majic-ansible-roles Changeset

Changeset - 34dffc4a5ea3

Parent rev.

Child rev.

[Not reviewed]

0 7 0

Branko Majic (branko) - 4 years ago 2021-01-14 23:50:35
branko@majic.rs

MAR-151: Added support for Debian 10 Buster to web_server role:

- Updated role reference documentaiton.
- Updated role meta information.
- Updated tests.
- Refactor the code around handling of different directories and files
for PHP 7.0 (Debian Stretch) and PHP 7.3 (Debian Buster).
- Separate socket directory tests for WSGI and PHP applications (due
to differences in paths for PHP in Debian Stretch and Debian
Buster).

7 files changed with 114 insertions and 14 deletions:

docs/rolereference.rst

roles/web_server/defaults/main.yml

roles/web_server/meta/main.yml

roles/web_server/molecule/default/molecule.yml

roles/web_server/molecule/default/prepare.yml

roles/web_server/molecule/default/tests/conftest.py

roles/web_server/molecule/default/tests/test_default.py

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -1471,6 +1471,7 @@ Distribution compatibility @@
 Role is compatible with the following distributions:
 - Debian 9 (Stretch)
 - Debian 10 (Buster)
 Examples

roles/web_server/defaults/main.yml

➞

Show inline comments

@@ @@ -14,6 +14,14 @@ ECDHE-RSA-CHACHA20-POLY1305:\ @@
 !aNULL:!MD5:!EXPORT"
 # Internal parameters
 php_fpm_service_name_per_release:
   stretch: "php7.0-fpm"
   buster: "php7.3-fpm"
 php_base_config_dir_per_release:
   stretch: "/etc/php/7.0"
   buster: "/etc/php/7.3"
 php_fpm_package_name: "php-fpm"
 php_fpm_service_name: "php7.0-fpm"
 php_base_config_dir: "/etc/php/7.0"
 php_fpm_service_name: "{{ php_fpm_service_name_per_release[ansible_distribution_release] }}"
 php_base_config_dir: "{{ php_base_config_dir_per_release[ansible_distribution_release] }}"

roles/web_server/meta/main.yml

➞

Show inline comments

@@ @@ -11,5 +11,5 @@ galaxy_info: @@
   platforms:
     - name: Debian
       versions:
         - 8
         - 9
         - 10

roles/web_server/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -53,6 +53,45 @@ platforms: @@
         network_name: private_network
         type: static
   - name: client1-buster
     groups:
       - client
       - buster
     box: debian/contrib-buster64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.20
         network_name: private_network
         type: static
   - name: parameters-mandatory-buster64
     groups:
       - parameters-mandatory
       - buster
     box: debian/contrib-buster64
     memory: 512
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.30
         network_name: private_network
         type: static
   - name: parameters-optional-buster64
     groups:
       - parameters-optional
       - buster
     box: debian/contrib-buster64
     memory: 512
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.31
         network_name: private_network
         type: static
 provisioner:
   name: ansible
   playbooks:

roles/web_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -27,6 +27,10 @@ @@
           fqdn: parameters-mandatory
         - name: parameters-optional-stretch64_https
           fqdn: parameters-optional
         - name: parameters-mandatory-buster64_https
           fqdn: parameters-mandatory
         - name: parameters-optional-buster64_https
           fqdn: parameters-optional
     - name: Set-up link to generated X.509 material
       file:
@@ @@ -82,6 +86,29 @@ @@
         name: curl
         state: present
 - hosts: buster
   become: true
   tasks:
     - name: Set-up the hosts file
       lineinfile:
         path: /etc/hosts
         regexp: "^{{ item.key }}"
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
         state: present
       with_dict:
 .31.127.20: "client1"
 .31.127.30: "parameters-mandatory"
 .31.127.31: "parameters-optional"
     - name: Install curl for testing redirects and webpage content
       apt:
         name: curl
         state: present
 - hosts: client
   become: true
   tasks:

roles/web_server/molecule/default/tests/conftest.py

➞

Show inline comments

@@ @@ -10,7 +10,10 @@ def php_info(host): @@
     name, PHP-FPM service name, and PHP base configuration directory
     is based on Debian release.
     Currently supports Debian 9 (Stretch).
     Currently supports:
     - Debian 9 (Stretch)
     - Debian 10 (Buster)
     Resulting information can be accessed through returned named tuple
     with the following properties:
@@ @@ -27,6 +30,8 @@ def php_info(host): @@
     if ansible_distribution_release == 'stretch':
         info = PHPInfo(fpm_package='php-fpm', fpm_service='php7.0-fpm', base_config_dir='/etc/php/7.0')
     elif ansible_distribution_release == 'buster':
         info = PHPInfo(fpm_package='php-fpm', fpm_service='php7.3-fpm', base_config_dir='/etc/php/7.3')
     else:
         raise Exception('The php_info pytest fixture does not support Debian release: %s' % ansible_distribution_release)

roles/web_server/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -2,8 +2,6 @@ import os @@
 import testinfra.utils.ansible_runner
 import pytest
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('parameters-*')
@@ @@ -164,17 +162,39 @@ def test_sockets(host): @@
     assert host.socket("tcp://443").is_listening
 @pytest.mark.parametrize("application_type, tmpfiles_d_path",
                          [("wsgi", "/etc/tmpfiles.d/wsgi.conf"),
                           ("php", "/etc/tmpfiles.d/php7.0-fpm.conf")])
 def test_socket_directories(host, application_type, tmpfiles_d_path):
 def test_wsgi_socket_directory(host):
     """
     Tests if directories containing sockets for WSGI and PHP apps are created
     correctly.
     Tests if directory containing socket for WSGI applications has
     been created correctly.
     """
     socket_directory = "/run/wsgi"
     tmpfiles_d_path = "/etc/tmpfiles.d/wsgi.conf"
     tmpfiles_d_content = "d /run/wsgi/ 0750 root www-data - -"
     directory = host.file(socket_directory)
     assert directory.is_directory
     assert directory.user == 'root'
     assert directory.group == 'www-data'
     assert directory.mode == 0o750
     config = host.file(tmpfiles_d_path)
     assert config.is_file
     assert config.user == 'root'
     assert config.group == 'root'
     assert config.mode == 0o644
     assert config.content_string == tmpfiles_d_content
 def test_php_fpm_socket_directory(host, php_info):
     """
     Tests if directory containing socket for WSGI applications has
     been created correctly.
     """
     socket_directory = "/run/%s" % application_type
     tmpfiles_d_content = "d /run/%s/ 0750 root www-data - -" % application_type
     socket_directory = "/run/php"
     tmpfiles_d_path = "/etc/tmpfiles.d/%s.conf" % php_info.fpm_service
     tmpfiles_d_content = "d /run/php/ 0750 root www-data - -"
     directory = host.file(socket_directory)
     assert directory.is_directory

0 comments (0 inline, 0 general)