Fixes geerlingguy#958, Fixes geerlingguy#957: Update roles for Ansibl…

…e 2.2 compatibility.
kekkis · Feb 23, 2017 · 206b5b2 · 206b5b2
1 parent 173bccb
commit 206b5b2
Show file tree

Hide file tree

Showing 21 changed files with 142 additions and 173 deletions.
diff --git a/provisioning/requirements.yml b/provisioning/requirements.yml
@@ -22,13 +22,13 @@
 - src: geerlingguy.elasticsearch
   version: 2.1.1
 - src: geerlingguy.firewall
-  version: 1.1.0
+  version: 1.3.0
 - src: geerlingguy.git
   version: 1.2.0
 - src: geerlingguy.java
-  version: 1.7.0
+  version: 1.7.1
 - src: geerlingguy.mailhog
-  version: 2.0.0
+  version: 2.1.0
 - src: geerlingguy.memcached
   version: 1.0.7
 - src: geerlingguy.mysql
@@ -58,7 +58,7 @@
 - src: geerlingguy.postfix
   version: 1.1.0
 - src: geerlingguy.postgresql
-  version: 1.0.1
+  version: 1.0.2
 - src: geerlingguy.redis
   version: 1.2.0
 - src: geerlingguy.repo-remi

diff --git a/provisioning/roles/geerlingguy.firewall/.travis.yml b/provisioning/roles/geerlingguy.firewall/.travis.yml
@@ -1,53 +1,44 @@
 ---
-sudo: required
+services: docker
 
 env:
-  global:
-    # https://github.com/travis-ci/travis-ci/issues/6461#issuecomment-239577306
-    DOCKER_VERSION: "1.9.1-0~trusty"
-  matrix:
-    - distro: centos7
-      init: /usr/lib/systemd/systemd
-      run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
-    - distro: centos6
-      init: /sbin/init
-      run_opts: "--privileged"
-    - distro: ubuntu1604
-      init: /lib/systemd/systemd
-      run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
-    - distro: ubuntu1404
-      init: /sbin/init
-      run_opts: "--privileged"
-    - distro: ubuntu1204
-      init: /sbin/init
-      run_opts: "--privileged"
-
-services:
-  - docker
+  - distro: centos7
+    init: /usr/lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
+  - distro: centos6
+    init: /sbin/init
+    run_opts: "--privileged"
+  - distro: ubuntu1604
+    init: /lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
+  - distro: ubuntu1404
+    init: /sbin/init
+    run_opts: "--privileged"
+  - distro: ubuntu1204
+    init: /sbin/init
+    run_opts: "--privileged"
+  - distro: debian8
+    init: /lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
 
 before_install:
-  # Downgrade to specific version of Docker engine.
-  - sudo apt-get update
-  - sudo apt-get remove docker-engine -yq
-  - sudo apt-get install docker-engine=$DOCKER_VERSION -yq --no-install-suggests --no-install-recommends --force-yes -o Dpkg::Options::="--force-confnew"
-
   # Pull container.
-  - 'sudo docker pull geerlingguy/docker-${distro}-ansible:latest'
+  - 'docker pull geerlingguy/docker-${distro}-ansible:latest'
 
 script:
   - container_id=$(mktemp)
   # Run container in detached state.
-  - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"'
+  - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"'
 
   # Ansible syntax check.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
 
   # Test role.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
+  - 'docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
 
   # Test role idempotence.
   - idempotence=$(mktemp)
-  - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
+  - docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
   - >
     tail ${idempotence}
     | grep -q 'changed=0.*failed=0'
@@ -83,8 +74,5 @@ script:
   #     echo 'Status of stopped firewall is not 3 - fail' && exit 1;
   #   fi
 
-  # Clean up.
-  - 'sudo docker stop "$(cat ${container_id})"'
-
 notifications:
   webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/provisioning/roles/geerlingguy.firewall/meta/main.yml b/provisioning/roles/geerlingguy.firewall/meta/main.yml
@@ -6,7 +6,7 @@ galaxy_info:
   description: Simple iptables firewall for most Unix-like systems.
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
-  min_ansible_version: 1.8
+  min_ansible_version: 2.0
   platforms:
   - name: EL
     versions:

diff --git a/provisioning/roles/geerlingguy.firewall/tasks/main.yml b/provisioning/roles/geerlingguy.firewall/tasks/main.yml
@@ -1,21 +1,41 @@
 ---
-- name: Ensure iptables is installed (RedHat).
-  yum: pkg=iptables state=installed
-  when: ansible_os_family == 'RedHat'
-
-- name: Ensure iptables is installed (Debian).
-  apt: pkg=iptables state=installed
-  when: ansible_os_family == 'Debian'
+- name: Ensure iptables is installed.
+  package: name=iptables state=installed
 
 - name: Flush iptables the first time playbook runs.
-  command: iptables -F creates=/etc/init.d/firewall
+  command: >
+    iptables -F
+    creates=/etc/init.d/firewall
 
 - name: Copy firewall script into place.
-  template: src=firewall.bash.j2 dest=/etc/firewall.bash owner=root group=root mode=0744
+  template:
+    src: firewall.bash.j2
+    dest: /etc/firewall.bash
+    owner: root
+    group: root
+    mode: 0744
   notify: restart firewall
 
 - name: Copy firewall init script into place.
-  template: src=firewall.j2 dest=/etc/init.d/firewall owner=root group=root mode=0755
+  template:
+    src: firewall.init.j2
+    dest: /etc/init.d/firewall
+    owner: root
+    group: root
+    mode: 0755
+
+- name: Copy firewall systemd unit file into place (for systemd systems).
+  template:
+    src: firewall.unit.j2
+    dest: /etc/systemd/system/firewall.service
+    owner: root
+    group: root
+    mode: 0755
+  when: >
+    (ansible_distribution == 'Ubuntu' and ansible_distribution_version == '16.04') or
+    (ansible_distribution == 'Debian' and ansible_distribution_version|int >= 8) or
+    (ansible_distribution == 'CentOS' and ansible_distribution_version|int >= 7) or
+    (ansible_distribution == 'Fedora')
 
 - name: Ensure the firewall is enabled and will start on boot.
   service: name=firewall state=started enabled=yes
diff --git a/...eerlingguy.firewall/templates/firewall.j2 → ...ngguy.firewall/templates/firewall.init.j2 b/...eerlingguy.firewall/templates/firewall.j2 → ...ngguy.firewall/templates/firewall.init.j2
diff --git a/provisioning/roles/geerlingguy.firewall/templates/firewall.unit.j2 b/provisioning/roles/geerlingguy.firewall/templates/firewall.unit.j2
@@ -0,0 +1,12 @@
+[Unit]
+Description=Firewall
+After=syslog.target network.target
+
+[Service]
+Type=oneshot
+ExecStart=/etc/firewall.bash
+ExecStop=/sbin/iptables -F
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/provisioning/roles/geerlingguy.java/.travis.yml b/provisioning/roles/geerlingguy.java/.travis.yml
@@ -1,5 +1,5 @@
 ---
-sudo: required
+services: docker
 
 env:
   - distro: centos7
@@ -20,40 +20,36 @@ env:
   - distro: ubuntu1204
     init: /sbin/init
     run_opts: ""
-
-services:
-  - docker
+  - distro: debian8
+    init: /lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
 
 before_install:
   # Pull container.
-  - 'sudo docker pull geerlingguy/docker-${distro}-ansible:latest'
+  - 'docker pull geerlingguy/docker-${distro}-ansible:latest'
 
 script:
   - container_id=$(mktemp)
   # Run container in detached state.
-  - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"'
+  - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"'
 
   # Ansible syntax check.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
 
   # Test role.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
 
   # Test role idempotence.
   - idempotence=$(mktemp)
-  - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
+  - docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
   - >
     tail ${idempotence}
     | grep -q 'changed=0.*failed=0'
     && (echo 'Idempotence test: pass' && exit 0)
     || (echo 'Idempotence test: fail' && exit 1)
 
   # Ensure Java is installed.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm which java'
-
-after_success:
-  # Clean up.
-  - 'sudo docker stop "$(cat ${container_id})"'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm which java'
 
 notifications:
   webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/provisioning/roles/geerlingguy.java/tasks/main.yml b/provisioning/roles/geerlingguy.java/tasks/main.yml
@@ -19,12 +19,15 @@
 # Setup/install tasks.
 - include: setup-RedHat.yml
   when: ansible_os_family == 'RedHat'
+  static: no
 
 - include: setup-Debian.yml
   when: ansible_os_family == 'Debian'
+  static: no
 
 - include: setup-FreeBSD.yml
   when: ansible_os_family == 'FreeBSD'
+  static: no
 
 # Environment setup.
 - name: Set JAVA_HOME if configured.

diff --git a/provisioning/roles/geerlingguy.java/tasks/setup-Debian.yml b/provisioning/roles/geerlingguy.java/tasks/setup-Debian.yml
@@ -1,6 +1,6 @@
 ---
 - name: Update apt cache.
-  apt: update_cache=yes cache_valid_time=3600
+  apt: update_cache=yes cache_valid_time=600
 
 - name: Ensure Java is installed.
   apt: "name={{ item }} state=present"

diff --git a/provisioning/roles/geerlingguy.java/tests/test.yml b/provisioning/roles/geerlingguy.java/tests/test.yml
@@ -6,9 +6,5 @@
       apt: update_cache=yes
       when: ansible_os_family == 'Debian'
 
-    - name: Ensure build dependencies are installed (RedHat).
-      package: name=which state=present
-      when: ansible_os_family == 'RedHat'
-
   roles:
     - role_under_test
diff --git a/provisioning/roles/geerlingguy.mailhog/.travis.yml b/provisioning/roles/geerlingguy.mailhog/.travis.yml
@@ -1,67 +1,52 @@
 ---
-sudo: required
+services: docker
 
 env:
-  - distribution: centos
-    version: 6
-    init: /sbin/init
-    run_opts: ""
-  - distribution: centos
-    version: 7
+  - distro: centos7
     init: /usr/lib/systemd/systemd
     run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
-  - distribution: ubuntu
-    version: 14.04
+  - distro: centos6
     init: /sbin/init
     run_opts: ""
-  - distribution: ubuntu
-    version: 12.04
+  - distro: ubuntu1604
+    init: /lib/systemd/systemd
+    run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
+  - distro: ubuntu1404
     init: /sbin/init
     run_opts: ""
 
-services:
-  - docker
-
 before_install:
-  # Pull container
-  - 'sudo docker pull ${distribution}:${version}'
-  # Customize container
-  - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests'
+  # Pull container.
+  - 'docker pull geerlingguy/docker-${distro}-ansible:latest'
 
 script:
   - container_id=$(mktemp)
-  # Run container in detached state
-  - 'sudo docker run --detach -p 8025:8025 --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"'
+  # Run container in detached state.
+  - 'docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} geerlingguy/docker-${distro}-ansible:latest "${init}" > "${container_id}"'
 
-  # Install required Galaxy roles.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-galaxy install geerlingguy.daemonize'
+  # Install dependencies.
+  - 'docker exec "$(cat ${container_id})" ansible-galaxy install -r /etc/ansible/roles/role_under_test/tests/requirements.yml'
 
   # Ansible syntax check.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
 
   # Test role.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
+  - 'docker exec "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
 
   # Test role idempotence.
   - idempotence=$(mktemp)
-  - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
+  - docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
   - >
     tail ${idempotence}
     | grep -q 'changed=0.*failed=0'
     && (echo 'Idempotence test: pass' && exit 0)
     || (echo 'Idempotence test: fail' && exit 1)
 
-  # Make sure mailhog is listening on ports 1025 and 8025.
-  # TODO.
-
   # Send an email via mhsendmail.
-  - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm sh -c "cat /etc/ansible/roles/role_under_test/tests/message | /opt/mailhog/mhsendmail johndoe@example.com"'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm sh -c "cat /etc/ansible/roles/role_under_test/tests/message | /opt/mailhog/mhsendmail johndoe@example.com"'
 
   # Test retrieving messages via MailHog API.
-  - 'curl http://localhost:8025/api/v2/messages | grep id'
-
-  # Clean up
-  - 'sudo docker stop "$(cat ${container_id})"'
+  - 'docker exec --tty "$(cat ${container_id})" env TERM=xterm sh -c "curl http://localhost:8025/api/v2/messages | grep id"'
 
 notifications:
   webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/provisioning/roles/geerlingguy.mailhog/README.md b/provisioning/roles/geerlingguy.mailhog/README.md
@@ -52,4 +52,4 @@ MIT / BSD
 
 ## Author Information
 
-This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/).
+This role was created in 2014 by [Jeff Geerling](http://www.jeffgeerling.com/), author of [Ansible for DevOps](https://www.ansiblefordevops.com/).
diff --git a/provisioning/roles/geerlingguy.mailhog/tasks/main.yml b/provisioning/roles/geerlingguy.mailhog/tasks/main.yml
@@ -29,5 +29,18 @@
     group: root
     mode: 0755
 
+- name: Copy mailhog systemd unit file into place (for systemd systems).
+  template:
+    src: mailhog.unit.j2
+    dest: /etc/systemd/system/mailhog.service
+    owner: root
+    group: root
+    mode: 0755
+  when: >
+    (ansible_distribution == 'Ubuntu' and ansible_distribution_version == '16.04') or
+    (ansible_distribution == 'Debian' and ansible_distribution_version|int >= 8) or
+    (ansible_distribution == 'CentOS' and ansible_distribution_version|int >= 7) or
+    (ansible_distribution == 'Fedora')
+
 - name: Ensure mailhog is enabled and will start on boot.
   service: name=mailhog state=started enabled=yes