Merge branch 'molecule' into 'main'

Molecule See merge request operations/ansible-bind9-role!3
2022-08-30 14:10:25 +00:00
parent 7e87da9428 04e5e7db06
commit 571d8faf47
12 changed files with 108 additions and 94 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -0,0 +1,22 @@
 ---
 image: docker:stable-dind
 services:
  - docker:dind
 before_script:
  - apk add --no-cache
    python3 python3-dev py3-pip gcc git curl build-base
    autoconf automake py3-cryptography linux-headers
    musl-dev libffi-dev openssl-dev openssh
  - docker info
  - python3 --version
  - python3 -m pip install ansible molecule[docker]
    ansible-lint
  - ansible --version
  - molecule --version
 molecule:
  stage: test
  script:
    - molecule test
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,35 +0,0 @@
 ---
 language: python
 python: "2.7"
 # Use the new container infrastructure
 sudo: required
 # Install ansible
 addons:
  apt:
    packages:
    - python-pip
 install:
  # Install ansible
  - pip install ansible
  # Check ansible version
  - ansible --version
  # Create ansible.cfg with correct roles_path
  - printf '[defaults]\nroles_path=../' >ansible.cfg
 script:
  # Basic role syntax check
  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
 #notifications:
 #  webhooks: https://galaxy.ansible.com/api/v1/notifications/
 env:
 - distribution: debian
  version: bullseye
 - distribution: ubuntu
  version: jammy
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -28,4 +28,10 @@ bind9_default_config:
    options:
      directory: "{{ bind9_working_directory }}"
-bind9_config: "{{ [bind9_default_config, bind9_group_config, bind9_leaf_config, bind9_host_config] | community.general.lists_mergeby('name', recursive=true, list_merge='append_rp') }}"
+bind9_config: "{{ [bind9_default_config,
  bind9_group_config,
  bind9_leaf_config,
  bind9_host_config] |
  community.general.lists_mergeby('name',
    recursive=true,
    list_merge='append_rp') }}"
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,22 +1,25 @@
 ---
 # handlers file for bind9
- name: reload bind
+- name: Reload bind
  ansible.builtin.service:
    name: named
    state: reloaded
- name: restart bind
+- name: Restart bind
  ansible.builtin.service:
    name: named
    state: restarted
- name: backup bind config
+- name: Backup bind config
  community.general.archive:
    path:
      - "{{ bind9_cfgdir }}"
      - "{{ bind9_working_directory }}"
      - "{{ bind9_libdir }}"
-    dest: "{{ bind9_backup_dir }}/bind9-config-{{ ansible_date_time.iso8601_basic_short }}.tar.gz"
+    dest: >
      {{ bind9_backup_dir }}/
      bind9-config-
      {{ ansible_date_time.iso8601_basic_short }}.tar.gz
    owner: root
    group: root
    mode: 0640
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,52 +1,32 @@
 ---
 galaxy_info:
  role_name: bind9
  namespace: keepit
  author: Daniel Akulenok
  description: Configure Bind9
  company: Keepit
-  # If the issue tracker for your role is not on github, uncomment the
+  issue_tracker_url: https://gitlab.off.keepit.com/operations/ansible-bind9-role
  # next line and provide a value
  # issue_tracker_url: http://example.com/issue/tracker
-  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  license: GPL-3.0-or-later
  # - BSD-3-Clause (default)
  # - MIT
  # - GPL-2.0-or-later
  # - GPL-3.0-only
  # - Apache-2.0
  # - CC-BY-4.0
  license: GPL-2.0-or-later
-  min_ansible_version: 2.1
+  min_ansible_version: "2.13"
-  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  platforms:
-  # min_ansible_container_version:
+    - name: Ubuntu
      versions:
        - jammy
        - focal
    - name: Debian
      versions:
        - bullseye
-  #
+  galaxy_tags:
-  # Provide a list of supported platforms, and for each platform a list of versions.
+    - bind9
-  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+    - bind
-  # To view available platforms and versions (or releases), visit:
+    - dns
-  # https://galaxy.ansible.com/api/v1/platforms/
+    - ubuntu
-  #
+    - debian
  # platforms:
  # - name: Fedora
  #   versions:
  #   - all
  #   - 25
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99
  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.
 dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@@ -0,0 +1,5 @@
 ---
 - name: Converge
  hosts: all
  roles:
    - keepit.bind9
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,22 @@
 ---
 dependency:
  name: galaxy
 driver:
  name: docker
 platforms:
  - name: ubuntu-jammy
    image: ubuntu:jammy
  - name: ubuntu-focal
    image: ubuntu:focal
  - name: debian-bullseye
    image: debian:bullseye
 provisioner:
  name: ansible
  lint:
    name: ansible-lint
 verifier:
  name: ansible
 lint: |
  set -e
  yamllint .
  ansible-lint .
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
@@ -0,0 +1,10 @@
 ---
 # This is an example playbook to execute Ansible tests.
 - name: Verify
  hosts: all
  gather_facts: false
  tasks:
  - name: Example assertion
    ansible.builtin.assert:
      that: true
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -4,6 +4,7 @@
  ansible.builtin.apt:
    name: "{{ bind9_packages }}"
    state: present
    cache_valid_time: 3600
  tags:
    - bind9
    - packages
@@ -17,12 +18,13 @@
    mode: 0750
  when: bind9_backup_config is defined and bind9_backup_config
- name: named.conf.generator
+- name: Template named.conf.generator
  ansible.builtin.template:
    src: named.conf.generator.j2
    dest: "{{ bind9_cfgdir }}/{{ item.name }}"
    owner: root
    group: bind
    mode: 0640
    backup: "{{ item.backup | default('false') | bool }}"
  # validate: 'named-checkconf -z -j %s'
  loop: "{{ bind9_config }}"
@@ -32,8 +34,8 @@
    - bind9
    - template
  notify:
-    - backup bind config
+    - Backup bind config
-    - restart bind
+    - Restart bind
 - name: Ensure the named service is started
  ansible.builtin.service:
--- a/templates/named.conf.generator.j2
+++ b/templates/named.conf.generator.j2
@@ -1,4 +1,4 @@
-{% import 'named.conf.functions.j2' as functions %}
+{% import 'named.conf.functions.j2' as functions with context %}
 {{ ansible_managed | comment }}
 {% if item.options is defined and item.options %}
 {% from 'named.conf.options.j2' import options with context %}
@@ -51,7 +51,7 @@ options {
 {% endif %}
 {% if item.parental_agents is defined and item.parental_agents %}
 {% from 'named.conf.parental-agents.j2' import parental_agents with context %}
-{{ parental_agents(item.parental_agents) }}
+{{ parental_agents(item.parental_agents) -}}
 {% endif %}
 {% if item.server is defined and item.server %}
 {% from 'named.conf.server.j2' import server with context %}
--- a/templates/named.conf.options.j2
+++ b/templates/named.conf.options.j2
@@ -2,7 +2,7 @@
 {# Unicorn Options#}
 {% if option.rrset_order is defined and option.rrset_order %}
 rrset-order {
-{% filter indent(bind9_config_indent*2, true) %}
+{% filter indent(bind9_config_indent, true) %}
 {% for rrset in option.rrset_order %}
 {{ ('class ' + rrset.class | string + ' ') if rrset.class is defined and rrset.class -}}
 {{ ('type ' + rrset.type | string + ' ') if rrset.type is defined and rrset.type -}}
@@ -38,7 +38,7 @@ response-policy {
 {{- (' nsip-enable ' + functions.named_boolean(option.response_policy.nsip_enable)) if option.response_policy.nsip_enable is defined -}}
 {{- (' nsdname-enable ' + functions.named_boolean(option.response_policy.nsdname_enable)) if option.response_policy.nsdname_enable is defined -}}
 {{- (' dnsrps-enable ' + functions.named_boolean(option.response_policy.dnsrps_enable)) if option.response_policy.dnsrps_enable is defined -}}
-{{- (' dnsrps-options {\n' + functions.simple_item_list(option.response_policy.dnsrps_options) + '}') if option.response_policy.dnsrps_options is defined and option.response_policy.dnsrps_options -}};
+{{- (' dnsrps-options { ' + option.response_policy.dnsrps_options | join('; ') + '; }') if option.response_policy.dnsrps_options is defined and option.response_policy.dnsrps_options -}};
 {% endif %}
 {% if option.response_padding is defined and option.response_padding %}
 response-padding {
@@ -164,7 +164,7 @@ check-names {{ policy.type }} {{ policy.action }};
 catalog-zones {
 {% for catalog_zone in option.catalog_zones %}
 zone {{ catalog_zone.zone }}
-{% filter indent(bind9_config_indent*3, true) %}
+{% filter indent(bind9_config_indent, true) %}
 {% if catalog_zone.default_primaries is defined and catalog_zone.default_primaries %}
 default-primaries
 {{- (' port ' + catalog_zone.default_primaries.port | string) if catalog_zone.default_primaries.port is defined and catalog_zone.default_primaries.port -}}
--- a/templates/named.conf.parental-agents.j2
+++ b/templates/named.conf.parental-agents.j2
@@ -3,8 +3,7 @@
 parental-agents {{ agent.name -}}
 {{ (' port ' + agent.port | string) if agent.port is defined and agent.port -}}
 {{ (' dscp ' + agent.dscp | string) if agent.dscp is defined and agent.dscp }} {
-{% filter indent(bind9_config_indent, true) %}
+{{ functions.list_address_port_key_tls(agent.addresses) -}}};
-{{ functions.list_address_port_key_tls(agent.addresses) -}}
+
 {% endfilter %}};
 {% endfor %}
 {% endmacro %}