tower-cli config and molecule

victorock · Apr 4, 2019 · f26e1fa · f26e1fa
2 parents fc06f53 + 779ebc5
commit f26e1fa
Show file tree

Hide file tree

Showing 29 changed files with 287 additions and 173 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -1,20 +1,18 @@
 ---
+language: python
 services: docker
 
 env:
-  - distro: centos7
+  matrix:
+    - MOLECULE_DISTRO: centos7
 
-script:
-  # Configure test script so we can run extra tests after playbook is run.
-  - export container_id=$(date +%s)
-  - export test_idempotence=false
-
-  # Download test shim.
-  - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/
-  - chmod +x ${PWD}/tests/test.sh
+install:
+  # Install test dependencies.
+  - pip install molecule docker
 
-  # Run tests (increasing the travis_wait timeout).
-  - tests/custom_travis_wait.sh ${PWD}/tests/test.sh
+script:
+  # Run tests.
+  - molecule test
 
 notifications:
   webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/meta/main.yml b/meta/main.yml
@@ -1,3 +1,4 @@
+---
 dependencies: []
 
 galaxy_info:

diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -0,0 +1,62 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+lint:
+  name: yamllint
+  options:
+    config-file: molecule/default/yaml-lint.yml
+platforms:
+  - name: instance
+    image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    pre_build_image: true
+provisioner:
+  log: false
+  name: ansible
+  lint:
+    name: ansible-lint
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-playbook.yml}
+scenario:
+  name: default
+  create_sequence:
+    - create
+    - prepare
+  check_sequence:
+    - destroy
+    - dependency
+    - create
+    - prepare
+    - converge
+    - check
+    - destroy
+  converge_sequence:
+    - dependency
+    - create
+    - prepare
+    - converge
+  destroy_sequence:
+    - cleanup
+    - destroy
+  test_sequence:
+    - lint
+    - destroy
+    - dependency
+    - syntax
+    - create
+    - prepare
+    - converge
+    # - idempotence
+    - side_effect
+    - verify
+    - cleanup
+    - destroy
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
diff --git a/tests/test.yml → molecule/default/playbook.yml b/tests/test.yml → molecule/default/playbook.yml
@@ -1,37 +1,31 @@
 ---
-- hosts: all
-  gather_facts: yes
+- name: Converge
+  hosts: all
+  become: false
 
   vars:
-    # Autorun victorock roles
-    autorun: true
-
-    # Install pip package
-    pip_install_packages:
-      - name: ansible-tower-cli
-
-    # Download tower_license.txt artifact
-    download: "gs"
-    download_user: "{{ lookup('ENV', 'GS_ACCESS_KEY_ID') }}"
-    download_pass: "{{ lookup('ENV', 'GS_SECRET_ACCESS_KEY') }}"
-    download_file: "tower_license.txt"
-    download_from: "/input/{{ download_file }}"
-    download_from_bucket: "darkbulb-image-store"
-    download_from_region: "europe-west1"
-    download_to: "/tmp/{{ download_file }}"
-
     # Tower configuration
     tower_config:
       host: "localhost"
       username: "admin"
       password: "toweradmin"
       verify_ssl: false
       setting:
-        license: "{{ lookup('file', download_to) | from_json }}"
+        license:
+          company_name: "Red Hat"
+          contact_email: "vdacosta@redhat.com"
+          contact_name: "Victor da Costa"
+          hostname: "9d7cbfa4e6a548578e32250039b40026"
+          instance_count: 10
+          license_date: 2122451371
+          license_key: "0219bcbd294c57dfebdc638ffdc1eeb8bbdbd1000728b0d85554d4cd79f37863"
+          license_type: "basic"
+          subscription_name: "Red Hat Ansible Tower, Self-Support (10 Managed Nodes)"
+          eula_accepted: true
       organization:
         README:
-          name: "README"
-          description: "README"
+          name: "Default"
+          description: "Default"
           users:
             - name: "infraops"
               password: "infraops"
@@ -123,35 +117,33 @@
               description: "Dev: netops:ansible-tower-example"
               scm_credential: "empty-scm"
               scm_type: "git"
-              scm_branch: "dev"
               scm_update_on_launch: true
               scm_url: "https://github.com/ansible/tower-example"
             - name: "Dev: devops:ansible-tower-example"
               description: "Dev: devops:ansible-tower-example"
               scm_credential: "empty-scm"
               scm_type: "git"
-              scm_branch: "dev"
               scm_update_on_launch: true
               scm_url: "https://github.com/ansible/tower-example"
             - name: "Dev: sysops:ansible-tower-example"
               description: "Dev: sysops:ansible-tower-example"
               scm_credential: "empty-scm"
               scm_type: "git"
-              scm_branch: "dev"
               scm_update_on_launch: true
               scm_url: "https://github.com/ansible/tower-example"
             - name: "Dev: secops:ansible-tower-example"
               description: "Dev: secops:ansible-tower-example"
               scm_credential: "empty-scm"
               scm_type: "git"
-              scm_branch: "dev"
               scm_update_on_launch: true
               scm_url: "https://github.com/ansible/tower-example"
           inventories:
             - name: "infraops"
               description: "infraops"
             - name: "netops"
               description: "netops"
+            - name: "devops"
+              description: "devops"
             - name: "sysops"
               description: "sysops"
             - name: "secops"
@@ -168,7 +160,7 @@
               network_credential: "network-nxos-net"
             - name: "Dev: devops:helloworld"
               description: "Dev: devops:helloworld"
-              project: "Dev: netops:ansible-tower-example"
+              project: "Dev: devops:ansible-tower-example"
               playbook: "helloworld.yml"
               inventory: "devops"
               forks: 50
@@ -257,6 +249,18 @@
             - team: "sysops"
               role: "admin"
               project: "Dev: sysops:ansible-tower-example"
+            - team: "netops"
+              role: "admin"
+              inventory: "netops"
+            - team: "devops"
+              role: "admin"
+              inventory: "devops"
+            - team: "secops"
+              role: "admin"
+              inventory: "secops"
+            - team: "sysops"
+              role: "admin"
+              inventory: "sysops"
             - team: "netops"
               role: "admin"
               job_template: "Dev: netops:helloworld"
@@ -270,9 +274,12 @@
               role: "admin"
               job_template: "Dev: secops:helloworld"
 
+  pre_tasks:
+    - name: Install dependencies (RedHat).
+      yum:
+        name: "epel-release"
+        state: "present"
+
   roles:
-    - role: victorock.tower_setup
-      when: ansible_os_family == "RedHat"
-    - role: geerlingguy.pip
-    - role: victorock.download
-    - role: role_under_test
+    - victorock.tower_setup
+    - ansible-role-tower-config
diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml
@@ -0,0 +1,2 @@
+---
+- name: victorock.tower_setup
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
@@ -0,0 +1,14 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_hosts_file(host):
+    f = host.file('/etc/hosts')
+
+    assert f.exists
+    assert f.user == 'root'
+    assert f.group == 'root'
diff --git a/molecule/default/yaml-lint.yml b/molecule/default/yaml-lint.yml
@@ -0,0 +1,6 @@
+---
+extends: default
+rules:
+  line-length:
+    max: 120
+    level: warning
diff --git a/tasks/config.yml b/tasks/config.yml
@@ -4,8 +4,8 @@
 
 - name: "Configure Setting"
   import_tasks: "config/setting.yml"
-  when: tower_config.setting is mapping
+  when: tower_config.setting is defined
 
 - name: "Configure Organization"
   import_tasks: "config/organization.yml"
-  when: tower_config.organization is mapping
+  when: tower_config.organization is defined
diff --git a/tasks/config/organization.yml b/tasks/config/organization.yml
@@ -1,3 +1,4 @@
+---
 - name: "config.organization: Process [ organization ]"
   when: tower_config_organization is defined
   include_tasks: "organization/main.yml"

diff --git a/tasks/config/organization/credential.yml b/tasks/config/organization/credential.yml
@@ -1,10 +1,10 @@
 ---
-- name: "config.organization.credential: Ensure state of credential: [ {{ tower_config_organization_credential.name }} ]"
+- name: "config.organization.credential: [ {{ tower_config_organization_credential.name }} ]"
   tower_credential:
-    tower_host: "{{ tower_config.host }}"
-    tower_username: "{{ tower_config.username }}"
-    tower_password: "{{ tower_config.password }}"
-    tower_verify_ssl: "{{ tower_config.verify_ssl|bool }}"
+    tower_host: "{{ tower_config.host | default(omit) }}"
+    tower_username: "{{ tower_config.username | default(omit) }}"
+    tower_password: "{{ tower_config.password | default(omit) }}"
+    tower_verify_ssl: "{{ tower_config.verify_ssl | default(omit) }}"
     name: "{{ tower_config_organization_credential.name }}"
     username: "{{ tower_config_organization_credential.username | default(omit) }}"
     password: "{{ tower_config_organization_credential.password | default(omit) }}"
@@ -27,3 +27,5 @@
     subscription: "{{ tower_config_organization_credential.subscription | default(omit) }}"
     client: "{{ tower_config_organization_credential.client | default(omit) }}"
     state: "{{ tower_config_organization_credential.state | default(omit) }}"
+  async: 15
+  poll: 1
diff --git a/tasks/config/organization/credential_type.yml b/tasks/config/organization/credential_type.yml
@@ -1,10 +1,11 @@
-- name: "config.organization.credential_type: Ensure state of credential_type: [ {{ tower_config_organization_credential_type.name }} ]"
+---
+- name: "config.organization.credential_type: [ {{ tower_config_organization_credential_type.name }} ]"
   vars:
     url_host: "https://{{ tower_config.host }}"
     url_api: "/api/v2/credential_types/"
     user: "{{ tower_config.username }}"
     password: "{{ tower_config.password }}"
-    validate_certs: "{{ tower_config.verify_ssl|bool }}"
+    validate_certs: "{{ tower_config.verify_ssl | default(omit) }}"
     force_basic_auth: true
     headers:
       Content-Type: "application/json"
@@ -13,16 +14,21 @@
       name: "{{ tower_config_organization_credential_type.name | mandatory }}"
       description: "{{ tower_config_organization_credential_type.name | default('') }}"
       kind: "{{ tower_config_organization_credential_type.kind | default('cloud') }}"
-      inputs: {{ tower_config_organization_credential_type.inputs | mandatory }}
-      injectors: {{ tower_config_organization_credential_type.injectors | mandatory }}
+      inputs: "{{ tower_config_organization_credential_type.inputs | mandatory }}"
+      injectors: "{{ tower_config_organization_credential_type.injectors | mandatory }}"
     body_format: "{{ tower_config.format }}"
 
   block:
     - when: "tower_config_organization_credential_type.state|default('present') == 'present'"
       block:
-        - uri:
+        - vars:
+            a: "{{ url_host }}"
+            b: "{{ url_api }}"
+            c: "{{ tower_config_organization_credential_type.name }}"
+            d: "{{ tower_config_organization_credential_type.kind | default('cloud') }}"
+          uri:
             method: GET
-            url: "{{ url_host }}{{ url_api }}{{ tower_config_organization_credential_type.name }}+{{ tower_config_organization_credential_type.kind | default('cloud') }}"
+            url: "{{ a }}{{ b }}{{ c }}+{{ d }}"
             user: "{{ user }}"
             password: "{{ password }}"
             validate_certs: "{{ validate_certs }}"
@@ -57,9 +63,14 @@
           register: reg_credential_type
     - when: "tower_config_organization_credential_type.state|default('present') == 'absent'"
       block:
-        - uri:
+        - vars:
+            a: "{{ url_host }}"
+            b: "{{ url_api }}"
+            c: "{{ tower_config_organization_credential_type.name }}"
+            d: "{{ tower_config_organization_credential_type.kind | default('cloud') }}"
+          uri:
             method: GET
-            url: "{{ url_host }}{{ url_api }}{{ tower_config_organization_credential_type.name }}+{{ tower_config_organization_credential_type.kind | default('cloud') }}"
+            url: "{{ a }}{{ b }}{{ c }}+{{ d }}"
             user: "{{ user }}"
             password: "{{ password }}"
             validate_certs: "{{ validate_certs }}"

diff --git a/tasks/config/organization/inventory.yml b/tasks/config/organization/inventory.yml
@@ -1,18 +1,23 @@
-- name: "organization.inventory: Ensure state of inventory: [ {{ tower_config_organization_inventory.name }} ]"
+---
+- name: "config.organization.inventory: [ {{ tower_config_organization_inventory.name }} ]"
   tower_inventory:
-    tower_host: "{{ tower_config.host }}"
-    tower_username: "{{ tower_config.username }}"
-    tower_password: "{{ tower_config.password }}"
-    tower_verify_ssl: "{{ tower_config.verify_ssl|bool }}"
+    tower_host: "{{ tower_config.host | default(omit) }}"
+    tower_username: "{{ tower_config.username | default(omit) }}"
+    tower_password: "{{ tower_config.password | default(omit) }}"
+    tower_verify_ssl: "{{ tower_config.verify_ssl | default(omit) }}"
     name: "{{ tower_config_organization_inventory.name }}"
-    organization:  "{{ tower_config_organization.name }}"
+    organization: "{{ tower_config_organization.name }}"
     description: "{{ tower_config_organization_inventory.description | default(omit) }}"
     state: "{{ tower_config_organization_inventory.state | default(omit) }}"
+  async: 15
+  poll: 1
 
 - name: "organizations.inventory: Process [ sources ]"
   when: tower_config_organization_inventory.sources is sequence
   include_tasks: "inventory/source.yml"
   loop: "{{ tower_config_organization_inventory.sources }}"
   loop_control:
-      loop_var: tower_config_organization_inventory_source
-      label: "{{ tower_config_organization_inventory_source.name }}"
+    loop_var: tower_config_organization_inventory_source
+    label: "{{ tower_config_organization_inventory_source.name }}"
+  async: 15
+  poll: 1