diff --git a/.github/workflows/molecule_tests.yml b/.github/workflows/molecule_tests.yml index 2a7aca8522..fd926d845f 100644 --- a/.github/workflows/molecule_tests.yml +++ b/.github/workflows/molecule_tests.yml @@ -106,6 +106,8 @@ jobs: - subversion - blacklight_app - figgy + - sidekiq_worker + - sneakers_worker steps: - name: Checkout branch run: | diff --git a/roles/sidekiq_worker/.ansible-lint b/roles/sidekiq_worker/.ansible-lint new file mode 100644 index 0000000000..7d8f039521 --- /dev/null +++ b/roles/sidekiq_worker/.ansible-lint @@ -0,0 +1,3 @@ +skip_list: + - '303' + - '306' diff --git a/roles/sidekiq_worker/.yamllint b/roles/sidekiq_worker/.yamllint index ad0be7608e..8bb60ab5e3 100644 --- a/roles/sidekiq_worker/.yamllint +++ b/roles/sidekiq_worker/.yamllint @@ -1,3 +1,4 @@ +--- extends: default rules: @@ -8,4 +9,6 @@ rules: max-spaces-inside: 1 level: error line-length: disable - truthy: disable + # NOTE(retr0h): Templates no longer fail this lint rule. + # Uncomment if running old Molecule templates. + # truthy: disable diff --git a/roles/sidekiq_worker/molecule/default/Dockerfile.j2 b/roles/sidekiq_worker/molecule/default/Dockerfile.j2 deleted file mode 100644 index e6aa95d302..0000000000 --- a/roles/sidekiq_worker/molecule/default/Dockerfile.j2 +++ /dev/null @@ -1,14 +0,0 @@ -# Molecule managed - -{% if item.registry is defined %} -FROM {{ item.registry.url }}/{{ item.image }} -{% else %} -FROM {{ item.image }} -{% endif %} - -RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ - elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \ - elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ - elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ - elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ - elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi diff --git a/roles/sidekiq_worker/molecule/default/converge.yml b/roles/sidekiq_worker/molecule/default/converge.yml index 9b84c613c4..4b74c4e94d 100644 --- a/roles/sidekiq_worker/molecule/default/converge.yml +++ b/roles/sidekiq_worker/molecule/default/converge.yml @@ -10,6 +10,6 @@ update_cache: true cache_valid_time: 600 tasks: - - name: "Include example" + - name: "Include rails_app" include_role: - name: example + name: sidekiq_worker diff --git a/roles/sidekiq_worker/molecule/default/molecule.yml b/roles/sidekiq_worker/molecule/default/molecule.yml index 233e40967e..d186f778e9 100644 --- a/roles/sidekiq_worker/molecule/default/molecule.yml +++ b/roles/sidekiq_worker/molecule/default/molecule.yml @@ -3,30 +3,20 @@ scenario: name: default driver: name: docker +lint: | + set -e + yamllint . + ansible-lint platforms: - name: instance image: "pulibrary/puldocker-${MOLECULE_DISTRO:-ubuntu1804}-ansible:latest" + command: "" + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro privileged: true pre_build_image: true provisioner: name: ansible - playbooks: - converge: playbook.yml log: true -dependency: - name: galaxy - enabled: false -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml verifier: - name: testinfra - env: - PYTHONWARNINGS: "ignore:.*U.*mode is deprecated:DeprecationWarning" - lint: - name: flake8 - options: - # show which tests where executed in test output - v: 1 - directory: ./tests/ + name: ansible diff --git a/roles/sidekiq_worker/molecule/default/molecule.yml-e b/roles/sidekiq_worker/molecule/default/molecule.yml-e deleted file mode 100644 index 976205e663..0000000000 --- a/roles/sidekiq_worker/molecule/default/molecule.yml-e +++ /dev/null @@ -1,32 +0,0 @@ ---- -scenario: - name: default -driver: - name: docker -platforms: - - name: instance - image: "pulibrary/puldocker-${MOLECULE_DISTRO:-ubuntu1804}-ansible:latest" - privileged: true - pre_build_image: true -provisioner: - name: ansible - playbooks: - converge: playbooks.yml - log: true -dependency: - name: galaxy - enabled: false -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml -verifier: - name: testinfra - env: - PYTHONWARNINGS: "ignore:.*U.*mode is deprecated:DeprecationWarning" - lint: - name: flake8 - options: - # show which tests where executed in test output - v: 1 - directory: ./tests/ diff --git a/roles/sidekiq_worker/molecule/default/playbook.yml b/roles/sidekiq_worker/molecule/default/playbook.yml deleted file mode 100644 index 68c132bd58..0000000000 --- a/roles/sidekiq_worker/molecule/default/playbook.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Converge - hosts: all - vars: - - running_on_server: false - roles: - - role: sidekiq_worker diff --git a/roles/sidekiq_worker/molecule/default/tests/test_sidekiq_worker.py b/roles/sidekiq_worker/molecule/default/tests/test_sidekiq_worker.py deleted file mode 100644 index 0d210db40b..0000000000 --- a/roles/sidekiq_worker/molecule/default/tests/test_sidekiq_worker.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_sidekiq_workers_systemd_service_file(host): - f = host.file('/etc/systemd/system/sidekiq-workers.service') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' diff --git a/roles/sidekiq_worker/molecule/default/verify.yml b/roles/sidekiq_worker/molecule/default/verify.yml index d2d3aea12a..05dee163d1 100644 --- a/roles/sidekiq_worker/molecule/default/verify.yml +++ b/roles/sidekiq_worker/molecule/default/verify.yml @@ -3,18 +3,16 @@ hosts: all gather_facts: false tasks: - - name: check ruby package status - package: - name: "{{ item }}" + - name: test for deploy user on sudoers + lineinfile: + path: "/etc/sudoers" + line: "{{ item }}" state: present - check_mode: true - register: pkg_status loop: - - ruby-switch - - ruby2.6-dev - - ruby2.6 - - - name: test for ruby packages - assert: - that: - - not pkg_status.changed + - "deploy ALL=(ALL) NOPASSWD: /usr/sbin/service sidekiq-workers status" + - "deploy ALL=(ALL) NOPASSWD: /usr/sbin/service sidekiq-workers restart" + - "deploy ALL=(ALL) NOPASSWD: /usr/sbin/service sidekiq-workers start" + check_mode: true + register: present + failed_when: + - present is changed diff --git a/roles/sidekiq_worker/molecule/default/yaml-lint.yml b/roles/sidekiq_worker/molecule/default/yaml-lint.yml deleted file mode 100644 index f6ca0fddec..0000000000 --- a/roles/sidekiq_worker/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- - -ignore: | - group_vars/drupal/vault.yml - group_vars/all/vault.yml - group_vars/bibdata/vault.yml - -extends: default -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - line-length: disable - truthy: disable - indentation: disable # This should be enabled, but not run for ignored files - new-line-at-end-of-file: disable # This should be enabled - document-start: disable # This should be enabled - comments: # This needs to ignore Playbooks which use '#' to specify a Slack Channel - ignore: | - playbooks/ - playbooks/apache2.yml - playbooks/approvals_staging.yml - playbooks/cicognara_production.yml - playbooks/bibdata_staging.yml - playbooks/cicognara.yml - playbooks/bibdata.yml - playbooks/lae.yml - playbooks/figgy_staging.yml - playbooks/pulmap.yml - playbooks/redis.yml - playbooks/dss.yml - playbooks/zookeeper.yml - playbooks/geoserver.yml - playbooks/dpul_production.yml - playbooks/dpul_staging.yml - playbooks/lae_staging.yml - playbooks/mariadb.yml - playbooks/php.yml - playbooks/orangelight.yml - playbooks/orangelight_staging.yml - playbooks/pulmap_staging.yml - playbooks/solrcloud.yml - playbooks/archivesspace.yml diff --git a/roles/sneakers_worker/.yamllint b/roles/sneakers_worker/.yamllint index ad0be7608e..c5ae64bee9 100644 --- a/roles/sneakers_worker/.yamllint +++ b/roles/sneakers_worker/.yamllint @@ -1,3 +1,4 @@ +--- extends: default rules: diff --git a/roles/sneakers_worker/molecule/default/Dockerfile.j2 b/roles/sneakers_worker/molecule/default/Dockerfile.j2 deleted file mode 100644 index e6aa95d302..0000000000 --- a/roles/sneakers_worker/molecule/default/Dockerfile.j2 +++ /dev/null @@ -1,14 +0,0 @@ -# Molecule managed - -{% if item.registry is defined %} -FROM {{ item.registry.url }}/{{ item.image }} -{% else %} -FROM {{ item.image }} -{% endif %} - -RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ - elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \ - elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ - elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ - elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ - elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi diff --git a/roles/sneakers_worker/molecule/default/converge.yml b/roles/sneakers_worker/molecule/default/converge.yml new file mode 100644 index 0000000000..580da2d67d --- /dev/null +++ b/roles/sneakers_worker/molecule/default/converge.yml @@ -0,0 +1,15 @@ +--- +- name: Converge + hosts: all + vars: + - running_on_server: false + become: true + pre_tasks: + - name: update cache + apt: + update_cache: true + cache_valid_time: 600 + tasks: + - name: "Include sneakers_worker" + include_role: + name: sneakers_worker diff --git a/roles/sneakers_worker/molecule/default/molecule.yml b/roles/sneakers_worker/molecule/default/molecule.yml index 233e40967e..d186f778e9 100644 --- a/roles/sneakers_worker/molecule/default/molecule.yml +++ b/roles/sneakers_worker/molecule/default/molecule.yml @@ -3,30 +3,20 @@ scenario: name: default driver: name: docker +lint: | + set -e + yamllint . + ansible-lint platforms: - name: instance image: "pulibrary/puldocker-${MOLECULE_DISTRO:-ubuntu1804}-ansible:latest" + command: "" + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro privileged: true pre_build_image: true provisioner: name: ansible - playbooks: - converge: playbook.yml log: true -dependency: - name: galaxy - enabled: false -lint: - name: yamllint - options: - config-file: molecule/default/yaml-lint.yml verifier: - name: testinfra - env: - PYTHONWARNINGS: "ignore:.*U.*mode is deprecated:DeprecationWarning" - lint: - name: flake8 - options: - # show which tests where executed in test output - v: 1 - directory: ./tests/ + name: ansible diff --git a/roles/sneakers_worker/molecule/default/playbook.yml b/roles/sneakers_worker/molecule/default/playbook.yml deleted file mode 100644 index f41cf182b9..0000000000 --- a/roles/sneakers_worker/molecule/default/playbook.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: Converge - hosts: all - vars: - - running_on_server: false - roles: - - role: sneakers_worker diff --git a/roles/sneakers_worker/molecule/default/tests/test_sneakers_workers.py b/roles/sneakers_worker/molecule/default/tests/test_sneakers_workers.py deleted file mode 100644 index fde7dcc260..0000000000 --- a/roles/sneakers_worker/molecule/default/tests/test_sneakers_workers.py +++ /dev/null @@ -1,14 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_sneakers_workers_systemd_service_file(host): - f = host.file('/etc/systemd/system/sneakers.service') - - assert f.exists - assert f.user == 'root' - assert f.group == 'root' diff --git a/roles/sneakers_worker/molecule/default/verify.yml b/roles/sneakers_worker/molecule/default/verify.yml new file mode 100644 index 0000000000..c83c3da090 --- /dev/null +++ b/roles/sneakers_worker/molecule/default/verify.yml @@ -0,0 +1,18 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: test for deploy user on sudoers + lineinfile: + path: "/etc/sudoers" + line: "{{ item }}" + state: present + loop: + - "deploy ALL=(ALL) NOPASSWD: /usr/sbin/service sneakers status" + - "deploy ALL=(ALL) NOPASSWD: /usr/sbin/service sneakers restart" + - "deploy ALL=(ALL) NOPASSWD: /usr/sbin/service sneakers start" + check_mode: true + register: present + failed_when: + - present is changed diff --git a/roles/sneakers_worker/molecule/default/yaml-lint.yml b/roles/sneakers_worker/molecule/default/yaml-lint.yml deleted file mode 100644 index f6ca0fddec..0000000000 --- a/roles/sneakers_worker/molecule/default/yaml-lint.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- - -ignore: | - group_vars/drupal/vault.yml - group_vars/all/vault.yml - group_vars/bibdata/vault.yml - -extends: default -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - line-length: disable - truthy: disable - indentation: disable # This should be enabled, but not run for ignored files - new-line-at-end-of-file: disable # This should be enabled - document-start: disable # This should be enabled - comments: # This needs to ignore Playbooks which use '#' to specify a Slack Channel - ignore: | - playbooks/ - playbooks/apache2.yml - playbooks/approvals_staging.yml - playbooks/cicognara_production.yml - playbooks/bibdata_staging.yml - playbooks/cicognara.yml - playbooks/bibdata.yml - playbooks/lae.yml - playbooks/figgy_staging.yml - playbooks/pulmap.yml - playbooks/redis.yml - playbooks/dss.yml - playbooks/zookeeper.yml - playbooks/geoserver.yml - playbooks/dpul_production.yml - playbooks/dpul_staging.yml - playbooks/lae_staging.yml - playbooks/mariadb.yml - playbooks/php.yml - playbooks/orangelight.yml - playbooks/orangelight_staging.yml - playbooks/pulmap_staging.yml - playbooks/solrcloud.yml - playbooks/archivesspace.yml