansible_python.version.major != 3)
- not (ansible_distribution == 'Archlinux') # TODO: package seems to be broken, cannot be downloaded from mirrors?
- not (ansible_distribution == 'Alpine') # TODO: not sure what's wrong here, the module doesn't return what the tests expect
block: block:
- name: setup install cloud-init - name: setup install cloud-init
package: package:

View file

@ -82,50 +82,48 @@
that: that:
- result is failed - result is failed
- when: pyopenssl_version.stdout is version('0.15', '>=') - name: ensure SSL certificate is checked
block: consul_session:
- name: ensure SSL certificate is checked state: info
consul_session: id: '{{ session_id }}'
state: info port: 8501
id: '{{ session_id }}' scheme: https
port: 8501 register: result
scheme: https ignore_errors: True
register: result
ignore_errors: True
- name: previous task should fail since certificate is not known - name: previous task should fail since certificate is not known
assert: assert:
that: that:
- result is failed - result is failed
- "'certificate verify failed' in result.msg" - "'certificate verify failed' in result.msg"
- name: ensure SSL certificate isn't checked when validate_certs is disabled - name: ensure SSL certificate isn't checked when validate_certs is disabled
consul_session: consul_session:
state: info state: info
id: '{{ session_id }}' id: '{{ session_id }}'
port: 8501 port: 8501
scheme: https scheme: https
validate_certs: False validate_certs: False
register: result register: result
- name: previous task should succeed since certificate isn't checked - name: previous task should succeed since certificate isn't checked
assert: assert:
that: that:
- result is changed - result is changed
- name: ensure a secure connection is possible - name: ensure a secure connection is possible
consul_session: consul_session:
state: info state: info
id: '{{ session_id }}' id: '{{ session_id }}'
port: 8501 port: 8501
scheme: https scheme: https
environment: environment:
REQUESTS_CA_BUNDLE: '{{ remote_dir }}/cert.pem' REQUESTS_CA_BUNDLE: '{{ remote_dir }}/cert.pem'
register: result register: result
- assert: - assert:
that: that:
- result is changed - result is changed
- name: delete a session - name: delete a session
consul_session: consul_session:

View file

@ -9,9 +9,6 @@
consul_uri: https://s3.amazonaws.com/ansible-ci-files/test/integration/targets/consul/consul_{{ consul_version }}_{{ ansible_system | lower }}_{{ consul_arch }}.zip consul_uri: https://s3.amazonaws.com/ansible-ci-files/test/integration/targets/consul/consul_{{ consul_version }}_{{ ansible_system | lower }}_{{ consul_arch }}.zip
consul_cmd: '{{ remote_tmp_dir }}/consul' consul_cmd: '{{ remote_tmp_dir }}/consul'
block: block:
- name: register pyOpenSSL version
command: '{{ ansible_python_interpreter }} -c ''import OpenSSL; print(OpenSSL.__version__)'''
register: pyopenssl_version
- name: Install requests<2.20 (CentOS/RHEL 6) - name: Install requests<2.20 (CentOS/RHEL 6)
pip: pip:
name: requests<2.20 name: requests<2.20
@ -23,25 +20,23 @@
name: python-consul name: python-consul
register: result register: result
until: result is success until: result is success
- when: pyopenssl_version.stdout is version('0.15', '>=') - name: Generate privatekey
block: community.crypto.openssl_privatekey:
- name: Generate privatekey path: '{{ remote_tmp_dir }}/privatekey.pem'
community.crypto.openssl_privatekey: - name: Generate CSR
path: '{{ remote_tmp_dir }}/privatekey.pem' community.crypto.openssl_csr:
- name: Generate CSR path: '{{ remote_tmp_dir }}/csr.csr'
community.crypto.openssl_csr: privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
path: '{{ remote_tmp_dir }}/csr.csr' subject:
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem' commonName: localhost
subject: - name: Generate selfsigned certificate
commonName: localhost register: selfsigned_certificate
- name: Generate selfsigned certificate community.crypto.x509_certificate:
register: selfsigned_certificate path: '{{ remote_tmp_dir }}/cert.pem'
community.crypto.x509_certificate: csr_path: '{{ remote_tmp_dir }}/csr.csr'
path: '{{ remote_tmp_dir }}/cert.pem' privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
csr_path: '{{ remote_tmp_dir }}/csr.csr' provider: selfsigned
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem' selfsigned_digest: sha256
provider: selfsigned
selfsigned_digest: sha256
- name: Install unzip - name: Install unzip
package: package:
name: unzip name: unzip

View file

@ -3,11 +3,7 @@ server = true
pid_file = "{{ remote_dir }}/consul.pid" pid_file = "{{ remote_dir }}/consul.pid"
ports { ports {
http = 8500 http = 8500
{% if pyopenssl_version.stdout is version('0.15', '>=') %}
https = 8501 https = 8501
{% endif %}
} }
{% if pyopenssl_version.stdout is version('0.15', '>=') %}
key_file = "{{ remote_dir }}/privatekey.pem" key_file = "{{ remote_dir }}/privatekey.pem"
cert_file = "{{ remote_dir }}/cert.pem" cert_file = "{{ remote_dir }}/cert.pem"
{% endif %}

View file

@ -3,112 +3,115 @@
# and should not be used as examples of how to write Ansible roles # # and should not be used as examples of how to write Ansible roles #
#################################################################### ####################################################################
- name: Create EMAIL cron var - when:
cronvar: - not (ansible_os_family == 'Alpine' and ansible_distribution_version is version('3.15', '<')) # TODO
name: EMAIL block:
value: doug@ansibmod.con.com - name: Create EMAIL cron var
register: create_cronvar1 cronvar:
name: EMAIL
value: doug@ansibmod.con.com
register: create_cronvar1
- name: Create EMAIL cron var again - name: Create EMAIL cron var again
cronvar: cronvar:
name: EMAIL name: EMAIL
value: doug@ansibmod.con.com value: doug@ansibmod.con.com
register: create_cronvar2 register: create_cronvar2
- name: Check cron var value - name: Check cron var value
shell: crontab -l -u root | grep -c EMAIL=doug@ansibmod.con.com shell: crontab -l -u root | grep -c EMAIL=doug@ansibmod.con.com
register: varcheck1 register: varcheck1
- name: Modify EMAIL cron var - name: Modify EMAIL cron var
cronvar: cronvar:
name: EMAIL name: EMAIL
value: jane@ansibmod.con.com value: jane@ansibmod.con.com
register: create_cronvar3 register: create_cronvar3
- name: Check cron var value again - name: Check cron var value again
shell: crontab -l -u root | grep -c EMAIL=jane@ansibmod.con.com shell: crontab -l -u root | grep -c EMAIL=jane@ansibmod.con.com
register: varcheck2 register: varcheck2
- name: Remove EMAIL cron var - name: Remove EMAIL cron var
cronvar: cronvar:
name: EMAIL name: EMAIL
state: absent state: absent
register: remove_cronvar1 register: remove_cronvar1
- name: Remove EMAIL cron var again - name: Remove EMAIL cron var again
cronvar: cronvar:
name: EMAIL name: EMAIL
state: absent state: absent
register: remove_cronvar2 register: remove_cronvar2
- name: Check cron var value again - name: Check cron var value again
shell: crontab -l -u root | grep -c EMAIL shell: crontab -l -u root | grep -c EMAIL
register: varcheck3 register: varcheck3
failed_when: varcheck3.rc == 0 failed_when: varcheck3.rc == 0
- name: Add cron var to custom file - name: Add cron var to custom file
cronvar: cronvar:
name: TESTVAR name: TESTVAR
value: somevalue value: somevalue
cron_file: cronvar_test cron_file: cronvar_test
register: custom_cronfile1 register: custom_cronfile1
- name: Add cron var to custom file again - name: Add cron var to custom file again
cronvar: cronvar:
name: TESTVAR name: TESTVAR
value: somevalue value: somevalue
cron_file: cronvar_test cron_file: cronvar_test
register: custom_cronfile2 register: custom_cronfile2
- name: Check cron var value in custom file - name: Check cron var value in custom file
command: grep -c TESTVAR=somevalue {{ cron_config_path }}/cronvar_test command: grep -c TESTVAR=somevalue {{ cron_config_path }}/cronvar_test
register: custom_varcheck1 register: custom_varcheck1
- name: Change cron var in custom file - name: Change cron var in custom file
cronvar: cronvar:
name: TESTVAR name: TESTVAR
value: newvalue value: newvalue
cron_file: cronvar_test cron_file: cronvar_test
register: custom_cronfile3 register: custom_cronfile3
- name: Check cron var value in custom file - name: Check cron var value in custom file
command: grep -c TESTVAR=newvalue {{ cron_config_path }}/cronvar_test command: grep -c TESTVAR=newvalue {{ cron_config_path }}/cronvar_test
register: custom_varcheck2 register: custom_varcheck2
- name: Remove cron var from custom file - name: Remove cron var from custom file
cronvar: cronvar:
name: TESTVAR name: TESTVAR
value: newvalue value: newvalue
cron_file: cronvar_test cron_file: cronvar_test
state: absent state: absent
register: custom_remove_cronvar1 register: custom_remove_cronvar1
- name: Remove cron var from custom file again - name: Remove cron var from custom file again
cronvar: cronvar:
name: TESTVAR name: TESTVAR
value: newvalue value: newvalue
cron_file: cronvar_test cron_file: cronvar_test
state: absent state: absent
register: custom_remove_cronvar2 register: custom_remove_cronvar2
- name: Check cron var value - name: Check cron var value
command: grep -c TESTVAR=newvalue {{ cron_config_path }}/cronvar_test command: grep -c TESTVAR=newvalue {{ cron_config_path }}/cronvar_test
register: custom_varcheck3 register: custom_varcheck3
failed_when: custom_varcheck3.rc == 0 failed_when: custom_varcheck3.rc == 0
- name: Esure cronvar tasks did the right thing - name: Esure cronvar tasks did the right thing
assert: assert:
that: that:
- create_cronvar1 is changed - create_cronvar1 is changed
- create_cronvar2 is not changed - create_cronvar2 is not changed
- create_cronvar3 is changed - create_cronvar3 is changed
- remove_cronvar1 is changed - remove_cronvar1 is changed
- remove_cronvar2 is not changed - remove_cronvar2 is not changed
- varcheck1.stdout == '1' - varcheck1.stdout == '1'
- varcheck2.stdout == '1' - varcheck2.stdout == '1'
- varcheck3.stdout == '0' - varcheck3.stdout == '0'
- custom_remove_cronvar1 is changed - custom_remove_cronvar1 is changed
- custom_remove_cronvar2 is not changed - custom_remove_cronvar2 is not changed
- custom_varcheck1.stdout == '1' - custom_varcheck1.stdout == '1'
- custom_varcheck2.stdout == '1' - custom_varcheck2.stdout == '1'
- custom_varcheck3.stdout == '0' - custom_varcheck3.stdout == '0'

View file

@ -8,6 +8,18 @@
suffix: .django_manage suffix: .django_manage
register: tmp_django_root register: tmp_django_root
- name: Install virtualenv
package:
name: virtualenv
state: present
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '8'
- name: Install virtualenv
package:
name: python-virtualenv
state: present
when: ansible_os_family == 'Archlinux'
- name: Install required library - name: Install required library
pip: pip:
name: django name: django

View file

@ -29,6 +29,7 @@
include_tasks: sparse.yml include_tasks: sparse.yml
when: when:
- not (ansible_os_family == 'Darwin' and ansible_distribution_version is version('11', '<')) - not (ansible_os_family == 'Darwin' and ansible_distribution_version is version('11', '<'))
- not (ansible_os_family == 'Alpine') # TODO figure out why it fails
- name: Include tasks to test playing with symlinks - name: Include tasks to test playing with symlinks
include_tasks: symlinks.yml include_tasks: symlinks.yml

View file

@ -1,5 +1,5 @@
--- ---
- name: "Create filesystem" - name: "Create filesystem ({{ fstype }})"
community.general.filesystem: community.general.filesystem:
dev: '{{ dev }}' dev: '{{ dev }}'
fstype: '{{ fstype }}' fstype: '{{ fstype }}'

View file

@ -48,10 +48,18 @@
# reiserfs-utils package not available with Fedora 35 on CI # reiserfs-utils package not available with Fedora 35 on CI
- 'not (ansible_distribution == "Fedora" and (ansible_facts.distribution_major_version | int >= 35) and - 'not (ansible_distribution == "Fedora" and (ansible_facts.distribution_major_version | int >= 35) and
item.0.key == "reiserfs")' item.0.key == "reiserfs")'
# reiserfs packages apparently not available with Alpine
- 'not (ansible_distribution == "Alpine" and item.0.key == "reiserfs")'
# ocfs2 only available on Debian based distributions # ocfs2 only available on Debian based distributions
- 'not (item.0.key == "ocfs2" and ansible_os_family != "Debian")' - 'not (item.0.key == "ocfs2" and ansible_os_family != "Debian")'
# Tests use losetup which can not be used inside unprivileged container # Tests use losetup which can not be used inside unprivileged container
- 'not (item.0.key == "lvm" and ansible_virtualization_type in ["docker", "container", "containerd"])' - 'not (item.0.key == "lvm" and ansible_virtualization_type in ["docker", "container", "containerd"])'
# vfat resizing fails on Debian (but not Ubuntu)
- 'not (item.0.key == "vfat" and ansible_distribution == "Debian")' # TODO: figure out why it fails, fix it!
# vfat resizing fails on ArchLinux
- 'not (item.0.key == "vfat" and ansible_distribution == "Archlinux")' # TODO: figure out why it fails, fix it!
# btrfs-progs cannot be installed on ArchLinux
- 'not (item.0.key == "btrfs" and ansible_distribution == "Archlinux")' # TODO: figure out why it fails, fix it!
# On CentOS 6 shippable containers, wipefs seems unable to remove vfat signatures # On CentOS 6 shippable containers, wipefs seems unable to remove vfat signatures
- 'not (ansible_distribution == "CentOS" and ansible_distribution_version is version("7.0", "<") and - 'not (ansible_distribution == "CentOS" and ansible_distribution_version is version("7.0", "<") and
@ -65,6 +73,9 @@
- 'not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and - 'not (ansible_os_family == "Suse" and ansible_distribution_major_version|int != 42 and
item.0.key == "xfs" and ansible_python.version.major == 2)' item.0.key == "xfs" and ansible_python.version.major == 2)'
# TODO: something seems to be broken on Alpine
- 'not (ansible_distribution == "Alpine")'
loop: "{{ query('dict', tested_filesystems)|product(['create_fs', 'overwrite_another_fs', 'remove_fs'])|list }}" loop: "{{ query('dict', tested_filesystems)|product(['create_fs', 'overwrite_another_fs', 'remove_fs'])|list }}"

View file

@ -21,6 +21,7 @@
- not (ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('16.04', '<=')) - not (ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('16.04', '<='))
- ansible_system != "FreeBSD" - ansible_system != "FreeBSD"
- not (ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('8', '>=')) - not (ansible_facts.os_family == "RedHat" and ansible_facts.distribution_major_version is version('8', '>='))
- ansible_os_family != 'Archlinux' # TODO
- name: "Install btrfs tools (Ubuntu <= 16.04)" - name: "Install btrfs tools (Ubuntu <= 16.04)"
ansible.builtin.package: ansible.builtin.package:
@ -60,7 +61,7 @@
state: present state: present
when: when:
- ansible_system == 'Linux' - ansible_system == 'Linux'
- ansible_os_family not in ['Suse', 'RedHat'] - ansible_os_family not in ['Suse', 'RedHat', 'Alpine']
- name: "Install reiserfs progs (FreeBSD)" - name: "Install reiserfs progs (FreeBSD)"
ansible.builtin.package: ansible.builtin.package:
@ -111,6 +112,7 @@
- ansible_system == 'Linux' - ansible_system == 'Linux'
- ansible_os_family != 'Suse' - ansible_os_family != 'Suse'
- ansible_os_family != 'RedHat' or (ansible_distribution == 'CentOS' and ansible_distribution_version is version('7.0', '==')) - ansible_os_family != 'RedHat' or (ansible_distribution == 'CentOS' and ansible_distribution_version is version('7.0', '=='))
- ansible_os_family != 'Alpine'
block: block:
- name: "Install fatresize" - name: "Install fatresize"
ansible.builtin.package: ansible.builtin.package:

View file

@ -21,201 +21,205 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>. # along with Ansible. If not, see <http://www.gnu.org/licenses/>.
- include_vars: '{{ item }}' - when:
with_first_found: - not (ansible_os_family == 'Alpine') # TODO
- files: block:
- '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
- '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
- '{{ ansible_os_family }}.yml'
- 'default.yml'
paths: '../vars'
- name: Install dependencies for test - include_vars: '{{ item }}'
package: with_first_found:
name: "{{ item }}" - files:
state: present - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
loop: "{{ test_packages }}" - '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
when: ansible_distribution != "MacOSX" - '{{ ansible_os_family }}.yml'
- 'default.yml'
paths: '../vars'
- name: Install a gem - name: Install dependencies for test
gem: package:
name: gist name: "{{ item }}"
state: present state: present
register: install_gem_result loop: "{{ test_packages }}"
ignore_errors: yes when: ansible_distribution != "MacOSX"
# when running as root on Fedora, '--install-dir' is set in the os defaults which is - name: Install a gem
# incompatible with '--user-install', we ignore this error for this case only
- name: fail if failed to install gem
fail:
msg: "failed to install gem: {{ install_gem_result.msg }}"
when:
- install_gem_result is failed
- not (ansible_user_uid == 0 and "User --install-dir or --user-install but not both" not in install_gem_result.msg)
- block:
- name: List gems
command: gem list
register: current_gems
- name: Ensure gem was installed
assert:
that:
- install_gem_result is changed
- current_gems.stdout is search('gist\s+\([0-9.]+\)')
- name: Remove a gem
gem: gem:
name: gist name: gist
state: absent state: present
register: remove_gem_results register: install_gem_result
ignore_errors: yes
- name: List gems # when running as root on Fedora, '--install-dir' is set in the os defaults which is
command: gem list # incompatible with '--user-install', we ignore this error for this case only
register: current_gems - name: fail if failed to install gem
fail:
msg: "failed to install gem: {{ install_gem_result.msg }}"
when:
- install_gem_result is failed
- not (ansible_user_uid == 0 and "User --install-dir or --user-install but not both" not in install_gem_result.msg)
- name: Verify gem is not installed - block:
- name: List gems
command: gem list
register: current_gems
- name: Ensure gem was installed
assert:
that:
- install_gem_result is changed
- current_gems.stdout is search('gist\s+\([0-9.]+\)')
- name: Remove a gem
gem:
name: gist
state: absent
register: remove_gem_results
- name: List gems
command: gem list
register: current_gems
- name: Verify gem is not installed
assert:
that:
- remove_gem_results is changed
- current_gems.stdout is not search('gist\s+\([0-9.]+\)')
when: not install_gem_result is failed
# install gem in --no-user-install
- block:
- name: Install a gem with --no-user-install
gem:
name: gist
state: present
user_install: no
register: install_gem_result
- name: List gems
command: gem list
register: current_gems
- name: Ensure gem was installed
assert:
that:
- install_gem_result is changed
- current_gems.stdout is search('gist\s+\([0-9.]+\)')
- name: Remove a gem
gem:
name: gist
state: absent
register: remove_gem_results
- name: List gems
command: gem list
register: current_gems
- name: Verify gem is not installed
assert:
that:
- remove_gem_results is changed
- current_gems.stdout is not search('gist\s+\([0-9.]+\)')
when: ansible_user_uid == 0
# Check cutom gem directory
- name: Install gem in a custom directory with incorrect options
gem:
name: gist
state: present
install_dir: "{{ remote_tmp_dir }}/gems"
ignore_errors: yes
register: install_gem_fail_result
- debug:
var: install_gem_fail_result
tags: debug
- name: Ensure previous task failed
assert: assert:
that: that:
- remove_gem_results is changed - install_gem_fail_result is failed
- current_gems.stdout is not search('gist\s+\([0-9.]+\)') - install_gem_fail_result.msg == 'install_dir requires user_install=false'
when: not install_gem_result is failed
# install gem in --no-user-install - name: Install a gem in a custom directory
- block:
- name: Install a gem with --no-user-install
gem: gem:
name: gist name: gist
state: present state: present
user_install: no user_install: no
install_dir: "{{ remote_tmp_dir }}/gems"
register: install_gem_result register: install_gem_result
- name: List gems - name: Find gems in custom directory
command: gem list find:
register: current_gems paths: "{{ remote_tmp_dir }}/gems/gems"
file_type: directory
contains: gist
register: gem_search
- name: Ensure gem was installed - name: Ensure gem was installed in custom directory
assert: assert:
that: that:
- install_gem_result is changed - install_gem_result is changed
- current_gems.stdout is search('gist\s+\([0-9.]+\)') - gem_search.files[0].path is search('gist-[0-9.]+')
ignore_errors: yes
- name: Remove a gem - name: Remove a gem in a custom directory
gem: gem:
name: gist name: gist
state: absent state: absent
register: remove_gem_results user_install: no
install_dir: "{{ remote_tmp_dir }}/gems"
register: install_gem_result
- name: List gems - name: Find gems in custom directory
command: gem list find:
register: current_gems paths: "{{ remote_tmp_dir }}/gems/gems"
file_type: directory
contains: gist
register: gem_search
- name: Verify gem is not installed - name: Ensure gem was removed in custom directory
assert: assert:
that: that:
- remove_gem_results is changed - install_gem_result is changed
- current_gems.stdout is not search('gist\s+\([0-9.]+\)') - gem_search.files | length == 0
when: ansible_user_uid == 0
# Check cutom gem directory # Custom directory for executables (--bindir)
- name: Install gem in a custom directory with incorrect options - name: Install gem with custom bindir
gem: gem:
name: gist name: gist
state: present state: present
install_dir: "{{ remote_tmp_dir }}/gems" bindir: "{{ remote_tmp_dir }}/custom_bindir"
ignore_errors: yes norc: yes
register: install_gem_fail_result user_install: no # Avoid conflicts between --install-dir and --user-install when running as root on CentOS / Fedora / RHEL
register: install_gem_result
- debug: - name: Get stats of gem executable
var: install_gem_fail_result stat:
tags: debug path: "{{ remote_tmp_dir }}/custom_bindir/gist"
register: gem_bindir_stat
- name: Ensure previous task failed - name: Ensure gem executable was installed in custom directory
assert: assert:
that: that:
- install_gem_fail_result is failed - install_gem_result is changed
- install_gem_fail_result.msg == 'install_dir requires user_install=false' - gem_bindir_stat.stat.exists and gem_bindir_stat.stat.isreg
- name: Install a gem in a custom directory - name: Remove gem with custom bindir
gem: gem:
name: gist name: gist
state: present state: absent
user_install: no bindir: "{{ remote_tmp_dir }}/custom_bindir"
install_dir: "{{ remote_tmp_dir }}/gems" norc: yes
register: install_gem_result user_install: no # Avoid conflicts between --install-dir and --user-install when running as root on CentOS / Fedora / RHEL
register: install_gem_result
- name: Find gems in custom directory - name: Get stats of gem executable
find: stat:
paths: "{{ remote_tmp_dir }}/gems/gems" path: "{{ remote_tmp_dir }}/custom_bindir/gist"
file_type: directory register: gem_bindir_stat
contains: gist
register: gem_search
- name: Ensure gem was installed in custom directory - name: Ensure gem executable was removed from custom directory
assert: assert:
that: that:
- install_gem_result is changed - install_gem_result is changed
- gem_search.files[0].path is search('gist-[0-9.]+') - not gem_bindir_stat.stat.exists
ignore_errors: yes
- name: Remove a gem in a custom directory
gem:
name: gist
state: absent
user_install: no
install_dir: "{{ remote_tmp_dir }}/gems"
register: install_gem_result
- name: Find gems in custom directory
find:
paths: "{{ remote_tmp_dir }}/gems/gems"
file_type: directory
contains: gist
register: gem_search
- name: Ensure gem was removed in custom directory
assert:
that:
- install_gem_result is changed
- gem_search.files | length == 0
# Custom directory for executables (--bindir)
- name: Install gem with custom bindir
gem:
name: gist
state: present
bindir: "{{ remote_tmp_dir }}/custom_bindir"
norc: yes
user_install: no # Avoid conflicts between --install-dir and --user-install when running as root on CentOS / Fedora / RHEL
register: install_gem_result
- name: Get stats of gem executable
stat:
path: "{{ remote_tmp_dir }}/custom_bindir/gist"
register: gem_bindir_stat
- name: Ensure gem executable was installed in custom directory
assert:
that:
- install_gem_result is changed
- gem_bindir_stat.stat.exists and gem_bindir_stat.stat.isreg
- name: Remove gem with custom bindir
gem:
name: gist
state: absent
bindir: "{{ remote_tmp_dir }}/custom_bindir"
norc: yes
user_install: no # Avoid conflicts between --install-dir and --user-install when running as root on CentOS / Fedora / RHEL
register: install_gem_result
- name: Get stats of gem executable
stat:
path: "{{ remote_tmp_dir }}/custom_bindir/gist"
register: gem_bindir_stat
- name: Ensure gem executable was removed from custom directory
assert:
that:
- install_gem_result is changed
- not gem_bindir_stat.stat.exists

View file

@ -171,4 +171,6 @@
- jake_incorrect_pass_out is not changed and jake_incorrect_pass_out is failed and jake_incorrect_pass_out.msg == 'User exists but password is incorrect!' - jake_incorrect_pass_out is not changed and jake_incorrect_pass_out is failed and jake_incorrect_pass_out.msg == 'User exists but password is incorrect!'
# homectl was first introduced in systemd 245 so check version >= 245 and make sure system has systemd and homectl command # homectl was first introduced in systemd 245 so check version >= 245 and make sure system has systemd and homectl command
when: systemd_version.rc == 0 and (systemd_version.stdout | regex_search('[0-9][0-9][0-9]') | int >= 245) and homectl_version.rc == 0 when:
- systemd_version.rc == 0 and (systemd_version.stdout | regex_search('[0-9][0-9][0-9]') | int >= 245) and homectl_version.rc == 0
- ansible_distribution != 'Archlinux' # TODO!

View file

@ -0,0 +1 @@
iso_extract_7zip_package: p7zip

View file

@ -0,0 +1 @@
iso_extract_7zip_package: p7zip

View file

@ -0,0 +1 @@
iso_extract_7zip_package: p7zip-full

View file

@ -0,0 +1,2 @@
passwordstore_packages:
- pass

View file

@ -0,0 +1,2 @@
passwordstore_packages:
- pass

View file

@ -0,0 +1 @@
monitrc: "/etc/monitrc"

View file

@ -0,0 +1 @@
monitrc: "/etc/monitrc"

View file

@ -1,6 +1,9 @@
- name: Skip unsupported platforms - name: Skip unsupported platforms
meta: end_play meta: end_play
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version is not version('7', '>=') # TODO: figure out why Alpine does not work!
when: |
ansible_distribution == 'CentOS' and ansible_distribution_major_version is not version('7', '>=')
or ansible_distribution == 'Alpine'
- name: Install Nomad and test - name: Install Nomad and test
vars: vars:
@ -9,10 +12,6 @@
nomad_cmd: '{{ remote_tmp_dir }}/nomad' nomad_cmd: '{{ remote_tmp_dir }}/nomad'
block: block:
- name: register pyOpenSSL version
command: '{{ ansible_python_interpreter }} -c ''import OpenSSL; print(OpenSSL.__version__)'''
register: pyopenssl_version
- name: Install requests<2.20 (CentOS/RHEL 6) - name: Install requests<2.20 (CentOS/RHEL 6)
pip: pip:
name: requests<2.20 name: requests<2.20
@ -32,27 +31,25 @@
register: result register: result
until: result is success until: result is success
- when: pyopenssl_version.stdout is version('0.15', '>=') - name: Generate privatekey
block: community.crypto.openssl_privatekey:
- name: Generate privatekey path: '{{ remote_tmp_dir }}/privatekey.pem'
community.crypto.openssl_privatekey:
path: '{{ remote_tmp_dir }}/privatekey.pem'
- name: Generate CSR - name: Generate CSR
community.crypto.openssl_csr: community.crypto.openssl_csr:
path: '{{ remote_tmp_dir }}/csr.csr' path: '{{ remote_tmp_dir }}/csr.csr'
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem' privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
subject: subject:
commonName: localhost commonName: localhost
- name: Generate selfsigned certificate - name: Generate selfsigned certificate
register: selfsigned_certificate register: selfsigned_certificate
community.crypto.x509_certificate: community.crypto.x509_certificate:
path: '{{ remote_tmp_dir }}/cert.pem' path: '{{ remote_tmp_dir }}/cert.pem'
csr_path: '{{ remote_tmp_dir }}/csr.csr' csr_path: '{{ remote_tmp_dir }}/csr.csr'
privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem' privatekey_path: '{{ remote_tmp_dir }}/privatekey.pem'
provider: selfsigned provider: selfsigned
selfsigned_digest: sha256 selfsigned_digest: sha256
- name: Install unzip - name: Install unzip
package: package:

View file

@ -20,21 +20,24 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>. # along with Ansible. If not, see <http://www.gnu.org/licenses/>.
# ------------------------------------------------------------- # -------------------------------------------------------------
# Setup steps # Setup steps
# expand remote path - when:
- command: 'echo {{ remote_tmp_dir }}' - not (ansible_os_family == 'Alpine') # TODO
register: echo block:
- set_fact:
remote_dir: '{{ echo.stdout }}'
- include_tasks: run.yml # expand remote path
vars: - command: 'echo {{ remote_tmp_dir }}'
nodejs_version: '{{ item }}' register: echo
nodejs_path: 'node-v{{ nodejs_version }}-{{ ansible_system|lower }}-x{{ ansible_userspace_bits }}' - set_fact:
with_items: remote_dir: '{{ echo.stdout }}'
- 7.10.1 # provides npm 4.2.0 (last npm < 5 released)
- 8.0.0 # provides npm 5.0.0 - include_tasks: run.yml
- 8.2.0 # provides npm 5.3.0 (output change with this version) vars:
nodejs_version: '{{ item }}'
nodejs_path: 'node-v{{ nodejs_version }}-{{ ansible_system|lower }}-x{{ ansible_userspace_bits }}'
with_items:
- 7.10.1 # provides npm 4.2.0 (last npm < 5 released)
- 8.0.0 # provides npm 5.0.0
- 8.2.0 # provides npm 5.3.0 (output change with this version)

View file

@ -5,6 +5,13 @@ my_pass: 'md5d5e044ccd9b4b8adc89e8fed2eb0db8a'
my_pass_decrypted: '6EjMk<hcX3<5(Yp?Xi5aQ8eS`a#Ni' my_pass_decrypted: '6EjMk<hcX3<5(Yp?Xi5aQ8eS`a#Ni'
dsn: "DRIVER={PostgreSQL};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True" dsn: "DRIVER={PostgreSQL};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True"
packages: packages:
Alpine:
- psqlodbc
- unixodbc
- unixodbc-dev
- g++
Archlinux:
- unixodbc
RedHat: RedHat:
- postgresql-odbc - postgresql-odbc
- unixODBC - unixODBC

View file

@ -3,142 +3,151 @@
# and should not be used as examples of how to write Ansible roles # # and should not be used as examples of how to write Ansible roles #
#################################################################### ####################################################################
# - when:
# Test for proper failures without pyodbc - ansible_os_family != 'Archlinux' # TODO install driver from AUR: https://aur.archlinux.org/packages/psqlodbc
# block:
# Some of the docker images already have pyodbc installed on it
- include_tasks: no_pyodbc.yml
when: ansible_os_family != 'FreeBSD' and ansible_os_family != 'Suse' and ansible_os_family != 'Debian'
# #
# Get pyodbc installed # Test for proper failures without pyodbc
# #
- include_tasks: install_pyodbc.yml # Some of the docker images already have pyodbc installed on it
- include_tasks: no_pyodbc.yml
when: ansible_os_family != 'FreeBSD' and ansible_os_family != 'Suse' and ansible_os_family != 'Debian'
# #
# Test missing parameters & invalid DSN # Get pyodbc installed
# #
- include_tasks: negative_tests.yml - include_tasks: install_pyodbc.yml
# #
# Setup DSN per env # Test missing parameters & invalid DSN
# #
- name: Changing DSN for Suse - include_tasks: negative_tests.yml
set_fact:
dsn: "DRIVER={PSQL};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True"
when: ansible_os_family == 'Suse'
- name: Changing DSN for Debian #
set_fact: # Setup DSN per env
dsn: "DRIVER={PostgreSQL Unicode};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True" #
when: ansible_os_family == 'Debian' - name: Changing DSN for Suse
set_fact:
dsn: "DRIVER={PSQL};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True"
when: ansible_os_family == 'Suse' or ansible_os_family == 'Alpine'
# - name: Changing DSN for Alpine
# Name setup database set_fact:
# dsn: "DRIVER={/usr/lib/psqlodbcw.so};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True"
- name: Create a user to run the tests with when: ansible_os_family == 'Alpine'
shell: echo "CREATE USER {{ my_user }} SUPERUSER PASSWORD '{{ my_pass }}'" | psql postgres
become_user: "{{ pg_user }}"
become: True
- name: Create a table - name: Changing DSN for Debian
odbc: set_fact:
dsn: "{{ dsn }}" dsn: "DRIVER={PostgreSQL Unicode};Server=localhost;Port=5432;Database=postgres;Uid={{ my_user }};Pwd={{ my_pass_decrypted }};UseUnicode=True"
query: | when: ansible_os_family == 'Debian'
CREATE TABLE films (
code char(5) CONSTRAINT firstkey PRIMARY KEY,
title varchar(40) NOT NULL,
did integer NOT NULL,
date_prod date,
kind varchar(10),
len interval hour to minute
);
become_user: "{{ pg_user }}"
become: True
register: results
- assert: #
that: # Name setup database
- results is changed #
- name: Create a user to run the tests with
shell: echo "CREATE USER {{ my_user }} SUPERUSER PASSWORD '{{ my_pass }}'" | psql postgres
become_user: "{{ pg_user }}"
become: True
# - name: Create a table
# Insert records odbc:
# dsn: "{{ dsn }}"
- name: Insert a record without params query: |
odbc: CREATE TABLE films (
dsn: "{{ dsn }}" code char(5) CONSTRAINT firstkey PRIMARY KEY,
query: "INSERT INTO films (code, title, did, date_prod, kind, len) VALUES ('asdfg', 'My First Movie', 1, '2019-01-12', 'SyFi', '02:00')" title varchar(40) NOT NULL,
become_user: "{{ pg_user }}" did integer NOT NULL,
become: True date_prod date,
register: results kind varchar(10),
len interval hour to minute
);
become_user: "{{ pg_user }}"
become: True
register: results
- assert: - assert:
that: that:
- results is changed - results is changed
- name: Insert a record with params #
odbc: # Insert records
dsn: "{{ dsn }}" #
query: "INSERT INTO films (code, title, did, date_prod, kind, len) VALUES (?, ?, ?, ?, ?, ?)" - name: Insert a record without params
params: odbc:
- 'qwert' dsn: "{{ dsn }}"
- 'My Second Movie' query: "INSERT INTO films (code, title, did, date_prod, kind, len) VALUES ('asdfg', 'My First Movie', 1, '2019-01-12', 'SyFi', '02:00')"
- 2 become_user: "{{ pg_user }}"
- '2019-01-12' become: True
- 'Comedy' register: results
- '01:30'
become_user: "{{ pg_user }}"
become: True
register: results
- assert: - assert:
that: that:
- results is changed - results is changed
- results['row_count'] == -1
- results['results'] == []
- results['description'] == []
# - name: Insert a record with params
# Select data odbc:
# dsn: "{{ dsn }}"
- name: Perform select single row without params (do not coherse changed) query: "INSERT INTO films (code, title, did, date_prod, kind, len) VALUES (?, ?, ?, ?, ?, ?)"
odbc: params:
dsn: "{{ dsn }}" - 'qwert'
query: "SELECT * FROM films WHERE code='asdfg'" - 'My Second Movie'
register: results - 2
- '2019-01-12'
- 'Comedy'
- '01:30'
become_user: "{{ pg_user }}"
become: True
register: results
- assert: - assert:
that: that:
- results is changed - results is changed
- results is successful - results['row_count'] == -1
- results.row_count == 1 - results['results'] == []
- results['description'] == []
- name: Perform select multiple rows with params (coherse changed) #
odbc: # Select data
dsn: "{{ dsn }}" #
query: 'SELECT * FROM films WHERE code=? or code=?' - name: Perform select single row without params (do not coherse changed)
params: odbc:
- 'asdfg' dsn: "{{ dsn }}"
- 'qwert' query: "SELECT * FROM films WHERE code='asdfg'"
register: results register: results
changed_when: False
- assert: - assert:
that: that:
- results is not changed - results is changed
- results is successful - results is successful
- results.row_count == 2 - results.row_count == 1
- name: Drop the table - name: Perform select multiple rows with params (coherse changed)
odbc: odbc:
dsn: "{{ dsn }}" dsn: "{{ dsn }}"
query: "DROP TABLE films" query: 'SELECT * FROM films WHERE code=? or code=?'
register: results params:
- 'asdfg'
- 'qwert'
register: results
changed_when: False
- assert: - assert:
that: that:
- results is successful - results is not changed
- results is changed - results is successful
- results['row_count'] == -1 - results.row_count == 2
- results['results'] == []
- results['description'] == [] - name: Drop the table
odbc:
dsn: "{{ dsn }}"
query: "DROP TABLE films"
register: results
- assert:
that:
- results is successful
- results is changed
- results['row_count'] == -1
- results['results'] == []
- results['description'] == []

View file

@ -6,108 +6,113 @@
# Test code for the pids module # Test code for the pids module
# Copyright: (c) 2019, Saranya Sridharan # Copyright: (c) 2019, Saranya Sridharan
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
- name: Attempt installation of latest 'psutil' version
pip:
name: psutil
ignore_errors: true
register: psutil_latest_install
- name: Install greatest 'psutil' version which will work with all pip versions - when:
pip: - not (ansible_os_family == 'Alpine') # TODO
name: psutil < 5.7.0 block:
when: psutil_latest_install is failed
- name: "Checking the empty result" - name: Attempt installation of latest 'psutil' version
pids: pip:
name: "blahblah" name: psutil
register: emptypids ignore_errors: true
register: psutil_latest_install
- name: "Verify that the list of Process IDs (PIDs) returned is empty" - name: Install greatest 'psutil' version which will work with all pip versions
assert: pip:
that: name: psutil < 5.7.0
- emptypids is not changed when: psutil_latest_install is failed
- emptypids.pids == []
- name: "Picking a random process name" - name: "Checking the empty result"
set_fact: pids:
random_name: some-random-long-name-{{ 99999999 | random }} name: "blahblah"
register: emptypids
- name: "finding the 'sleep' binary" - name: "Verify that the list of Process IDs (PIDs) returned is empty"
command: which sleep assert:
register: find_sleep that:
- emptypids is not changed
- emptypids.pids == []
- name: "Copying 'sleep' binary" - name: "Picking a random process name"
command: cp {{ find_sleep.stdout }} {{ remote_tmp_dir }}/{{ random_name }} set_fact:
# The following does not work on macOS 11.1 (it uses shutil.copystat, and that will die with a PermissionError): random_name: some-random-long-name-{{ 99999999 | random }}
# copy:
# src: "{{ find_sleep.stdout }}"
# dest: "{{ remote_tmp_dir }}/{{ random_name }}"
# mode: "0777"
# remote_src: true
- name: Copy helper script - name: "finding the 'sleep' binary"
copy: command: which sleep
src: obtainpid.sh register: find_sleep
dest: "{{ remote_tmp_dir }}/obtainpid.sh"
- name: "Running the copy of 'sleep' binary" - name: "Copying 'sleep' binary"
command: "sh {{ remote_tmp_dir }}/obtainpid.sh '{{ remote_tmp_dir }}/{{ random_name }}' '{{ remote_tmp_dir }}/obtainpid.txt'" command: cp {{ find_sleep.stdout }} {{ remote_tmp_dir }}/{{ random_name }}
# The following does not work on macOS 11.1 (it uses shutil.copystat, and that will die with a PermissionError):
# copy:
# src: "{{ find_sleep.stdout }}"
# dest: "{{ remote_tmp_dir }}/{{ random_name }}"
# mode: "0777"
# remote_src: true
async: 100 - name: Copy helper script
poll: 0 copy:
src: obtainpid.sh
dest: "{{ remote_tmp_dir }}/obtainpid.sh"
- name: "Wait for one second to make sure that the sleep copy has actually been started" - name: "Running the copy of 'sleep' binary"
pause: command: "sh {{ remote_tmp_dir }}/obtainpid.sh '{{ remote_tmp_dir }}/{{ random_name }}' '{{ remote_tmp_dir }}/obtainpid.txt'"
seconds: 1
- name: "Checking the process IDs (PIDs) of sleep binary" async: 100
pids: poll: 0
name: "{{ random_name }}"
register: pids
- name: "Checking that exact non-substring matches are required" - name: "Wait for one second to make sure that the sleep copy has actually been started"
pids: pause:
name: "{{ random_name[0:5] }}" seconds: 1
register: exactpidmatch
- name: "Checking that patterns can be used with the pattern option" - name: "Checking the process IDs (PIDs) of sleep binary"
pids: pids:
pattern: "{{ random_name[0:5] }}" name: "{{ random_name }}"
register: pattern_pid_match register: pids
- name: "Checking that case-insensitive patterns can be used with the pattern option" - name: "Checking that exact non-substring matches are required"
pids: pids:
pattern: "{{ random_name[0:5] | upper }}" name: "{{ random_name[0:5] }}"
ignore_case: true register: exactpidmatch
register: caseinsensitive_pattern_pid_match
- name: "Checking that .* includes test pid" - name: "Checking that patterns can be used with the pattern option"
pids: pids:
pattern: .* pattern: "{{ random_name[0:5] }}"
register: match_all register: pattern_pid_match
- name: "Reading pid from the file" - name: "Checking that case-insensitive patterns can be used with the pattern option"
slurp: pids:
src: "{{ remote_tmp_dir }}/obtainpid.txt" pattern: "{{ random_name[0:5] | upper }}"
register: newpid ignore_case: true
register: caseinsensitive_pattern_pid_match
- name: "Verify that the Process IDs (PIDs) returned is not empty and also equal to the PIDs obtained in console" - name: "Checking that .* includes test pid"
assert: pids:
that: pattern: .*
- "pids.pids | join(' ') == newpid.content | b64decode | trim" register: match_all
- "pids.pids | length > 0"
- "exactpidmatch.pids == []"
- "pattern_pid_match.pids | join(' ') == newpid.content | b64decode | trim"
- "caseinsensitive_pattern_pid_match.pids | join(' ') == newpid.content | b64decode | trim"
- newpid.content | b64decode | trim | int in match_all.pids
- name: "Register output of bad input pattern" - name: "Reading pid from the file"
pids: slurp:
pattern: (unterminated src: "{{ remote_tmp_dir }}/obtainpid.txt"
register: bad_pattern_result register: newpid
ignore_errors: true
- name: "Verify that bad input pattern result is failed" - name: "Verify that the Process IDs (PIDs) returned is not empty and also equal to the PIDs obtained in console"
assert: assert:
that: that:
- bad_pattern_result is failed - "pids.pids | join(' ') == newpid.content | b64decode | trim"
- "pids.pids | length > 0"
- "exactpidmatch.pids == []"
- "pattern_pid_match.pids | join(' ') == newpid.content | b64decode | trim"
- "caseinsensitive_pattern_pid_match.pids | join(' ') == newpid.content | b64decode | trim"
- newpid.content | b64decode | trim | int in match_all.pids
- name: "Register output of bad input pattern"
pids:
pattern: (unterminated
register: bad_pattern_result
ignore_errors: true
- name: "Verify that bad input pattern result is failed"
assert:
that:
- bad_pattern_result is failed

View file

@ -3,67 +3,70 @@
# and should not be used as examples of how to write Ansible roles # # and should not be used as examples of how to write Ansible roles #
#################################################################### ####################################################################
- name: Include distribution specific variables - when:
include_vars: '{{ lookup(''first_found'', search) }}' - not (ansible_os_family == 'Alpine' and ansible_distribution_version is version('3.15', '<')) # TODO
vars:
search:
files:
- '{{ ansible_distribution | lower }}.yml'
- '{{ ansible_os_family | lower }}.yml'
- '{{ ansible_system | lower }}.yml'
- default.yml
paths:
- vars
- name: install cron package
package:
name: '{{ cron_pkg }}'
when: cron_pkg | default(false, true)
register: cron_package_installed
until: cron_package_installed is success
- when: faketime_pkg | default(false, true)
block: block:
- name: install cron and faketime packages - name: Include distribution specific variables
include_vars: '{{ lookup(''first_found'', search) }}'
vars:
search:
files:
- '{{ ansible_distribution | lower }}.yml'
- '{{ ansible_os_family | lower }}.yml'
- '{{ ansible_system | lower }}.yml'
- default.yml
paths:
- vars
- name: install cron package
package: package:
name: '{{ faketime_pkg }}' name: '{{ cron_pkg }}'
register: faketime_package_installed when: cron_pkg | default(false, true)
until: faketime_package_installed is success register: cron_package_installed
- name: Find libfaketime path until: cron_package_installed is success
shell: '{{ list_pkg_files }} {{ faketime_pkg }} | grep -F libfaketime.so.1' - when: faketime_pkg | default(false, true)
args:
warn: false
register: libfaketime_path
- when: ansible_service_mgr == 'systemd'
block: block:
- name: create directory for cron drop-in file - name: install cron and faketime packages
file: package:
path: /etc/systemd/system/{{ cron_service }}.service.d name: '{{ faketime_pkg }}'
state: directory register: faketime_package_installed
owner: root until: faketime_package_installed is success
group: root - name: Find libfaketime path
mode: '0755' shell: '{{ list_pkg_files }} {{ faketime_pkg }} | grep -F libfaketime.so.1'
- name: Use faketime with cron service args:
warn: false
register: libfaketime_path
- when: ansible_service_mgr == 'systemd'
block:
- name: create directory for cron drop-in file
file:
path: /etc/systemd/system/{{ cron_service }}.service.d
state: directory
owner: root
group: root
mode: '0755'
- name: Use faketime with cron service
copy:
content: '[Service]
Environment=LD_PRELOAD={{ libfaketime_path.stdout_lines[0].strip() }}
Environment="FAKETIME=+0y x10"
Environment=RANDOM_DELAY=0'
dest: /etc/systemd/system/{{ cron_service }}.service.d/faketime.conf
owner: root
group: root
mode: '0644'
- when: ansible_system == 'FreeBSD'
name: Use faketime with cron service
copy: copy:
content: '[Service] content: cron_env='LD_PRELOAD={{ libfaketime_path.stdout_lines[0].strip() }} FAKETIME="+0y x10"'
dest: /etc/rc.conf.d/cron
Environment=LD_PRELOAD={{ libfaketime_path.stdout_lines[0].strip() }}
Environment="FAKETIME=+0y x10"
Environment=RANDOM_DELAY=0'
dest: /etc/systemd/system/{{ cron_service }}.service.d/faketime.conf
owner: root owner: root
group: root group: wheel
mode: '0644' mode: '0644'
- when: ansible_system == 'FreeBSD' - name: enable cron service
name: Use faketime with cron service service:
copy: daemon-reload: '{{ (ansible_service_mgr == ''systemd'') | ternary(true, omit) }}'
content: cron_env='LD_PRELOAD={{ libfaketime_path.stdout_lines[0].strip() }} FAKETIME="+0y x10"' name: '{{ cron_service }}'
dest: /etc/rc.conf.d/cron state: restarted
owner: root
group: wheel
mode: '0644'
- name: enable cron service
service:
daemon-reload: '{{ (ansible_service_mgr == ''systemd'') | ternary(true, omit) }}'
name: '{{ cron_service }}'
state: restarted

View file

@ -0,0 +1,3 @@
cron_pkg: cronie
cron_service: cronie
list_pkg_files: apk info -L

View file

@ -0,0 +1,3 @@
cron_pkg: cronie
cron_service: cronie
list_pkg_files: pacman -Ql

View file

@ -4,6 +4,9 @@
#################################################################### ####################################################################
- name: Set up dummy flatpak repository remote - name: Set up dummy flatpak repository remote
when: |
ansible_distribution == 'Fedora' or
ansible_distribution == 'Ubuntu' and not ansible_distribution_major_version | int < 16
block: block:
- name: Copy repo into place - name: Copy repo into place
unarchive: unarchive:

View file

@ -0,0 +1,2 @@
---
keytool_package_name: openjdk11-jre-headless

View file

@ -0,0 +1,2 @@
---
keytool_package_name: jre11-openjdk-headless

View file

@ -5,8 +5,17 @@
#################################################################### ####################################################################
- name: Include OS-specific variables - name: Include OS-specific variables
include_vars: '{{ ansible_os_family }}.yml' include_vars: '{{ lookup("first_found", search) }}'
when: not ansible_os_family == "Darwin" vars:
search:
files:
- '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
- '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
- '{{ ansible_distribution }}.yml'
- '{{ ansible_os_family }}.yml'
- default.yml
paths:
- vars
- name: Install OpenSSL - name: Install OpenSSL
become: True become: True
@ -14,49 +23,38 @@
name: '{{ openssl_package_name }}' name: '{{ openssl_package_name }}'
when: not ansible_os_family == 'Darwin' when: not ansible_os_family == 'Darwin'
- name: Install pyOpenSSL (Python 3)
become: True
package:
name: '{{ pyopenssl_package_name_python3 }}'
when: not ansible_os_family == 'Darwin' and ansible_python_version is version('3.0', '>=')
- name: Install pyOpenSSL (Python 2)
become: True
package:
name: '{{ pyopenssl_package_name }}'
when: not ansible_os_family == 'Darwin' and ansible_python_version is version('3.0', '<')
- name: Install pyOpenSSL (Darwin)
become: True
pip:
name: pyOpenSSL
extra_args: "-c {{ remote_constraints }}"
when: ansible_os_family == 'Darwin'
- when: ansible_facts.distribution ~ ansible_facts.distribution_major_version not in ['CentOS6', 'RedHat6'] - when: ansible_facts.distribution ~ ansible_facts.distribution_major_version not in ['CentOS6', 'RedHat6']
block: block:
- name: Install cryptography (Python 3) - name: Install cryptography (Python 3)
become: true become: true
package: package:
name: '{{ cryptography_package_name_python3 }}' name: '{{ cryptography_package_name_python3 }}'
when: not ansible_os_family == 'Darwin' and ansible_python_version is version('3.0', '>=') when: not cryptography_from_pip and ansible_python_version is version('3.0', '>=')
- name: Install cryptography (Python 2) - name: Install cryptography (Python 2)
become: true become: true
package: package:
name: '{{ cryptography_package_name }}' name: '{{ cryptography_package_name }}'
when: not ansible_os_family == 'Darwin' and ansible_python_version is version('3.0', '<') when: not cryptography_from_pip and ansible_python_version is version('3.0', '<')
- name: Install cryptography (Darwin) - name: Install cryptography (pip)
become: true become: true
pip: pip:
name: cryptography>=3.3 name: cryptography>=3.3
extra_args: "-c {{ remote_constraints }}" extra_args: "-c {{ remote_constraints }}"
when: ansible_os_family == 'Darwin' when: cryptography_from_pip
- name: register pyOpenSSL version - name: Install pyOpenSSL (Python 3)
command: "{{ ansible_python.executable }} -c 'import OpenSSL; print(OpenSSL.__version__)'" become: True
register: pyopenssl_version package:
name: '{{ pyopenssl_package_name_python3 }}'
when: pyopenssl_package_name_python3 is defined and ansible_python_version is version('3.0', '>=')
- name: Install pyOpenSSL (Python 2)
become: True
package:
name: '{{ pyopenssl_package_name }}'
when: pyopenssl_package_name is defined and ansible_python_version is version('3.0', '<')
- name: register openssl version - name: register openssl version
shell: "openssl version | cut -d' ' -f2" shell: "openssl version | cut -d' ' -f2"

View file

@ -0,0 +1,6 @@
cryptography_package_name: py-cryptography
cryptography_package_name_python3: py3-cryptography
pyopenssl_package_name: py-openssl
pyopenssl_package_name_python3: py3-openssl
openssl_package_name: openssl
cryptography_from_pip: false

View file

@ -0,0 +1,6 @@
cryptography_package_name: python-cryptography
cryptography_package_name_python3: python-cryptography
pyopenssl_package_name: python-pyopenssl
pyopenssl_package_name_python3: python-pyopenssl
openssl_package_name: openssl
cryptography_from_pip: false

View file

@ -0,0 +1,4 @@
cryptography_package_name: python-cryptography
cryptography_package_name_python3: python3-cryptography
openssl_package_name: openssl
cryptography_from_pip: '{{ ansible_python_version is version("3.8", ">=") }}'

View file

@ -0,0 +1 @@
cryptography_from_pip: true

View file

@ -3,3 +3,4 @@ cryptography_package_name_python3: python3-cryptography
pyopenssl_package_name: python-openssl pyopenssl_package_name: python-openssl
pyopenssl_package_name_python3: python3-openssl pyopenssl_package_name_python3: python3-openssl
openssl_package_name: openssl openssl_package_name: openssl
cryptography_from_pip: false

View file

@ -3,3 +3,4 @@ cryptography_package_name_python3: "py{{ ansible_python.version.major }}{{ ansib
pyopenssl_package_name: py27-openssl pyopenssl_package_name: py27-openssl
pyopenssl_package_name_python3: "py{{ ansible_python.version.major }}{{ ansible_python.version.minor }}-openssl" pyopenssl_package_name_python3: "py{{ ansible_python.version.major }}{{ ansible_python.version.minor }}-openssl"
openssl_package_name: openssl openssl_package_name: openssl
cryptography_from_pip: false

View file

@ -3,3 +3,4 @@ cryptography_package_name_python3: python3-cryptography
pyopenssl_package_name: pyOpenSSL pyopenssl_package_name: pyOpenSSL
pyopenssl_package_name_python3: python3-pyOpenSSL pyopenssl_package_name_python3: python3-pyOpenSSL
openssl_package_name: openssl openssl_package_name: openssl
cryptography_from_pip: false

View file

@ -3,3 +3,4 @@ cryptography_package_name_python3: python3-cryptography
pyopenssl_package_name: python-pyOpenSSL pyopenssl_package_name: python-pyOpenSSL
pyopenssl_package_name_python3: python3-pyOpenSSL pyopenssl_package_name_python3: python3-pyOpenSSL
openssl_package_name: openssl openssl_package_name: openssl
cryptography_from_pip: false

View file

@ -20,4 +20,5 @@
cmd: | cmd: |
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-Linux-*.repo sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-Linux-*.repo
sed -i 's%#baseurl=http://mirror.centos.org/$contentdir/$releasever/%baseurl=https://vault.centos.org/8.4.2105/%g' /etc/yum.repos.d/CentOS-Linux-*.repo sed -i 's%#baseurl=http://mirror.centos.org/$contentdir/$releasever/%baseurl=https://vault.centos.org/8.4.2105/%g' /etc/yum.repos.d/CentOS-Linux-*.repo
ignore_errors: true # This fails for CentOS Stream 8
when: ansible_distribution in 'CentOS' and ansible_distribution_major_version == '8' when: ansible_distribution in 'CentOS' and ansible_distribution_major_version == '8'

View file

@ -99,6 +99,14 @@
command: /sbin/service postgresql initdb command: /sbin/service postgresql initdb
when: ansible_os_family == "RedHat" and ansible_service_mgr != "systemd" when: ansible_os_family == "RedHat" and ansible_service_mgr != "systemd"
- name: Initialize postgres (Archlinux)
command: su - postgres -c "initdb --locale en_US.UTF-8 -D '/var/lib/postgres/data'"
when: ansible_os_family == "Archlinux"
- name: Initialize postgres (Alpine)
command: su - postgres -c "initdb --locale en_US.UTF-8 -D '/var/lib/postgresql/data'"
when: ansible_os_family == "Alpine"
- name: Initialize postgres (Debian) - name: Initialize postgres (Debian)
shell: . /usr/share/postgresql-common/maintscripts-functions && set_system_locale && /usr/bin/pg_createcluster -u postgres {{ pg_ver }} main shell: . /usr/share/postgresql-common/maintscripts-functions && set_system_locale && /usr/bin/pg_createcluster -u postgres {{ pg_ver }} main
args: args:

View file

@ -0,0 +1,6 @@
postgresql_packages:
- "postgresql"
- "py3-psycopg2"
pg_hba_location: "/var/lib/postgresql/data/pg_hba.conf"
pg_dir: "/var/lib/postgresql/data"

View file

@ -0,0 +1,6 @@
postgresql_packages:
- "postgresql"
- "python-psycopg2"
pg_hba_location: "/var/lib/postgres/data/pg_hba.conf"
pg_dir: "/var/lib/postgres/data"

View file

@ -0,0 +1,8 @@
postgresql_packages:
- "postgresql"
- "postgresql-common"
- "python3-psycopg2"
pg_hba_location: "/etc/postgresql/13/main/pg_hba.conf"
pg_dir: "/var/lib/postgresql/13/main"
pg_ver: 13

View file

@ -1,5 +1,11 @@
# General # General
redis_packages: redis_packages:
Alpine:
- redis
Archlinux:
- redis
Debian:
- redis-server
Ubuntu: Ubuntu:
- redis-server - redis-server
openSUSE Leap: openSUSE Leap:
@ -12,6 +18,9 @@ redis_packages:
- redis - redis
redis_bin: redis_bin:
Alpine: /usr/bin/redis-server
Archlinux: /usr/bin/redis-server
Debian: /usr/bin/redis-server
Ubuntu: /usr/bin/redis-server Ubuntu: /usr/bin/redis-server
openSUSE Leap: /usr/sbin/redis-server openSUSE Leap: /usr/sbin/redis-server
Fedora: /usr/bin/redis-server Fedora: /usr/bin/redis-server

View file

@ -8,4 +8,4 @@
- import_tasks: setup_redis_cluster.yml - import_tasks: setup_redis_cluster.yml
when: when:
- ansible_distribution in ['CentOS', 'Fedora', 'FreeBSD', 'openSUSE Leap', 'Ubuntu'] - ansible_distribution in ['CentOS', 'Fedora', 'FreeBSD', 'openSUSE Leap', 'Ubuntu', 'Debian', 'Archlinux', 'Alpine']

View file

@ -1,44 +1,11 @@
# We run two servers listening different ports # We run two servers listening different ports
# to be able to check replication (one server for master, another for replica). # to be able to check replication (one server for master, another for replica).
- name: Install redis server apt dependencies - name: Install redis dependencies
apt: package:
name: "{{ redis_packages[ansible_distribution] }}" name: "{{ redis_packages[ansible_distribution] }}"
state: latest state: latest
policy_rc_d: 101 policy_rc_d: "{{ 101 if ansible_facts.pkg_mgr == 'apt' else omit }}"
when:
- ansible_facts.pkg_mgr == 'apt'
notify: cleanup redis
- name: Install redis server rpm dependencies
yum:
name: "{{ redis_packages[ansible_distribution] }}"
state: latest
when:
- ansible_facts.pkg_mgr == 'yum'
notify: cleanup redis
- name: Install redis rpm dependencies
dnf:
name: "{{ redis_packages[ansible_distribution] }}"
state: latest
when: ansible_facts.pkg_mgr == 'dnf'
notify: cleanup redis
- name: Install redis server zypper dependencies
zypper:
name: "{{ redis_packages[ansible_distribution] }}"
state: latest
when:
- ansible_facts.pkg_mgr == 'community.general.zypper'
notify: cleanup redis
- name: Install redis FreeBSD dependencies
community.general.pkgng:
name: "{{ redis_packages[ansible_distribution] }}"
state: latest
when:
- ansible_facts.pkg_mgr == 'community.general.pkgng'
notify: cleanup redis notify: cleanup redis
- name: Install redis module - name: Install redis module

View file

@ -0,0 +1 @@
openjdk_pkg: openjdk11-jre-headless

View file

@ -0,0 +1 @@
openjdk_pkg: jre11-openjdk-headless

View file

@ -1 +1 @@
openjdk_pkg: openjdk-8-jre-headless openjdk_pkg: openjdk-11-jre-headless

View file

@ -4,11 +4,11 @@
# and should not be used as examples of how to write Ansible roles # # and should not be used as examples of how to write Ansible roles #
#################################################################### ####################################################################
- name: Install systemd-sysv on ubuntu 18 - name: Install systemd-sysv on Ubuntu 18 and Debian
apt: apt:
name: systemd-sysv name: systemd-sysv
state: present state: present
when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version is version('18', '>=') when: (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version is version('18', '>=')) or (ansible_distribution == 'Debian')
register: systemd_sysv_install register: systemd_sysv_install
- name: Execute shutdown with custom message and delay - name: Execute shutdown with custom message and delay

View file

@ -43,6 +43,12 @@
#### timezone tests #### timezone tests
#### ####
- name: make sure diffutils are installed on ArchLinux
package:
name: diffutils
state: present
when: ansible_distribution == 'Archlinux'
- name: make sure the dbus service is started under systemd - name: make sure the dbus service is started under systemd
systemd: systemd:
name: dbus name: dbus
@ -57,7 +63,9 @@
# Skip tests on Fedora 31 and 32 because dbus fails to start unless the container is run in priveleged mode. # Skip tests on Fedora 31 and 32 because dbus fails to start unless the container is run in priveleged mode.
# Even then, it starts unreliably. This may be due to the move to cgroup v2 in Fedora 31 and 32. # Even then, it starts unreliably. This may be due to the move to cgroup v2 in Fedora 31 and 32.
# https://www.redhat.com/sysadmin/fedora-31-control-group-v2 # https://www.redhat.com/sysadmin/fedora-31-control-group-v2
when: ansible_facts.distribution ~ ansible_facts.distribution_major_version not in ['Fedora31', 'Fedora32'] when:
- ansible_facts.distribution ~ ansible_facts.distribution_major_version not in ['Fedora31', 'Fedora32']
- not (ansible_os_family == 'Alpine') # TODO
block: block:
- name: set timezone to Etc/UTC - name: set timezone to Etc/UTC
timezone: timezone:

View file

@ -30,4 +30,6 @@
yarn_version: '{{ item.yarn_version }}' yarn_version: '{{ item.yarn_version }}'
with_items: with_items:
- {node_version: 4.8.0, yarn_version: 1.6.0} # Lowest compatible nodejs version - {node_version: 4.8.0, yarn_version: 1.6.0} # Lowest compatible nodejs version
- {node_version: 8.0.0, yarn_version: 1.6.0} - {node_version: 8.0.0, yarn_version: 1.6.0}
when:
- not (ansible_os_family == 'Alpine') # TODO

View file

@ -0,0 +1,19 @@
#!/usr/bin/env bash
set -o pipefail -eux
declare -a args
IFS='/:' read -ra args <<< "$1"
image="${args[1]}"
python="${args[2]}"
if [ "${#args[@]}" -gt 3 ]; then
target="shippable/posix/group${args[3]}/"
else
target="shippable/posix/"
fi
# shellcheck disable=SC2086
ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
--docker "quay.io/ansible-community/test-image:${image}" --python "${python}"