From 82c3714bb7c1f9a9cc74866fdcaef96c61d748b1 Mon Sep 17 00:00:00 2001 From: lanefu Date: Wed, 3 Jan 2024 07:56:36 -0500 Subject: [PATCH] add molecule github actions (#95) * added molecule and ansible-lint github actions Co-authored-by: Lane Jennison Co-authored-by: Bas Meijer Co-authored-by: Michal Muransky Co-authored-by: adawalli Co-authored-by: Sebastian Gumprich Co-authored-by: John Adams Co-authored-by: jebas Co-authored-by: Michal Muransky Co-authored-by: beechesII --- .config/ansible-lint.yml | 15 +++++++ .github/workflows/ansible-lint.yml | 14 +++++++ .github/workflows/molecule.yml | 40 ++++++++++++++++++ .travis.yml | 29 ------------- .yamllint | 12 ++++++ defaults/main.yml | 8 ++-- examples/site.yml | 6 ++- meta/main.yml | 3 +- molecule/_shared/Dockerfile.j2 | 29 +++++++++++++ molecule/_shared/base.yml | 34 +++++++++++++++ molecule/_shared/converge.yml | 9 ++++ molecule/_shared/prepare.yml | 15 +++++++ molecule/_shared/verify.yml | 59 +++++++++++++++++++++++++++ molecule/centos-7/molecule.yml | 14 +++++++ molecule/centos-7/verify.yml | 1 + molecule/centos-8-stream/molecule.yml | 14 +++++++ molecule/centos-8-stream/verify.yml | 1 + molecule/centos-9-stream/molecule.yml | 14 +++++++ molecule/centos-9-stream/verify.yml | 1 + molecule/debian-10/molecule.yml | 14 +++++++ molecule/debian-10/verify.yml | 1 + molecule/debian-11/molecule.yml | 14 +++++++ molecule/debian-11/verify.yml | 1 + molecule/debian-12/molecule.yml | 14 +++++++ molecule/debian-12/verify.yml | 1 + molecule/default/.gitkeep | 0 molecule/fedora-38/molecule.yml | 14 +++++++ molecule/fedora-38/verify.yml | 1 + molecule/fedora-39/molecule.yml | 14 +++++++ molecule/fedora-39/verify.yml | 1 + molecule/oraclelinux-7/molecule.yml | 14 +++++++ molecule/oraclelinux-7/verify.yml | 1 + molecule/oraclelinux-8/molecule.yml | 14 +++++++ molecule/oraclelinux-8/verify.yml | 1 + molecule/oraclelinux-9/molecule.yml | 14 +++++++ molecule/oraclelinux-9/verify.yml | 1 + molecule/ubuntu-20.04/molecule.yml | 14 +++++++ molecule/ubuntu-20.04/verify.yml | 1 + molecule/ubuntu-22.04/molecule.yml | 14 +++++++ molecule/ubuntu-22.04/verify.yml | 1 + molecule/ubuntu-23.04/molecule.yml | 14 +++++++ molecule/ubuntu-23.04/verify.yml | 1 + requirements.yml | 4 ++ tasks/asserts.yml | 2 +- tasks/install.yml | 8 ++-- tasks/main.yml | 17 ++++---- templates/client.hcl.j2 | 2 +- templates/server.hcl.j2 | 4 +- 48 files changed, 470 insertions(+), 50 deletions(-) create mode 100644 .config/ansible-lint.yml create mode 100644 .github/workflows/ansible-lint.yml create mode 100644 .github/workflows/molecule.yml delete mode 100644 .travis.yml create mode 100644 .yamllint create mode 100644 molecule/_shared/Dockerfile.j2 create mode 100644 molecule/_shared/base.yml create mode 100644 molecule/_shared/converge.yml create mode 100644 molecule/_shared/prepare.yml create mode 100644 molecule/_shared/verify.yml create mode 100644 molecule/centos-7/molecule.yml create mode 120000 molecule/centos-7/verify.yml create mode 100644 molecule/centos-8-stream/molecule.yml create mode 120000 molecule/centos-8-stream/verify.yml create mode 100644 molecule/centos-9-stream/molecule.yml create mode 120000 molecule/centos-9-stream/verify.yml create mode 100644 molecule/debian-10/molecule.yml create mode 120000 molecule/debian-10/verify.yml create mode 100644 molecule/debian-11/molecule.yml create mode 120000 molecule/debian-11/verify.yml create mode 100644 molecule/debian-12/molecule.yml create mode 120000 molecule/debian-12/verify.yml create mode 100644 molecule/default/.gitkeep create mode 100644 molecule/fedora-38/molecule.yml create mode 120000 molecule/fedora-38/verify.yml create mode 100644 molecule/fedora-39/molecule.yml create mode 120000 molecule/fedora-39/verify.yml create mode 100644 molecule/oraclelinux-7/molecule.yml create mode 120000 molecule/oraclelinux-7/verify.yml create mode 100644 molecule/oraclelinux-8/molecule.yml create mode 120000 molecule/oraclelinux-8/verify.yml create mode 100644 molecule/oraclelinux-9/molecule.yml create mode 120000 molecule/oraclelinux-9/verify.yml create mode 100644 molecule/ubuntu-20.04/molecule.yml create mode 120000 molecule/ubuntu-20.04/verify.yml create mode 100644 molecule/ubuntu-22.04/molecule.yml create mode 120000 molecule/ubuntu-22.04/verify.yml create mode 100644 molecule/ubuntu-23.04/molecule.yml create mode 120000 molecule/ubuntu-23.04/verify.yml create mode 100644 requirements.yml diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml new file mode 100644 index 00000000..698c5d5b --- /dev/null +++ b/.config/ansible-lint.yml @@ -0,0 +1,15 @@ +--- +# .ansible-lint +exclude_paths: + - .cache/ # implicit unless exclude_paths is defined in config + - .yamllint + - molecule/ + - tests/ + - .github/ + +# install collection dependencies +offline: false + +# skip these linting stuff +skip_list: + - '106' diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml new file mode 100644 index 00000000..69075fc0 --- /dev/null +++ b/.github/workflows/ansible-lint.yml @@ -0,0 +1,14 @@ +--- +name: ansible-lint +on: + pull_request: + branches: ["main", "master", "stable", "release/v*"] +jobs: + build: + name: Ansible Lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Run ansible-lint + uses: ansible/ansible-lint@v6.22.1 diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml new file mode 100644 index 00000000..dda9f851 --- /dev/null +++ b/.github/workflows/molecule.yml @@ -0,0 +1,40 @@ +--- +name: molecule +on: + pull_request: + branches: ["main", "master", "stable", "release/v*"] + +jobs: + build: + runs-on: ubuntu-latest + strategy: + fail-fast: false + max-parallel: 4 + matrix: + scenario: + - centos-7 + - centos-8-stream + - centos-9-stream + - debian-10 + - debian-11 + - debian-12 + - fedora-38 + - fedora-39 + # - oraclelinux-7 + - oraclelinux-8 + - oraclelinux-9 + - ubuntu-20.04 + - ubuntu-22.04 + - ubuntu-23.04 + + steps: + - uses: actions/checkout@v2 + with: + path: "${{ github.repository }}" + + - name: Molecule + uses: gofrolist/molecule-action@v2 + with: + molecule_working_dir: "${{ github.repository }}" + molecule_options: --base-config molecule/_shared/base.yml + molecule_args: --scenario-name ${{ matrix.scenario }} diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 054d7f83..00000000 --- a/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -language: python -python: "2.7" - -# Use the new container infrastructure -sudo: false - -# Install ansible -addons: - apt: - packages: - - python-pip - -install: - # Install ansible - - pip install ansible - - # Check ansible version - - ansible --version - - # Create ansible.cfg with correct roles_path - # - printf '[defaults]\nroles_path=../' > ansible.cfg - -script: - # Basic role syntax check - - ANSIBLE_ROLES_PATH=.. ansible-playbook -i tests/inventory tests/test.yml --syntax-check - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/.yamllint b/.yamllint new file mode 100644 index 00000000..3c4221d4 --- /dev/null +++ b/.yamllint @@ -0,0 +1,12 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable + document-start: disable diff --git a/defaults/main.yml b/defaults/main.yml index 94de4e5f..5e052c0c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,16 +11,18 @@ os_supported_matrix: RedHat: min_version: '6' CentOS: - min_version: '6' + min_version: '7' Fedora: min_version: '' Amazon: min_version: '' # Debian based + OracleLinux: + min_version: '8' Debian: - min_version: '8.2' + min_version: '10' Ubuntu: - min_version: '13.04' + min_version: '20.04' VMware Photon OS: min_version: '4' diff --git a/examples/site.yml b/examples/site.yml index 8dada183..475bf5a1 100644 --- a/examples/site.yml +++ b/examples/site.yml @@ -5,9 +5,11 @@ hosts: nomad_instances become: yes become_user: root - roles: - - { role: brianshumate.nomad } tasks: + - name: nomad role + include_role: + name: ansible-community.nomad + - name: Start nomad service: name=nomad state=started enabled=yes diff --git a/meta/main.yml b/meta/main.yml index e517b782..a320cfdc 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -5,7 +5,8 @@ galaxy_info: company: Brian Shumate license: BSD min_ansible_version: 2.5 - + role_name: ansible_nomad + namespace: brianshumate platforms: - name: Archlinux versions: diff --git a/molecule/_shared/Dockerfile.j2 b/molecule/_shared/Dockerfile.j2 new file mode 100644 index 00000000..7be7211b --- /dev/null +++ b/molecule/_shared/Dockerfile.j2 @@ -0,0 +1,29 @@ +# Molecule managed + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +{% if item.env is defined %} +{% for var, value in item.env.items() %} +{% if value %} +ENV {{ var }} {{ value }} +{% endif %} +{% endfor %} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then \ + if grep -q "Debian GNU/Linux 10" /etc/os-release; then \ + apt-get update && apt-get install -y systemd python sudo bash ca-certificates iproute2 python-apt-common && apt-get clean; \ + elif grep -q "Debian GNU/Linux 11" /etc/os-release; then \ + apt-get update && apt-get install -y systemd python sudo bash ca-certificates iproute2 python-apt-common && apt-get clean; \ + else \ + apt-get update && apt-get install -y systemd python3 sudo bash ca-certificates iproute2 python3-apt && apt-get clean; \ + fi \ + elif [ $(command -v dnf) ]; then \ + dnf makecache && dnf --assumeyes install systemd python3 sudo bash iproute && dnf clean all; \ + elif [ $(command -v yum) ]; then \ + yum makecache fast && yum install -y systemd python sudo yum-plugin-ovl bash iproute && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + fi diff --git a/molecule/_shared/base.yml b/molecule/_shared/base.yml new file mode 100644 index 00000000..2bd58876 --- /dev/null +++ b/molecule/_shared/base.yml @@ -0,0 +1,34 @@ +--- +scenario: + test_sequence: + - dependency + - syntax + - create + - prepare + - converge + - verify + - destroy +dependency: + name: galaxy +driver: + name: docker +provisioner: + name: ansible + config_options: + defaults: + deprecation_warnings: false + callback_whitelist: timer,profile_tasks + fact_caching: jsonfile + fact_caching_connection: ./cache + forks: 100 + connection: + pipelining: true + playbooks: + prepare: ../_shared/prepare.yml + converge: ../_shared/converge.yml + inventory: + group_vars: + nomad_instances: + nomad_node_role: both +verifier: + name: ansible diff --git a/molecule/_shared/converge.yml b/molecule/_shared/converge.yml new file mode 100644 index 00000000..70522b45 --- /dev/null +++ b/molecule/_shared/converge.yml @@ -0,0 +1,9 @@ +--- +- name: Converge + hosts: all + roles: + - role: ansible-nomad + + vars: + # TODO: Probably we need to install syslog-ng/rsyslog first + nomad_syslog_enable: False diff --git a/molecule/_shared/prepare.yml b/molecule/_shared/prepare.yml new file mode 100644 index 00000000..4030dc86 --- /dev/null +++ b/molecule/_shared/prepare.yml @@ -0,0 +1,15 @@ +--- +- name: Prepare + hosts: localhost + connection: local + + tasks: + - name: Install OS packages + package: + name: unzip + become: true + + - name: Install netaddr dependency on controlling host + pip: + name: netaddr + become: false diff --git a/molecule/_shared/verify.yml b/molecule/_shared/verify.yml new file mode 100644 index 00000000..9b25bf12 --- /dev/null +++ b/molecule/_shared/verify.yml @@ -0,0 +1,59 @@ +--- +- name: Verify + hosts: all + tasks: + + - name: Verify that /etc/nomad.d/base.hcl exists + ansible.builtin.file: + path: /etc/nomad.d/base.hcl + state: file + register: result_nomad_base_hcl + + - name: Validate that /etc/nomad.d/base.hcl exists + ansible.builtin.assert: + that: + - result_nomad_base_hcl.state == 'file' + - result_nomad_base_hcl.owner == 'root' + - result_nomad_base_hcl.group == 'root' + - result_nomad_base_hcl.mode == '0644' + + - name: Verify that /etc/nomad.d/client.hcl exists + ansible.builtin.file: + path: /etc/nomad.d/client.hcl + state: file + register: result_nomad_client_hcl + + - name: Validate that /etc/nomad.d/client.hcl exists + ansible.builtin.assert: + that: + - result_nomad_client_hcl.state == 'file' + - result_nomad_client_hcl.owner == 'root' + - result_nomad_client_hcl.group == 'root' + - result_nomad_client_hcl.mode == '0644' + + - name: Verify that /etc/nomad.d/server.hcl exists + ansible.builtin.file: + path: /etc/nomad.d/server.hcl + state: file + register: result_nomad_server_hcl + + - name: Validate that /etc/nomad.d/server.hcl exists + ansible.builtin.assert: + that: + - result_nomad_server_hcl.state == 'file' + - result_nomad_server_hcl.owner == 'root' + - result_nomad_server_hcl.group == 'root' + - result_nomad_server_hcl.mode == '0644' + + - name: Verify that serivce nomad is running + ansible.builtin.service: + name: nomad + state: started + register: result_nomad_service + + - name: Validate that serivce nomad is running + ansible.builtin.assert: + that: + - result_nomad_service.state == 'started' + - result_nomad_service.changed == false + - result_nomad_service.name == 'nomad' diff --git a/molecule/centos-7/molecule.yml b/molecule/centos-7/molecule.yml new file mode 100644 index 00000000..6dc68abf --- /dev/null +++ b/molecule/centos-7/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: centos-7 + groups: + - nomad_instances + image: dokken/centos-7 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/centos-7/verify.yml b/molecule/centos-7/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/centos-7/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/centos-8-stream/molecule.yml b/molecule/centos-8-stream/molecule.yml new file mode 100644 index 00000000..fa0baee6 --- /dev/null +++ b/molecule/centos-8-stream/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: centos-stream-8 + groups: + - nomad_instances + image: dokken/centos-stream-8 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/centos-8-stream/verify.yml b/molecule/centos-8-stream/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/centos-8-stream/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/centos-9-stream/molecule.yml b/molecule/centos-9-stream/molecule.yml new file mode 100644 index 00000000..8e218034 --- /dev/null +++ b/molecule/centos-9-stream/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: centos-stream-9 + groups: + - nomad_instances + image: dokken/centos-stream-9 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/centos-9-stream/verify.yml b/molecule/centos-9-stream/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/centos-9-stream/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/debian-10/molecule.yml b/molecule/debian-10/molecule.yml new file mode 100644 index 00000000..63ef5d49 --- /dev/null +++ b/molecule/debian-10/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: debian-10 + groups: + - nomad_instances + image: dokken/debian-10 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /bin/systemd diff --git a/molecule/debian-10/verify.yml b/molecule/debian-10/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/debian-10/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/debian-11/molecule.yml b/molecule/debian-11/molecule.yml new file mode 100644 index 00000000..d2080729 --- /dev/null +++ b/molecule/debian-11/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: debian-11 + groups: + - nomad_instances + image: dokken/debian-11 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /bin/systemd diff --git a/molecule/debian-11/verify.yml b/molecule/debian-11/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/debian-11/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/debian-12/molecule.yml b/molecule/debian-12/molecule.yml new file mode 100644 index 00000000..d6537b13 --- /dev/null +++ b/molecule/debian-12/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: debian-12 + groups: + - nomad_instances + image: dokken/debian-12 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /bin/systemd diff --git a/molecule/debian-12/verify.yml b/molecule/debian-12/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/debian-12/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/default/.gitkeep b/molecule/default/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/molecule/fedora-38/molecule.yml b/molecule/fedora-38/molecule.yml new file mode 100644 index 00000000..d75b1dfc --- /dev/null +++ b/molecule/fedora-38/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: fedora-38 + groups: + - nomad_instances + image: dokken/fedora-38 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/fedora-38/verify.yml b/molecule/fedora-38/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/fedora-38/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/fedora-39/molecule.yml b/molecule/fedora-39/molecule.yml new file mode 100644 index 00000000..9d504504 --- /dev/null +++ b/molecule/fedora-39/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: fedora-39 + groups: + - nomad_instances + image: dokken/fedora-39 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/fedora-39/verify.yml b/molecule/fedora-39/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/fedora-39/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/oraclelinux-7/molecule.yml b/molecule/oraclelinux-7/molecule.yml new file mode 100644 index 00000000..32fe86ec --- /dev/null +++ b/molecule/oraclelinux-7/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: oraclelinux-7 + groups: + - nomad_instances + image: dokken/oraclelinux-7 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/oraclelinux-7/verify.yml b/molecule/oraclelinux-7/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/oraclelinux-7/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/oraclelinux-8/molecule.yml b/molecule/oraclelinux-8/molecule.yml new file mode 100644 index 00000000..86b9b3f6 --- /dev/null +++ b/molecule/oraclelinux-8/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: oraclelinux-8 + groups: + - nomad_instances + image: dokken/oraclelinux-8 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/oraclelinux-8/verify.yml b/molecule/oraclelinux-8/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/oraclelinux-8/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/oraclelinux-9/molecule.yml b/molecule/oraclelinux-9/molecule.yml new file mode 100644 index 00000000..7dc858d4 --- /dev/null +++ b/molecule/oraclelinux-9/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: oraclelinux-9 + groups: + - nomad_instances + image: dokken/oraclelinux-9 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /usr/lib/systemd/systemd diff --git a/molecule/oraclelinux-9/verify.yml b/molecule/oraclelinux-9/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/oraclelinux-9/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/ubuntu-20.04/molecule.yml b/molecule/ubuntu-20.04/molecule.yml new file mode 100644 index 00000000..a8b91384 --- /dev/null +++ b/molecule/ubuntu-20.04/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: ubuntu-22.04 + groups: + - nomad_instances + image: dokken/ubuntu-22.04 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /bin/systemd diff --git a/molecule/ubuntu-20.04/verify.yml b/molecule/ubuntu-20.04/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/ubuntu-20.04/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/ubuntu-22.04/molecule.yml b/molecule/ubuntu-22.04/molecule.yml new file mode 100644 index 00000000..a8b91384 --- /dev/null +++ b/molecule/ubuntu-22.04/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: ubuntu-22.04 + groups: + - nomad_instances + image: dokken/ubuntu-22.04 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /bin/systemd diff --git a/molecule/ubuntu-22.04/verify.yml b/molecule/ubuntu-22.04/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/ubuntu-22.04/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/molecule/ubuntu-23.04/molecule.yml b/molecule/ubuntu-23.04/molecule.yml new file mode 100644 index 00000000..ec4ddc60 --- /dev/null +++ b/molecule/ubuntu-23.04/molecule.yml @@ -0,0 +1,14 @@ +--- +platforms: + - name: ubuntu-23.04 + groups: + - nomad_instances + image: dokken/ubuntu-23.04 + dockerfile: ../_shared/Dockerfile.j2 + capabilities: + - SYS_ADMIN + cgroupns_mode: host + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + privileged: true + command: /bin/systemd diff --git a/molecule/ubuntu-23.04/verify.yml b/molecule/ubuntu-23.04/verify.yml new file mode 120000 index 00000000..420d51df --- /dev/null +++ b/molecule/ubuntu-23.04/verify.yml @@ -0,0 +1 @@ +../_shared/verify.yml \ No newline at end of file diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 00000000..342a3ea1 --- /dev/null +++ b/requirements.yml @@ -0,0 +1,4 @@ +--- +collections: + - name: ansible.utils + version: '2.9.0' diff --git a/tasks/asserts.yml b/tasks/asserts.yml index 8e15e161..cec71259 100644 --- a/tasks/asserts.yml +++ b/tasks/asserts.yml @@ -31,7 +31,7 @@ quiet: yes fail_msg: "{{ ansible_distribution_version }} is not supported for this role" that: - - ansible_distribution_version is version('{{ version_to_compare }}', '>') + - ansible_distribution_version is version(version_to_compare, '>') when: - version_to_compare is defined - version_to_compare | length > 0 diff --git a/tasks/install.yml b/tasks/install.yml index 2424fef9..a6642ab8 100644 --- a/tasks/install.yml +++ b/tasks/install.yml @@ -1,5 +1,5 @@ --- -# File: install.yml - package installation tasks for Nomad +# File: install.yml - package installation tasks for Nomad # noqa 106 - name: Install OS packages package: @@ -28,16 +28,17 @@ get_url: url: "{{ nomad_checksum_file_url }}" dest: "{{ role_path }}/files/nomad_{{ nomad_version }}_SHA256SUMS" + mode: '0644' become: false run_once: true tags: installation when: not nomad_checksum.stat.exists delegate_to: 127.0.0.1 -- name: Get Nomad package checksum +- name: Get Nomad package checksum # noqa 301 shell: | set -o pipefail - grep "{{ nomad_pkg }}" "{{ role_path }}/files/nomad_{{ nomad_version }}_SHA256SUMS" | awk '{print $1}' + grep "{{ nomad_pkg }}" "{{ role_path }}/files/nomad_{{ nomad_version }}_SHA256SUMS" | awk '{print $1}' args: executable: /bin/bash become: false @@ -58,6 +59,7 @@ dest: "{{ role_path }}/files/{{ nomad_pkg }}" checksum: "sha256:{{ nomad_sha256.stdout }}" timeout: "42" + mode: '0644' become: false tags: installation delegate_to: 127.0.0.1 diff --git a/tasks/main.yml b/tasks/main.yml index 836b36db..96240a48 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,7 +2,7 @@ # File: main.yml - Main tasks for Nomad - name: Include checks/asserts - include: asserts.yml + ansible.builtin.include_tasks: asserts.yml - name: Include OS variables include_vars: "{{ ansible_os_family }}.yml" @@ -25,17 +25,17 @@ nomad_node_role: "{{ nomad_node_role }}" - name: Include user and group settings - include: user_group.yml + ansible.builtin.include_tasks: user_group.yml - name: Include Docker tasks - include: docker.yml + ansible.builtin.include_tasks: docker.yml when: nomad_docker_enable | bool - name: Install OS packages - include: install.yml + ansible.builtin.include_tasks: install.yml - name: Disable SELinux (RHEL) - include: selinux.yml + ansible.builtin.include_tasks: selinux.yml when: ansible_os_family == "RedHat" - name: Create directories @@ -44,16 +44,17 @@ state: directory owner: "{{ nomad_user }}" group: "{{ nomad_group }}" + mode: "0755" with_items: - "{{ nomad_data_dir }}" - "{{ nomad_plugin_dir }}" - name: Install Podman plugin - include: install_podman.yml + ansible.builtin.include_tasks: install_podman.yml when: nomad_podman_enable | bool - name: Install CNI plugin - include: cni.yml + ansible.builtin.include_tasks: cni.yml when: nomad_cni_enable | bool - name: Create config directory @@ -152,7 +153,7 @@ - restart nomad - name: Host volume - include: host_volume.yml + ansible.builtin.include_tasks: host_volume.yml - name: SYSV init script template: diff --git a/templates/client.hcl.j2 b/templates/client.hcl.j2 index 1ed454d8..d5c9e71e 100644 --- a/templates/client.hcl.j2 +++ b/templates/client.hcl.j2 @@ -8,7 +8,7 @@ client { servers = [ {%- set comma = joiner(",") -%} {%- for server in nomad_servers -%} - {{ comma() }}"{{ hostvars[server]['nomad_advertise_address'] | ipwrap }}:{{ nomad_ports.rpc }}" + {{ comma() }}"{{ hostvars[server]['nomad_advertise_address'] | ansible.utils.ipwrap }}:{{ nomad_ports.rpc }}" {%- endfor -%} ] {% endif %} diff --git a/templates/server.hcl.j2 b/templates/server.hcl.j2 index bb5418f7..5ddb94d5 100644 --- a/templates/server.hcl.j2 +++ b/templates/server.hcl.j2 @@ -14,7 +14,7 @@ authoritative_region = "{{ nomad_authoritative_region }}" retry_join = [ {%- set comma = joiner(",") -%} {% for server in nomad_servers -%} - {{ comma() }}"{{ hostvars[server]['nomad_advertise_address'] | ipwrap }}" + {{ comma() }}"{{ hostvars[server]['nomad_advertise_address'] | ansible.utils.ipwrap }}" {%- endfor -%} ] retry_max = {{ nomad_retry_max }} retry_interval = "{{ nomad_retry_interval }}" @@ -22,7 +22,7 @@ authoritative_region = "{{ nomad_authoritative_region }}" start_join = [ {%- set comma = joiner(",") -%} {% for server in nomad_servers -%} - {{ comma() }}"{{ hostvars[server]['nomad_advertise_address'] | ipwrap }}" + {{ comma() }}"{{ hostvars[server]['nomad_advertise_address'] | ansible.utils.ipwrap }}" {%- endfor -%} ] {%- endif %} {% endif %}