moving to molecule

2026-01-29 11:53:09 -07:00
parent b727fb4231
commit 57b63d4503
19 changed files with 140 additions and 157 deletions
--- a/molecule.yml
+++ b/molecule.yml
--- a/molecule/fedora/converge.yml
+++ b/molecule/fedora/converge.yml
@@ -0,0 +1,10 @@
 ---
 # Purpose: bring the instance to the desired state by running the role under test.
 # Molecule calls this playbook with `molecule converge`.
 - name: Converge
  hosts: all
  gather_facts: true # Disable if your role does not rely on facts
  tasks:
    - name: Apply role under test
      ansible.builtin.include_role:
        name: yournamespace.yourcollection.yourrole
--- a/molecule/fedora/create.yml
+++ b/molecule/fedora/create.yml
@@ -0,0 +1,35 @@
 ---
 - name: Create
  hosts: localhost
  connection: local
  gather_facts: false
  # no_log: "{{ molecule_no_log }}"
  tasks:
    # TODO: Developer must implement and populate 'server' variable
    - name: Create instance config
      when: server.changed | default(false) | bool  # noqa no-handler
      block:
        - name: Populate instance config dict  # noqa jinja
          ansible.builtin.set_fact:
            instance_conf_dict: {}
            # instance': "{{ }}",
            # address': "{{ }}",
            # user': "{{ }}",
            # port': "{{ }}",
            # 'identity_file': "{{ }}", }
          with_items: "{{ server.results }}"
          register: instance_config_dict
        - name: Convert instance config dict to a list
          ansible.builtin.set_fact:
            instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
        - name: Dump instance config
          ansible.builtin.copy:
            content: |
              # Molecule managed
              {{ instance_conf | to_json | from_json | to_yaml }}
            dest: "{{ molecule_instance_config }}"
            mode: "0600"
--- a/molecule/fedora/destroy.yml
+++ b/molecule/fedora/destroy.yml
@@ -0,0 +1,24 @@
 ---
 - name: Destroy
  hosts: localhost
  connection: local
  gather_facts: false
  # no_log: "{{ molecule_no_log }}"
  tasks:
    # Developer must implement.
    # Mandatory configuration for Molecule to function.
    - name: Populate instance config
      ansible.builtin.set_fact:
        instance_conf: {}
    - name: Dump instance config
      ansible.builtin.copy:
        content: |
          # Molecule managed
          {{ instance_conf | to_json | from_json | to_yaml }}
        dest: "{{ molecule_instance_config }}"
        mode: "0600"
      when: server.changed | default(false) | bool  # noqa no-handler
--- a/molecule/fedora/inventory.yml
+++ b/molecule/fedora/inventory.yml
@@ -0,0 +1,10 @@
 ---
 all:
  children:
    builders:
      hosts:
        fedora-test:
          ansible_host: fedora-test
          container_image: registry.fedoraproject.org/fedora:latest
          container_command: /sbin/init
          container_privileged: true
--- a/molecule/fedora/molecule.yml
+++ b/molecule/fedora/molecule.yml
@@ -0,0 +1,47 @@
 ---
 # Dependency management (download roles/collections)
 dependency:
  name: galaxy
  options:
    requirements-file: ../requirements.yml
 ansible:
  cfg:
    defaults:
      host_key_checking: false
      verbosity: 1
  executor:
    backend: ansible-playbook
    args:
      ansible_playbook:
        - --diff
        - --force-handlers
        - --inventory=/path/to/inventory.yml
      ansible_navigator:
        - --mode stdout
        - --pull-policy missing
        - --execution-environment-image ghcr.io/ansible/community-ansible-dev-tools:latest
  playbooks:
    create: create.yml
    converge: converge.yml
    destroy: destroy.yml
    cleanup: cleanup.yml
    prepare: prepare.yml
    side_effect: side_effect.yml
    verify: verify.yml
 scenario:
  name: fedora
  test_sequence:
    - dependency
    - syntax
    - create
    - prepare
    - converge
    - idempotence
    - verify
    - cleanup
    - destroy
--- a/molecule/fedora/verify.yml
+++ b/molecule/fedora/verify.yml
@@ -0,0 +1,10 @@
 ---
 # Purpose: assert that the instance really ended up in the expected state.
 # Molecule calls this playbook with `molecule verify`.
 - name: Verify
  hosts: instance
  gather_facts: false # Quicker, if you do not need facts
  tasks:
    - name: Assert something
      ansible.builtin.assert:
        that: true
--- a/molecule/requirements.yml
+++ b/molecule/requirements.yml
@@ -0,0 +1,4 @@
 ---
 collections:
  - name: containers.podman
    version: ">=1.10.0"
--- a/tests/Containerfile.debian
+++ b/tests/Containerfile.debian
@@ -1,18 +0,0 @@
 FROM debian:bookworm
 LABEL PROJECT "ansible_role_package"
 LABEL MAINTAINER "Matthew Stobbs <matthew@stobbs.ca>"
 RUN useradd -d /home/ansible -m -G wheel ansible
 RUN apt update && \
    apt install -y openssh-server python3-paramiko gnupg2
 EXPOSE 22
 USER ansible
 WORKDIR /home/ansible
 RUN mkdir /home/ansible/.ssh
 COPY ./pubkey /home/ansible/.ssh/authorized_keys
 USER root
 RUN echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/sudoers
 RUN ssh-keygen -A
 ENTRYPOINT /usr/sbin/sshd -D
--- a/tests/Containerfile.el9
+++ b/tests/Containerfile.el9
@@ -1,17 +0,0 @@
 FROM almalinux:9
 LABEL PROJECT "ansible_role_package"
 LABEL MAINTAINER "Matthew Stobbs <matthew@stobbs.ca>"
 RUN useradd -d /home/ansible -m -G wheel ansible
 RUN dnf install -y openssh-server python3-paramiko python3-libdnf gnupg2
 EXPOSE 22
 USER ansible
 WORKDIR /home/ansible
 RUN mkdir /home/ansible/.ssh
 COPY ./pubkey /home/ansible/.ssh/authorized_keys
 USER root
 RUN echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/sudoers
 RUN ssh-keygen -A
 ENTRYPOINT /usr/sbin/sshd -D
--- a/tests/Containerfile.fedora
+++ b/tests/Containerfile.fedora
@@ -1,17 +0,0 @@
 FROM fedora:41
 LABEL PROJECT "ansible_role_package"
 LABEL MAINTAINER "Matthew Stobbs <matthew@stobbs.ca>"
 RUN useradd -d /home/ansible -m -G wheel ansible
 RUN dnf install -y openssh-server python3-paramiko python3-libdnf5 gnupg2
 EXPOSE 22
 USER ansible
 WORKDIR /home/ansible
 RUN mkdir /home/ansible/.ssh
 COPY ./pubkey /home/ansible/.ssh/authorized_keys
 USER root
 RUN echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/sudoers
 RUN ssh-keygen -A
 ENTRYPOINT /usr/sbin/sshd -D
--- a/tests/Containerfile.ubuntu
+++ b/tests/Containerfile.ubuntu
@@ -1,18 +0,0 @@
 FROM ubuntu:24.04
 LABEL PROJECT "ansible_role_package"
 LABEL MAINTAINER "Matthew Stobbs <matthew@stobbs.ca>"
 RUN useradd -d /home/ansible -m -G wheel ansible
 RUN apt update && \
    apt install -y openssh-server python3-paramiko gnupg2
 EXPOSE 22
 USER ansible
 WORKDIR /home/ansible
 RUN mkdir /home/ansible/.ssh
 COPY ./pubkey /home/ansible/.ssh/authorized_keys
 USER root
 RUN echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/sudoers
 RUN ssh-keygen -A
 ENTRYPOINT /usr/sbin/sshd -D
--- a/tests/cleanup.sh
+++ b/tests/cleanup.sh
@@ -1,20 +0,0 @@
 #!/usr/bin/env zsh
 set -x
 [[ -f ./lib.sh ]] && source ./lib.sh || exit 1
 ssh-keygen -R "[127.0.0.1]:2222"
 for os in ${OSBUILDS[@]}
 do
  if podman container exists ${CONTAINER}_${os}
  then
    podman stop ${CONTAINER}_${os}
  fi
 done
 if [ "$HOSTOS" = "Darwin" ]
 then
  podman machine stop ${MACHINENAME}
 fi
--- a/tests/inventory.yml
+++ b/tests/inventory.yml
@@ -1,7 +0,0 @@
 test:
  hosts:
    localhost:
      ansible_ssh_host: 127.0.0.1
      ansible_ssh_port: 2222
      ansible_ssh_user: ansible
      ansible_ssh_extra_args: "-o StrictHostKeyChecking=no"
--- a/tests/lib.sh
+++ b/tests/lib.sh
@@ -1,10 +0,0 @@
 HOSTOS="$(uname -o)"
 IMAGE=${IMAGE:-packagetest}
 CONTAINER=${CONTAINER:-packagetest}
 MACHINENAME=${MACHINENAME:-podman-machine-default}
 # OSBUILDS=("fedora" "el9" "debian" "ubuntu")
 OSBUILDS=("fedora")
 function machine_state {
  echo $(podman machine inspect $MACHINENAME | jq -r '.[].State')
 }
--- a/tests/pubkey
+++ b/tests/pubkey
@@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAAxfDLK7wu1ITTMV8gIzImO+KkXsjByvN7gYebqb5e+ stobbsm@ed25591
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -1,26 +0,0 @@
 #!/usr/bin/env zsh
 set -x
 [[ -f ./lib.sh ]] && source ./lib.sh || exit 1
 if [ "$HOSTOS" = "Darwin" ]
 then
  echo "Starting $MACHINENAME"
  podman machine start -q $MACHINENAME
  while [ "$(machine_state)" != "running" ]
  do
    echo $(machine_state)
    echo "Wating for $MACHINENAME to start"
    sleep 1
  done
  echo "Machine $MACHINENAME running"
 fi
 echo "Building container images"
 for os in ${OSBUILDS[@]}
 do
  echo "Building image for ${os}"
  podman build --platform linux/amd64 -f Containerfile.${os} -t localhost/${IMAGE}:${os} .
 done
--- a/tests/test.sh
+++ b/tests/test.sh
@@ -1,11 +0,0 @@
 #!/usr/bin/env zsh
 set -x
 [[ -f ./lib.sh ]] && source ./lib.sh || exit 1
 for os in ${OSBUILDS[@]}
 do
  podman run --rm -it -d --platform linux/amd64 --name ${CONTAINER}_${os} -p 2222:22 localhost/${IMAGE}:${os}
  ansible-playbook "test.yml" -i inventory.yml
 done
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -1,12 +0,0 @@
 ---
 - hosts: localhost
  vars:
    testpkgs:
      - hyprland
  tasks:
    - name: Test all packages with use_local=false
      ansible.builtin.include_role:
        name: ansible_role_package
      vars:
        use_local: false
        packages: "{{ testpkgs }}"
		`@@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAAxfDLK7wu1ITTMV8gIzImO+KkXsjByvN7gYebqb5e+ stobbsm@ed25591`