updates

09450807 · Chris Croome · 5f2ae120 · 09450807 · 09450807 · 09450807
Verified Commit 09450807 authored 1 year ago by Chris Croome
--- a/.ansible-lint
+++ b/.ansible-lint
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
 # https://ansible-lint.readthedocs.io/rules/
 skip_list:
  - key-order[task]
-  - schema[arg_specs]
-  - schema[meta]
 # vim: syntax=yaml
 ...
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
-image: registry.git.coop/webarch/containers/images/ansible:0.18.0
 variables:
-  PY_COLORS: "1"
+  ANSIBLE_CALLBACK_RESULT_FORMAT: "yaml"
+  ANSIBLE_DISPLAY_SKIPPED_HOSTS: "0"
  ANSIBLE_FORCE_COLOR: "1"
+  ANSIBLE_REMOTE_TMP: "/tmp"
+  ANSIBLE_SHELL_ALLOW_WORLD_READABLE_TEMP: "1"
+  DEFAULT_MANAGED_STR: "Ansible managed"
+  MOLECULE_VERBOSITY: "0"
+  PY_COLORS: "1"
 before_script:
-  - chmod 700 $(pwd)
+  - whoami
+  - pwd
+  - which ansible
+  - ansible --version
+  - which yamllint
+  - yamllint --version
+  - which molecule
+  - molecule --version
 stages:
-  - lint
-lint:
-  stage: lint
+  - bookworm
+  # - bullseye
+  - jammy
+  # - trixie
+bookworm:
+  image: registry.git.coop/webarch/containers/images/bookworm:20231213
+  stage: bookworm
+  script:
+    - molecule test --all
+# The Bullseye test run OK but Molecule never completes
+# https://github.com/ansible/molecule/discussions/4020
+# bullseye:
+#   image: registry.git.coop/webarch/containers/images/bullseye:20231213
+#   stage: bullseye
+#   script:
+#     - molecule test
+jammy:
+  image: registry.git.coop/webarch/containers/images/jammy:20231213
+  stage: jammy
  script:
-    - molecule lint
-# vim: syntax=yaml
+    - molecule test
+# trixie:
+#   image: registry.git.coop/webarch/containers/images/trixie:20231213
+#   stage: trixie
+#   script:
+#     - molecule test
 ...
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -8,11 +8,32 @@
 #
 # You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
-# https://yamllint.readthedocs.io/en/stable/integration.html
-# https://github.com/adrienverge/yamllint/tags
 repos:
+  # https://github.com/adrienverge/yamllint/tags
  - repo: https://github.com/adrienverge/yamllint.git
-    rev: v1.29.0
+    rev: v1.33.0
    hooks:
      - id: yamllint
+        name: YAML Lint
+  # https://github.com/ansible/ansible-lint/releases
+  - repo: https://github.com/ansible/ansible-lint.git
+    rev: v6.22.1
+    hooks:
+      - id: ansible-lint
+        name: Ansible Lint
+        language: python
+        additional_dependencies:
+          # https://github.com/kellyjonbrazil/jc/releases
+          - jc==1.23.6
+          # https://github.com/jmespath/jmespath.py/tags
+          - jmespath==1.0.1
+  # https://github.com/jackdewinter/pymarkdown/releases
+  - repo: https://github.com/jackdewinter/pymarkdown.git
+    rev: v0.9.15
+    hooks:
+      - id: pymarkdown
+        name: Markdown Lint
+        args:
+          - scan
+          - README.md
 ...
--- a/.pymarkdown.yml
+++ b/.pymarkdown.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+# https://github.com/jackdewinter/pymarkdown
+plugins:
+  md013:
+    enabled: false
+...
--- a/.yamllint
+++ b/.yamllint
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
 extends: default
 yaml-files:

--- a/meta/argument_specs.yml
+++ b/meta/argument_specs.yml
@@ -32,6 +32,6 @@ argument_specs:
        description: The version number of `docker-compose` version 1 to be installed when `docker_compose_v1` is defined and `true`.
      docker_pkg:
        type: list
-        equired: true
+        required: true
        description: Packages to be installed from the Docker apt repo.
 ...
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -17,17 +17,14 @@ galaxy_info:
  license: GNU General Public License v3.0 (GPLv3)
  min_ansible_version: "2.10.7"
  platforms:
-    - name: debian
+    - name: Debian
      versions:
        - bookworm
        - bullseye
        - buster
-        - stretch
-    - name: ubuntu
+    - name: Ubuntu
      versions:
        - jammy
-        - focal
-        - bionic
  galaxy_tags:
    - debian
    - docker

--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+- name: Run as root
+  # become: true
+  connection: local
+  # gather_facts: true
+  hosts:
+    - localhost
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+  tasks:
+
+    - name: Debug ansible_effective_user_id
+      ansible.builtin.debug:
+        var: ansible_effective_user_id
+
+    - name: Debug ansible_user_id
+      ansible.builtin.debug:
+        var: ansible_user_id
+
+    - name: Debug ansible_user_dir
+      ansible.builtin.debug:
+        var: ansible_user_dir
+
+    - name: Include Docker role
+      ansible.builtin.include_role:
+        name: docker
+      vars:  # noqa var-naming[no-role-prefix]
+        docker: true
+...
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
 dependency:
  name: galaxy
 platforms:
  - name: instance
-    image: registry.git.coop/webarch/containers/images/ansible:0.18.0
-    pre_build_image: true
 provisioner:
  name: ansible
-lint: |
-  set -e
-  find -type f -name '*.j2' -exec ansiblej2lint.py {} +
-  yamllint -f colored -c .yamllint .
-  ansible-lint -c .ansible-lint --force-color .
-# vim: syntax=yaml
+    # host_vars:
+    #   instance:
+    #     ansible_user: ansible
+  options:
+    D: true
+verifier:
+  name: ansible
+    # host_vars:
+    #   instance:
+    #     ansible_user: ansible
 ...
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+- name: Verify as root
+  # become: true
+  connection: local
+  # gather_facts: true
+  hosts:
+    - localhost
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+  tasks:
+
+    - name: Gather service facts
+      ansible.builtin.service_facts:
+      register: molecule_service_facts
+
+    - name: Debug Docker service status
+      ansible.builtin.debug:
+        msg: "{{ molecule_service_facts | community.general.json_query(molecule_service_jpq) }}"
+        verbosity: 3
+      vars:
+        molecule_service_jpq: 'ansible_facts.services.["docker.service"]|[0]'
+...
--- a/tasks/apt.yml
+++ b/tasks/apt.yml
@@ -28,6 +28,7 @@

    - name: Disable legacy Docker apt list files
      ansible.builtin.command: "mv {{ file.path }} {{ file.path }}.ansible.save"
+      changed_when: true
      loop: "{{ docker_old_apt_list_files.files }}"
      loop_control:
        loop_var: file
@@ -77,6 +78,7 @@
            chmod 644 /etc/apt/keyrings/docker.gpg
          args:
            executable: "{{ ansible_local.bash.path }}"
+          changed_when: false
          when: ( docker_tmp_asc_file.changed | bool ) or ( not docker_gpg_file.stat.exists | bool )

        - name: Stat Docker gpg dearmored file

--- a/tasks/compose_v1.yml
+++ b/tasks/compose_v1.yml
@@ -37,12 +37,13 @@
      failed_when: docker_compose_alternatives_query.rc is not regex('^0|2')

    - name: Remove Docker Compose alternatives
-      ansible.builtin.command: "{{ cmd }}"
+      ansible.builtin.command: "{{ docker_cmd }}"
+      changed_when: true
      loop:
        - update-alternatives --remove docker-compose /usr/local/bin/docker-compose
        - update-alternatives --remove docker-compose /usr/local/bin/compose-switch
      loop_control:
-        loop_var: cmd
+        loop_var: docker_cmd
      when: docker_compose_alternatives_query.rc == 0

  when: ( docker_compose_v1 is defined ) and ( not docker_compose_v1 | bool )

--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -8,9 +8,26 @@
 #
 # You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
+- name: Skip the tasks in this role as ans is false
+  ansible.builtin.debug:
+    msg: "The ans variable need to be true for the tasks in this role to run."
+  when: >-
+    ( docker is not defined ) or
+    ( not docker | bool )
+  tags:
+    - docker
+
 - name: Install Docker
  block:

+    - name: Include Docker verify variables tasks
+      ansible.builtin.include_tasks: verify.yml
+      when:
+        - docker_verify is defined
+        - docker_verify | bool
+      tags:
+        - docker_verify
+
    - name: Include apt role local fact tasks if variables are not defined
      ansible.builtin.include_role:
        name: apt
@@ -41,7 +58,9 @@
      tags:
        - docker_compose_v1

-  when: ( docker is defined ) and ( docker | bool )
+  when:
+    - docker is defined
+    - docker | bool
  tags:
    - docker
 ...
--- a/tasks/verify.yml
+++ b/tasks/verify.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
+---
+- name: Verify Docker variables
+  block:
+
+    - name: Debug the hostvars variable names that start with docker_
+      ansible.builtin.debug:
+        var: dockervarnames
+        verbosity: "{% if ansible_check_mode | bool %}3{% else %}4{% endif %}"
+
+    - name: Debug the hostvars variable names that start with docker_
+      ansible.builtin.debug:
+        var: dockerhostvars
+        verbosity: "{% if ansible_check_mode | bool %}3{% else %}4{% endif %}"
+
+    - name: Check docker_ variables using meta/argument_specs.yml
+      ansible.builtin.validate_argument_spec:
+        argument_spec: "{{ (lookup('ansible.builtin.file', 'meta/argument_specs.yml') | from_yaml)['argument_specs']['main']['options'] }}"
+        provided_arguments: "{{ dockerhostvars }}"
+
+  when:
+    - docker_verify is defined
+    - docker_verify | bool
+  tags:
+    - docker
+    - docker_verify
+...
--- a/vars/main.yml
+++ b/vars/main.yml
+# Copyright 2018-2023 Chris Croome
+#
+# This file is part of the Webarchitects Docker Ansible role.
+#
+# The Webarchitects Docker Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+#
+# The Webarchitects Docker Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with the Webarchitects Docker Ansible role. If not, see <https://www.gnu.org/licenses/>.
 ---
-# Paths for local_facts scripts
-apt_dpkg: /usr/bin/dpkg
-apt_gpg: /usr/bin/gpg
-
 # ASCII armored GPG public key URL linked from
 # https://docs.docker.com/engine/install/debian/
 docker_gpg_url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"