From 3535aff2736f95c797f29a58bfcc4aa835f5df76 Mon Sep 17 00:00:00 2001
From: Chris Croome <chris@webarchitects.co.uk>
Date: Sat, 27 Aug 2022 13:55:40 +0100
Subject: [PATCH] Ansible lint updates
---
.ansible-lint | 2 ++
.gitlab-ci.yml | 2 +-
handlers/main.yml | 2 +-
meta/argument_specs.yml | 32 +++++++++++++++++++
meta/main.yml | 40 ++++-------------------
tasks/absent.yml | 4 +--
tasks/checks.yml | 34 ++++++++++----------
tasks/dismod.yml | 4 +--
tasks/enmod.yml | 4 +--
tasks/local_facts.yml | 2 +-
tasks/main.yml | 49 ++++++++++++++--------------
tasks/modules.yml | 16 +++++-----
tasks/pkg_checks.yml | 2 +-
tasks/pool_check.yml | 16 +++++-----
tasks/present.yml | 4 +--
tasks/sapi_absent.yml | 2 +-
tasks/sapi_absent_checks.yml | 2 +-
tasks/sapi_checks.yml | 2 +-
tasks/sapi_module_checks.yml | 2 +-
tasks/sapi_state_checks.yml | 4 +--
tasks/sapis.yml | 2 +-
tasks/sury.yml | 8 ++---
templates/php.fact.j2 | 62 ++++++++++++++++--------------------
23 files changed, 148 insertions(+), 149 deletions(-)
create mode 100644 meta/argument_specs.yml
diff --git a/.ansible-lint b/.ansible-lint
index 41c4bac..204266b 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,6 +1,8 @@
---
# https://docs.ansible.com/ansible-lint/rules/default_rules.html
skip_list:
+ # Perform JSON Schema Validation for known lintable kinds
+ - schema
# Lines should be no longer than 160 chars
- "204"
# vim: syntax=yaml
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1d636c3..9244e33 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,5 @@
---
-image: registry.git.coop/webarch/containers/images/ansible:0.8.0
+image: registry.git.coop/webarch/containers/images/ansible:0.9.0
variables:
PY_COLORS: "1"
ANSIBLE_FORCE_COLOR: "1"
diff --git a/handlers/main.yml b/handlers/main.yml
index fbfd38a..bc74ff8 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,6 +1,6 @@
---
- name: Restart PHP-FPM
- service:
+ ansible.builtin.service:
name: "php{{ php_version }}-fpm"
state: restarted
listen: Restart php-fpm
diff --git a/meta/argument_specs.yml b/meta/argument_specs.yml
new file mode 100644
index 0000000..ced7606
--- /dev/null
+++ b/meta/argument_specs.yml
@@ -0,0 +1,32 @@
+---
+argument_specs:
+ main:
+ author: Chris Croome
+ description: Ansible role for installing and configuring PHP on Debian
+ short_description: The main entry point for the PHP role.
+ options:
+ php_sury:
+ type: bool
+ required: true
+ description: Use the Sury PHP deb package repo
+ php_dpkg:
+ type: str
+ required: true
+ description: The path to dpkg for Ansible local facts
+ php_gpg:
+ type: str
+ required: true
+ description: The path to gpg for Ansible local facts
+ php_phpquery:
+ type: str
+ required: true
+ description: The path to phpquery for Ansible local facts
+ php_alternatives:
+ type: dict
+ equired: true
+ description: A dictionary for the Alternatives role to set the priority of PHP versions
+ php_versions:
+ type: dict
+ equired: true
+ description: A dictionary for the PHP versions, packages, sapis and modules
+...
diff --git a/meta/main.yml b/meta/main.yml
index 1a5843d..120d601 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,30 +1,4 @@
---
-argument_specs:
- main:
- author: Chris Croome
- description: Ansible role for installing and configuring PHP on Debian
- short_description: The main entry point for the PHP role.
- options:
- php_sury:
- type: bool
- required: true
- description: Use the Sury PHP deb package repo
- php_dpkg:
- type: str
- required: true
- description: The path to dpkg for Ansible local facts
- php_phpquery:
- type: str
- required: true
- description: The path to phpquery for Ansible local facts
- php_alternatives:
- type: dict
- equired: true
- description: A dictionary for the Alternatives role to set the priority of PHP versions
- php_versions:
- type: dict
- equired: true
- description: A dictionary for the PHP versions, packages, sapis and modules
galaxy_info:
role_name: php
author: Chris Croome
@@ -34,18 +8,16 @@ galaxy_info:
license: GNU General Public License v3.0 (GPLv3)
min_ansible_version: 2.11
platforms:
- - name: debian
+ - name: Debian
versions:
+ - bookworm
- bullseye
- buster
- stretch
- galaxy_tags: []
- # List tags for your role here, one per line. A tag is a keyword that describes
- # and categorizes the role. Users find roles by searching for tags. Be sure to
- # remove the '[]' above, if you add tags to this list.
- #
- # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
- # Maximum 20 tags per role.
+ galaxy_tags:
+ - debian
+ - php
+ - sury
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
diff --git a/tasks/absent.yml b/tasks/absent.yml
index ece2cc5..1c3f907 100644
--- a/tasks/absent.yml
+++ b/tasks/absent.yml
@@ -3,7 +3,7 @@
block:
- name: "PHP {{ version }} packages absent"
- apt:
+ ansible.builtin.apt:
pkg: "php{{ version }}*"
state: absent
purge: true
@@ -11,7 +11,7 @@
autoremove: true
- name: "PHP {{ version }} config files absent"
- file:
+ ansible.builtin.file:
path: "/etc/php/{{ version }}/"
state: absent
diff --git a/tasks/checks.yml b/tasks/checks.yml
index 801fe68..195b5c9 100644
--- a/tasks/checks.yml
+++ b/tasks/checks.yml
@@ -3,13 +3,13 @@
block:
- name: Check that depreciated variables are not used
- assert:
+ ansible.builtin.assert:
that:
- php_allow_local_infile is not defined
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Check that variables are booleans
- assert:
+ ansible.builtin.assert:
that:
- php_allow_url_include | type_debug == "bool"
- php_mysqli_allow_local_infile | type_debug == "bool"
@@ -20,7 +20,7 @@
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Check that the distro is Debian Bookworm, Bullseye, Buster or Stretch or Ubuntu Jammy, Focal or Bionic
- assert:
+ ansible.builtin.assert:
that:
- ansible_distribution_release is defined
- ansible_distribution_release is regex("^stretch|buster|bullseye|bookworm|focal|bionic|jammy$")
@@ -28,7 +28,7 @@
fail_msg: "The Linux distro {{ ansible_distribution }} {{ ansible_distribution_release }} is not supported by this role"
- name: Generate an array of existing PHP versions
- set_fact:
+ ansible.builtin.set_fact:
php_versions_existing: "{{ php_versions_existing | default([]) }} + [ '{{ existing_version.key }}' ]"
loop: "{{ ansible_local.phpquery.versions | dict2items }}"
loop_control:
@@ -39,13 +39,13 @@
- existing_version.value.state == "present"
- name: Debug php_versions_existing array
- debug:
+ ansible.builtin.debug:
var: php_versions_existing
verbosity: 2
when: php_versions_existing is defined
- name: Generate an array of proposed PHP versions
- set_fact:
+ ansible.builtin.set_fact:
php_versions_proposed: "{{ php_versions_proposed | default([]) }} + [ '{{ proposed_version.key }}' ]"
loop: "{{ php_versions | dict2items }}"
loop_control:
@@ -59,19 +59,19 @@
block:
- name: Debug php_versions_proposed array
- debug:
+ ansible.builtin.debug:
var: php_versions_proposed
verbosity: 2
- name: Check that for each proposed version of PHP there are not packages due to be present and absent at the same time
- include_tasks: pkg_checks.yml
+ ansible.builtin.include_tasks: pkg_checks.yml
loop: "{{ php_versions_proposed }}"
loop_control:
loop_var: version
label: "{{ version }}"
- name: Debug defined SAPIs for proposed PHP versions
- debug:
+ ansible.builtin.debug:
msg: "SAPI {{ php_versions[version].sapis }} is defined for PHP {{ version }}"
verbosity: 3
loop: "{{ php_versions_proposed }}"
@@ -81,7 +81,7 @@
when: php_versions[version].sapis is defined
- name: Include SAPI checks for proposed PHP versions
- include_tasks: sapi_checks.yml
+ ansible.builtin.include_tasks: sapi_checks.yml
loop: "{{ php_versions_proposed }}"
loop_control:
loop_var: version
@@ -89,7 +89,7 @@
when: php_versions[version].sapis is defined
- name: Generate an array of PHP versions to remove
- set_fact:
+ ansible.builtin.set_fact:
php_versions_remove: "{{ php_versions_existing | difference(php_versions_proposed) }}"
when:
- ( php_versions_existing is defined ) and ( php_versions_existing != [] )
@@ -99,12 +99,12 @@
block:
- name: Debug php_versions_remove array
- debug:
+ ansible.builtin.debug:
var: php_versions_remove
verbosity: 2
- name: Include SAPI checks for PHP versions due to be removed
- include_tasks: sapi_absent_checks.yml
+ ansible.builtin.include_tasks: sapi_absent_checks.yml
loop: "{{ php_versions_remove }}"
loop_control:
loop_var: version
@@ -116,7 +116,7 @@
when: ( php_versions_proposed is defined ) and ( php_versions_proposed != [] )
- name: Generate an array of absent PHP versions
- set_fact:
+ ansible.builtin.set_fact:
php_versions_absent: "{{ php_versions_absent | default([]) }} + [ '{{ absent_version.key }}' ]"
loop: "{{ php_versions | dict2items }}"
loop_control:
@@ -128,12 +128,12 @@
block:
- name: Debug php_versions_absent array
- debug:
+ ansible.builtin.debug:
var: php_versions_absent
verbosity: 2
- name: Include SAPI checks for PHP versions due to be absent
- include_tasks: sapi_absent_checks.yml
+ ansible.builtin.include_tasks: sapi_absent_checks.yml
loop: "{{ php_versions_absent }}"
loop_control:
loop_var: version
@@ -143,7 +143,7 @@
when: ( php_versions_absent is defined ) and ( php_versions_absent != [] )
# - name: Include www pool server variable checks
- # include_tasks: pool_check.yml
+ # ansible.builtin.include_tasks: pool_check.yml
# when: php_www_pool_pm == "dynamic"
# vars:
# php_pm: "{{ php_www_pool_pm }}"
diff --git a/tasks/dismod.yml b/tasks/dismod.yml
index 0e24bf8..5cc74fd 100644
--- a/tasks/dismod.yml
+++ b/tasks/dismod.yml
@@ -6,14 +6,14 @@
block:
- name: "Disable module {{ mod }} for SAPI {{ sapi.key }} for PHP version {{ version }}"
- command: phpdismod -v "{{ version }}" -s "{{ sapi.key }}" "{{ mod }}"
+ ansible.builtin.command: phpdismod -v "{{ version }}" -s "{{ sapi.key }}" "{{ mod }}"
register: php_mod_disabled
failed_when: php_mod_disabled.stderr | length > 0
rescue:
- name: "Error disabling module {{ mod }} for SAPI {{ sapi.key }} for PHP version {{ version }}"
- fail:
+ ansible.builtin.fail:
msg:
- "Disabling module {{ mod }} for SAPI {{ sapi.key }} for PHP version {{ version }} failed with the following message"
- "{{ php_mod_disabled.stderr }}"
diff --git a/tasks/enmod.yml b/tasks/enmod.yml
index 8a92e1f..9ba3821 100644
--- a/tasks/enmod.yml
+++ b/tasks/enmod.yml
@@ -6,14 +6,14 @@
block:
- name: "Enable module {{ mod }} for SAPI {{ sapi.key }} for PHP version {{ version }}"
- command: phpenmod -v "{{ version }}" -s "{{ sapi.key }}" "{{ mod }}"
+ ansible.builtin.command: phpenmod -v "{{ version }}" -s "{{ sapi.key }}" "{{ mod }}"
register: php_mod_enabled
failed_when: php_mod_enabled.stderr | length > 0
rescue:
- name: "Error enabling module {{ mod }} for SAPI {{ sapi.key }} for PHP version {{ version }}"
- fail:
+ ansible.builtin.fail:
msg:
- "Enabling module {{ mod }} for SAPI {{ sapi.key }} for PHP version {{ version }} failed with the following message"
- "{{ php_mod_enabled.stderr }}"
diff --git a/tasks/local_facts.yml b/tasks/local_facts.yml
index 093c0e6..3dffbb6 100644
--- a/tasks/local_facts.yml
+++ b/tasks/local_facts.yml
@@ -60,7 +60,7 @@
verbosity: 2
- name: Print Ansible phpquery dictionary
- debug:
+ ansible.builtin.debug:
msg: "{{ ansible_local.php }}"
verbosity: 2
diff --git a/tasks/main.yml b/tasks/main.yml
index 2eea92a..a2cee17 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -2,21 +2,20 @@
- name: Install and configure PHP
block:
- # The local facts bash script need work
- # - name: Include local facts tasks
- # include_tasks: local_facts.yml
+ - name: Include local facts tasks
+ ansible.builtin.include_tasks: local_facts.yml
- name: Include check tasks
- include_tasks: checks.yml
+ ansible.builtin.include_tasks: checks.yml
- name: Include apt repo config for Sury PHP packages
- include_tasks: sury.yml
+ ansible.builtin.include_tasks: sury.yml
- name: PHP versions absent
block:
- name: "PHP versioned packages absent"
- apt:
+ ansible.builtin.apt:
pkg: "php{{ version }}*"
state: absent
purge: true
@@ -28,7 +27,7 @@
label: "{{ version }}"
- name: "PHP versioned config files absent"
- file:
+ ansible.builtin.file:
path: "/etc/php/{{ version }}/"
state: absent
loop: "{{ php_versions_absent }}"
@@ -42,7 +41,7 @@
block:
- name: PHP versioned packages absent
- apt:
+ ansible.builtin.apt:
pkg: "{{ php_versions[version].packages_absent }}"
state: absent
loop: "{{ php_versions_proposed }}"
@@ -52,7 +51,7 @@
when: ( php_versions[version].packages_absent is defined ) and ( php_versions[version].packages_absent != [] )
- name: PHP SAPIs absent
- include_tasks: sapi_absent.yml
+ ansible.builtin.include_tasks: sapi_absent.yml
loop: "{{ php_versions_proposed }}"
loop_control:
loop_var: version
@@ -60,7 +59,7 @@
when: php_versions[version].sapis is defined
- name: PHP versioned packages present
- apt:
+ ansible.builtin.apt:
pkg: "{{ php_versions[version].packages_present }}"
state: present
loop: "{{ php_versions_proposed }}"
@@ -72,13 +71,13 @@
when: ( php_versions_proposed is defined ) and ( php_versions_proposed != [] )
- name: PHP packages present
- apt:
+ ansible.builtin.apt:
pkg: "{{ php_packages }}"
state: present
update_cache: true
- name: Loop through the PHP proposed versions to include tasks for each SAPI which will include tasks to enable / disable modules
- include_tasks: sapis.yml
+ ansible.builtin.include_tasks: sapis.yml
loop: "{{ php_versions_proposed }}"
loop_control:
loop_var: version
@@ -94,10 +93,10 @@
# Disable the www pool for all versions but the default PHP version
- name: Debug fail
- fail:
+ ansible.builtin.fail:
- name: Set an array for the PHP packages with version numbers in their names
- set_fact:
+ ansible.builtin.set_fact:
php_version_packages: "{{ php_version_packages | default([]) }} + [ 'php{{ php_version }}-{{ php_package }}' ]"
loop: "{{ php_versioned_packages }}"
loop_control:
@@ -105,24 +104,24 @@
label: "{{ php_package }}"
- name: "PHP {{ php_version }} packages installed"
- apt:
+ ansible.builtin.apt:
pkg: "{{ php_version_packages | default([]) }}"
state: present
update_cache: false
notify: Restart php-fpm
- name: APCu enabled
- command: phpenmod apcu
+ ansible.builtin.command: phpenmod apcu
when: ( "apcu" in php_versioned_packages )
notify: Restart php-fpm
- name: APCu disabled
- command: phpdismod apcu
+ ansible.builtin.command: phpdismod apcu
when: ( "apcu" not in php_versioned_packages )
notify: Restart php-fpm
- name: "PHP-FPM ini config /etc/php/{{ php_version }}/fpm/php.ini in place"
- template:
+ ansible.builtin.template:
src: "templates/php.ini.j2"
dest: "/etc/php/{{ php_version }}/fpm/php.ini"
mode: 0644
@@ -130,7 +129,7 @@
notify: Restart php-fpm
- name: "PHP CLI config /etc/php/{{ php_version }}/cli/php.ini in place"
- template:
+ ansible.builtin.template:
src: "templates/cli_php.ini.j2"
dest: "/etc/php/{{ php_version }}/cli/php.ini"
mode: 0644
@@ -138,7 +137,7 @@
notify: Restart php-fpm
- name: PHP-FPM www.conf pool disabled
- file:
+ ansible.builtin.file:
path: "/etc/php/{{ php_version }}/fpm/pool.d/www.conf"
state: absent
when: ( php_www_pool_enabled is defined ) and ( not php_www_pool_enabled )
@@ -148,7 +147,7 @@
block:
- name: Include www pool server variable checks
- include_tasks: pool_check.yml
+ ansible.builtin.include_tasks: pool_check.yml
when: php_www_pool_pm == "dynamic"
vars:
php_pm: "{{ php_www_pool_pm }}"
@@ -158,7 +157,7 @@
php_pm_max_spare_servers: "{{ php_www_pool_pm_max_spare_servers }}"
- name: PHP-FPM www.conf pool enabled
- template:
+ ansible.builtin.template:
src: templates/www.conf.j2
dest: "/etc/php/{{ php_version }}/fpm/pool.d/www.conf"
backup: false
@@ -167,7 +166,7 @@
when: ( php_www_pool_enabled is not defined ) or ( php_www_pool_enabled is defined and php_www_pool_enabled )
- name: Check the PHP-FPM configuration
- command: "php-fpm{{ php_version }} --test"
+ ansible.builtin.command: "php-fpm{{ php_version }} --test"
check_mode: false
changed_when: false
register: php_test
@@ -175,14 +174,14 @@
notify: Restart php-fpm
- name: Check that /usr/bin/crontab exists
- stat:
+ ansible.builtin.stat:
path: /usr/bin/crontab
register: php_crontab
# The log rotates once a week by default so this is a fairly crude metric but
# it is good enough to flag up how often the max_children limits are being hit
- name: Cron job to email root the results of grepping the logs for PHP-FPM pm.max_children
- cron:
+ ansible.builtin.cron:
name: "Grep PHP{{ php_version }} log for pm.max_children"
hour: "06"
minute: "01"
diff --git a/tasks/modules.yml b/tasks/modules.yml
index ae25399..e2cf5d4 100644
--- a/tasks/modules.yml
+++ b/tasks/modules.yml
@@ -3,31 +3,31 @@
block:
- name: "Debug the available modules for PHP version {{ version }}"
- debug:
+ ansible.builtin.debug:
var: ansible_local.phpquery.versions[version].mods_available
verbosity: 2
when: ansible_local.phpquery.versions[version].mods_available is defined
- name: "Debug the existing modules for SAPI {{ sapi.key }} for PHP version {{ version }}"
- debug:
+ ansible.builtin.debug:
var: ansible_local.phpquery.versions[version].sapis[sapi.key].mods_enabled
verbosity: 2
when: ansible_local.phpquery.versions[version].sapis[sapi.key].mods_enabled is defined
- name: "Debug the proposed modules for SAPI {{ sapi.key }} for PHP version {{ version }}"
- debug:
+ ansible.builtin.debug:
var: sapi.value.modules_enabled
verbosity: 2
when: sapi.value.modules_enabled is defined
- name: "Debug the absent modules for SAPI {{ sapi.key }} for PHP version {{ version }}"
- debug:
+ ansible.builtin.debug:
var: sapi.value.modules_disabled
verbosity: 2
when: sapi.value.modules_disabled is defined
- name: "Warn as a module that doesn't exists is set to be absent"
- debug:
+ ansible.builtin.debug:
msg: "Module {{ mod }} for PHP version {{ version }} doesn't exist so disabling it makes no sense"
loop: "{{ sapi.value.modules_disabled }}"
loop_control:
@@ -39,7 +39,7 @@
- mod not in ansible_local.phpquery.versions[version].mods_available
- name: "Warn as module that doesn't exists is set to be enabled"
- debug:
+ ansible.builtin.debug:
msg: "Module {{ mod }} for PHP version {{ version }} doesn't exist so enabling it makes no sense"
loop: "{{ sapi.value.modules_enabled }}"
loop_control:
@@ -50,7 +50,7 @@
- mod not in ansible_local.phpquery.versions[version].mods_available
- name: "Include phpdismod tasks for absent modules that are existing modules for SAPI {{ sapi.key }} for PHP version {{ version }}"
- include_tasks: dismod.yml
+ ansible.builtin.include_tasks: dismod.yml
loop: "{{ sapi.value.modules_disabled }}"
loop_control:
loop_var: mod
@@ -64,7 +64,7 @@
- mod in ansible_local.phpquery.versions[version].mods_available
- name: "Include phpenmod tasks for proposed modules that are not existing modules for SAPI {{ sapi.key }} for PHP version {{ version }}"
- include_tasks: enmod.yml
+ ansible.builtin.include_tasks: enmod.yml
loop: "{{ sapi.value.modules_enabled }}"
loop_control:
loop_var: mod
diff --git a/tasks/pkg_checks.yml b/tasks/pkg_checks.yml
index 4fe2f9c..362b675 100644
--- a/tasks/pkg_checks.yml
+++ b/tasks/pkg_checks.yml
@@ -3,7 +3,7 @@
block:
- name: "Check that a package is not set to be present and absent at the same time for PHP {{ version }}"
- assert:
+ ansible.builtin.assert:
that:
- pkg not in php_versions[version].packages_absent
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
diff --git a/tasks/pool_check.yml b/tasks/pool_check.yml
index bab3d5d..0378f32 100644
--- a/tasks/pool_check.yml
+++ b/tasks/pool_check.yml
@@ -4,7 +4,7 @@
block:
- name: Print variables for debugging
- debug:
+ ansible.builtin.debug:
msg:
- "php_pm is a {{ php_pm | type_debug }} with the value: {{ php_pm }}"
- "php_pm_start_servers is a {{ php_pm_start_servers | type_debug }} with the value: {{ php_pm_start_servers }}"
@@ -14,13 +14,13 @@
verbosity: 2
- name: Ensure that pm is set to static, ondemand or dynamic
- assert:
+ ansible.builtin.assert:
that:
- php_pm is regex("^static|ondemand|dynamic$")
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Ensure that pm.max_children is defined, numeric and is greater than 1
- assert:
+ ansible.builtin.assert:
that:
- php_pm_max_children is defined
- ( php_pm_max_children | string ) is regex("^[0-9]+$")
@@ -31,7 +31,7 @@
block:
- name: Ensure that pm.start_servers, pm.min_spare_servers and pm.max_spare_servers are defined and numeric
- assert:
+ ansible.builtin.assert:
that:
- php_pm_start_servers is defined
- ( php_pm_start_servers | string ) is regex("^[0-9]+$")
@@ -42,7 +42,7 @@
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Ensure that pm.max_children, pm.start_servers, pm.min_spare_servers and pm.max_spare_servers are greater than or equal to 1
- assert:
+ ansible.builtin.assert:
that:
- php_pm_max_children | int >= 1
- php_pm_start_servers | int >= 1
@@ -51,7 +51,7 @@
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Ensure that pm.max_children is greater than or equal to pm.start_servers, pm.min_spare_servers and pm.max_spare_servers
- assert:
+ ansible.builtin.assert:
that:
- php_pm_max_children | int >= php_pm_start_servers | int
- php_pm_max_children | int >= php_pm_min_spare_servers | int
@@ -59,14 +59,14 @@
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Ensure that pm.start_servers is be greater than pm.min_spare_servers and less than or equal to pm.max_spare_servers
- assert:
+ ansible.builtin.assert:
that:
- php_pm_start_servers | int >= php_pm_min_spare_servers | int
- php_pm_start_servers | int <= php_pm_max_spare_servers | int
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
- name: Ensure that pm.max_spare_servers is greater than pm.min_spare_servers
- assert:
+ ansible.builtin.assert:
that:
- php_pm_max_spare_servers | int >= php_pm_min_spare_servers | int
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
diff --git a/tasks/present.yml b/tasks/present.yml
index a44a2aa..7b388fd 100644
--- a/tasks/present.yml
+++ b/tasks/present.yml
@@ -3,12 +3,12 @@
block:
- name: "PHP {{ version }} packages present"
- apt:
+ ansible.builtin.apt:
pkg: "{{ php_versions[version].packages_present }}"
state: present
- name: "PHP {{ version }} packages present"
- apt:
+ ansible.builtin.apt:
pkg: "{{ php_versions[version].packages_present }}"
state: present
diff --git a/tasks/sapi_absent.yml b/tasks/sapi_absent.yml
index 2ada42e..d9b3e7b 100644
--- a/tasks/sapi_absent.yml
+++ b/tasks/sapi_absent.yml
@@ -3,7 +3,7 @@
block:
- name: "SAPI configuration absent for PHP {{ version }}"
- file:
+ ansible.builtin.file:
path: "/etc/php/{{ version }}/{{ sapi.key }}"
state: absent
loop: "{{ php_versions[version].sapis | dict2items }}"
diff --git a/tasks/sapi_absent_checks.yml b/tasks/sapi_absent_checks.yml
index cdb663a..c7ee694 100644
--- a/tasks/sapi_absent_checks.yml
+++ b/tasks/sapi_absent_checks.yml
@@ -3,7 +3,7 @@
block:
- name: "Check that SAPI is not set to be present when PHP {{ version }} is set to be removed"
- assert:
+ ansible.builtin.assert:
that:
- sapi.value.state == "absent"
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
diff --git a/tasks/sapi_checks.yml b/tasks/sapi_checks.yml
index dc5fcfb..07ebb50 100644
--- a/tasks/sapi_checks.yml
+++ b/tasks/sapi_checks.yml
@@ -3,7 +3,7 @@
block:
- name: "Include SAPI module checks for PHP {{ version }}"
- include_tasks: sapi_module_checks.yml
+ ansible.builtin.include_tasks: sapi_module_checks.yml
loop: "{{ php_versions[version].sapis | dict2items }}"
loop_control:
loop_var: sapi
diff --git a/tasks/sapi_module_checks.yml b/tasks/sapi_module_checks.yml
index 02dc698..4d858c9 100644
--- a/tasks/sapi_module_checks.yml
+++ b/tasks/sapi_module_checks.yml
@@ -3,7 +3,7 @@
block:
- name: "Check that no SAPI modules for {{ sapi.key }} are set to be enabled and disabled at the same time for PHP {{ version }}"
- assert:
+ ansible.builtin.assert:
that:
- mod not in sapi.value.modules_disabled
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
diff --git a/tasks/sapi_state_checks.yml b/tasks/sapi_state_checks.yml
index fe90c41..9c2af30 100644
--- a/tasks/sapi_state_checks.yml
+++ b/tasks/sapi_state_checks.yml
@@ -3,12 +3,12 @@
block:
- name: "Debug PHP {{ version }} SAPI {{ sapi.key }} state"
- debug:
+ ansible.builtin.debug:
var: sapi.value.state
verbosity: 2
- name: "Check that SAPI {{ sapi.key }} is not set to be present when PHP {{ version }} is set to be removed"
- assert:
+ ansible.builtin.assert:
that:
- sapi.value.state == "absent"
quiet: "{% if ansible_verbosity == 0 %}true{% else %}false{% endif %}"
diff --git a/tasks/sapis.yml b/tasks/sapis.yml
index 7962179..0075992 100644
--- a/tasks/sapis.yml
+++ b/tasks/sapis.yml
@@ -3,7 +3,7 @@
block:
- name: "Include module enable / disable tasks for PHP {{ version }}"
- include_tasks: modules.yml
+ ansible.builtin.include_tasks: modules.yml
loop: "{{ php_versions[version].sapis | dict2items }}"
loop_control:
loop_var: sapi
diff --git a/tasks/sury.yml b/tasks/sury.yml
index 478ce71..385affe 100644
--- a/tasks/sury.yml
+++ b/tasks/sury.yml
@@ -11,7 +11,7 @@
group: root
- name: Sury GPG key from https://packages.sury.org/php/apt.gpg in place
- copy:
+ ansible.builtin.copy:
src: sury.gpg
dest: /usr/local/share/keyrings/sury-archive-keyring.gpg
mode: 0644
@@ -19,7 +19,7 @@
group: root
- name: Sury repo apt sources present
- template:
+ ansible.builtin.template:
src: sury.sources.j2
dest: /etc/apt/sources.list.d/sury.sources
mode: 0644
@@ -28,7 +28,7 @@
register: php_sury_sources
- name: Sury apt preferences in place
- template:
+ ansible.builtin.template:
src: sury.pref.j2
dest: /etc/apt/preferences.d/sury.pref
mode: 0644
@@ -37,7 +37,7 @@
register: php_sury_prefs
- name: Update apt cache
- apt:
+ ansible.builtin.apt:
update_cache: true
when: ( php_sury_sources.changed ) or ( php_sury_prefs.changed )
diff --git a/templates/php.fact.j2 b/templates/php.fact.j2
index c35d1d9..6a40030 100644
--- a/templates/php.fact.j2
+++ b/templates/php.fact.j2
@@ -4,43 +4,37 @@
set -euo pipefail
PHPQUERY="{{ php_phpquery }}"
-if [[ -f ${PHPQUERY} ]]; then
- VERSIONS=$(${PHPQUERY} -V | sort -V)
+if [[ -f "${PHPQUERY}" ]] && [[ -f "/usr/lib/php/php-helper" ]]
+then
+ . /usr/lib/php/php-helper
+ declare -a versions=()
+ readarray -t versions < <("${PHPQUERY}" -V | sort -V)
jo state=present versions=$(
jo $(
- for v in ${VERSIONS}; do
- SAPI=$(${PHPQUERY} -v ${v} -S | sort)
+ for v in "${versions[@]}"
+ do
+ declare -a mods_available=()
+ readarray -t mods_available < <("${PHPQUERY}" -v "${v}" -M | sort)
+ declare -a sapis=()
+ readarray -t sapis < <("${PHPQUERY}" -v "${v}" -S | sort)
echo ${v}=$(
- jo state=present $(
- for s in ${SAPI}; do
- MODS=$(${PHPQUERY} -v ${v} -s ${s} -M | sort)
- MODS_ENABLED=""
- MODS_DISABLED=""
- for m in ${MODS}; do
- if ${PHPQUERY} -v ${v} -s ${s} -m ${m} -q; then
- MODS_ENABLED="${MODS_ENABLED} ${m}"
- else
- MODS_DISABLED="${MODS_DISABLED} ${m}"
- fi
- done
- echo sapis[${s}]=$(
- jo state=present mods_available=$(
- jo -a ${MODS}
- ) mods_enabled=$(
- jo -a ${MODS_ENABLED}
- ) mods_disabled=$(
- jo -a ${MODS_DISABLED})
- )
- done
- )
- )
- done
- )
- )
-else
- jo state=absent
-fi
- )
+ jo state=present mods_available=$(
+ jo -a "${mods_available[@]}") $(
+ for s in "${sapis[@]}"
+ do
+ declare -a mods_enabled=()
+ for m in "${mods_available[@]}"
+ do
+ if "${PHPQUERY}" -v "${v}" -s "${s}" -m "${m}" -q
+ then
+ mods_enabled=(${mods_enabled[@]} ${m})
+ fi
+ done
+ echo sapis["${s}"]=$(
+ jo state=present mods_enabled=$(
+ jo -e -a "${mods_enabled[@]}"
+ )
+ )
done
)
)
--
GitLab