fix!: fixed molecule tests, rewrote how custom variables are handled for hosts overrides; fixed invalid services names for clamav handlers

collections/ansible_collections/nullified/infrastructure/roles/development/defaults/main.yml

@@ -1,5 +1,14 @@
 ---
-custom_github_token: ""
-development_docker_remap_user: "{{ custom_base_user_account }}"
-development_docker_remap_group: "{{ custom_base_user_account }}"
-development_install_rust: false
+development:
+  docker:
+    userns: true
+    remap_user: "{{ custom_base_user_account | default('root') }}"
+    remap_group: "{{ custom_base_user_account | default('root') }}"
+    systemd_slice: docker.slice
+  github_token: "{{ custom_github_token | default('') }}"
+  rust:
+    enable: true
+  user_account: "{{ custom_base_user_account | default('root') }}"
+
+custom_development: {}
+recursive_combine: true

collections/ansible_collections/nullified/infrastructure/roles/development/handlers/main.yml

@@ -5,3 +5,4 @@
     name: docker
     enabled: true
     state: restarted
+  when: ansible_virtualization_type is not match("docker")

collections/ansible_collections/nullified/infrastructure/roles/development/tasks/main.yml

@@ -1,17 +1,23 @@
 ---
 - name: '[setup] gather facts if not already done'
-  setup:
+  ansible.builtin.setup:
     gather_subset:
       - distribution
       - distribution_release
+      - virtualization_type
+
+- name: '[setup] merge with custom vars'
+  ansible.builtin.set_fact:
+    development: "{{ development | combine(custom_development, recursive=recursive_combine) }}"
+  changed_when: false
 
 - name: '[home] get user account information'
   ansible.builtin.getent:
     database: passwd
-    key: "{{ custom_base_user_account }}"
+    key: "{{ development.user_account }}"
     split: ":"
   changed_when: false
-  when: getent_passwd is undefined or custom_base_user_account not in getent_passwd
+  when: getent_passwd is undefined or development.user_account not in getent_passwd
 
 - name: '[apt] install dependencies and tools'
   become: true
@@ -63,7 +69,7 @@
 - name: '[github] install tools'
   become: true
   nullified.infrastructure.github_artifact:
-    github_token: '{{ custom_github_token }}'
+    github_token: '{{ development.github_token }}'
     asset_name: "{{ item.asset_name | default('') }}"
     asset_type: "{{ item.asset_type }}"
     cmds: "{{ item.cmds | default([]) }}"
@@ -240,12 +246,13 @@
         src: ../templates/docker-ce/daemon.json.j2
         dest: /etc/docker/daemon.json
         mode: '0644'
+      when: development.docker.userns is truthy
       notify:
         - 'development : [docker] restart service'
 
     - name: '[docker] add default user to docker group'
       ansible.builtin.user:
-        name: "{{ development_docker_remap_user }}"
+        name: "{{ development.user_account }}"
         append: true
         groups: docker
         state: present
@@ -254,21 +261,21 @@
 
 - name: '[python] install tools'
   become: true
-  become_user: "{{ custom_base_user_account }}"
+  become_user: "{{ development.user_account }}"
   ansible.builtin.command:
     cmd: "pipx install {{ item.cmd }}"
-    creates: "{{ getent_passwd[custom_base_user_account][4] }}/.local/bin/{{ item.creates }}"
+    creates: "{{ getent_passwd[development.user_account][4] }}/.local/bin/{{ item.creates }}"
   loop:
     - { "cmd": "black", "creates": "black" }
     - { "cmd": "flake8", "creates": "flake8" }
 
 - name: '[python] install pipx packages dependencies'
   become: true
-  become_user: "{{ custom_base_user_account }}"
+  become_user: "{{ development.user_account }}"
   ansible.builtin.command:
     cmd: "pipx inject {{ item.venv }} {{ item.extension }}"
     creates:
-      "{{ getent_passwd[custom_base_user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}"
+      "{{ getent_passwd[development.user_account][4] }}/.local/pipx/venvs/{{ item.venv }}/lib/python3.11/site-packages/{{ item.creates }}"
   loop:
     - venv: "flake8"
       extension: "flake8-annotations-complexity"
@@ -330,26 +337,26 @@
 
 - name: '[rust] check if rust is already installed'
   ansible.builtin.file:
-    path: "{{ getent_passwd[custom_base_user_account][4] }}/.cargo/bin/rustc"
+    path: "{{ getent_passwd[development.user_account][4] }}/.cargo/bin/rustc"
   register: rustc_stat
   changed_when: false
   failed_when: false
-  when: development_install_rust | bool
+  when: development.rust.enable is truthy
 
 - name: '[rust] rust'
   become: true
-  when: development_install_rust | bool and rustc_stat.state is match("absent")
+  when: development.rust.enable is truthy and rustc_stat.state is match("absent")
   block:
     - name: '[rust] download installer'
       ansible.builtin.get_url:
         url: https://sh.rustup.rs
         dest: /tmp/rustup.sh
         mode: '0750'
-        owner: "{{ custom_base_user_account }}"
-        group: "{{ custom_base_user_account }}"
+        owner: "{{ development.user_account }}"
+        group: "{{ development.user_account }}"
 
     - name: '[rust] install rust toolchain'
-      become_user: "{{ custom_base_user_account }}"
+      become_user: "{{ development.user_account }}"
       script:
         cmd: /tmp/rustup.sh -qy
-        creates: "{{ getent_passwd[custom_base_user_account][4] }}/.cargo/bin/rustc"
+        creates: "{{ getent_passwd[development.user_account][4] }}/.cargo/bin/rustc"

collections/ansible_collections/nullified/infrastructure/roles/development/templates/docker-ce/daemon.json.j2

@@ -1,4 +1,4 @@
 {
-    "userns-remap": "{{ development_docker_remap_user }}:{{ development_docker_remap_group }}",
-    "cgroup-parent": "{{ development_docker_systemd_slice }}"
+    "userns-remap": "{{ development.docker.remap_user }}:{{ development.docker.remap_group }}",
+    "cgroup-parent": "{{ development.docker.systemd_slice }}"
 }

collections/ansible_collections/nullified/infrastructure/roles/development/vars/main.yml

@@ -1,2 +1 @@
 ---
-development_docker_systemd_slice: docker.slice