diff --git a/.drone.jsonnet b/.drone.jsonnet deleted file mode 100644 index 59873e9..0000000 --- a/.drone.jsonnet +++ /dev/null @@ -1,148 +0,0 @@ -// Distros to Test on ;) -local distros = ['centos7', - 'rockylinux8', - 'debian10', - 'debian11']; - -/* Configuration of DIND */ -local docker_service() = - { - name: 'docker', - image: 'docker:dind', - privileged: true, - volumes: [{ name: 'dockersock', path: '/var/run' },], - }; - -local email_notification() = - { - name: 'notify by email', - image: 'drillster/drone-email', - settings: - { host: - { from_secret: 'EMAIL_HOST' }, - username: - { from_secret: 'EMAIL_USER' }, - password: - { from_secret: 'EMAIL_PASS' }, - from: 'drone@guise.net.nz' - } - }; - -local test_distro(distribution) = - { - name: 'Molecule test on %(distribution)s' % { distribution: distribution }, - volumes: [{ name: 'dockersock', path: '/var/run' },], - pull: true, - image: 'guisea/ansible-molecule:alpine-latest', - commands: [ - 'sleep 10', // give docker enough time to start - 'mkdir ${DRONE_REPO_NAME}', - 'rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}', - 'cd ${DRONE_REPO_NAME}', - 'molecule test' - ], - environment: - { MOLECULE_DISTRO: '%(distribution)s' % { distribution: distribution } - }, - }; - -local gen_pipeline(distro) = - {kind: 'pipeline', - type: 'docker', - name: 'Test on %(distro)s' % { distro: distro }, - steps: - [test_distro(distro)], - services: - [docker_service()], - volumes: - [{ - name: 'dockersock', - temp: {}, - },], - trigger: - { event: {exclude: ['tag'],},}, - when: - { event: {exclude: ['tag']}, - }, - }; - -local gen_release() = - {kind: 'pipeline', - type: 'docker', - image: 'guisea/ansible-molecule:alpine-latest', - name: 'Generate Release', - environment: - { USER: { from_secret: 'GITEA_USER' }, - TOKEN: { from_secret: 'GITEA_TOKEN' }, - REPOUSER: { from_secret: 'GITEA_REPOUSER'}, - URL: { from_secret: 'GITEA_URL' }, - }, - commands: [ - 'sleep 10', // give docker enough time to start - 'env', - 'mkdir ${DRONE_REPO_NAME}', - 'rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}', - 'cd ${DRONE_REPO_NAME}', - 'echo GITEA_USER=$USER', - 'apk update && apk add --no-cache curl', - 'tar -czf ../${DRONE_REPO_NAME}.${DRONE_TAG}.tar.gz ./*', // Create an archive of the role - 'curl --user $USER:$TOKEN --upload-file ../${DRONE_REPO_NAME}.${DRONE_TAG}.tar.gz https://$URL/api/packages/$REPOUSER/generic/ansible-role-common/${DRONE_TAG}/${DRONE_REPO_NAME}.${DRONE_TAG}.tar.gz', - ], - - when: - { event: {include: ['tag']}, - }, - trigger: - { event: {include: ['tag'],},}, - }; - -local gen_pipeline_release() = - {kind: 'pipeline', - type: 'docker', - name: 'Generate release from tag', - steps: - [gen_release()], - when: - { event: {include: ['tag']}, - }, - trigger: - { event: {include: ['tag'],},}, - }; - -// Generate the output -[ - gen_pipeline('centos7'), - gen_pipeline('rockylinux8'), - gen_pipeline('debian10'), - gen_pipeline('debian11'), - {kind: 'pipeline', - type: 'docker', - name: 'Notify normal', - clone: {disable: true}, - steps: [email_notification()], - trigger: - { event: {exclude: ['tag'],},}, - when: - { status: [ 'success', 'failure' ] , - event: {exclude: ['tag']}, - }, - depends_on: - ['Test on %(distro)s' % { distro: distro } - for distro in distros] - }, - gen_pipeline_release(), - {kind: 'pipeline', - type: 'docker', - clone: {disable: true}, - name: 'Notify Tagged release', - steps: [email_notification()], - trigger: - { event: {include: ['tag'],},}, - when: - { status: [ 'success', 'failure' ] , - event: {include: ['tag']}, - }, - depends_on: - ['Generate release from tag'] - }, -] \ No newline at end of file diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index cba7e43..0000000 --- a/.drone.yml +++ /dev/null @@ -1,210 +0,0 @@ ---- -kind: pipeline -name: runners -steps: -- commands: - - cd terraform - - terraform init - - terraform plan -out /data/runners.plan - - terraform apply /data/runners.plan - environment: - TF_VAR_linode_api_token: - from_secret: linode_api_token - TF_VAR_root_pass: - from_secret: root_pass - TF_VAR_ssh_pubkey: - from_secret: TF_VAR_ssh_pubkey - image: hashicorp/terraform:1.1.7 - name: Provision with terraform - volumes: - - name: terraform-data - path: /data -type: docker -volumes: -- host: - path: /mnt/nfs/swarm/runners - name: terraform-data ---- -depends_on: -- runners -kind: pipeline -name: Test on centos7 -node: - linodrone: "true" -services: -- image: docker:dind - name: docker - privileged: true - volumes: - - name: dockersock - path: /var/run -steps: -- commands: - - sleep 10 - - mkdir ${DRONE_REPO_NAME} - - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME} - - cd ${DRONE_REPO_NAME} - - molecule test - environment: - MOLECULE_DISTRO: centos7 - image: guisea/ansible-molecule:latest - name: Molecule test on centos7 - volumes: - - name: dockersock - path: /var/run -type: docker -volumes: -- name: dockersock - temp: {} ---- -depends_on: -- runners -kind: pipeline -name: Test on centos8 -node: - linodrone: "true" -services: -- image: docker:dind - name: docker - privileged: true - volumes: - - name: dockersock - path: /var/run -steps: -- commands: - - sleep 10 - - mkdir ${DRONE_REPO_NAME} - - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME} - - cd ${DRONE_REPO_NAME} - - molecule test - environment: - MOLECULE_DISTRO: centos8 - image: guisea/ansible-molecule:latest - name: Molecule test on centos8 - volumes: - - name: dockersock - path: /var/run -type: docker -volumes: -- name: dockersock - temp: {} ---- -depends_on: -- runners -kind: pipeline -name: Test on rockylinux8 -node: - linodrone: "true" -services: -- image: docker:dind - name: docker - privileged: true - volumes: - - name: dockersock - path: /var/run -steps: -- commands: - - sleep 10 - - mkdir ${DRONE_REPO_NAME} - - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME} - - cd ${DRONE_REPO_NAME} - - molecule test - environment: - MOLECULE_DISTRO: rockylinux8 - image: guisea/ansible-molecule:latest - name: Molecule test on rockylinux8 - volumes: - - name: dockersock - path: /var/run -type: docker -volumes: -- name: dockersock - temp: {} ---- -depends_on: -- runners -kind: pipeline -name: Test on debian10 -node: - linodrone: "true" -services: -- image: docker:dind - name: docker - privileged: true - volumes: - - name: dockersock - path: /var/run -steps: -- commands: - - sleep 10 - - mkdir ${DRONE_REPO_NAME} - - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME} - - cd ${DRONE_REPO_NAME} - - molecule test - environment: - MOLECULE_DISTRO: debian10 - image: guisea/ansible-molecule:latest - name: Molecule test on debian10 - volumes: - - name: dockersock - path: /var/run -type: docker -volumes: -- name: dockersock - temp: {} ---- -depends_on: -- runners -kind: pipeline -name: Test on debian11 -node: - linodrone: "true" -services: -- image: docker:dind - name: docker - privileged: true - volumes: - - name: dockersock - path: /var/run -steps: -- commands: - - sleep 10 - - mkdir ${DRONE_REPO_NAME} - - rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME} - - cd ${DRONE_REPO_NAME} - - molecule test - environment: - MOLECULE_DISTRO: debian11 - image: guisea/ansible-molecule:latest - name: Molecule test on debian11 - volumes: - - name: dockersock - path: /var/run -type: docker -volumes: -- name: dockersock - temp: {} ---- -depends_on: -- Test on centos7 -- Test on centos8 -- Test on rockylinux8 -- Test on debian10 -- Test on debian11 -kind: pipeline -name: Notify -steps: -- image: drillster/drone-email - name: notify by email - settings: - from: drone@guise.net.nz - host: mail.guise.net.nz - password: - from_secret: EMAIL_PASS - username: - from_secret: EMAIL_USER -type: docker -when: - status: - - success - - failure \ No newline at end of file diff --git a/.yamllint b/.yamllint index 8827676..75c8a1f 100644 --- a/.yamllint +++ b/.yamllint @@ -26,8 +26,8 @@ rules: indentation: disable key-duplicates: enable line-length: disable - new-line-at-end-of-file: disable + new-line-at-end-of-file: enable new-lines: type: unix - trailing-spaces: disable + trailing-spaces: enable truthy: disable diff --git a/defaults/main.yml b/defaults/main.yml index a01da50..49e640a 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -24,15 +24,15 @@ common_packages: - bind-utils - yum-utils - unzip - + win_packages: - notepadplusplus.install - firefoxesr - baretail - 7zip.install - + apply_win_updates: false common_show_ipv6: false|bool common_root_pwd: l3tm31nN0w -common_root_email: admin@somplace.co.nz \ No newline at end of file +common_root_email: admin@somplace.co.nz diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 9f6523a..c51f57f 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -4,8 +4,8 @@ dependency: driver: name: docker platforms: - - name: molecule-${MOLECULE_DISTRO:-centos7} - image: "cybercinch/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" + - name: molecule-${MOLECULE_DISTRO:-almalinux8} + image: "cybercinch/docker-${MOLECULE_DISTRO:-almalinux8}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro @@ -13,6 +13,8 @@ platforms: pre_build_image: true provisioner: name: ansible + env: + MOLECULE_NO_LOG: true # verifier: # name: ansible # lint: | diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..0607ebf --- /dev/null +++ b/requirements.txt @@ -0,0 +1,6 @@ +ansible-core<2.17 +ansible-compat<4 +molecule[docker]<5.0.0 +ansible-lint==6.16.2 +yamllint==1.32.0 +passlib==1.7.4 \ No newline at end of file diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..a8ea48c --- /dev/null +++ b/requirements.yml @@ -0,0 +1,3 @@ +collections: + - ansible.windows + - community.general \ No newline at end of file diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml index b14ac6a..da01757 100644 --- a/tasks/RedHat.yml +++ b/tasks/RedHat.yml @@ -3,7 +3,7 @@ - include_tasks: networking.yml - name: Ensure common packages (RHEL) - yum: + yum: name: "{{ common_packages }}" state: present enablerepo: epel @@ -17,7 +17,7 @@ enablerepo: ol7_developer_EPEL when: ansible_distribution == 'OracleLinux' tags: packages - + - name: Check if SELinux is installed stat: path: /etc/selinux/config @@ -59,15 +59,15 @@ dest: /usr/local/bin/reload_scsi_hosts loop_control: loop_var: helpers - + - name: Ensure Hostname is set - hostname: + hostname: name: "{{ inventory_hostname }}.{{ domain }}" when: ansible_virtualization_type != "docker" - + - name: Change root password - user: - name: root + user: + name: root password: "{{ common_root_pwd | password_hash('sha512') }}" changed_when: false tags: rootpw diff --git a/tasks/grub.yml b/tasks/grub.yml index a50fff3..4f07b9a 100644 --- a/tasks/grub.yml +++ b/tasks/grub.yml @@ -20,7 +20,7 @@ no_extra_spaces: yes when: "ansible_os_family == 'RedHat' and ansible_distribution_major_version > '6'" notify: - - Check if grub.cfg exists + - Check if grub.cfg exists - Update GRUB tags: - - grub \ No newline at end of file + - grub diff --git a/utils.libsonnet b/utils.libsonnet deleted file mode 100644 index 51becad..0000000 --- a/utils.libsonnet +++ /dev/null @@ -1,42 +0,0 @@ -{ -docker_service():: - { - name: 'docker', - image: 'docker:dind', - privileged: true, - volumes: [{ name: 'dockersock', path: '/var/run' },], - }, - -email_notification():: - { - name: 'notify by email', - image: 'drillster/drone-email', - settings: - { host: 'mail.guise.net.nz', - username: - { from_secret: 'EMAIL_USER' }, - password: - { from_secret: 'EMAIL_PASS' }, - from: 'drone@guise.net.nz' - }, - when: - { status: [ 'changed', 'failure' ] }, - }, - -test_distro(distribution):: - { - name: 'Test on %(distribution)s' % { distribution: distribution }, - volumes: [{ name: 'dockersock', path: '/var/run' },], - image: 'guisea/ansible-molecule:latest', - commands: [ - 'sleep 10', // give docker enough time to start - 'mkdir ${DRONE_REPO_NAME}', - 'rsync -a . ${DRONE_REPO_NAME} --exclude ${DRONE_REPO_NAME}', - 'cd ${DRONE_REPO_NAME}', - 'molecule test' - ], - environment: - { MOLECULE_DISTRO: '%(distribution)s' % { distribution: distribution } - }, - }, -}