test: replace kitchen to molecule

2021-08-24 18:15:33 +02:00 · 2021-08-24 18:15:33 +02:00 · aab9e5cb08
commit aab9e5cb08
parent cd68ec7b1d
15 changed files with 124 additions and 244 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
 .kitchen/*
-
+*.pyc
--- a/.kitchen.yml
+++ b/.kitchen.yml
@ -1,27 +0,0 @@
 ---
 driver:
  name: docker_cli
 transport:
  name: docker_cli
 provisioner:
  name: ansible_playbook
  hosts: localhost
  require_ansible_repo: false
  require_ansible_omnibus: false
  require_chef_for_busser: true
  ansible_verbose: false
  ansible_inventory: ./test/integration/inventory
 platforms:
  - name: debian-9
    driver_config:
      image: "nishiki/debian9:ansible-<%= ENV['ANSIBLE_VERSION'] ? ENV['ANSIBLE_VERSION'] : '2.6' %>"
      command: /bin/systemd
      volume:
        - /sys/fs/cgroup:/sys/fs/cgroup:ro
      security_opt: seccomp=unconfined
 suites:
  - name: certbot
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -1,38 +0,0 @@
 ---
 AllCops:
  Exclude:
    - db/**/*
    - config/**/*
    - Vagrantfile
  TargetRubyVersion: 2.3
 Naming/AccessorMethodName:
  Enabled: false
 Lint/RescueWithoutErrorClass:
  Enabled: false
 Metrics/LineLength:
  Max: 120
 Metrics/CyclomaticComplexity:
  Enabled: false
 Metrics/PerceivedComplexity:
  Enabled: false
 Metrics/MethodLength:
  Enabled: false
 Metrics/BlockLength:
  Enabled: false
 Metrics/ClassLength:
  Enabled: false
 Metrics/AbcSize:
  Enabled: false
 Style/NumericLiteralPrefix:
  Enabled: false
 Style/FrozenStringLiteralComment:
  Enabled: false
 Style/CommandLiteral:
  Enabled: true
  EnforcedStyle: percent_x
 Style/Documentation:
  Enabled: false
--- a/.travis.yml
+++ b/.travis.yml
@ -1,28 +1,30 @@
 ---
 sudo: required
-language: ruby
+dist: bionic
 addons:
  apt:
    packages:
      - python3
      - python3-pip
      - python3-setuptools
 env:
-  - ANSIBLE_VERSION=2.5
+  - ANSIBLE_VERSION=2.9.25
-  - ANSIBLE_VERSION=2.6
+  - ANSIBLE_VERSION=2.10.7
-  - ANSIBLE_VERSION=2.7
+  - ANSIBLE_VERSION=3.4.0
  - ANSIBLE_VERSION=4.4.0
 services:
  - docker
 before_install:
-  - bundle install
+  - sudo pip3 install ansible==${ANSIBLE_VERSION}
-  - sudo pip install --upgrade pip
+  - sudo pip3 install molecule 'molecule[docker]' docker testinfra ansible-lint yamllint
  - sudo pip install yamllint
  - sudo pip install ansible-lint
  - git clone https://github.com/ansible/galaxy-lint-rules.git
 script:
-  - kitchen conv certbot-debian-9
+  - ansible --version
-  - kitchen conv certbot-debian-9 | grep changed=0
+  - molecule test
  - kitchen verify certbot-debian-9
  - ansible-lint -r galaxy-lint-rules/rules .
  - yamllint .
 notifications:
  webhooks: https://galaxy.ansible.com/api/v1/notifications/
--- a/.yamllint
+++ b/.yamllint
@ -1,3 +1,4 @@
 ---
 extends: default
 ignore: |
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,7 +4,19 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 Which is based on [Keep A Changelog](http://keepachangelog.com/)
 ## [Unreleased]
 ### Added
 - test: add check yamllint
 - test: add support debian 11
 ### Changed
 - test: replace kitchen to molecule
 ### Removed
 - test: remove support debian 9
 ## [2.1.1] 2018-11-26
 - fix: replace shell module to command
--- a/8
+++ b/8
@ -1,8 +0,0 @@
 source 'https://rubygems.org'
 group :development do
  gem 'kitchen-ansible'
  gem 'kitchen-docker_cli'
  gem 'rubocop', '0.50.0'
  gem 'test-kitchen'
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -1,94 +0,0 @@
 GEM
  remote: https://rubygems.org/
  specs:
    ast (2.4.0)
    builder (3.2.3)
    erubis (2.7.0)
    ffi (1.9.23)
    gssapi (1.2.0)
      ffi (>= 1.0.1)
    gyoku (1.3.1)
      builder (>= 2.1.2)
    httpclient (2.8.3)
    kitchen-ansible (0.47.5)
      net-ssh (>= 3)
      test-kitchen (~> 1.4)
    kitchen-docker_cli (0.18.0)
      test-kitchen (>= 1.3)
    little-plugger (1.1.4)
    logging (2.2.2)
      little-plugger (~> 1.1)
      multi_json (~> 1.10)
    mixlib-install (3.6.0)
      mixlib-shellout
      mixlib-versioning
      thor
    mixlib-shellout (2.3.2)
    mixlib-versioning (1.2.2)
    multi_json (1.13.1)
    net-scp (1.2.1)
      net-ssh (>= 2.6.5)
    net-ssh (4.2.0)
    net-ssh-gateway (1.3.0)
      net-ssh (>= 2.6.5)
    nori (2.6.0)
    parallel (1.12.1)
    parser (2.5.0.2)
      ast (~> 2.4.0)
    powerpack (0.1.1)
    rainbow (2.2.2)
      rake
    rake (12.3.1)
    rubocop (0.50.0)
      parallel (~> 1.10)
      parser (>= 2.3.3.1, < 3.0)
      powerpack (~> 0.1)
      rainbow (>= 2.2.2, < 3.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (~> 1.0, >= 1.0.1)
    ruby-progressbar (1.9.0)
    rubyntlm (0.6.2)
    rubyzip (1.2.1)
    safe_yaml (1.0.4)
    test-kitchen (1.18.0)
      mixlib-install (~> 3.6)
      mixlib-shellout (>= 1.2, < 3.0)
      net-scp (~> 1.1)
      net-ssh (>= 2.9, < 5.0)
      net-ssh-gateway (~> 1.2)
      safe_yaml (~> 1.0)
      thor (~> 0.19, < 0.19.2)
      winrm (~> 2.0)
      winrm-elevated (~> 1.0)
      winrm-fs (~> 1.0.2)
    thor (0.19.1)
    unicode-display_width (1.3.0)
    winrm (2.2.3)
      builder (>= 2.1.2)
      erubis (~> 2.7)
      gssapi (~> 1.2)
      gyoku (~> 1.0)
      httpclient (~> 2.2, >= 2.2.0.2)
      logging (>= 1.6.1, < 3.0)
      nori (~> 2.0)
      rubyntlm (~> 0.6.0, >= 0.6.1)
    winrm-elevated (1.1.0)
      winrm (~> 2.0)
      winrm-fs (~> 1.0)
    winrm-fs (1.0.2)
      erubis (~> 2.7)
      logging (>= 1.6.1, < 3.0)
      rubyzip (~> 1.1)
      winrm (~> 2.0)
 PLATFORMS
  ruby
 DEPENDENCIES
  kitchen-ansible
  kitchen-docker_cli
  rubocop (= 0.50.0)
  test-kitchen
 BUNDLED WITH
   1.16.0
--- a/README.md
+++ b/README.md
@ -1,4 +1,5 @@
 # Ansible role: Certbot
 [![Version](https://img.shields.io/badge/latest_version-2.1.1-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-certbot/releases)
 [![Build Status](https://travis-ci.org/nishiki/ansible-role-certbot.svg?branch=master)](https://travis-ci.org/nishiki/ansible-role-certbot)
 [![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-certbot/src/branch/master/LICENSE)
@ -7,8 +8,10 @@ Generate certificate SSL with certbot.
 ## Requirements
-* Ansible >= 2.5
+* Ansible >= 2.9
-* Debian Stretch
+* Debian
  * Buster
  * Bullseye
 ## Role variables
@ -27,13 +30,14 @@ Generate certificate SSL with certbot.
 ```
 ## Development
 ### Tests with docker
-  * install [docker](https://docs.docker.com/engine/installation/)
+### Test with molecule and docker
-  * install ruby
+
-  * install bundler `gem install bundler`
+* install [docker](https://docs.docker.com/engine/installation/)
-  * install dependencies `bundle install`
+* install `python3` and `python3-pip`
-  * run the tests `kitchen test`
+* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
 * run `molecule test`
 ## License
--- a/meta/main.yml
+++ b/meta/main.yml
@ -5,11 +5,13 @@ galaxy_info:
  company: Adrien Waksberg
  description: Generate certificate SSL with certbot
  license: Apache2
-  min_ansible_version: 2.5
+  min_ansible_version: 2.9
  platforms:
    - name: Debian
      versions:
-        - stretch
+        - buster
        - bullseye
  galaxy_tags:
    - certbot
    - letsencrypt
--- a/test/integration/certbot/default.yml
+++ b/test/integration/certbot/default.yml
@ -1,10 +1,15 @@
 ---
- hosts: certbot
+- name: Converge
-  connection: local
+  hosts: all
  roles:
    - ansible-role-certbot
  vars:
    certbot_role: slave
    certbot_domains:
      - name: test.local
        command: 'echo OK > /tmp/test.txt'
-  roles:
+
-    - ansible-role-certbot
+  pre_tasks:
    - name: update apt cache
      ansible.builtin.apt:
        update_cache: true
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -0,0 +1,26 @@
 ---
 driver:
  name: docker
 platforms:
  - name: debian10
    image: nishiki/debian10:molecule
    privileged: true
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: /bin/systemd
    capabilities:
      - SYS_ADMIN
  - name: debian11
    image: nishiki/debian11:molecule
    privileged: true
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
    command: /bin/systemd
    capabilities:
      - SYS_ADMIN
 lint: |
  set -e
  yamllint .
  ansible-lint .
 verifier:
  name: testinfra
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@ -0,0 +1,44 @@
 import testinfra.utils.ansible_runner
 def test_packages(host):
  package = host.package('certbot')
  assert package.is_installed
 def test_acme_directory(host):
  path = host.file('/var/www/acme')
  assert path.exists
  assert path.is_directory
  assert path.user == 'root'
  assert path.group == 'root'
  assert path.mode == 0o755
 def test_old_cron_file(host):
  path = host.file('/etc/cron.d/certbot')
  assert not path.exists
 def test_cron_file(host):
  path = host.file('/var/spool/cron/crontabs/root')
  assert path.exists
  assert path.is_file
  assert path.user == 'root'
  assert path.group == 'crontab'
  assert path.mode == 0o600
  assert path.contains('--renew-hook /usr/local/bin/certbot-renew')
 def test_config_file(host):
  path = host.file('/etc/letsencrypt/renew.cfg')
  assert path.exists
  assert path.is_file
  assert path.user == 'root'
  assert path.group == 'root'
  assert path.mode == 0o644
  assert path.contains('test.local = echo OK > /tmp/test.txt')
 def test_renew(host):
  cmd = host.run('RENEWED_DOMAINS=test.local /usr/local/bin/certbot-renew')
  assert cmd.succeeded
  path = host.file('/tmp/test.txt')
  assert path.exists
  assert path.is_file
  assert path.contains('OK')
--- a/test/integration/certbot/serverspec/certbot_spec.rb
+++ b/test/integration/certbot/serverspec/certbot_spec.rb
@ -1,47 +0,0 @@
 require 'serverspec'
 set :backend, :exec
 describe package('certbot') do
  it { should be_installed }
 end
 describe file('/var/www/acme') do
  it { should exist }
  it { should be_directory }
  it { should be_mode 755 }
  it { should be_owned_by 'root' }
  it { should be_grouped_into 'root' }
 end
 describe file('/etc/cron.d/certbot') do
  it { should_not exist }
 end
 describe file('/var/spool/cron/crontabs/root') do
  it { should exist }
  it { should be_file }
  it { should be_mode 600 }
  it { should be_owned_by 'root' }
  it { should be_grouped_into 'crontab' }
  it { should contain '--renew-hook /usr/local/bin/certbot-renew' }
 end
 describe file('/etc/letsencrypt/renew.cfg') do
  it { should exist }
  it { should be_file }
  it { should be_mode 644 }
  it { should be_owned_by 'root' }
  it { should be_grouped_into 'root' }
  it { should contain 'test.local = echo OK > /tmp/test.txt' }
 end
 describe command('RENEWED_DOMAINS=test.local /usr/local/bin/certbot-renew') do
  its(:exit_status) { should eq 0 }
 end
 describe file('/tmp/test.txt') do
  it { should exist }
  it { should be_file }
  it { should contain 'OK' }
 end
--- a/test/integration/inventory
+++ b/test/integration/inventory
@ -1,2 +0,0 @@
 [certbot]
 localhost