test: fix syntax for ansible lint

.forgejo/workflows/molecule.yml

@@ -0,0 +1,18 @@
+---
+on: [push]
+jobs:
+  lint:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: ansible-lint .
+      - run: yamllint .
+  molecule:
+    runs-on: docker
+    container:
+      image: code.waks.be/nishiki/molecule:docker
+    steps:
+      - uses: actions/checkout@v3
+      - run: molecule test

.gitlab-ci.yml

@@ -0,0 +1,10 @@
+---
+image: nishiki/molecule:docker
+
+before_script:
+  - molecule --version
+
+molecule:
+  stage: test
+  script:
+    - molecule test

.rubocop.yml

@@ -1,38 +0,0 @@
----
-AllCops:
-  Exclude:
-    - db/**/*
-    - config/**/*
-    - Vagrantfile
-  TargetRubyVersion: 2.4
-
-Naming/AccessorMethodName:
-  Enabled: false
-
-Lint/RescueWithoutErrorClass:
-  Enabled: false
-
-Metrics/LineLength:
-  Max: 120
-Metrics/CyclomaticComplexity:
-  Enabled: false
-Metrics/PerceivedComplexity:
-  Enabled: false
-Metrics/MethodLength:
-  Enabled: false
-Metrics/BlockLength:
-  Enabled: false
-Metrics/ClassLength:
-  Enabled: false
-Metrics/AbcSize:
-  Enabled: false
-
-Style/NumericLiteralPrefix:
-  Enabled: false
-Style/FrozenStringLiteralComment:
-  Enabled: false
-Style/CommandLiteral:
-  Enabled: true
-  EnforcedStyle: percent_x
-Style/Documentation:
-  Enabled: false

.yamllint

@@ -2,11 +2,11 @@
 extends: default
 
 ignore: |
-  .kitchen/*
+  .kitchen*
   vendor/
+  .forgejo/
 
 rules:
   line-length:
     max: 120
     level: warning
-  truthy: false

CHANGELOG.md

@@ -3,28 +3,48 @@
 This project adheres to [Semantic Versioning](http://semver.org/).
 Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
-## [Unreleased]
+## Unreleased
 
-## [v2.0.1] - 2020-03-28
+### Fixed
+
+- fix: change gpg key
+
+## v2.1.0 - 2021-08-22
+
+### Added
+
+- test: add support debian 11
+
+### Fixed
+
+- fix: bug with multiple privileges
+
+### Changed
+
+- chore: use FQCN for module name
+- fix: replace no_log to loop label
+- test: use personal docker registry
+
+## v2.0.1 - 2020-03-28
 
 ### Changed
 
 - fix: remove default value for mariadb_password
 - test: replace kitchen to molecule
 
-## [v2.0.0] - 2019-06-05
+## v2.0.0 - 2019-06-05
 
 - breaking: remove support for ansible < 2.8
 - feat: add official repository
 - feat: remove unused users in init
 - feat: install database if datadir doesn't exist
 
-## [v1.0.1] - 2019-03-16
+## v1.0.1 - 2019-03-16
 
 - fix: add client-server option in default configuration
 - fix: install python-mysqldb package
 - test: add tests with travis-ci
 
-## [v1.0.0] - 2019-02-23
+## v1.0.0 - 2019-02-23
 
 - first version

README.md

@@ -1,34 +1,36 @@
 # Ansible role: MariaDB
 
-[![Version](https://img.shields.io/badge/latest_version-2.0.1-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-mariadb/releases)
-[![Build Status](https://travis-ci.org/nishiki/ansible-role-mariadb.svg?branch=master)](https://travis-ci.org/nishiki/ansible-role-mariadb)
-[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-mariadb/src/branch/master/LICENSE)
+[![Version](https://img.shields.io/badge/latest_version-2.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-mariadb/releases)
+[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-mariadb/src/branch/master/LICENSE)
+[![Build](https://code.waks.be/nishiki/ansible-role-mariadb/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-mariadb/actions?workflow=molecule.yml)
 
 Install and configure MariaDB
 
 ## Requirements
 
-* Ansible >= 2.8
-* Debian Stretch and Buster
+- Ansible >= 2.9
+- Debian
+  - Bullseye
+  - Bookworm
 
 ## Role variables
 
-| Name                            | Type  | Required |Default | Comment                                |
-|---------------------------------|-------|----------|--------|----------------------------------------|
-| mariadb_use_official_repository | bool  | no       | true   | use the official repository            |
-| mariadb_branch                  | str   | no       | 10.3   | the branch version to install          |
-| mariadb_user                    | str   | no       | root   | login to connect on mariadb            |
-| mariadb_password                | str   | yes      |        | password to connect on mariadb         |
-| mariadb_master                  | bool  | no       | false  | the server is master                   |
-| mariadb_autorestart             | bool  | no       | false  | restart mariadb when the config change |
-| mariadb_users                   | array | no       |        | the users to manage                    |
-| mariadb_databases               | array | no       |        | the databases to manage                |
-| mariadb_config                  | hash  | no       |        | extra options for configuration        |
+| Name                            | Type  | Required | Default | Comment                                |
+| ------------------------------- | ----- | -------- | ------- | -------------------------------------- |
+| mariadb_use_official_repository | bool  | no       | true    | use the official repository            |
+| mariadb_branch                  | str   | no       | 10.3    | the branch version to install          |
+| mariadb_user                    | str   | no       | root    | login to connect on mariadb            |
+| mariadb_password                | str   | yes      |         | password to connect on mariadb         |
+| mariadb_master                  | bool  | no       | false   | the server is master                   |
+| mariadb_autorestart             | bool  | no       | false   | restart mariadb when the config change |
+| mariadb_users                   | array | no       |         | the users to manage                    |
+| mariadb_databases               | array | no       |         | the databases to manage                |
+| mariadb_config                  | hash  | no       |         | extra options for configuration        |
 
 ### mariadb_users
 
-| Name       | Type  | Required |Default  | Comment                                                   |
-|------------|-------|----------|---------|-----------------------------------------------------------|
+| Name       | Type  | Required | Default | Comment                                                   |
+| ---------- | ----- | -------- | ------- | --------------------------------------------------------- |
 | name       | str   | yes      |         | the username                                              |
 | host       | str   | yes      |         | the mysql user host                                       |
 | password   | str   | yes      |         | the user password                                         |
@@ -48,10 +50,10 @@ Example:
 
 ### mariadb_databases
 
-| Name       | Type  | Required |Default  | Comment                                                   |
-|------------|-------|----------|---------|-----------------------------------------------------------|
-| name       | str   | yes      |         | the dabase name                                           |
-| state      | str   | no       | present | if state is `absent` the database is deleted              |
+| Name  | Type | Required | Default | Comment                                      |
+| ----- | ---- | -------- | ------- | -------------------------------------------- |
+| name  | str  | yes      |         | the dabase name                              |
+| state | str  | no       | present | if state is `absent` the database is deleted |
 
 Example:
 
@@ -83,8 +85,8 @@ Example:
         privileges:
           - 'myappli.*:ALL'
     mariadb_databases:
-      - myappli
-    mariadb_config:  
+      - name: myappli
+    mariadb_config:
       server-id: 1
       bind-address: 0.0.0.0
   roles:
@@ -95,10 +97,10 @@ Example:
 
 ### Test with molecule and docker
 
-* install [docker](https://docs.docker.com/engine/installation/)
-* install `python3` and `python3-pip`
-* install molecule and dependencies `pip3 install molecule 'molecule[docker]' docker ansible-lint testinfra yamllint`
-* run `molecule test`
+- install [docker](https://docs.docker.com/engine/installation/)
+- install `python3` and `python3-pip`
+- install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint`
+- run `molecule test`
 
 ## License
 

defaults/main.yml

@@ -1,13 +1,13 @@
 ---
-mariadb_use_official_repository: yes
-mariadb_branch: 10.3
+mariadb_use_official_repository: true
+mariadb_branch: 10.6
 mariadb_repository: |
   deb http://mariadb.mirrors.ovh.net/MariaDB/repo/{{ mariadb_branch }}/debian {{ ansible_distribution_release }} main
 mariadb_repository_key_id: '0xF1656F24C74CD1D8'
-mariadb_repository_key_server: keyserver.ubuntu.com
+mariadb_repository_key_server: hkp://keyserver.ubuntu.com:80
 mariadb_user: root
-mariadb_master: no
-mariadb_autorestart: no
+mariadb_master: false
+mariadb_autorestart: false
 mariadb_users: []
 mariadb_databases: []
 mariadb_config: {}
@@ -47,4 +47,4 @@ mariadb_default_config:
     max_binlog_size: 100M
     character-set-server: utf8mb4
     collation-server: utf8mb4_general_ci
-mariadb_full_config: '{{ mariadb_default_config|combine(mariadb_config, recursive=True) }}'
+mariadb_full_config: '{{ mariadb_default_config | combine(mariadb_config, recursive=True) }}'

handlers/main.yml

@@ -1,6 +1,6 @@
 ---
-- name: restart mariadb
-  service:
+- name: Restart mariadb
+  ansible.builtin.service:
     name: mysql
     state: restarted
   when: mariadb_autorestart|bool

meta/main.yml

@@ -1,17 +1,18 @@
 ---
 galaxy_info:
   role_name: mariadb
+  namespace: nishiki
   author: Adrien Waksberg
   company: Adrien Waksberg
   description: Install and configure mariadb
   license: Apache2
-  min_ansible_version: 2.8
+  min_ansible_version: "2.9"
 
   platforms:
     - name: Debian
       versions:
-        - stretch
-        - buster
+        - bullseye
+        - bookworm
 
   galaxy_tags:
     - database

molecule/default/converge.yml

@@ -1,6 +1,8 @@
 ---
 - name: Converge
   hosts: all
+  roles:
+    - ansible-role-mariadb
   vars:
     mariadb_password: secret
     mariadb_autorestart: yes
@@ -19,5 +21,8 @@
         password: test
         privileges:
           - 'test.*:ALL'
-  roles:
-    - ansible-role-mariadb
+
+  pre_tasks:
+    - name: update apt cache
+      ansible.builtin.apt:
+        update_cache: true

molecule/default/molecule.yml

@@ -2,17 +2,23 @@
 driver:
   name: docker
 platforms:
-  - name: debian10
-    image: nishiki/debian10:molecule
+  - name: debian12
+    image: code.waks.be/nishiki/molecule:debian12
     privileged: true
     volumes:
-      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
     command: /bin/systemd
     capabilities:
       - SYS_ADMIN
+provisioner:
+  inventory:
+    host_vars:
+      debian12:
+        mariadb_use_official_repository: false
 lint: |
   set -e
   yamllint .
-  ansible-lint
+  ansible-lint .
 verifier:
   name: testinfra

molecule/default/tests/test_default.py

@@ -2,7 +2,7 @@ import os, re
 import testinfra.utils.ansible_runner
 
 def test_packages(host):
-  for package_name in ['mariadb-server', 'python-mysqldb']:
+  for package_name in ['mariadb-server', 'python3-mysqldb']:
     package = host.package(package_name)
     assert package.is_installed
 
@@ -42,7 +42,7 @@ def test_root_user(host):
 
 def test_grant_access(host):
   result = host.check_output('mysql -uroot -psecret -e "show grants for toto@\'%\'"')
-  assert "GRANT ALL PRIVILEGES ON `test`.* TO 'toto'@'%'" in result
+  assert "GRANT ALL PRIVILEGES ON `test`.* TO `toto`@`%`" in result
 
 def test_logbin_enabled(host):
   result = host.check_output('mysql -uroot -psecret -e "show variables where variable_name = \'log_bin\'"')

tasks/initdb.yml

@@ -1,6 +1,6 @@
 ---
-- name: create the data directory
-  file:
+- name: Create the data directory
+  ansible.builtin.file:
     path: '{{ mariadb_full_config.mysqld.datadir }}'
     owner: '{{ mariadb_full_config.mysqld.user }}'
     group: root
@@ -8,8 +8,8 @@
     state: directory
   tags: mariadb
 
-- name: initialize database
-  command:
+- name: Initialize database  # noqa no-changed-when
+  ansible.builtin.command:
   args:
     argv:
       - mysql_install_db
@@ -17,37 +17,34 @@
       - '--user={{ mariadb_full_config.mysqld.user }}'
       - '--skip-name-resolve'
       - '--no-defaults'
-  when: True
   tags: mariadb
 
-- name: start mariadb
-  systemd:
+- name: Start mariadb
+  ansible.builtin.service:
     name: mysql
     state: started
   tags: mariadb
 
-- name: wait mysql start
-  pause:
+- name: Wait mysql start
+  ansible.builtin.pause:
     seconds: 5
   tags: mariadb
 
-- name: set root password
-  command: 'mysqladmin -u root password {{ mariadb_password }}'
-  when: True
+- name: Set root password  # noqa no-changed-when
+  ansible.builtin.command: 'mysqladmin -u root password {{ mariadb_password }}'
   tags: mariadb
 
-- name: remove anonymous users
-  mysql_user:
+- name: Remove anonymous users
+  community.mysql.mysql_user:
     name: ''
-    host_all: yes
+    host_all: true
     state: absent
     login_user: '{{ mariadb_user }}'
     login_password: '{{ mariadb_password }}'
-  no_log: true
   tags: mariadb
 
-- name: remove root user without password
-  mysql_user:
+- name: Remove root user without password
+  community.mysql.mysql_user:
     name: root
     host: '{{ item }}'
     state: absent
@@ -57,5 +54,4 @@
     - 127.0.0.1
     - '::1'
     - '{{ ansible_nodename }}'
-  no_log: true
   tags: mariadb

tasks/main.yml

@@ -1,69 +1,79 @@
 ---
-- import_tasks: repo.yml
-  when: mariadb_use_official_repository|bool
-
-- name: install package
-  package:
-    name: '{{ packages }}'
-  vars:
-    packages:
-      - mariadb-server
-      - python-mysqldb
+- name: Install dependencies packages
+  ansible.builtin.package:
+    name:
+      - gpg
       - python3-mysqldb
   retries: 2
   register: result
   until: result is succeeded
   tags: mariadb
 
-- name: copy configuration file
-  template:
+- name: Install official repository
+  ansible.builtin.import_tasks: repo.yml
+  when: mariadb_use_official_repository|bool
+
+- name: Install package
+  ansible.builtin.package:
+    name:
+      - mariadb-server
+  retries: 2
+  register: result
+  until: result is succeeded
+  tags: mariadb
+
+- name: Copy configuration file
+  ansible.builtin.template:
     src: my.cnf.j2
     dest: /etc/mysql/my.cnf
     owner: root
     group: root
     mode: 0644
-  notify: restart mariadb
+  notify: Restart mariadb
   tags: mariadb
 
-- name: check if datadir exist
-  stat:
-    path: '{{ mariadb_full_config.mysqld.datadir }}'
+- name: Check if datadir exist
+  ansible.builtin.stat:
+    path: "{{ mariadb_full_config.mysqld.datadir }}"
   register: st
   tags: mariadb
 
-- import_tasks: initdb.yml
+- name: Initialize the database
+  ansible.builtin.import_tasks: initdb.yml
   when: not st.stat.exists
 
-- name: enable and start the service
-  service:
+- name: Enable and start the service
+  ansible.builtin.service:
     name: mysql
     state: started
-    enabled: yes
+    enabled: true
   tags: mariadb
 
-- name: manage users
-  mysql_user:
-    name: '{{ item.name }}'
-    host: '{{ item.host }}'
-    password: '{{ item.password }}'
-    priv: '{{ item.privileges|default("")|join(",") }}'
-    state: '{{ item.state|default("present") }}'
-    login_user: '{{ mariadb_user }}'
-    login_password: '{{ mariadb_password }}'
-  loop: '{{ mariadb_users }}'
+- name: Manage users
+  community.mysql.mysql_user:
+    name: "{{ item.name }}"
+    host: "{{ item.host }}"
+    password: "{{ item.password }}"
+    priv: "{{ item.privileges | default('') | join('/') }}"
+    state: "{{ item.state | default('present') }}"
+    login_user: "{{ mariadb_user }}"
+    login_password: "{{ mariadb_password }}"
+  loop: "{{ mariadb_users }}"
+  loop_control:
+    label: "{{ item.name }}@{{ item.host }}"
   run_once: true
-  no_log: true
   when: mariadb_master|bool
   tags: mariadb
 
-- name: manage databases
-  mysql_db:
-    name: '{{ item.name }}'
-    state: '{{ item.state|default("present") }}'
-    login_user: '{{ mariadb_user }}'
-    login_password: '{{ mariadb_password }}'
-  loop: '{{ mariadb_databases }}'
+- name: Manage databases
+  community.mysql.mysql_db:
+    name: "{{ item.name }}"
+    state: "{{ item.state | default('present') }}"
+    login_user: "{{ mariadb_user }}"
+    login_password: "{{ mariadb_password }}"
+  loop: "{{ mariadb_databases }}"
+  loop_control:
+    label: "{{ item.name }}"
   run_once: true
-  no_log: true
   when: mariadb_master|bool
   tags: mariadb

tasks/repo.yml

@@ -1,14 +1,10 @@
 ---
-- name: add gpg key for mariadb repository
-  apt_key:
-    keyserver: '{{ mariadb_repository_key_server }}'
-    id: '{{ mariadb_repository_key_id }}'
-  retries: 2
-  register: result
-  until: result is succeeded
+- name: Add gpg key for mariadb repository
+  ansible.builtin.apt_key:
+    url: https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY
   tags: mariadb
 
-- name: add official repo
-  apt_repository:
-    repo: '{{ mariadb_repository }}'
+- name: Add official repo
+  ansible.builtin.apt_repository:
+    repo: "{{ mariadb_repository }}"
   tags: mariadb