-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from thozza/fix-non-check-mode-issue
Fix setting state of timer units and enable GH actions
- Loading branch information
Showing
12 changed files
with
363 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| --- | ||
| skip_list: | ||
| # the role name does not follow galaxy requirements | ||
| # https://galaxy.ansible.com/docs/contributing/creating_role.html#role-names | ||
| - role-name |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| name: Tests | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| branches: | ||
| - "*" | ||
|
|
||
| jobs: | ||
| ansible-lint: | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| path: "${{ github.repository }}" | ||
|
|
||
| - name: Run ansible-lint | ||
| uses: ansible-community/ansible-lint-action@main | ||
| with: | ||
| path: "${{ github.repository }}" | ||
|
|
||
| test: | ||
| needs: | ||
| - ansible-lint | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| image: | ||
| - name: "centos" | ||
| namespace: "quay.io/centos" | ||
| tag: "stream8" | ||
| - name: "centos" | ||
| namespace: "quay.io/centos" | ||
| tag: "stream9" | ||
| - name: "fedora" | ||
| namespace: "quay.io/fedora" | ||
| tag: "latest" | ||
| scenario: | ||
| - default | ||
| - auto_reboot | ||
| container: | ||
| image: "quay.io/fedora/fedora:latest" | ||
| # --cgroupns=host needed due to https://github.com/containers/podman/discussions/12898#discussioncomment-4078154 | ||
| options: "--privileged --volume /sys/fs/cgroup:/sys/fs/cgroup:rw --cgroupns=host" | ||
| env: | ||
| HOME: "/root" | ||
|
|
||
| steps: | ||
| - name: checkout | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| path: "${{ github.repository }}" | ||
|
|
||
| - name: install dependencies | ||
| run: | | ||
| dnf install -y podman \ | ||
| which \ | ||
| python3-molecule \ | ||
| python3-click-help-colors \ | ||
| python3-rich \ | ||
| python3-enrich \ | ||
| python3-pluggy \ | ||
| python3-cookiecutter | ||
| - name: run molecule | ||
| run: | | ||
| export HOME="/root" | ||
| export image="${{ matrix.image.name }}" | ||
| export namespace="${{ matrix.image.namespace }}" | ||
| export tag="${{ matrix.image.tag }}" | ||
| export PY_COLORS=1 | ||
| export ANSIBLE_FORCE_COLOR=1 | ||
| molecule test -s "${{ matrix.scenario }}" | ||
| working-directory: "${{ github.repository }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| --- | ||
| - name: Reload systemd | ||
| ansible.builtin.systemd: | ||
| daemon_reload: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # Molecule managed | ||
|
|
||
| {% if item.registry is defined %} | ||
| FROM {{ item.registry.url }}/{{ item.image }} | ||
| {% else %} | ||
| FROM {{ item.image }} | ||
| {% endif %} | ||
|
|
||
| {% if item.env is defined %} | ||
| {% for var, value in item.env.items() %} | ||
| {% if value %} | ||
| ENV {{ var }} {{ value }} | ||
| {% endif %} | ||
| {% endfor %} | ||
| {% endif %} | ||
|
|
||
| ENV container=docker | ||
|
|
||
| RUN dnf -y install systemd && dnf clean all && \ | ||
| systemctl mask systemd-remount-fs.service \ | ||
| dev-hugepages.mount \ | ||
| sys-fs-fuse-connections.mount \ | ||
| systemd-logind.service \ | ||
| getty.target \ | ||
| console-getty.service && \ | ||
| systemctl disable dnf-makecache.timer \ | ||
| dnf-makecache.service | ||
|
|
||
| VOLUME ["/sys/fs/cgroup"] | ||
| CMD ["/sbin/init"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| --- | ||
| - name: Converge | ||
| hosts: all | ||
|
|
||
| tasks: | ||
| - name: "Include ansible-role-dnf-automatic" | ||
| ansible.builtin.include_role: | ||
| name: "ansible-role-dnf-automatic" | ||
| vars: | ||
| dnf_automatic_reboot: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| --- | ||
| role_name_check: 1 | ||
| dependency: | ||
| name: galaxy | ||
| driver: | ||
| name: podman | ||
| platforms: | ||
| - name: "dnf-automatic-${image:-fedora}-${tag:-latest}" | ||
| image: "${namespace:-quay.io/fedora}/${image:-fedora}:${tag:-latest}" | ||
| command: /sbin/init | ||
| volumes: | ||
| - /sys/fs/cgroup:/sys/fs/cgroup:ro | ||
| pre_build_image: false | ||
| privileged: true | ||
| provisioner: | ||
| name: ansible | ||
| verifier: | ||
| name: ansible |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| --- | ||
| - name: Verify scenario with auto reboot enabled | ||
| hosts: all | ||
|
|
||
| tasks: | ||
| # test packages | ||
| - name: Gather package facts | ||
| ansible.builtin.package_facts: | ||
| manager: auto | ||
|
|
||
| - name: Check that dnf-automatic is installed | ||
| ansible.builtin.assert: | ||
| that: | ||
| - ansible_facts.packages['dnf-automatic'] is defined | ||
|
|
||
| - name: Define auto reboot dependency package name | ||
| ansible.builtin.set_fact: | ||
| auto_reboot_dependency_package: "{{ 'yum-utils' if ansible_distribution != 'Fedora' else 'dnf-utils' }}" | ||
|
|
||
| - name: Check that auto reboot dependency package is installed | ||
| ansible.builtin.assert: | ||
| that: | ||
| - ansible_facts.packages[auto_reboot_dependency_package] is defined | ||
|
|
||
| # test dnf-automatic configuration | ||
| - name: Fetch /etc/dnf/automatic.conf from remote host and register it as automatic_conf | ||
| ansible.builtin.fetch: | ||
| src: /etc/dnf/automatic.conf | ||
| dest: /tmp/ | ||
| flat: true | ||
| register: automatic_conf | ||
|
|
||
| - name: Check content of /etc/dnf/automatic.conf | ||
| ansible.builtin.assert: | ||
| that: | ||
| - "'Ansible' in lookup('file', '/tmp/automatic.conf')" | ||
| - "'apply_updates = True' in lookup('file', '/tmp/automatic.conf')" | ||
| - "'download_updates = True' in lookup('file', '/tmp/automatic.conf')" | ||
| - "'upgrade_type = security' in lookup('file', '/tmp/automatic.conf')" | ||
|
|
||
| # test systemd units | ||
| - name: Check status of dnf-automatic-install.timer | ||
| ansible.builtin.systemd: | ||
| name: dnf-automatic-install.timer | ||
| register: dnf_automatic_install_timer | ||
|
|
||
| - name: Check that dnf-automatic-install.timer is started and enabled | ||
| ansible.builtin.assert: | ||
| that: | ||
| - dnf_automatic_install_timer.status['LoadState'] == 'loaded' | ||
| - dnf_automatic_install_timer.status['ActiveState'] == 'active' | ||
| - dnf_automatic_install_timer.status['UnitFileState'] == 'enabled' | ||
|
|
||
| - name: Check status of dnf-automatic-reboot.timer | ||
| ansible.builtin.systemd: | ||
| name: dnf-automatic-reboot.timer | ||
| register: dnf_automatic_reboot_timer | ||
|
|
||
| - name: Check that dnf-automatic-reboot.timer is started and enabled | ||
| ansible.builtin.assert: | ||
| that: | ||
| - dnf_automatic_reboot_timer.status['LoadState'] == 'loaded' | ||
| - dnf_automatic_reboot_timer.status['ActiveState'] == 'active' | ||
| - dnf_automatic_reboot_timer.status['UnitFileState'] == 'enabled' | ||
|
|
||
| - name: Check status of dnf-automatic-reboot.service | ||
| ansible.builtin.systemd: | ||
| name: dnf-automatic-reboot.service | ||
| register: dnf_automatic_reboot_service | ||
|
|
||
| - name: Check that dnf-automatic-reboot.service exists | ||
| ansible.builtin.assert: | ||
| that: | ||
| - dnf_automatic_reboot_service.status['LoadState'] == 'loaded' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| # Molecule managed | ||
|
|
||
| {% if item.registry is defined %} | ||
| FROM {{ item.registry.url }}/{{ item.image }} | ||
| {% else %} | ||
| FROM {{ item.image }} | ||
| {% endif %} | ||
|
|
||
| {% if item.env is defined %} | ||
| {% for var, value in item.env.items() %} | ||
| {% if value %} | ||
| ENV {{ var }} {{ value }} | ||
| {% endif %} | ||
| {% endfor %} | ||
| {% endif %} | ||
|
|
||
| ENV container=docker | ||
|
|
||
| RUN dnf -y install systemd && dnf clean all && \ | ||
| systemctl mask systemd-remount-fs.service \ | ||
| dev-hugepages.mount \ | ||
| sys-fs-fuse-connections.mount \ | ||
| systemd-logind.service \ | ||
| getty.target \ | ||
| console-getty.service && \ | ||
| systemctl disable dnf-makecache.timer \ | ||
| dnf-makecache.service | ||
|
|
||
| VOLUME ["/sys/fs/cgroup"] | ||
| CMD ["/sbin/init"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| --- | ||
| - name: Converge | ||
| hosts: all | ||
|
|
||
| tasks: | ||
| - name: "Include ansible-role-dnf-automatic" | ||
| ansible.builtin.include_role: | ||
| name: "ansible-role-dnf-automatic" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| --- | ||
| role_name_check: 1 | ||
| dependency: | ||
| name: galaxy | ||
| driver: | ||
| name: podman | ||
| platforms: | ||
| - name: "dnf-automatic-${image:-fedora}-${tag:-latest}" | ||
| image: "${namespace:-quay.io/fedora}/${image:-fedora}:${tag:-latest}" | ||
| command: /sbin/init | ||
| volumes: | ||
| - /sys/fs/cgroup:/sys/fs/cgroup:ro | ||
| pre_build_image: false | ||
| privileged: true | ||
| provisioner: | ||
| name: ansible | ||
| verifier: | ||
| name: ansible |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| --- | ||
| - name: Verify default scenario | ||
| hosts: all | ||
|
|
||
| tasks: | ||
| # test packages | ||
| - name: Gather package facts | ||
| ansible.builtin.package_facts: | ||
| manager: auto | ||
|
|
||
| - name: Check that dnf-automatic is installed | ||
| ansible.builtin.assert: | ||
| that: | ||
| - ansible_facts.packages['dnf-automatic'] is defined | ||
|
|
||
| - name: Check that yum-utils are not installed | ||
| ansible.builtin.assert: | ||
| that: | ||
| - ansible_facts.packages['yum-utils'] is not defined | ||
|
|
||
| # test dnf-automatic configuration | ||
| - name: Fetch /etc/dnf/automatic.conf from remote host and register it as automatic_conf | ||
| ansible.builtin.fetch: | ||
| src: /etc/dnf/automatic.conf | ||
| dest: /tmp/ | ||
| flat: true | ||
|
|
||
| - name: Check content of /etc/dnf/automatic.conf | ||
| ansible.builtin.assert: | ||
| that: | ||
| - "'Ansible' in lookup('file', '/tmp/automatic.conf')" | ||
| - "'apply_updates = True' in lookup('file', '/tmp/automatic.conf')" | ||
| - "'download_updates = True' in lookup('file', '/tmp/automatic.conf')" | ||
| - "'upgrade_type = security' in lookup('file', '/tmp/automatic.conf')" | ||
|
|
||
| # test systemd units | ||
| - name: Check status of dnf-automatic-install.timer | ||
| ansible.builtin.systemd: | ||
| name: dnf-automatic-install.timer | ||
| register: dnf_automatic_install_timer | ||
|
|
||
| - name: Check that dnf-automatic-install.timer is started and enabled | ||
| ansible.builtin.assert: | ||
| that: | ||
| - dnf_automatic_install_timer.status['LoadState'] == 'loaded' | ||
| - dnf_automatic_install_timer.status['ActiveState'] == 'active' | ||
| - dnf_automatic_install_timer.status['UnitFileState'] == 'enabled' | ||
|
|
||
| - name: Check status of dnf-automatic-reboot.timer | ||
| ansible.builtin.systemd: | ||
| name: dnf-automatic-reboot.timer | ||
| register: dnf_automatic_reboot_timer | ||
|
|
||
| - name: Check that dnf-automatic-reboot.timer does not exist | ||
| ansible.builtin.assert: | ||
| that: | ||
| - dnf_automatic_reboot_timer.status['LoadState'] == 'not-found' | ||
| - dnf_automatic_reboot_timer.status['ActiveState'] == 'inactive' | ||
|
|
||
| - name: Check status of dnf-automatic-reboot.service | ||
| ansible.builtin.systemd: | ||
| name: dnf-automatic-reboot.service | ||
| register: dnf_automatic_reboot_service | ||
|
|
||
| - name: Check that dnf-automatic-reboot.service does not exist | ||
| ansible.builtin.assert: | ||
| that: | ||
| - dnf_automatic_reboot_service.status['LoadState'] == 'not-found' | ||
| - dnf_automatic_reboot_service.status['ActiveState'] == 'inactive' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters