fix(ci): Let go-semantic-release get latest drivers from web 🐛 💚

* Fixed missing "
* Fixed error on LXC virtualization with fstab

.github/workflows/ci.yml

@@ -5,7 +5,6 @@ on:
       - "**"
     tags:
       - "!**"
-
 jobs:
   lint:
     runs-on: ubuntu-latest
@@ -14,7 +13,7 @@ jobs:
       - uses: actions/setup-python@v5
         with:
           python-version: '3.10'
-          #cache: 'pip' # caching pip dependencies
+          cache: 'pip' # caching pip dependencies
       - name: Ensure requirements are installed
         run: pip install -r requirements.txt
       - name: Lint with ansible-lint
@@ -43,7 +42,7 @@ jobs:
         uses: actions/setup-python@v5
         with:
           python-version: '3.10'
-          #cache: 'pip' # caching pip dependencies
+          cache: 'pip' # caching pip dependencies
 
       - name: Ensure requirements are installed
         run: pip install -r requirements.txt
@@ -61,23 +60,42 @@ jobs:
       - molecule
     steps:
      - uses: actions/checkout@v4
-     - uses: actions/setup-go@v5
-       with:
-         go-version: '1.22'
-     - name: Install gitea provider for Go Semantic Release
-       run: |
-         mkdir -p .semrel/$(go env GOOS)_$(go env GOARCH)/provider-gitea/${GITEA_PROVIDER_VER}/ && \
-         wget https://github.com/cybercinch/go-semantic-release-provider-gitea/releases/download/v${GITEA_PROVIDER_VER}/go-semantic-release-provider-gitea_v${GITEA_PROVIDER_VER}_linux_amd64 \
-         -O .semrel/$(go env GOOS)_$(go env GOARCH)/provider-gitea/${GITEA_PROVIDER_VER}/gitea && \
-         chmod a+x .semrel/$(go env GOOS)_$(go env GOARCH)/provider-gitea/${GITEA_PROVIDER_VER}/gitea
-       env:
-         GITEA_PROVIDER_VER: 1.0.11
-     - run: |
-         echo "github repo: ${GITHUB_REPOSITORY}"
-         echo "env vars: $(env)"
      - uses: go-semantic-release/action@v1
        with:
          custom-arguments: --provider=gitea
        env:
          GITEA_TOKEN: ${{ secrets.G_TOKEN }}
          GITEA_HOST: ${{ secrets.G_SERVER_URL}}
+  notify:
+    runs-on: ubuntu-latest
+    needs:
+      - lint
+      - molecule
+      - release
+    steps:
+      - name: ntfy-success-notifications
+        uses: niniyas/ntfy-action@master
+        if: success()
+        with:
+          url: '${{ vars.NTFY_URL }}'
+          title: Workflow success - ansible-role-common
+          topic: 'ci-status'
+          headers: '{"Authorization": "Bearer ${{ secrets.NTFY_TOKEN }}" }'
+          priority: 4
+          tags: +1,partying_face,action,successfully,completed
+          details: Workflow has been successfully completed!
+          icon: 'https://styles.redditmedia.com/t5_32uhe/styles/communityIcon_xnt6chtnr2j21.png'
+          image: true
+
+      - name: ntfy-failed-notifications
+        uses: niniyas/ntfy-action@master
+        if: failure()
+        with:
+          url: '${{ vars.NTFY_URL }}'
+          title: Workflow failed - ansible-role-common
+          topic: 'ci-status'
+          headers: '{"Authorization": "Bearer ${{ secrets.NTFY_TOKEN }}" }'
+          priority: 5
+          tags: -1,skull,action,failed
+          details: Workflow has failed!
+          actions: 'default'

.github/workflows/cron.yml

@@ -0,0 +1,62 @@
+name: Regular test
+on:
+  schedule:
+    - cron: "47 2 * * 0"
+
+jobs:
+  molecule:
+    name: Molecule Test
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [almalinux8, almalinux9]
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+          cache: 'pip' # caching pip dependencies
+
+      - name: Ensure requirements are installed
+        run: pip install -r requirements.txt
+
+      - name: Run Molecule tests.
+        run: molecule test
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_DISTRO: ${{ matrix.os }}
+  notify:
+    runs-on: ubuntu-latest
+    needs: molecule
+    steps:
+      - name: ntfy-success-notifications
+        uses: niniyas/ntfy-action@master
+        if: success()
+        with:
+          url: '${{ vars.NTFY_URL }}'
+          headers: '{"Authorization": "Bearer ${{ secrets.NTFY_TOKEN }}" }'
+          title: Workflow success - ansible-role-common
+          topic: 'ci-status'
+          priority: 4
+          tags: +1,partying_face,action,successfully,completed
+          details: Workflow has been successfully completed!
+          icon: 'https://styles.redditmedia.com/t5_32uhe/styles/communityIcon_xnt6chtnr2j21.png'
+          image: true
+
+      - name: ntfy-failed-notifications
+        uses: niniyas/ntfy-action@master
+        if: failure()
+        with:
+          url: '${{ vars.NTFY_URL }}'
+          headers: '{"Authorization": "Bearer ${{ secrets.NTFY_TOKEN }}" }'
+          title: Workflow failed - ansible-role-common
+          topic: 'ci-status'
+          priority: 5
+          tags: -1,skull,action,failed
+          details: Workflow has failed!
+          actions: 'default'

.gitignore

@@ -16,3 +16,6 @@ env/
 
 # Do not commit Vault password
 .vault_password.txt
+# No commit of .secrets (Only for local CI Tests)
+.secrets
+.vars

Makefile

@@ -18,15 +18,9 @@ test:
 	done
 
 lint:
-	@echo "Linting with Ansible-lint"
+	@echo "Linting"
+	@act -j lint
 	@echo
-	ansible-lint -c ".ansible-lint" --exclude ".venv"
-	@echo
-	@echo "Linting with Yamllint"
-	@echo
-	yamllint .
-	@echo
-
 
 docker: clean
 	docker buildx build --platform 'linux/amd64,linux/arm64' --push \

README.md

@@ -1,40 +1,89 @@
-# Common [![status-badge](https://ci.cybercinch.nz/api/badges/8/status.svg)](https://ci.cybercinch.nz/repos/8)
+# Common [![status-badge](https://hub.cybercinch.nz/cybercinch/ansible-role-common/actions/workflows/ci.yml/badge.svg)](https://hub.cybercinch.nz/cybercinch/ansible-role-common/actions?workflow=ci.yml)
 =========
 
-A brief description of the role goes here.
+This role is a collection of functionality to ease common setup of Linux based VM's. Some functionality for windows servers is available.
+
+Features:
+* Dynamic motd - This displays information to administrators at login.
+* Helper commands - These are commands to help with online resizing of Linux Partitions/Drives when running on VMWare.
+* Set DNS resolvers for use on the host.
+* Install common packages for the host (Win/Linux)
 
 Requirements 
 ------------
 
-Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+Nil
 
 Role Variables
 --------------
 
-A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+Role variables can be found in defaults/main.yml
+
+```yaml
+domain: exampledomain.com
+ad_domain_joined: no
+win_timezone: New Zealand Standard Time
+vendors_hosts: []
+
+dns_servers:
+  - 1.0.0.1
+  - 1.1.1.1
+
+admin_group: admins
+
+
+common_grub_timeout: 5
+postfix_configure: false
+
+common_packages: # Packages we will/would like to install
+  - nano
+  - git
+  - htop
+  - atop
+  - wget
+  - bind-utils
+  - yum-utils
+  - unzip
+
+win_packages:
+  - notepadplusplus.install
+  - firefoxesr
+  - baretail
+  - 7zip.install
+
+apply_win_updates: false
+
+common_show_ipv6: false|bool
+common_root_pwd: $y0urp@$$ ## You should always use a vault encrypted string here.
+common_root_email: admin@somplace.co.nz # Configures forwarding address for root.
+```
 
 Dependencies
 ------------
 
-A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+Nil external dependencies.  Requires only builtin functions
 
 Example Playbook
 ----------------
 
-Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+This is an example playbook.  Executes the role overriding two variables. 
+
+You could alternately set these in host_vars or group_vars:
 
 ```yaml
-    - hosts: servers
+    - hosts: server
       roles:
-         - { role: username.rolename, x: 42 }
+         - { role: cybercinch.common, 
+             common_show_ipv6: true,
+             common_root_email: iamroot@example.com }
 ```
 
 License
 -------
 
-BSD
+MIT
 
 Author Information
 ------------------
 
-An optional section for the role authors to include contact information, or a website (HTML is not allowed).
+This role was created in 2017 by [Aaron Guise](https://guise.net.nz/)

defaults/main.yml

@@ -1,5 +1,4 @@
 ---
-# defaults file for guisea.common
 domain: exampledomain.com
 ad_domain_joined: no
 win_timezone: New Zealand Standard Time
@@ -34,5 +33,5 @@ win_packages:
 apply_win_updates: false
 
 common_show_ipv6: false|bool
-common_root_pwd: l3tm31nN0w
+common_root_pwd: $y0urp@$$
 common_root_email: admin@somplace.co.nz

molecule/default/converge.yml

@@ -1,6 +1,8 @@
 ---
 - name: Converge
   hosts: all
+  vars:
+    ansible_remote_tmp: /tmp/.ansible/tmp
   tasks:
     - name: "Include common"
       include_role:

molecule/default/molecule.yml

@@ -8,7 +8,10 @@ platforms:
     image: "cybercinch/docker-${MOLECULE_DISTRO:-almalinux8}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+          - /sys/fs/cgroup:/sys/fs/cgroup:rw
+          - /run
+          - /run/lock
+          - /tmp
     cgroupns_mode: host
     privileged: true
     pre_build_image: true
@@ -16,6 +19,9 @@ provisioner:
   name: ansible
   env:
     MOLECULE_NO_LOG: true
+  config_options:
+    defaults:
+      roles_path: "$MOLECULE_PROJECT_DIRECTORY/.."
 # verifier:
 #  name: ansible
 # lint: |

requirements.txt

@@ -1,6 +1,7 @@
-ansible-core<2.17
-ansible-compat<4
-molecule[docker]<5.0.0
-ansible-lint==6.16.2
-yamllint==1.32.0
-passlib==1.7.4
+ansible-core==2.16.3
+ansible-compat == 25.1.4
+molecule==25.3.1
+molecule-plugins[docker]==23.7.0
+ansible-lint==6.22.2
+yamllint==1.35.1
+passlib==1.7.4

tasks/RedHat.yml

@@ -2,13 +2,13 @@
 # tasks file for common role
 - include_tasks: networking.yml
 
-- name: Ensure common packages (RHEL)
-  yum:
-    name: "{{ common_packages }}"
-    state: present
-    enablerepo: epel
-  when: ansible_distribution != 'OracleLinux'
-  tags: packages
+# - name: Ensure common packages (RHEL)
+#   yum:
+#     name: "{{ common_packages }}"
+#     state: present
+#     enablerepo: epel
+#   when: ansible_distribution != 'OracleLinux'
+#   tags: packages
 
 - name: Ensure common packages (OracleLinux)
   yum:

tasks/networking.yml

@@ -97,5 +97,8 @@
     - /etc/hosts
   loop_control:
     loop_var: perm_config
+  when: >
+    ansible_virtualization_type != "docker"
+    and ansible_virtualization_type != "container"
   changed_when: false
   tags: dns

templates/dynmotd

@@ -24,7 +24,9 @@ if getent group "{{ admin_group }}" | grep -qw "$(whoami)"; then
   #ROOT=`/usr/bin/df / -x fuse.gvfs-fuse-daemon -Ph | /usr/bin/egrep -i 'root|logvol|vda' | awk '{print $4}' | tr -d '\n'`
   #HOME=`/usr/bin/df /home -x fuse.gvfs-fuse-daemon -Ph | grep home | awk '{print $4}' | tr -d '\n'`
   #BACKUP=`/usr/bin/df -x fuse.gvfs-fuse-daemon -Ph | grep backup | awk '{print $4}' | tr -d '\n'`
+  if [ -f /etc/fstab ]; then
   FILESYSTEMS=`cat /etc/fstab | grep -v '#' | grep -v 'swap' | grep -v 'proc' | awk '{if(NF>0) {print $2}}'`
+  fi
   MEMORY=`/usr/bin/env free -m | /usr/bin/env grep "Mem" | /usr/bin/env awk '{print $2,"-",$3,"-",$4}'`
   SWAP=`/usr/bin/env free -m | /usr/bin/env grep "Swap" | /usr/bin/env awk '{print $2,"-",$3,"-",$4}'`
   PSA=`/usr/bin/env ps -Afl | /usr/bin/env wc -l`
@@ -64,11 +66,9 @@ RESET_COLORS="\e[0m"
 echo -e "
 ===========================================================================
 $COLOR_COLUMN- Hostname$RESET_COLORS............: $COLOR_VALUE $HOSTNAME $RESET_COLORS
-{% if common_show_ipv6 == true %}
-$COLOR_COLUMN- IP Address (Main v4)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS  
+{% if common_show_ipv6 == true %}$COLOR_COLUMN- IP Address (Main v4)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS  
 $COLOR_COLUMN- IP Address (Main v6)$RESET_COLORS: $COLOR_VALUE $IP6 $RESET_COLORS  
-{% else %} 
-$COLOR_COLUMN- IP Address (Default)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS
+{% else %}$COLOR_COLUMN- IP Address (Default)$RESET_COLORS: $COLOR_VALUE $IP $RESET_COLORS
 {% endif %}
 {% if ansible_distribution == "Alpine" %}
 $COLOR_COLUMN- Release$RESET_COLORS.............: $COLOR_VALUE Alpine `/usr/bin/env cat /etc/os-release` $RESET_COLORS
@@ -92,6 +92,7 @@ for FS in ${FILESYSTEMS}; do
 echo -e "$COLOR_COLUMN- ..........$RESET_COLORS..........: $COLOR_VALUE `df -H ${FS} | grep -v 'Filesystem' | grep -v '^[[:space:]]*$' | awk '{print $6 \" \" $4}'` remaining $RESET_COLORS"
 done
 {% endif %}
+"
 echo -e "
 ===========================================================================
 "

terraform/.terraform.lock.hcl

@@ -1,22 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/linode/linode" {
-  version     = "1.16.0"
-  constraints = "1.16.0"
-  hashes = [
-    "h1:JpBtHnebAi6yr/aDdlk8EybaEiEY+VPtFP3o0QoMTng=",
-    "zh:03c867440797b82012cd5d97f58fef5885dc0248683227299a39af836df222db",
-    "zh:0486be7f72d6ea73d10140e23be8c1d2772b2d8be28c7bb39c73be83601405cf",
-    "zh:181929d6880cac6500f4af1f3799385c47ccd69872cacf1042a3a48e445b2b02",
-    "zh:18b7f6cc1ddf86e28322638607e1f84c1e9d56824c26903e22d4d12352f20b6e",
-    "zh:4e65e7f9e17c334ff7047fc2dd8fc479c2509cba66834d89e2033a45e9275fe3",
-    "zh:6077eda3fdf77a5158d9dc1a0c38492e23f7d679b1ac96382ba92ebe92e19266",
-    "zh:642e7c96867c519176d84228a7f9104352212ae3c999b409eee1076b7ed90a96",
-    "zh:6451f5117125fad9884214fe2f2635a2bed95912e64cf1c66a57c38558dfe907",
-    "zh:83b957b30da19586393b9aea2cc93524a7d4c43dd07d11129a11d29c2b4bfb21",
-    "zh:852954fe6cfe5278bd7c3d1079a9832bbf8c58436486489ed85154c0a0600633",
-    "zh:a2385c51147a3c40707f7bfceb673c077e1054e8af6fb4c808cef56f995b8193",
-    "zh:d21cd5cb5a635d18547430fe6cdfe3c6898541f9f3adc110edbf8d6e0439390d",
-  ]
-}

terraform/drone-runners.tf

@@ -1,58 +0,0 @@
-variable "drone_instances" {
-  description = "How many runner instances should there be?"
-  default = 3
-}
-variable "root_pass" {
-  description = "Root password to set on the node"
-}
-
-variable "linode_api_token" {
-  description = "Linode API Token"
-}
-
-variable "ssh_pubkey" {
-    description = "SSH key to be allowed access by default"
-}
-
-terraform {
-  required_providers {
-    linode = {
-      source = "linode/linode"
-      version = "1.16.0"
-    }
-  }
- backend "local" {
-         path = "/data/runner.tfstate"  
- }
-}
-
-provider "linode" {
-  token = var.linode_api_token
-}
-
-resource "linode_instance" "terraform-drone" {
-  connection { 
-               type = "ssh"
-               user = "root"
-               password = var.root_pass    
-               host     = self.ip_address  
-             }
-
-        count = var.drone_instances
-        image = "private/15818922"
-        label = "drone-runner-${count.index + 1}"
-        group = "docker"
-        tags = ["tag_Testing","docker"]
-        region = "ap-southeast"
-        type = "g6-standard-2"
-        authorized_keys = [ var.ssh_pubkey ]
-        root_pass = var.root_pass
-
-  provisioner "remote-exec" {
-    inline = [
-        "yum upgrade -y && systemctl restart docker",
-        "docker rm -f runner",
-        "docker run --detach --volume=/var/run/docker.sock:/var/run/docker.sock --env=DRONE_RPC_PROTO=https --env=DRONE_RPC_HOST=drone.guise.net.nz --env=DRONE_RPC_SECRET=super-duper-secret --env=DRONE_RUNNER_CAPACITY=2 --env=DRONE_RUNNER_NAME=drone-runner-${count.index + 1} --env=DRONE_RUNNER_LABELS='linodrone:true' --env=--publish=3000:3000 --restart=always --name=runner drone/drone-runner-docker:1"
-    ]
-  }
-}

test.sh

@@ -1,7 +0,0 @@
-#!/bin/bash
-
-if getent group "wheel" | grep -qw "$(whoami)"; then
-  echo true
-else
-  echo false
-fi;