Skip to content

Commit

Permalink
Fix ansible-lint violations in gitlab_runner role
Browse files Browse the repository at this point in the history
  • Loading branch information
tobiashuste committed May 16, 2024
1 parent bced427 commit a8a5f90
Show file tree
Hide file tree
Showing 14 changed files with 158 additions and 159 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/gitlab_runner.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,8 @@ env:
jobs:

test:
name: Run Molecule tests.
runs-on: ubuntu-24.04
name: "Run Molecule tests."
runs-on: "ubuntu-24.04"
env:
PY_COLORS: 1
ANSIBLE_FORCE_COLOR: 1
Expand Down Expand Up @@ -70,5 +70,5 @@ jobs:
run: "pipenv run molecule test -s gitlab_runner"
env:
MOLECULE_IMAGE: "${{ matrix.image }}"
AUTHENTICATION_TOKEN: ${{ secrets.authentication_token }}
AUTHENTICATION_TOKEN: "${{ secrets.authentication_token }}"
working-directory: "ansible_collections/hifis/toolkit"
4 changes: 2 additions & 2 deletions molecule/gitlab_runner/converge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@
# SPDX-License-Identifier: Apache-2.0

---
- name: Converge
hosts: all
- name: "Converge"
hosts: "all"
tasks:
- name: "Include gitlab_runner role"
ansible.builtin.include_role:
Expand Down
56 changes: 28 additions & 28 deletions molecule/gitlab_runner/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,31 +5,31 @@

---
dependency:
name: galaxy
name: "galaxy"
options:
requirements-file: "molecule/gitlab_runner/requirements.yml"
driver:
name: podman
name: "podman"
platforms:
- name: instancegitlabciopenstack1
image: ${MOLECULE_IMAGE:-ghcr.io/hifis-net/ubuntu-systemd:24.04}
- name: "instancegitlabciopenstack1"
image: "${MOLECULE_IMAGE:-ghcr.io/hifis-net/ubuntu-systemd:24.04}"
pre_build_image: true
override_command: false
privileged: true # Required to run Docker in Podman
systemd: true
tty: true
- name: instancegitlabciopenstack2
image: ${MOLECULE_IMAGE:-ghcr.io/hifis-net/ubuntu-systemd:24.04}
- name: "instancegitlabciopenstack2"
image: "${MOLECULE_IMAGE:-ghcr.io/hifis-net/ubuntu-systemd:24.04}"
pre_build_image: true
override_command: false
privileged: true # Required to run Docker in Podman
systemd: true
tty: true
provisioner:
name: ansible
name: "ansible"
playbooks:
prepare: prepare.yml
converge: converge.yml
prepare: "prepare.yml"
converge: "converge.yml"
inventory:
hosts:
all:
Expand All @@ -53,7 +53,7 @@ provisioner:
- name: "test01"
url: "https://gitlab.com"
description: "Molecule test runner"
authentication_token: ${AUTHENTICATION_TOKEN}
authentication_token: "${AUTHENTICATION_TOKEN}"
executor: "docker"
environment: ["CI_CPUS=8", "DOCKER_TLS_CERTDIR=/certs"]
docker_security_opts: ["seccomp=unconfined"]
Expand All @@ -65,7 +65,7 @@ provisioner:
docker_image: "python:3.8"
docker_network_mtu: 1442
tags: ["docker", "hifis"]
locked: True
locked: true
limit: 10
instancegitlabciopenstack2:
gitlab_runner_version: "16.11.0"
Expand All @@ -79,15 +79,15 @@ provisioner:
- name: "test01"
url: "https://gitlab.com"
description: "Molecule test runner"
authentication_token: ${AUTHENTICATION_TOKEN}
authentication_token: "${AUTHENTICATION_TOKEN}"
executor: "docker+machine"
environment: ["CI_CPUS=8", "DOCKER_TLS_CERTDIR=/certs"]
docker_volumes: ["/cache", "/certs/client", "/opt/docker/daemon.json:/etc/docker/daemon.json:ro"]
docker_image: "python:3.8"
docker_shm_size: 2147483648
docker_disable_cache: True
docker_disable_cache: true
tags: ["docker", "hifis"]
locked: True
locked: true
limit: 10
machine_idle_count: 5
machine_idle_time: 7200
Expand Down Expand Up @@ -119,19 +119,19 @@ provisioner:
cache_bucket_location: "eu-west-1"
cache_insecure: "false"
verifier:
name: ansible
name: "ansible"
scenario:
name: gitlab_runner
name: "gitlab_runner"
test_sequence:
- destroy
- dependency
- syntax
- create
- prepare
- check
- converge
- idempotence
- check
- side_effect
- verify
- destroy
- "destroy"
- "dependency"
- "syntax"
- "create"
- "prepare"
- "check"
- "converge"
- "idempotence"
- "check"
- "side_effect"
- "verify"
- "destroy"
30 changes: 15 additions & 15 deletions molecule/gitlab_runner/prepare.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,31 +4,31 @@
# SPDX-License-Identifier: Apache-2.0

---
- name: Prepare
hosts: all
- name: "Prepare"
hosts: "all"
tasks:
- name: Install necessary packages
when: ansible_os_family == 'Debian'
- name: "Install necessary packages"
when: "ansible_os_family == 'Debian'"
block:
- name: Install missing dependencies
- name: "Install missing dependencies"
ansible.builtin.apt:
name:
- sudo # for `become` privilege escalation
- iproute2 # for gathering network facts
- ca-certificates # for Gitlab-Runner download
- gpg
- python3-debian
state: present
update_cache: yes
- name: Set up iptables
when: ansible_distribution == 'Debian'
- "sudo" # for `become` privilege escalation
- "iproute2" # for gathering network facts
- "ca-certificates" # for Gitlab-Runner download
- "gpg"
- "python3-debian"
state: "present"
update_cache: true
- name: "Set up iptables"
when: "ansible_distribution == 'Debian'"
block:
- name: "Install missing dependencies"
ansible.builtin.apt:
name:
- "iptables"
state: "present"
update_cache: yes
update_cache: true
- name: "Use legacy iptables"
community.general.alternatives:
name: "iptables"
Expand Down
2 changes: 1 addition & 1 deletion molecule/gitlab_runner/requirements.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@

---
roles:
- name: geerlingguy.docker
- name: "geerlingguy.docker"
100 changes: 50 additions & 50 deletions molecule/gitlab_runner/verify.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,123 +4,123 @@
# SPDX-License-Identifier: Apache-2.0

---
- name: Verify
hosts: all
- name: "Verify"
hosts: "all"
tasks:
- name: Gather package facts
- name: "Gather package facts"
ansible.builtin.package_facts:
manager: auto
manager: "auto"

- name: Gather service facts
- name: "Gather service facts"
ansible.builtin.service_facts:

- name: Assert that docker is installed
when: gitlab_runner_install_docker
- name: "Assert that docker is installed"
when: "gitlab_runner_install_docker"
ansible.builtin.assert:
that:
- "'docker-ce' in ansible_facts.packages"

- name: Assert that docker is not installed
when: not gitlab_runner_install_docker
- name: "Assert that docker is not installed"
when: "not gitlab_runner_install_docker"
ansible.builtin.assert:
that:
- "'docker-ce' not in ansible_facts.packages"

- name: Assert that Docker systemd service is running
when: gitlab_runner_install_docker
- name: "Assert that Docker systemd service is running"
when: "gitlab_runner_install_docker"
ansible.builtin.assert:
that:
- "ansible_facts.services['docker.service'].state == 'running'"
- "ansible_facts.services['docker.service'].status == 'enabled'"

- name: Check that docker-machine is properly installed
ansible.builtin.command: docker-machine version
- name: "Check that docker-machine is properly installed"
ansible.builtin.command: "docker-machine version"
changed_when: false
register: machine_version
register: "machine_version"
when: "gitlab_runner_list | selectattr('executor', 'equalto', 'docker+machine') | list | length > 0"
failed_when: "'0.16.2-gitlab.25' not in machine_version.stdout"

- name: Assert that Gitlab-Runner is installed
- name: "Assert that Gitlab-Runner is installed"
ansible.builtin.assert:
that:
- "'gitlab-runner' in ansible_facts.packages"

- name: Assert that installed GitLab Runner version is equal to the desired one
- name: "Assert that installed GitLab Runner version is equal to the desired one"
ansible.builtin.assert:
that:
- "ansible_facts.packages['gitlab-runner'][0].version == gitlab_runner_version + '-1'"
when:
- gitlab_runner_version is defined
- "gitlab_runner_version is defined"

- name: Assert that ignition.json file was created
- name: "Assert that ignition.json file was created"
ansible.builtin.stat:
path: /etc/gitlab-runner/ignition.json
register: ignition
failed_when: not ignition.stat.isreg
path: "/etc/gitlab-runner/ignition.json"
register: "ignition"
failed_when: "not ignition.stat.isreg"

- name: Determine generated SSH public key
when: gitlab_runner_ssh_public_key | default("") | length == 0 or gitlab_runner_ssh_public_key | default("") | length == 0
- name: "Determine generated SSH public key"
when: "gitlab_runner_ssh_public_key | default('') | length == 0 or gitlab_runner_ssh_public_key | default('') | length == 0"
block:
- name: Assert that SSH key pair was created
- name: "Assert that SSH key pair was created"
ansible.builtin.stat:
path: /etc/gitlab-runner/gitlab_runner_key
register: ssh_key
failed_when: not ssh_key.stat.isreg or ssh_key.stat.mode != "0600"
path: "/etc/gitlab-runner/gitlab_runner_key"
register: "ssh_key"
failed_when: "not ssh_key.stat.isreg or ssh_key.stat.mode != '0600'"

- name: Read generated SSH public key
ansible.builtin.command: cat /etc/gitlab-runner/gitlab_runner_key.pub
register: generated_pub_key
- name: "Read generated SSH public key"
ansible.builtin.command: "cat /etc/gitlab-runner/gitlab_runner_key.pub"
register: "generated_pub_key"
changed_when: false

- name: Store generated SSH public key in variable
- name: "Store generated SSH public key in variable"
ansible.builtin.set_fact:
gitlab_runner_ssh_key: "{{ generated_pub_key.stdout | trim }}"

- name: Store predefined SSH public key in variable
- name: "Store predefined SSH public key in variable"
ansible.builtin.set_fact:
gitlab_runner_ssh_key: "{{ lookup('file', gitlab_runner_ssh_public_key) | trim }}"
when:
- gitlab_runner_ssh_public_key | default("") | length > 0
- gitlab_runner_ssh_private_key | default("") | length > 0
- "gitlab_runner_ssh_public_key | default('') | length > 0"
- "gitlab_runner_ssh_private_key | default('') | length > 0"

- name: Read flatcar linux config
ansible.builtin.command: cat /etc/gitlab-runner/ignition.json
register: flatcar_linux_config
- name: "Read flatcar linux config"
ansible.builtin.command: "cat /etc/gitlab-runner/ignition.json"
register: "flatcar_linux_config"
changed_when: false

- name: Assert that SSH public key exists in flatcar linux config
- name: "Assert that SSH public key exists in flatcar linux config"
ansible.builtin.assert:
that:
- flatcar_linux_config.stdout.find(gitlab_runner_ssh_key) != -1
- "flatcar_linux_config.stdout.find(gitlab_runner_ssh_key) != -1"

- name: Store authentication token environment variable as Ansible fact.
- name: "Store authentication token environment variable as Ansible fact."
ansible.builtin.set_fact:
gitlab_runner_authentication_token: "{{ lookup('env', 'AUTHENTICATION_TOKEN') }}"

- name: Assert that the runner was registered successfully
ansible.builtin.command: gitlab-runner list
- name: "Assert that the runner was registered successfully"
ansible.builtin.command: "gitlab-runner list"
changed_when: false
register: runners
register: "runners"
failed_when: "'test01' not in runners.stderr"
# Do not verify runner registration in forks
when: "gitlab_runner_authentication_token | length > 0"

- name: Assert that the verify command is successful
ansible.builtin.command: gitlab-runner verify
- name: "Assert that the verify command is successful"
ansible.builtin.command: "gitlab-runner verify"
changed_when: false
register: runners_verify
failed_when: runners_verify.rc != 0
register: "runners_verify"
failed_when: "runners_verify.rc != 0"

- name: "Assert that metrics endpoint is activated"
when: "gitlab_runner_listen_address is defined and gitlab_runner_listen_address | length > 0"
ansible.builtin.uri:
url: "http://{{ gitlab_runner_listen_address }}/metrics"
return_content: yes
return_content: true
register: "metrics"
failed_when: '"# TYPE gitlab_runner_version_info" not in metrics.content'

- name: Unregister GitLab-Runner
ansible.builtin.command: gitlab-runner unregister --all-runners
- name: "Unregister GitLab-Runner"
ansible.builtin.command: "gitlab-runner unregister --all-runners"
changed_when: false
# Do not verify runner registration in forks
when: "gitlab_runner_authentication_token | length > 0"
2 changes: 1 addition & 1 deletion requirements.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,4 @@ collections:
- name: "community.crypto"

roles:
- name: geerlingguy.docker
- name: "geerlingguy.docker"
4 changes: 2 additions & 2 deletions roles/gitlab_runner/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@ gitlab_runner_transpiler_binary_checksum: "sha256:28003c61b991d17d66c23cd3f30520
gitlab_runner_install_docker: true

gitlab_runner_namerservers:
- 9.9.9.9
- 149.112.112.112
- "9.9.9.9"
- "149.112.112.112"

gitlab_runner_mtu: 1450

Expand Down
Loading

0 comments on commit a8a5f90

Please sign in to comment.