WoodSmellParticle/ansible-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(molecule): working again, added test for provisioner load_vars

Browse source
This commit is contained in:
NaeiKinDus 2025-03-11 00:00:00 +00:00
parent 6707ece8e0
commit c6670c1c5f
Signed by: WoodSmellParticle
GPG key ID: 8E52ADFF7CA8AE56
8 changed files with 38 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
ansible_collections/nullified/infrastructure/extensions/molecule/default/converge.yml
View file

@ -15,21 +15,45 @@
vars_files: vars_files:
- ../../../../../../inventory/group_vars/all/vars.yml - ../../../../../../inventory/group_vars/all/vars.yml
- ../../../../../../inventory/group_vars/all/vault.yml - ../../../../../../inventory/group_vars/all/vault.yml
- ../../../../../../inventory/group_vars/provisioner/vars.yml
- ./platform_vars.yml - ./platform_vars.yml
handlers:
- name: reboot vm
become: true
changed_when: false
ansible.builtin.reboot:
reboot_timeout: 10
tasks: tasks:
- include_vars: ../../../../../../inventory/group_vars/all/vars.yml - include_vars: ../../../../../../inventory/group_vars/all/vars.yml
- include_vars: ../../../../../../inventory/group_vars/all/vault.yml - include_vars: ../../../../../../inventory/group_vars/all/vault.yml
- include_vars: ../../../../../../inventory/group_vars/provisioner/vars.yml
- include_vars: ./platform_vars.yml - include_vars: ./platform_vars.yml
- name: Platform hostvars - name: Platform hostvars
ansible.builtin.debug: ansible.builtin.debug:
msg: "{{ hostvars[inventory_hostname] }}" msg: "{{ hostvars[inventory_hostname] }}"
verbosity: 1 verbosity: 1
- name: Upgrade system since vagrant boxes are often outdated
become: true
notify:
- reboot vm
ansible.builtin.apt:
update_cache: true
force_apt_get: true
cache_valid_time: 3600
autoremove: true
install_recommends: false
upgrade: full
- meta: flush_handlers
- name: Enable guest console access - name: Enable guest console access
become: true become: true
ansible.builtin.systemd_service: ansible.builtin.systemd_service:
name: serial-getty@ttyS0.service name: serial-getty@ttyS0.service
enabled: true enabled: true
state: restarted state: restarted
- name: Testing provisioner variables loading
ansible.builtin.include_role:
name: nullified.infrastructure.provisioner
tasks_from: load_facts.yml
- name: Testing security role - name: Testing security role
ansible.builtin.include_role: ansible.builtin.include_role:
name: nullified.infrastructure.security name: nullified.infrastructure.security

3
ansible_collections/nullified/infrastructure/extensions/molecule/default/molecule.yml
View file

@ -31,6 +31,7 @@ platforms:
provider_raw_config_args: [] provider_raw_config_args: []
groups: groups:
- molecule - molecule
- provisioner
provisioner: provisioner:
name: ansible name: ansible
config_options: config_options:
@ -39,3 +40,5 @@ provisioner:
inventory: inventory:
group_vars: group_vars:
molecule: molecule:
provisioner_hostname: 'debian-bookworm'
provisioner:

7
ansible_collections/nullified/infrastructure/extensions/molecule/default/platform_vars.yml
View file

@ -2,3 +2,10 @@ custom_base_user_account: 'vagrant'
security_firewall_mangle_drop_privatenets: false security_firewall_mangle_drop_privatenets: false
security_configure_resolve_conf: true security_configure_resolve_conf: true
global_ip_dualstack: false global_ip_dualstack: false
external_provisioner_source_ips:
- '10.0.0.0/8'
- '100.64.0.0/10'
- '172.16.0.0/12'
- '192.0.0.0/24'
- '192.168.0.0/16'
- '198.18.0.0/15'

1
ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml
View file

@ -243,6 +243,7 @@
become_user: "{{ development_user_account }}" become_user: "{{ development_user_account }}"
ansible.builtin.command: ansible.builtin.command:
cmd: "pipx inject {{ item.venv }} {{ item.extension }}" cmd: "pipx inject {{ item.venv }} {{ item.extension }}"
# @todo not portable, will not work as expected, replace with actual python version
creates: creates:
"{{ ansible_facts['getent_passwd'][development_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}" "{{ ansible_facts['getent_passwd'][development_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}"
loop: loop:

1
ansible_collections/nullified/infrastructure/roles/helm/tasks/main.yml
View file

@ -23,7 +23,6 @@
register: helm_local_version_exec register: helm_local_version_exec
- name: find latest available version - name: find latest available version
connection: local
ansible.builtin.shell: |- ansible.builtin.shell: |-
curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name' curl -sSL https://api.github.com/repos/helm/helm/releases/latest | jq -r '.tag_name'
register: latest_helm_version_exec register: latest_helm_version_exec

1
ansible_collections/nullified/infrastructure/roles/kubectl/tasks/main.yml
View file

@ -23,7 +23,6 @@
register: kubectl_local_version_exec register: kubectl_local_version_exec
- name: find latest available version - name: find latest available version
connection: local
ansible.builtin.command: curl -L -s https://dl.k8s.io/release/stable.txt ansible.builtin.command: curl -L -s https://dl.k8s.io/release/stable.txt
register: latest_kubectl_version_exec register: latest_kubectl_version_exec
when: kubectl_install_version is falsy or kubectl_install_version == "latest" when: kubectl_install_version is falsy or kubectl_install_version == "latest"

2
ansible_collections/nullified/infrastructure/roles/provisioner/tasks/load_facts.yml
View file

@ -3,7 +3,7 @@
block: block:
- name: save current provisioner hostname - name: save current provisioner hostname
ansible.builtin.set_fact: ansible.builtin.set_fact:
provisioner_hostname: '{{ lookup("ansible.builtin.pipe", "hostname") }}' provisioner_hostname: '{{ provisioner_hostname | default(lookup("ansible.builtin.pipe", "hostname"), true) }}'
- name: retrieve hostnames and IP addresses of all provisioners - name: retrieve hostnames and IP addresses of all provisioners
ansible.builtin.set_fact: ansible.builtin.set_fact:
provisioner_controllers_list: provisioner_controllers_list:

3
ansible_collections/nullified/infrastructure/roles/workstation/tasks/main.yml
View file

@ -148,9 +148,10 @@
- { path: '/srv/git/work' } - { path: '/srv/git/work' }
- { path: '/srv/storage' } - { path: '/srv/storage' }
- name: '[emacs] fetch emacs configuration files' - name: 'DISABLED: [emacs] fetch emacs configuration files'
become: true become: true
become_user: "{{ workstation_user_account }}" become_user: "{{ workstation_user_account }}"
when: false
ansible.builtin.git: ansible.builtin.git:
repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git" repo: "https://gitlab.0x2a.ninja/naeikindus/emacsd.git"
dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.emacs.d" dest: "{{ ansible_facts['getent_passwd'][workstation_user_account][4] }}/.emacs.d"