Merge branch 'add-molecule-testing' into 'master'

Add molecule testing See merge request !1

Merge branch 'add-molecule-testing' into 'master'
449a5064 · Chris Croome · 35b49d22 · b1908b79 · 449a5064 · 449a5064
Commit 449a5064 authored 4 years ago by Chris Croome
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
 ---
-image: registry.git.coop/webarch/containers/images/ansible:0.2
+image: registry.git.coop/webarch/containers/images/ci:0.2.0

-ansible-lint:
+test:
  script:
-    - molecule lint
+    - molecule test
 ...
--- a/.yamllint
+++ b/.yamllint
+---
 extends: default
-
+ignore: |
+  .venv
 rules:
  braces:
    max-spaces-inside: 1

--- a/README.md
+++ b/README.md
 # Ansible Debian Fail2ban Role 

+[![pipeline status](https://git.coop/webarch/fail2ban/badges/master/pipeline.svg)](https://git.coop/webarch/fail2ban/-/commits/master)
+
 This repository contains an Ansible role for installing [Fail2ban](https://fail2ban.org/) on Debian servers and configuring it to allow applications to send outgoing email nbut not accept incomming email.

 To use this role you need to use Ansible Galaxy to install it into another repository under `galaxy/roles/fail2ban` by adding a `requirements.yml` file in that repo that contains:

--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -10,6 +10,7 @@ fail2ban_ssh: true
 fail2ban_wordpress: true
 # https://www.drupal.org/project/fail2ban
 fail2ban_drupal: true
+fail2ban_drupal_comment: true
 # phpMyAdmin installed using https://git.coop/webarch/phpmyadmin
 # logs to /var/log/auth.log
 fail2ban_phpmyadmin: true

--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
+---
+- name: Converge
+  hosts: all
+  tasks:
+    - name: Include and run the fail2ban role
+      include_role:
+        name: fail2ban
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -5,22 +5,29 @@ dependency:
 driver:
  name: docker

-lint:
-  name: yamllint
+lint: |
+  set -e
+  yamllint -c .yamllint .
+  ansible-lint -c .ansible-lint.yml .

 platforms:
-  - name: instance
-    image: registry.git.coop/webarch/containers/images/ansible:0.2
+  - name: stretch-instance
+    image: geerlingguy/docker-debian9-ansible:latest
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    privileged: true
+    pre_build_image: true
+  - name: buster-instance
+    image: geerlingguy/docker-debian10-ansible:latest
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    privileged: true
    pre_build_image: true

 provisioner:
  name: ansible
-  lint:
-    name: ansible-lint
-
-scenario:
-  name: default
-  test_sequence:
-    - lint
-    - idempotence
 ...
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
+---
+- name: Converge
+  hosts: all
+  tasks:
+    - name: Spoof directories for testing
+      file:
+        path: "{{ item }}"
+        state: directory
+      with_items:
+        - /var/log/apache2
+
+    - name: Spoof log files for testing
+      copy:
+        content: ""
+        dest: "{{ item }}"
+        force: false
+      with_items:
+        - /var/log/auth.log
+        - /var/log/messages
+        - /var/log/apache2/phpmyadmin_access.log
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -60,4 +60,5 @@
    state: restarted
  tags:
    - fail2ban
+    - molecule-idempotence-notest
 ...