22 changed files with 260 additions and 280 deletions
--- a/.forgejo/workflows/molecule.yml
+++ b/.forgejo/workflows/molecule.yml
@ -1,18 +0,0 @@
 ---
 on: [push]
 jobs:
  lint:
    runs-on: docker
    container:
      image: code.waks.be/nishiki/molecule:docker
    steps:
      - uses: actions/checkout@v3
      - run: ansible-lint .
      - run: yamllint .
  molecule:
    runs-on: docker
    container:
      image: code.waks.be/nishiki/molecule:docker
    steps:
      - uses: actions/checkout@v3
      - run: molecule test
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1 @@
 .kitchen/*
 *.pyc
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,10 +0,0 @@
 ---
 image: nishiki/molecule:docker
 before_script:
  - molecule --version
 molecule:
  stage: test
  script:
    - molecule test
--- a/.kitchen.yml
+++ b/.kitchen.yml
@ -0,0 +1,27 @@
 ---
 driver:
  name: docker_cli
 transport:
  name: docker_cli
 provisioner:
  name: ansible_playbook
  hosts: localhost
  require_ansible_repo: false
  require_ansible_omnibus: false
  require_chef_for_busser: true
  ansible_verbose: false
  ansible_inventory: ./test/integration/inventory
 platforms:
  - name: debian-9
    driver_config:
      image: "nishiki/debian9:ansible-<%= ENV['ANSIBLE_VERSION'] ? ENV['ANSIBLE_VERSION'] : '2.7' %>"
      command: /bin/systemd
      volume:
        - /sys/fs/cgroup:/sys/fs/cgroup:ro
      security_opt: seccomp=unconfined
 suites:
  - name: default
--- a/.yamllint
+++ b/.yamllint
@ -2,11 +2,11 @@
 extends: default
 ignore: |
-  .kitchen*
+  .kitchen/*
  vendor/
  .forgejo/
 rules:
  line-length:
    max: 120
    level: warning
  truthy: false
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -5,38 +5,6 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 ## Unreleased
 ### Added
 - test: add support debian 12
 ### Changed
 - test: use personal docker registry
 ### Removed
 - test: removed support debian 10
 ### Fixed
 - new grafana repository
 ## 1.1.0 - 2021-08-22
 ### Added
 - feat: install unofficial plugins
 - test: add support debian 11
 ### Changed
 - chore: use FQCN for module name
 - test: replace kitchen to molecule
 ### Removed
 - test: remove support debian 9
 ## 1.0.1 - 2019-08-17
 ### Fixed
--- a/8
+++ b/8
@ -0,0 +1,8 @@
 source 'https://rubygems.org'
 group :development do
  gem 'kitchen-ansible'
  gem 'kitchen-docker_cli'
  gem 'rubocop', '0.50.0'
  gem 'test-kitchen'
 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -0,0 +1,92 @@
 GEM
  remote: https://rubygems.org/
  specs:
    ast (2.4.0)
    builder (3.2.3)
    erubis (2.7.0)
    ffi (1.10.0)
    gssapi (1.2.0)
      ffi (>= 1.0.1)
    gyoku (1.3.1)
      builder (>= 2.1.2)
    httpclient (2.8.3)
    kitchen-ansible (0.49.1)
      net-ssh (>= 3)
      test-kitchen (~> 1.4)
    kitchen-docker_cli (0.19.0)
      test-kitchen (>= 1.3)
    little-plugger (1.1.4)
    logging (2.2.2)
      little-plugger (~> 1.1)
      multi_json (~> 1.10)
    mixlib-install (3.11.11)
      mixlib-shellout
      mixlib-versioning
      thor
    mixlib-shellout (2.4.4)
    mixlib-versioning (1.2.7)
    multi_json (1.13.1)
    net-scp (1.2.1)
      net-ssh (>= 2.6.5)
    net-ssh (4.2.0)
    net-ssh-gateway (1.3.0)
      net-ssh (>= 2.6.5)
    nori (2.6.0)
    parallel (1.16.0)
    parser (2.6.2.0)
      ast (~> 2.4.0)
    powerpack (0.1.2)
    rainbow (2.2.2)
      rake
    rake (12.3.2)
    rubocop (0.50.0)
      parallel (~> 1.10)
      parser (>= 2.3.3.1, < 3.0)
      powerpack (~> 0.1)
      rainbow (>= 2.2.2, < 3.0)
      ruby-progressbar (~> 1.7)
      unicode-display_width (~> 1.0, >= 1.0.1)
    ruby-progressbar (1.10.0)
    rubyntlm (0.6.2)
    rubyzip (1.2.2)
    test-kitchen (1.24.0)
      mixlib-install (~> 3.6)
      mixlib-shellout (>= 1.2, < 3.0)
      net-scp (~> 1.1)
      net-ssh (>= 2.9, < 5.0)
      net-ssh-gateway (~> 1.2)
      thor (~> 0.19)
      winrm (~> 2.0)
      winrm-elevated (~> 1.0)
      winrm-fs (~> 1.1)
    thor (0.20.3)
    unicode-display_width (1.5.0)
    winrm (2.3.1)
      builder (>= 2.1.2)
      erubis (~> 2.7)
      gssapi (~> 1.2)
      gyoku (~> 1.0)
      httpclient (~> 2.2, >= 2.2.0.2)
      logging (>= 1.6.1, < 3.0)
      nori (~> 2.0)
      rubyntlm (~> 0.6.0, >= 0.6.1)
    winrm-elevated (1.1.1)
      winrm (~> 2.0)
      winrm-fs (~> 1.0)
    winrm-fs (1.3.2)
      erubis (~> 2.7)
      logging (>= 1.6.1, < 3.0)
      rubyzip (~> 1.1)
      winrm (~> 2.0)
 PLATFORMS
  ruby
 DEPENDENCIES
  kitchen-ansible
  kitchen-docker_cli
  rubocop (= 0.50.0)
  test-kitchen
 BUNDLED WITH
   1.16.6
--- a/README.md
+++ b/README.md
@ -1,21 +1,18 @@
 # Ansible role: Grafana
-[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-grafana/releases)
+[![Version](https://img.shields.io/badge/latest_version-1.0.1-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-grafana/releases)
-[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-sensu/src/branch/main/LICENSE)
+[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-sensu/src/branch/master/LICENSE)
 [![Build](https://code.waks.be/nishiki/ansible-role-grafana/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-grafana/actions?workflow=molecule.yml)
 Install and configure Grafana
 ## Requirements
- Ansible >= 2.9
+* Ansible >= 2.7
- Debian
+* Debian Stretch
  - Buster
  - Bullseye
 ## Role variables
- `grafana_config` - hash with the grafana configuration (see [grafana documentation](http://docs.grafana.org/installation/configuration/))
+* `grafana_config` - hash with the grafana configuration (see [grafana documentation](http://docs.grafana.org/installation/configuration/))
 ```
  default:
@ -25,23 +22,13 @@ Install and configure Grafana
    admin_password: secret
 ```
- `grafana_ldap_config` - hash with ldap configuration (see [grafana with ldap](http://docs.grafana.org/auth/ldap/))
+* `grafana_ldap_config` - hash with ldap configuration (see [grafana with ldap](http://docs.grafana.org/auth/ldap/))
- `grafana_plugins` - array with grafana plugins (see [grafana plugins](https://grafana.com/plugins))
+* `grafana_plugins` - array with grafana plugins (see [grafana plugins](https://grafana.com/plugins))
 ```
  - name: grafana-piechart-panel
    version: 1.3.6
    state: present
  - name: sensu-sensugo-datasource
    url: https://github.com/sensu/grafana-sensu-go-datasource/releases/download/1.0.2/sensu-sensugo-datasource-1.0.2.zip
 ```
 - `grafana_proxy_url` - set an URL proxy for outbound http and https requests
 - `grafana_proxy_ignore` - array with subnets or hosts to ignore
 ```
  - localhost
  - 10.0.0.0/8
 ```
 ## How to use
@ -54,12 +41,25 @@ Install and configure Grafana
 ## Development
-### Test with molecule and docker
+### Test syntax with yamllint
- install [docker](https://docs.docker.com/engine/installation/)
+* install `python` and `python-pip`
- install `python3` and `python3-pip`
+* install yamllint `pip install yamllint`
- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
+* run `yamllint .`
- run `molecule test`
+
 ### Test syntax with ansible-lint
 * install `python` and `python-pip`
 * install yamllint `pip install ansible-lint`
 * run `ansible-lint .`
 ### Tests with docker
 * install [docker](https://docs.docker.com/engine/installation/)
 * install ruby
 * install bundler `gem install bundler`
 * install dependencies `bundle install`
 * run the tests `kitchen test`
 ## License
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -2,4 +2,3 @@
 grafana_config: {}
 grafana_ldap_config: {}
 grafana_plugins: []
 grafana_proxy_ignore: []
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,5 +1,5 @@
 ---
- name: Restart grafana
+- name: restart grafana
-  ansible.builtin.service:
+  systemd:
    name: grafana-server
    state: restarted
--- a/meta/main.yml
+++ b/meta/main.yml
@ -1,18 +1,16 @@
 ---
 galaxy_info:
-  role_name: grafana
+  role_name: Grafana
  namespace: nishiki
  author: Adrien Waksberg
  company: Adrien Waksberg
  description: Install and configure Grafana
  license: Apache2
-  min_ansible_version: "2.9"
+  min_ansible_version: 2.7
  platforms:
    - name: Debian
      versions:
-        - bullseye
+        - stretch
        - bookworm
  galaxy_tags:
    - dashboard
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@ -1,23 +0,0 @@
 ---
 - name: Converge
  hosts: all
  roles:
    - ansible-role-grafana
  vars:
    grafana_plugins:
      - name: grafana-piechart-panel
      - name: sensu-sensugo-datasource
        version: 1.0.3
        url: >
          https://github.com/sensu/grafana-sensu-go-datasource/releases/download/1.0.3/sensu-sensugo-datasource-1.0.3.zip
    grafana_config:
      default:
        instance_name: '${HOSTNAME}'
      security:
        admin_user: sysadmin
        admin_password: secret
  pre_tasks:
    - name: update apt cache
      ansible.builtin.apt:
        update_cache: true
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -1,28 +0,0 @@
 ---
 driver:
  name: docker
 platforms:
  - name: debian12
    image: code.waks.be/nishiki/molecule:debian12
    privileged: true
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
    cgroupns_mode: host
    command: /bin/systemd
    capabilities:
      - SYS_ADMIN
  - name: debian11
    image: code.waks.be/nishiki/molecule:debian11
    privileged: true
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
    cgroupns_mode: host
    command: /bin/systemd
    capabilities:
      - SYS_ADMIN
 lint: |
  set -e
  yamllint .
  ansible-lint .
 verifier:
  name: testinfra
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@ -1,50 +0,0 @@
 import testinfra.utils.ansible_runner
 def test_packages(host):
  package = host.package('grafana')
  assert package.is_installed
 def test_config_file(host):
  path = host.file('/etc/grafana/grafana.ini')
  assert path.exists
  assert path.is_file
  assert path.user == 'root'
  assert path.group == 'grafana'
  assert path.mode == 0o640
  assert not path.contains('default')
  assert path.contains('instance_name = "${HOSTNAME}"')
  assert path.contains('[security]')
  assert path.contains('admin_user = "sysadmin"')
 def test_default_config_file(host):
  path = host.file('/etc/default/grafana-server')
  assert path.exists
  assert path.is_file
  assert path.user == 'root'
  assert path.group == 'root'
  assert path.mode == 0o644
  assert path.contains('LOG_DIR=/var/log/grafana')
 def test_ldap_config_file(host):
  path = host.file('/etc/grafana/ldap.toml')
  assert path.exists
  assert path.is_file
  assert path.user == 'root'
  assert path.group == 'grafana'
  assert path.mode == 0o640
 def test_plugins_install(host):
  for plugin_name in ['grafana-piechart-panel', 'sensu-sensugo-datasource']:
    path = host.file('/var/lib/grafana/plugins/%s' % plugin_name)
    assert path.exists
    assert path.is_directory
    assert path.user == 'root'
 def test_service(host):
  service = host.service('grafana-server')
  assert service.is_running
  assert service.is_enabled
 def test_socket(host):
  socket = host.socket('tcp://0.0.0.0:3000')
  assert socket.is_listening
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,89 +1,65 @@
 ---
- name: Install dependencies packages
+- name: install dependencies packages
-  ansible.builtin.package:
+  apt:
-    name:
+    name: apt-transport-https
-      - apt-transport-https
+  retries: 2
-      - gpg
+  register: result
-      - unzip
+  until: result is succeeded
  tags: grafana
- name: Add repository key
+- name: add repository key
-  ansible.builtin.get_url:
+  apt_key:
-    url: https://apt.grafana.com/gpg.key
+    url: https://packages.grafana.com/gpg.key
-    dest: /usr/share/keyrings/grafana.key
+  retries: 2
-    owner: root
+  register: result
-    group: root
+  until: result is succeeded
    mode: 0644
  tags: grafana
- name: Add repository
+- name: add repository
-  ansible.builtin.apt_repository:
+  apt_repository:
-    repo: deb [signed-by=/usr/share/keyrings/grafana.key] https://apt.grafana.com stable main
+    repo: deb https://packages.grafana.com/oss/deb stable main
    filename: grafana
  tags: grafana
- name: Install grafana package
+- name: install grafana package
-  ansible.builtin.package:
+  apt:
-    name:
+    name: grafana
-      - grafana
+  retries: 2
  register: result
  until: result is succeeded
  tags: grafana
- name: Copy default environment variables file
+- name: copy configuration file
-  ansible.builtin.template:
+  template:
    src: default.j2
    dest: /etc/default/grafana-server
    owner: root
    group: root
    mode: 0644
  notify: Restart grafana
  tags: grafana
 - name: Copy configuration file
  ansible.builtin.template:
    src: grafana.ini.j2
    dest: /etc/grafana/grafana.ini
    owner: root
    group: grafana
    mode: 0640
-  notify: Restart grafana
+  notify: restart grafana
  tags: grafana
- name: Copy ldap configuration file
+- name: copy ldap configuration file
-  ansible.builtin.template:
+  template:
    src: ldap.toml.j2
    dest: /etc/grafana/ldap.toml
    owner: root
    group: grafana
    mode: 0640
-  notify: Restart grafana
+  notify: restart grafana
  tags: grafana
- name: Install official plugins
+- name: install plugins
-  community.grafana.grafana_plugin:
+  grafana_plugin:
-    name: "{{ item.name }}"
+    name: '{{ item.name }}'
-    version: "{{ item.version | default('latest') }}"
+    version: '{{ item.version|default("latest") }}'
-    state: "{{ item.state | default('present') }}"
+    state: '{{ item.state|default("present") }}'
-  loop: "{{ grafana_plugins | selectattr('url', 'undefined') }}"
+  loop: '{{ grafana_plugins }}'
-  loop_control:
+  notify: restart grafana
    label: "{{ item.name }}"
  notify: Restart grafana
  tags: grafana
- name: Install unofficial plugins
+- name: enable and start service
-  community.grafana.grafana_plugin:
+  systemd:
    name: "{{ item.name }}"
    grafana_plugin_url: "{{ item.url }}"
    version: "{{ item.version | default('latest') }}"
    state: "{{ item.state | default('present') }}"
  loop: "{{ grafana_plugins | selectattr('url', 'defined') }}"
  loop_control:
    label: "{{ item.name }}"
  notify: Restart grafana
  tags: grafana
 - name: Enable and start service
  ansible.builtin.service:
    name: grafana-server
    state: started
-    enabled: true
+    enabled: yes
  tags: grafana
--- a/templates/default.j2
+++ b/templates/default.j2
@ -1,18 +0,0 @@
 # {{ ansible_managed }}
 GRAFANA_HOME=/usr/share/grafana
 LOG_DIR=/var/log/grafana
 DATA_DIR=/var/lib/grafana
 MAX_OPEN_FILES=10000
 CONF_DIR=/etc/grafana
 CONF_FILE=/etc/grafana/grafana.ini
 RESTART_ON_UPGRADE=true
 PLUGINS_DIR=/var/lib/grafana/plugins
 PROVISIONING_CFG_DIR=/etc/grafana/provisioning
 PID_FILE_DIR=/run/grafana
 {% if grafana_proxy_url is defined %}
 https_proxy={{ grafana_proxy_url }}
 http_proxy={{ grafana_proxy_url }}
 no_proxy={{ grafana_proxy_ignore|join(',') }}
 {% endif %}
--- a/templates/grafana.ini.j2
+++ b/templates/grafana.ini.j2
@ -1,10 +1,10 @@
 # {{ ansible_managed }}
-{% for section, options in grafana_config.items()  %}
+{% for section, options in grafana_config.iteritems()  %}
 {% if section|lower != 'default' %}
 [{{ section }}]
 {% endif %}
-{% for option, value in options.items() %}
+{% for option, value in options.iteritems() %}
 {{ option }} = {% if value is sameas true %}true
 {% elif value is sameas false %}false
 {% elif value is string %}"{{ value }}"
--- a/templates/ldap.toml.j2
+++ b/templates/ldap.toml.j2
@ -1,10 +1,10 @@
 # {{ ansible_managed }}
-{% for section, options in grafana_ldap_config.items()  %}
+{% for section, options in grafana_ldap_config.iteritems()  %}
 {% if section|lower != 'default' %}
 [{{ section }}]
 {% endif %}
-{% for option, value in options.items() %}
+{% for option, value in options.iteritems() %}
 {{ option }} = {% if value is sameas true %}true
 {% elif value is sameas false %}false
 {% elif value is string %}"{{ value }}"
--- a/test/integration/default/default.yml
+++ b/test/integration/default/default.yml
@ -0,0 +1,15 @@
 ---
 - hosts: localhost
  connection: local
  vars:
    grafana_plugins:
      - name: grafana-piechart-panel
    grafana_config:
      default:
        instance_name: '${HOSTNAME}'
      security:
        admin_user: sysadmin
        admin_password: secret
  roles:
    - ansible-role-grafana
--- a/test/integration/default/serverspec/default_spec.rb
+++ b/test/integration/default/serverspec/default_spec.rb
@ -0,0 +1,44 @@
 require 'serverspec'
 set :backend, :exec
 puts
 puts '================================'
 puts %x(ansible --version)
 puts '================================'
 describe package('grafana') do
  it { should be_installed }
 end
 describe file('/etc/grafana/grafana.ini') do
  it { should be_file }
  it { should be_mode 640 }
  it { should be_owned_by 'root' }
  it { should be_grouped_into 'grafana' }
  it { should_not contain 'default' }
  it { should contain 'instance_name = "${HOSTNAME}"' }
  it { should contain '[security]' }
  it { should contain 'admin_user = "sysadmin"' }
 end
 describe file('/etc/grafana/ldap.toml') do
  it { should be_file }
  it { should be_mode 640 }
  it { should be_owned_by 'root' }
  it { should be_grouped_into 'grafana' }
 end
 describe file('/var/lib/grafana/plugins/grafana-piechart-panel') do
  it { should be_directory }
  it { should be_owned_by 'root' }
 end
 describe service('grafana-server') do
  it { should be_enabled }
  it { should be_running.under('systemd') }
 end
 describe port(3000) do
  it { should be_listening.with('tcp6') }
 end
--- a/test/integration/inventory
+++ b/test/integration/inventory
@ -0,0 +1 @@
 localhost