majic-ansible-roles Changeset

Changeset - 6b8b1d4c9061

Parent rev.

Child rev.

[Not reviewed]

0 7 2

Branko Majic (branko) - 6 years ago 2018-05-27 19:49:25
branko@majic.rs

MAR-129: Updated backup_server role linting and test configuration:

- Fixed linting issues.
- Use global linting configuration file.
- Moved test variables into group_vars.

9 files changed with 84 insertions and 83 deletions:

roles/common/defaults/main.yml

roles/common/molecule/default/create.yml

roles/common/molecule/default/destroy.yml

roles/common/molecule/default/group_vars/parameters-mandatory.yml

roles/common/molecule/default/group_vars/parameters-optional.yml

roles/common/molecule/default/molecule.yml

roles/common/molecule/default/playbook.yml

roles/common/molecule/default/prepare.yml

roles/common/tasks/main.yml

0 comments (0 inline, 0 general)

roles/common/defaults/main.yml

➞

Show inline comments

 ---
-enable_backup: False
+enable_backup: false
 common_packages: []
 os_users: []
 os_groups: []

roles/common/molecule/default/create.yml

➞

Show inline comments

@@ @@ -2,7 +2,7 @@ @@
 - name: Create
   hosts: localhost
   connection: local
-  gather_facts: False
+  gather_facts: false
   no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
   vars:
     molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"

roles/common/molecule/default/destroy.yml

➞

Show inline comments

@@ @@ -3,7 +3,7 @@ @@
 - name: Destroy
   hosts: localhost
   connection: local
-  gather_facts: False
+  gather_facts: false
   no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
   vars:
     molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"

roles/common/molecule/default/group_vars/parameters-mandatory.yml

➞

Show inline comments

		new file 100644
		---

roles/common/molecule/default/group_vars/parameters-optional.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 enable_backup: true
 apt_proxy: "http://10.31.127.2:3142/"
 os_users:
   - name: user1
   - name: user2
     uid: 2001
     additional_groups:
       - group1
       - group2
     authorized_keys:
       - "{{ lookup('file', 'tests/data/ssh/clientkey1.pub') }}"
       - "{{ lookup('file', 'tests/data/ssh/clientkey2.pub') }}"
     # Password is 'user2'.
     password: "$6$wdXOQiMe09ugh0$VRIph2XA2QQyEYlAlH7zT4TPACDUalf/4FKpqG9JRHfKxANTcTug2ANCt450htcs0LikJfHLWofLP54jraFU61"
   - name: user3
     uid: 2002
     additional_groups:
       - group3
     authorized_keys:
       - "{{ lookup('file', 'tests/data/ssh/clientkey3.pub') }}"
     # Password is 'user3'.
     password: "$6$nmx.21uLqT$9LrUqNUgUwIM.l0KFKgr2.kDEwe2lo7IbBIhnG70AGW7GTFdWBUFnGAxH15YxikTXhDJD/uxd.NNgojEOjRvx1"
 os_groups:
   - name: group1
   - name: group2
     gid: 3001
   - name: group3
     gid: 3002
 common_packages:
   - units
   - gnutls-bin
   - "{{ 'libmariadb-client-lgpl-dev-compat' if ansible_distribution_release == 'jessie'
   else 'libmariadbclient-dev-compat' if ansible_distribution_release == 'stretch' }}"
   - emacs24-nox
 ca_certificates:
   cacert1: "{{ lookup('file', 'tests/data/x509/ca1.cert.pem') }}"
   cacert2: "{{ lookup('file', 'tests/data/x509/ca2.cert.pem') }}"
 extra_backup_patterns:
   - /home/user1
   - /home/user2
 incoming_connection_limit: 5/second
 incoming_connection_limit_burst: 5
 pipreqcheck_uid: 2500
 pipreqcheck_gid: 2500
 prompt_colour: cyan
 prompt_id: test
 # Purposefully set this to 3 servers to make sure we are
 # overriding the default configuration.
 ntp_servers:
   - "0.debian.pool.ntp.org"
   - "1.debian.pool.ntp.org"
   - "2.debian.pool.ntp.org"
 # From backup_client role meta dependency.
 backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/backup_encryption_key') }}"
 backup_server: backup-server
 backup_server_host_ssh_public_keys:
   - bougs-backup-server-key-1
   - bougs-backup-server-key-2
 backup_ssh_key: "bogus-backup-client-key"

roles/common/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -9,6 +9,8 @@ driver: @@
 lint:
   name: yamllint
   options:
     config-file: ../../.yamllint.yml
 platforms:
   - name: helper

roles/common/molecule/default/playbook.yml

➞

Show inline comments

 ---
 - hosts: helper
-  become: yes
+  become: true
   tasks:
     - name: Install apt-cacher-ng
@@ @@ -9,70 +9,7 @@ @@
         name: apt-cacher-ng
         state: installed
 - hosts: parameters-mandatory
   become: yes
 - hosts: parameters-mandatory,parameters-optional
   become: true
   roles:
     - role: common
 - hosts: parameters-optional
   become: yes
   roles:
     - role: common
       enable_backup: yes
       apt_proxy: "http://10.31.127.2:3142/"
       os_users:
         - name: user1
         - name: user2
           uid: 2001
           additional_groups:
             - group1
             - group2
           authorized_keys:
             - "{{ lookup('file', 'tests/data/ssh/clientkey1.pub') }}"
             - "{{ lookup('file', 'tests/data/ssh/clientkey2.pub') }}"
           # Password is 'user2'.
           password: "$6$wdXOQiMe09ugh0$VRIph2XA2QQyEYlAlH7zT4TPACDUalf/4FKpqG9JRHfKxANTcTug2ANCt450htcs0LikJfHLWofLP54jraFU61"
         - name: user3
           uid: 2002
           additional_groups:
             - group3
           authorized_keys:
             - "{{ lookup('file', 'tests/data/ssh/clientkey3.pub') }}"
           # Password is 'user3'.
           password: "$6$nmx.21uLqT$9LrUqNUgUwIM.l0KFKgr2.kDEwe2lo7IbBIhnG70AGW7GTFdWBUFnGAxH15YxikTXhDJD/uxd.NNgojEOjRvx1"
       os_groups:
         - name: group1
         - name: group2
           gid: 3001
         - name: group3
           gid: 3002
       common_packages:
         - units
         - gnutls-bin
         - "{{ 'libmariadb-client-lgpl-dev-compat' if ansible_distribution_release == 'jessie' else 'libmariadbclient-dev-compat' if ansible_distribution_release == 'stretch' }}"
         - emacs24-nox
       ca_certificates:
         cacert1: "{{ lookup('file', 'tests/data/x509/ca1.cert.pem') }}"
         cacert2: "{{ lookup('file', 'tests/data/x509/ca2.cert.pem') }}"
       extra_backup_patterns:
         - /home/user1
         - /home/user2
       incoming_connection_limit: 5/second
       incoming_connection_limit_burst: 5
       pipreqcheck_uid: 2500
       pipreqcheck_gid: 2500
       prompt_colour: cyan
       prompt_id: test
       # Purposefully set this to 3 servers to make sure we are
       # overriding the default configuration.
       ntp_servers:
         - "0.debian.pool.ntp.org"
         - "1.debian.pool.ntp.org"
         - "2.debian.pool.ntp.org"
       # From backup_client role meta dependency.
       backup_encryption_key: "{{ lookup('file', 'tests/data/gnupg/backup_encryption_key') }}"
       backup_server: backup-server
       backup_server_host_ssh_public_keys:
         - bougs-backup-server-key-1
         - bougs-backup-server-key-2
       backup_ssh_key: "bogus-backup-client-key"
     - common

roles/common/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -2,22 +2,22 @@ @@
 - name: Prepare
   hosts: all
-  gather_facts: False
+  gather_facts: false
   tasks:
     - name: Install python for Ansible
       raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
       become: True
       changed_when: False
       become: true
       changed_when: false
 - hosts: all
-  become: yes
+  become: true
   tasks:
     - name: Update all caches to avoid errors due to missing remote archives
       apt:
         update_cache: yes
       changed_when: False
         update_cache: true
       changed_when: false
     - name: Install net-tools for running Testinfra host.socket tests
       apt:

roles/common/tasks/main.yml

➞

Show inline comments

@@ @@ -29,7 +29,7 @@ @@
   lineinfile:
     dest: "/etc/login.defs"
     state: present
-    backrefs: yes
+    backrefs: true
     regexp: '^UMASK(\s+)'
     line: 'UMASK\g<1>027'
@@ @@ -37,7 +37,7 @@ @@
   lineinfile:
     dest: "/etc/adduser.conf"
     state: present
-    backrefs: yes
+    backrefs: true
     regexp: '^DIR_MODE='
     line: 'DIR_MODE=0750'
@@ @@ -139,7 +139,7 @@ @@
     uid: "{{ item.uid | default(omit) }}"
     group: "{{ item.name }}"
     groups: "{{ ','.join(item.additional_groups | default([])) }}"
-    append: yes
+    append: true
     shell: /bin/bash
     state: present
     password: "{{ item.password | default('!') }}"
@@ @@ -308,7 +308,7 @@ @@
   command: "/usr/bin/virtualenv --prompt '(pipreqcheck)' '/var/lib/pipreqcheck/virtualenv'"
   args:
     creates: '/var/lib/pipreqcheck/virtualenv/bin/activate'
-  become: yes
+  become: true
   become_user: "pipreqcheck"
   tags:
     # [ANSIBLE0012] Commands should not change things if nothing needs doing
@@ @@ -353,7 +353,7 @@ @@
     name:
       - "pip>=9.0.0,<10.0.0"
     virtualenv: "~pipreqcheck/virtualenv"
-  become: yes
+  become: true
   become_user: "pipreqcheck"
 - name: Install pip-tools if not present
@@ @@ -361,14 +361,14 @@ @@
     name: pip-tools
     state: present
     virtualenv: "~pipreqcheck/virtualenv"
-  become: yes
+  become: true
   become_user: "pipreqcheck"
 - name: Synchronise pip-tools virtual environment via deployed requirements file
   shell: "source ~pipreqcheck/virtualenv/bin/activate && pip-sync /etc/pip_check_requirements_upgrades/pipreqcheck/requirements.txt"
   args:
     executable: /bin/bash
-  become: yes
+  become: true
   become_user: "pipreqcheck"
   register: pipreqcheck_pip_sync
   changed_when: "pipreqcheck_pip_sync.stdout != 'Everything up-to-date'"

0 comments (0 inline, 0 general)