Skip to content

Commit

Permalink
Update for new molecule version
Browse files Browse the repository at this point in the history
* Don't use removed filters; I mostly copied what
  ansible-community/molecule-openstack#19 does.
* become_user runs into permissions issues, so just use sudo
* Options passed to ansible are now relative to the root instead of the
  molecule folder, so update paths accordingly.
  • Loading branch information
legoktm committed Oct 15, 2024
1 parent f7bb2a8 commit 9bc5b26
Show file tree
Hide file tree
Showing 7 changed files with 29 additions and 31 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,9 @@
- name: Add the OSSEC GPG public key to the OSSEC manager keyring.
# multiline format for command module, since this is a long command
command: >
gpg
sudo -u {{ ossec_group }} gpg
--homedir /var/ossec/.gnupg
--import /var/ossec/{{ item }}
become: yes
become_user: "{{ ossec_group }}"
register: add_ossec_gpg_key_result
changed_when: "'imported: 1' in add_ossec_gpg_key_result.stderr"
when: item != ''
Expand Down
12 changes: 6 additions & 6 deletions molecule/libvirt-staging-focal/create.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
vars:
molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
molecule_instance_config: "{{ lookup('env', 'MOLECULE_INSTANCE_CONFIG') }}"
molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
molecule_yml: "{{ lookup('file', molecule_file) | from_yaml }}"
tasks:

- name: Create molecule instance(s)
Expand All @@ -26,7 +26,7 @@

state: up
register: server
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

# Mandatory configuration for Molecule to function.

Expand All @@ -38,7 +38,7 @@
'user': "{{ item.User }}",
'port': "{{ item.Port }}",
'identity_file': "{{ item.IdentityFile }}", }
with_items: "{{ server.results }}"
loop: "{{ server.results | flatten(levels=1) }}"
register: instance_config_dict
when: server.changed | bool

Expand All @@ -49,8 +49,8 @@

- name: Dump instance config
copy:
# NOTE(retr0h): Workaround for Ansible 2.2.
# https://github.com/ansible/ansible/issues/20885
content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
content: |
# Molecule managed
{{ instance_conf | to_json | from_json }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
10 changes: 5 additions & 5 deletions molecule/libvirt-staging-focal/destroy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
vars:
molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
molecule_instance_config: "{{ lookup('env',' MOLECULE_INSTANCE_CONFIG') }}"
molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
molecule_yml: "{{ lookup('file', molecule_file) | from_yaml }}"
molecule_ephemeral_directory: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}"
tasks:
- name: Destroy molecule instance(s)
Expand All @@ -18,7 +18,7 @@

state: destroy
register: server
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

# Mandatory configuration for Molecule to function.

Expand All @@ -28,8 +28,8 @@

- name: Dump instance config
copy:
# NOTE(retr0h): Workaround for Ansible 2.2.
# https://github.com/ansible/ansible/issues/20885
content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
content: |
# Molecule managed
{{ instance_conf | to_json | from_json | to_yaml }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
4 changes: 2 additions & 2 deletions molecule/libvirt-staging-focal/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ provisioner:
defaults:
interpreter_python: auto
options:
e: "@ansible-override-vars.yml"
e: "@molecule/libvirt-staging-focal/ansible-override-vars.yml"
playbooks:
converge: ../../install_files/ansible-base/securedrop-staging.yml
create: create.yml
Expand All @@ -71,6 +71,6 @@ verifier:
options:
n: auto
v: 2
junit-xml: ../../junit/testinfra-results.xml
junit-xml: junit/testinfra-results.xml
env:
SECUREDROP_TARGET_DISTRIBUTION: focal
16 changes: 8 additions & 8 deletions molecule/qubes-staging-focal/create.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
vars:
molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
molecule_instance_config: "{{ lookup('env', 'MOLECULE_INSTANCE_CONFIG') }}"
molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
molecule_yml: "{{ lookup('file', molecule_file) | from_yaml }}"
tasks:
- name: Check that Qubes admin tools are installed
shell: >
Expand All @@ -23,7 +23,7 @@
clone_result.rc != 0 and "qvm-clone: error: VM "+item.vm_name+" already exists" not in clone_result.stderr_lines
changed_when: >-
clone_result.rc == 0 and clone_result.stdout == ""
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

- name: Start Qubes VMs
command: qvm-start {{ item.vm_name }}
Expand All @@ -32,7 +32,7 @@
start_result.rc != 0 and "domain "+item.vm_name+" is already running" not in start_result.stderr_lines
changed_when: >-
start_result.rc == 0 and start_result.stdout == ""
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

- name: Wait for VMs to boot
pause:
Expand All @@ -45,7 +45,7 @@
changed_when: false
# Not necessary, using pipe lookup to avoid convoluted Jinja logic.
when: false
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

# Mandatory configuration for Molecule to function.

Expand All @@ -59,7 +59,7 @@
# Hardcoded username, must match the username manually configured during
# base VM creation (see developer documentation).
user: "sdadmin"
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"
register: instance_config_dict
when: start_result.changed | bool

Expand All @@ -78,8 +78,8 @@

- name: Dump instance config
copy:
# NOTE(retr0h): Workaround for Ansible 2.2.
# https://github.com/ansible/ansible/issues/20885
content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
content: |
# Molecule managed
{{ instance_conf | to_json | from_json | to_yaml }}
dest: "{{ molecule_instance_config }}"
when: start_result.changed | bool
12 changes: 6 additions & 6 deletions molecule/qubes-staging-focal/destroy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
vars:
molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
molecule_instance_config: "{{ lookup('env',' MOLECULE_INSTANCE_CONFIG') }}"
molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
molecule_yml: "{{ lookup('file', molecule_file) | from_yaml }}"
molecule_ephemeral_directory: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}"
tasks:
- name: Check that Qubes admin tools are installed
Expand All @@ -21,14 +21,14 @@
register: server
failed_when: >-
server.rc != 0 and "qvm-shutdown: error: no such domain: '"+item.vm_name+"'" not in server.stderr_lines
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

- name: Destroy molecule instance(s)
command: qvm-remove --force "{{ item.vm_name }}"
register: server
failed_when: >-
server.rc != 0 and "qvm-remove: error: no such domain: '"+item.vm_name+"'" not in server.stderr_lines
with_items: "{{ molecule_yml.platforms }}"
loop: "{{ molecule_yml.platforms | flatten(levels=1) }}"

# Mandatory configuration for Molecule to function.

Expand All @@ -38,8 +38,8 @@

- name: Dump instance config
copy:
# NOTE(retr0h): Workaround for Ansible 2.2.
# https://github.com/ansible/ansible/issues/20885
content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
content: |
# Molecule managed
{{ instance_conf | to_json | from_json | to_yaml }}
dest: "{{ molecule_instance_config }}"
when: server.changed | bool
2 changes: 1 addition & 1 deletion molecule/qubes-staging-focal/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ provisioner:
callback_whitelist: "profile_tasks, timer"
interpreter_python: auto
options:
e: "@qubes-vars.yml"
e: "@molecule/qubes-staging-focal/qubes-vars.yml"
playbooks:
converge: ../../install_files/ansible-base/securedrop-staging.yml
env:
Expand Down

0 comments on commit 9bc5b26

Please sign in to comment.