From c6670c1c5f0eb192df609947a981c95fce62b4b8 Mon Sep 17 00:00:00 2001 From: NaeiKinDus Date: Tue, 11 Mar 2025 00:00:00 +0000 Subject: [PATCH] fix(molecule): working again, added test for provisioner load_vars --- .../extensions/molecule/default/converge.yml | 24 +++++++++++++++++++ .../extensions/molecule/default/molecule.yml | 3 +++ .../molecule/default/platform_vars.yml | 7 ++++++ .../roles/development/tasks/main.yml | 1 + .../infrastructure/roles/helm/tasks/main.yml | 1 - .../roles/kubectl/tasks/main.yml | 1 - .../roles/provisioner/tasks/load_facts.yml | 2 +- .../roles/workstation/tasks/main.yml | 3 ++- 8 files changed, 38 insertions(+), 4 deletions(-) diff --git a/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml b/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml index 2b76a27..5dc71a0 100644 --- a/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml +++ b/ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml @@ -15,21 +15,45 @@ vars_files: - ../../../../../../inventory/group_vars/all/vars.yml - ../../../../../../inventory/group_vars/all/vault.yml + - ../../../../../../inventory/group_vars/provisioner/vars.yml - ./platform_vars.yml + handlers: + - name: reboot vm + become: true + changed_when: false + ansible.builtin.reboot: + reboot_timeout: 10 tasks: - include_vars: ../../../../../../inventory/group_vars/all/vars.yml - include_vars: ../../../../../../inventory/group_vars/all/vault.yml + - include_vars: ../../../../../../inventory/group_vars/provisioner/vars.yml - include_vars: ./platform_vars.yml - name: Platform hostvars ansible.builtin.debug: msg: "{{ hostvars[inventory_hostname] }}" verbosity: 1 + - name: Upgrade system since vagrant boxes are often outdated + become: true + notify: + - reboot vm + ansible.builtin.apt: + update_cache: true + force_apt_get: true + cache_valid_time: 3600 + autoremove: true + install_recommends: false + upgrade: full + - meta: flush_handlers - name: Enable guest console access become: true ansible.builtin.systemd_service: name: serial-getty@ttyS0.service enabled: true state: restarted + - name: Testing provisioner variables loading + ansible.builtin.include_role: + name: nullified.infrastructure.provisioner + tasks_from: load_facts.yml - name: Testing security role ansible.builtin.include_role: name: nullified.infrastructure.security diff --git a/ansible_collections/nullified/infrastructure/extensions/molecule/default/molecule.yml b/ansible_collections/nullified/infrastructure/extensions/molecule/default/molecule.yml index 8b4e1e9..6d765c8 100644 --- a/ansible_collections/nullified/infrastructure/extensions/molecule/default/molecule.yml +++ b/ansible_collections/nullified/infrastructure/extensions/molecule/default/molecule.yml @@ -31,6 +31,7 @@ platforms: provider_raw_config_args: [] groups: - molecule + - provisioner provisioner: name: ansible config_options: @@ -39,3 +40,5 @@ provisioner: inventory: group_vars: molecule: + provisioner_hostname: 'debian-bookworm' + provisioner: diff --git a/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml b/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml index 4025dba..33bedcd 100644 --- a/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml +++ b/ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml @@ -2,3 +2,10 @@ custom_base_user_account: 'vagrant' security_firewall_mangle_drop_privatenets: false security_configure_resolve_conf: true global_ip_dualstack: false +external_provisioner_source_ips: + - '10.0.0.0/8' + - '100.64.0.0/10' + - '172.16.0.0/12' + - '192.0.0.0/24' + - '192.168.0.0/16' + - '198.18.0.0/15' diff --git a/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml b/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml index cd502f0..a5b58f3 100644 --- a/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml +++ b/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml @@ -243,6 +243,7 @@ become_user: "{{ development_user_account }}" ansible.builtin.command: cmd: "pipx inject {{ item.venv }} {{ item.extension }}" + # @todo not portable, will not work as expected, replace with actual python version creates: "{{ ansible_facts['getent_passwd'][development_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}" loop: diff --git a/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml b/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml index 12b7ab2..edb5319 100644 --- a/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml +++ b/ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml @@ -23,7 +23,6 @@ register: helm_local_version_exec - name: find latest available version - connection: local ansible.builtin.shell: |- curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name' register: latest_helm_version_exec diff --git a/ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml b/ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml index 331deec..1d5902a 100644 --- a/ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml +++ b/ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml @@ -23,7 +23,6 @@ register: kubectl_local_version_exec - name: find latest available version - connection: local ansible.builtin.command: curl -L -s https://dl.k8s.io/release/stable.txt register: latest_kubectl_version_exec when: kubectl_install_version is falsy or kubectl_install_version == "latest" diff --git a/ansible_collections/nullified/infrastructure/roles/provisioner/tasks/load_facts.yml b/ansible_collections/nullified/infrastructure/roles/provisioner/tasks/load_facts.yml index 4d84177..c54849b 100644 --- a/ansible_collections/nullified/infrastructure/roles/provisioner/tasks/load_facts.yml +++ b/ansible_collections/nullified/infrastructure/roles/provisioner/tasks/load_facts.yml @@ -3,7 +3,7 @@ block: - name: save current provisioner hostname ansible.builtin.set_fact: - provisioner_hostname: '{{ lookup("ansible.builtin.pipe", "hostname") }}' + provisioner_hostname: '{{ provisioner_hostname | default(lookup("ansible.builtin.pipe", "hostname"), true) }}' - name: retrieve hostnames and IP addresses of all provisioners ansible.builtin.set_fact: provisioner_controllers_list: diff --git a/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml b/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml index 0f29306..c4d465b 100644 --- a/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml +++ b/ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml @@ -148,9 +148,10 @@ - { path: '/srv/git/work' } - { path: '/srv/storage' } -- name: '[emacs] fetch emacs configuration files' +- name: 'DISABLED: [emacs] fetch emacs configuration files' become: true become_user: "{{ workstation_user_account }}" + when: false ansible.builtin.git: repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git" dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.emacs.d"