replace molecule with playbooks

1 year ago · 0023e0d15a
15 changed files with 62 additions and 104 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@ -1,5 +1,5 @@
 exclude_paths:
-  - molecule/postfix/roles/debops.postfix
+  - playbooks/postfix/roles/debops.postfix

 skip_list:
  - ANSIBLE0004 # Git checkouts must contain explicit version
--- a/ansible.cfg
+++ b/ansible.cfg
@ -1,2 +1,2 @@
 [defaults]
-roles_path = molecule/infrastructure/roles:molecule/authorized_keys/roles:molecule/backup/roles:molecule/bind/roles:molecule/icinga/roles:molecule/postfix/roles:molecule/weblate/roles:molecule/packages/roles:molecule/jdauphant.nginx/roles:molecule/enough-nginx/roles:molecule/certificate/roles:molecule/wazuh/roles:molecule/firewall/roles:molecule/api/roles
+roles_path = playbooks/infrastructure/roles:playbooks/authorized_keys/roles:playbooks/backup/roles:playbooks/bind/roles:playbooks/icinga/roles:playbooks/postfix/roles:playbooks/weblate/roles:playbooks/packages/roles:playbooks/jdauphant.nginx/roles:playbooks/enough-nginx/roles:playbooks/certificate/roles:playbooks/wazuh/roles:playbooks/firewall/roles:playbooks/api/roles
--- a/converge-from-tag.sh
+++ b/converge-from-tag.sh
@ -19,5 +19,5 @@ else
    cd $d
    source ../virtualenv/bin/activate
 fi
-molecule converge -s $what
-molecule verify -s $what
+tox -e $what
+
--- a/enough-playbook.yml
+++ b/enough-playbook.yml
@ -1,33 +1,33 @@
 ---
- import_playbook: "{{ '$SHARE_DIR/molecule/infrastructure/buster-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/firewall/firewall-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/wazuh/wazuh-firewall-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/misc/sexy-debian-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/misc/sshd-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/bind/bind-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/bind/bind-client-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/authorized_keys/authorized-keys-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/backup/backup-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/icinga/icinga-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/icinga/monitor-external-ressources-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/bind/bind-monitoring-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/postfix/postfix-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/wazuh/wazuh-manager-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/wazuh/wazuh-agent-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/weblate/weblate-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/gitlab/gitlab-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/gitlab/gitlab-ci-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/packages/packages-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/packages/enough-android-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/chat/chat-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/cloud/cloud-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/enough/enough-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/website/website-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/forum/forum-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/api/api-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/openvpn/openvpn-server-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/openvpn/openvpn-client-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/misc/uninstall-ntp.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/misc/fail2ban-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/misc/upgrades-playbook.yml' | expandvars }}"
- import_playbook: "{{ '$SHARE_DIR/molecule/misc/commit_etc-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/infrastructure/buster-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/firewall/firewall-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/wazuh/wazuh-firewall-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/misc/sexy-debian-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/misc/sshd-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/bind/bind-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/bind/bind-client-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/authorized_keys/authorized-keys-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/backup/backup-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/icinga/icinga-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/icinga/monitor-external-ressources-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/bind/bind-monitoring-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/postfix/postfix-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/wazuh/wazuh-manager-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/wazuh/wazuh-agent-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/weblate/weblate-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/gitlab/gitlab-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/gitlab/gitlab-ci-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/packages/packages-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/packages/enough-android-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/chat/chat-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/cloud/cloud-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/enough/enough-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/website/website-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/forum/forum-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/api/api-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/openvpn/openvpn-server-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/openvpn/openvpn-client-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/misc/uninstall-ntp.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/misc/fail2ban-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/misc/upgrades-playbook.yml' | expandvars }}"
+- import_playbook: "{{ '$SHARE_DIR/playbooks/misc/commit_etc-playbook.yml' | expandvars }}"
--- a/enough/common/ansible_utils.py
+++ b/enough/common/ansible_utils.py
@ -144,8 +144,8 @@ class Playbook(Ansible):

    @staticmethod
    def roles_path(d):
-        r = glob.glob(f'{d}/molecule/*/roles')
-        r.append(f'{d}/molecule/wazuh/wazuh-ansible/roles/wazuh')
+        r = glob.glob(f'{d}/playbooks/*/roles')
+        r.append(f'{d}/playbooks/wazuh/wazuh-ansible/roles/wazuh')
        return ":".join(r)

    def bake(self):
--- a/enough/common/openstack.py
+++ b/enough/common/openstack.py
@ -44,7 +44,7 @@ class Stack(OpenStackBase):
        self.definition = definition

    def get_template(self):
-        return f'{settings.SHARE_DIR}/molecule/infrastructure/template-host.yaml'
+        return f'{settings.SHARE_DIR}/playbooks/infrastructure/template-host.yaml'

    def set_public_key(self, path):
        self.public_key = open(path).read().strip()
--- a/playbooks/authorized_keys/tests/test_all.py
+++ b/playbooks/authorized_keys/tests/test_all.py
@ -6,7 +6,7 @@ testinfra_hosts = ['ansible://authorized-keys-host']
 def test_all(host):
    address = host.ansible.get_variables()['ansible_host']
    marker = "MARKER"
-    key = 'molecule/authorized_keys/roles/authorized_keys/files/test_keys/testkey'
+    key = 'playbooks/authorized_keys/roles/authorized_keys/files/test_keys/testkey'
    sh.chmod('600', key)
    r = sh.ssh('-i', key, 'debian@' + address, 'echo', marker)
    assert r.stdout.decode('utf-8').strip() == marker
--- a/playbooks/certificate/test-certificate-playbook.yml
+++ b/playbooks/certificate/test-certificate-playbook.yml
@ -67,7 +67,7 @@

    - role: jdauphant.nginx
      vars:
-        # must match molecule/enough-nginx/roles/enough-nginx/tasks/enough-nginx.yml
+        # must match playbooks/enough-nginx/roles/enough-nginx/tasks/enough-nginx.yml
        nginx_http_params: "{{ nginx_http_default_params + enough_nginx_http_params }}"
        enough_nginx_http_params:
          # because server names can be long when using test subdomains
--- a/playbooks/conftest.py
+++ b/playbooks/conftest.py
@ -53,7 +53,7 @@ def pytest_sessionstart(session):
    e = Enough(config_dir, '.',
               domain=domain,
               driver='openstack',
-               inventory=[f'molecule/{service_directory}/inventory'])
+               inventory=[f'playbooks/{service_directory}/inventory'])
    names = session.config.getoption("--enough-hosts")
    public_key = f'{e.config_dir}/infrastructure_key.pub'
    r = e.heat.create_missings(names.split(','), public_key)
@ -61,9 +61,9 @@ def pytest_sessionstart(session):
        e.heat.create_test_subdomain('enough.community')
    e.playbook.run([
        '--private-key', f'{e.config_dir}/infrastructure_key',
-        '-i', f'molecule/{service_directory}/inventory',
+        '-i', f'playbooks/{service_directory}/inventory',
        f'--limit={names},localhost',
-        f'molecule/{service_directory}/playbook.yml',
+        f'playbooks/{service_directory}/playbook.yml',
    ])


@ -87,7 +87,7 @@ def pytest_sessionfinish(session, exitstatus):
               domain=domain,
               driver='openstack',
               name=names,
-               inventory=[f'molecule/{service_directory}/inventory'])
+               inventory=[f'playbooks/{service_directory}/inventory'])
    e.host.delete()


--- a/playbooks/icinga/test-monitoring-deployment-playbook.yml
+++ b/playbooks/icinga/test-monitoring-deployment-playbook.yml
@ -1,6 +1,6 @@
 ---

- name: deploy dummy monitoring object in molecule environment
+- name: deploy dummy monitoring object
  hosts: website-host
  become: true
  roles:
--- a/playbooks/pad/molecule.yml
+++ b/playbooks/pad/molecule.yml
@ -1,37 +0,0 @@
---
-driver:
-  name: delegated
-lint:
-  name: yamllint
-platforms:
-  - name: bind-host
-  - name: icinga-host
-  - name: website-host
-provisioner:
-  name: ansible
-  options:
-    i: ../../development-inventory
-    limit: bind-host,icinga-host,website-host,localhost
-  lint:
-    name: ansible-lint
-  env:
-    ANSIBLE_ROLES_PATH: roles:../infrastructure/roles:../firewall/roles:../bind/roles:../icinga/roles:../jdauphant.nginx/roles:../enough-nginx/roles:../certificate/roles
-  inventory:
-    links:
-      group_vars: ../../inventory/group_vars
-      host_vars: ../../inventory/host_vars
-scenario:
-  name: pad
-  test_sequence:
-    - destroy
-    - create
-    - converge
-    - verify
-    - destroy
-verifier:
-  name: testinfra
-  options:
-    v: True
-    s: True
-  lint:
-    name: flake8
--- a/requirements.in
+++ b/requirements.in
@ -15,11 +15,6 @@ netaddr==0.7.19
 openstacksdk==0.22.0
 python-openstackclient==3.18.0
 python-heatclient==1.17
-#
-# pytest is required otherwise molecule will indirectly pull an ancient version that will create problems when
-# running tox, if specified in requirements-dev.in because egg-info will have a conflicting version.
-# This should be removed at some point.
-#
 pytest==4.4.0
 sh>=1.12
 shade==1.30.0
--- a/setup.cfg
+++ b/setup.cfg
@ -40,25 +40,25 @@ data_files =
 	ansible.cfg
 	copy-playbook.yml
 	enough-playbook.yml
-    share/enough/molecule = molecule/*
+    share/enough/playbooks = playbooks/*
    #
    # Begin HACK
    #
-    # find molecule/postfix/roles/debops.*/ molecule/postfix/roles -type l | while read i ; do test -d $i && echo $i ; done | perl -pe 's:(.*):    share/enough/\1 = \1/*:'
+    # find playbooks/postfix/roles/debops.*/ playbooks/postfix/roles -type l | while read i ; do test -d $i && echo $i ; done | perl -pe 's:(.*):    share/enough/\1 = \1/*:'
    #
    # See https://stackoverflow.com/questions/55976838/how-can-setup-py-sdist-dereference-symbolic-links for more information about
    # why this is necesary.
    #
-    share/enough/molecule/postfix/roles/debops.etc_aliases/env/defaults = molecule/postfix/roles/debops.etc_aliases/env/defaults/*
-    share/enough/molecule/postfix/roles/debops.opendkim/env/templates = molecule/postfix/roles/debops.opendkim/env/templates/*
-    share/enough/molecule/postfix/roles/debops.opendkim/env/defaults = molecule/postfix/roles/debops.opendkim/env/defaults/*
-    share/enough/molecule/postfix/roles/debops.postfix/env/templates = molecule/postfix/roles/debops.postfix/env/templates/*
-    share/enough/molecule/postfix/roles/debops.postfix/env/defaults = molecule/postfix/roles/debops.postfix/env/defaults/*
-    share/enough/molecule/postfix/roles/debops.etc_aliases = molecule/postfix/roles/debops.etc_aliases/*
-    share/enough/molecule/postfix/roles/debops.secret = molecule/postfix/roles/debops.secret/*
-    share/enough/molecule/postfix/roles/debops.opendkim = molecule/postfix/roles/debops.opendkim/*
-    share/enough/molecule/postfix/roles/debops.ansible_plugins = molecule/postfix/roles/debops.ansible_plugins/*
-    share/enough/molecule/postfix/roles/debops.postfix = molecule/postfix/roles/debops.postfix/*
+    share/enough/playbooks/postfix/roles/debops.etc_aliases/env/defaults = playbooks/postfix/roles/debops.etc_aliases/env/defaults/*
+    share/enough/playbooks/postfix/roles/debops.opendkim/env/templates = playbooks/postfix/roles/debops.opendkim/env/templates/*
+    share/enough/playbooks/postfix/roles/debops.opendkim/env/defaults = playbooks/postfix/roles/debops.opendkim/env/defaults/*
+    share/enough/playbooks/postfix/roles/debops.postfix/env/templates = playbooks/postfix/roles/debops.postfix/env/templates/*
+    share/enough/playbooks/postfix/roles/debops.postfix/env/defaults = playbooks/postfix/roles/debops.postfix/env/defaults/*
+    share/enough/playbooks/postfix/roles/debops.etc_aliases = playbooks/postfix/roles/debops.etc_aliases/*
+    share/enough/playbooks/postfix/roles/debops.secret = playbooks/postfix/roles/debops.secret/*
+    share/enough/playbooks/postfix/roles/debops.opendkim = playbooks/postfix/roles/debops.opendkim/*
+    share/enough/playbooks/postfix/roles/debops.ansible_plugins = playbooks/postfix/roles/debops.ansible_plugins/*
+    share/enough/playbooks/postfix/roles/debops.postfix = playbooks/postfix/roles/debops.postfix/*
    #
    # End HACK
    #
--- a/tests/enough/common/test_ansible_utils.py
+++ b/tests/enough/common/test_ansible_utils.py
@ -7,7 +7,7 @@ from enough.common import ansible_utils


 def test_get_variable():
-    defaults = yaml.load(open('molecule/api/roles/api/defaults/main.yml'))
+    defaults = yaml.load(open('playbooks/api/roles/api/defaults/main.yml'))
    variable = 'api_admin_password'
    ansible = ansible_utils.Ansible(settings.CONFIG_DIR, settings.SHARE_DIR)
    value = ansible.get_variable('api', variable, 'api-host')
--- a/tox.ini
+++ b/tox.ini
@ -23,18 +23,18 @@ commands = flake8 {posargs}
 passenv =
       ENOUGH_API_TOKEN
       PYTEST_ADDOPTS
-commands = {envbindir}/py.test --log-cli-level INFO -s --ssh-identity-file=infrastructure_key --ansible-inventory={env:HOME}/.enough/{envname}.test/inventory {posargs:molecule/{envname}/tests}
+commands = {envbindir}/py.test --log-cli-level INFO -s --ssh-identity-file=infrastructure_key --ansible-inventory={env:HOME}/.enough/{envname}.test/inventory {posargs:playbooks/{envname}/tests}

 [testenv:enough_nginx]
 passenv =
       ENOUGH_API_TOKEN
       PYTEST_ADDOPTS
-commands = {envbindir}/py.test --log-cli-level INFO -s --ssh-identity-file=infrastructure_key --ansible-inventory={env:HOME}/.enough/{envname}.test/inventory {posargs:molecule/enough-nginx/tests}
+commands = {envbindir}/py.test --log-cli-level INFO -s --ssh-identity-file=infrastructure_key --ansible-inventory={env:HOME}/.enough/{envname}.test/inventory {posargs:playbooks/enough-nginx/tests}

 [testenv:docs]
 commands = sphinx-build -W -vvv -b html docs build/html

 [flake8]
-exclude = venv,.tox,dist,doc,*.egg,build,docs/conf.py,src,molecule/debops*
+exclude = venv,.tox,dist,doc,*.egg,build,docs/conf.py,src,playbooks/debops*
 show-source = true
 max_line_length = 100