Merge pull request #7 from fidanf/ansible-lint-v5

Ansible lint v5 + CI refactoring

Author: fidanf

.ansible-lint

@@ -1,17 +1,17 @@
+---
 # https://docs.ansible.com/ansible-lint/rules/default_rules.html
+exclude_paths: 
+  - ../.ansible/roles/
+  - .cache/
+  - .github/
+verbosity: 1
 use_default_rules: true
 skip_list:
-  - '106' # Role names are now limited to contain only lowercase alphanumeric characters, plus ‘_’ and start with an alpha character   
-  - '204' # Lines should be no longer than 160 chars
-  - '201' # Trailing whitespace
-  - '301' # Commands should not change things if nothing needs doing
-  - '303' # Using command rather than module
-  - '305' # Use shell only when shell functionality is required
-  - '501' # become_user requires become to work as expected
-  - '701' # meta/main.yml should contain relevant info
-  - '503' # Tasks that run when changed should likely be handlers
-  - '602' # Don't compare to empty string
-verbosity: 1
-exclude_paths: 
-  - ../.ansible/roles
-  - tasks/main.yml
+  - command-instead-of-shell
+  - no-changed-when
+  - no-handler
+  - empty-string-compare
+  - ignore-errors
+  - var-naming
+warn_list:
+  - no-log-password

.travis.yml

@@ -1,42 +1,35 @@
 ---
 os: linux
-dist: bionic
-language: shell
+dist: focal
+language: python
+python:
+  - 3.8
 
 env:
   global:
-    - VAGRANT_DEFAULT_PROVIDER=libvirt
-    - ROLE_PATH=$TRAVIS_BUILD_DIR
-    - PY_COLORS=1
+    - VAGRANT_DEFAULT_PROVIDER: libvirt
+    - PY_COLORS: 1
   jobs:
     - MOLECULE_DISTRO: generic/ubuntu1804
     - MOLECULE_DISTRO: generic/debian10
 
-services:
-  - docker
-
 cache:
   directories:
     - /home/travis/.vagrant.d/boxes
-    - /home/travis/.cache/pipenv
+    - /home/travis/.cache/pip
 
 before_install:
   - |
-    curl -Os https://releases.hashicorp.com/vagrant/2.2.14/vagrant_2.2.14_x86_64.deb
-    curl -Os https://releases.hashicorp.com/vagrant/2.2.14/vagrant_2.2.14_SHA256SUMS
-    curl -Os https://releases.hashicorp.com/vagrant/2.2.14/vagrant_2.2.14_SHA256SUMS.sig
-    gpg --receive-key 51852D87348FFC4C
-    gpg --verify vagrant_2.2.14_SHA256SUMS.sig vagrant_2.2.14_SHA256SUMS
-    sha256sum -c vagrant_2.2.14_SHA256SUMS 2>&1 | grep OK
-    sudo apt-get update && sudo apt-get install -y bridge-utils dnsmasq-base ebtables libvirt-bin libvirt-dev qemu-kvm qemu-utils ruby-dev
-    sudo dpkg -i vagrant_2.2.14_x86_64.deb
-    sudo vagrant plugin install vagrant-libvirt
-    rm -rf vagrant_2.2.14_*
+    curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
+    sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
+    sudo apt-get update && sudo apt-get install vagrant
+    sudo apt-get install -y build-essential qemu-kvm qemu-utils libvirt-dev libvirt-daemon-system libvirt-clients bridge-utils virtinst virt-manager dnsmasq
+    CONFIGURE_ARGS="with-libvirt-include=/usr/share/libvirt with-libvirt-lib=/usr/lib64" sudo vagrant plugin install vagrant-libvirt
+  - |
+    sudo -H pip install --upgrade pip
+    sudo -H pip install --upgrade --ignore-installed --requirement requirements.txt
   - |
-    sudo apt-get -y purge python3-openssl && sudo apt-get -y autoremove
-    sudo apt-get update && sudo apt-get install -y ca-certificates curl gcc iproute2 pwgen python3 python3-dev sudo
-    curl -skL https://bootstrap.pypa.io/get-pip.py | sudo -H python3
-    sudo -H pip3 install --upgrade --ignore-installed --requirement requirements.txt
+    molecule --version
 
 script:
   - sudo -E molecule test

meta/main.yml

@@ -2,6 +2,7 @@
 galaxy_info:
   author: Frank FIDANZA
   company: RG
+  namespace: fidanf
   role_name: pgpool
   description: Installs and configures Pgpool-II
   min_ansible_version: 2.8

molecule/default/collections.yml

@@ -0,0 +1,3 @@
+---
+collections:
+  - community.crypto

molecule/default/converge.yml

@@ -3,11 +3,9 @@
   hosts: pgpool
   gather_facts: yes
   become: yes
-  vars:
-    ansible_python_interpreter: /usr/bin/python3
-    role_path: "{{ lookup('env', 'ROLE_PATH') }}"
+
   roles:
-    - name: "{{ role_path if role_path is defined and role_path else lookup('env', 'HOME') + '/ansible-role-pgpool' }}"
+    - name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}"
       vars:
         pgpool_postgresql_version: 12
         # .pcpass file

molecule/default/molecule.yml

@@ -1,6 +1,9 @@
 ---
 dependency:
   name: galaxy
+  options:
+    role-file: ${MOLECULE_PROJECT_DIRECTORY}/molecule/default/requirements.yml
+    requirements-file: ${MOLECULE_PROJECT_DIRECTORY}/molecule/default/collections.yml
 lint: |
   set -e
   yamllint .
@@ -12,7 +15,7 @@ driver:
 platforms:
   - name: pgsql01
     box: ${MOLECULE_DISTRO:-"generic/debian10"}
-    groups: 
+    groups:
       - pgpool
     config_options:
       ssh.keep_alive: yes
@@ -29,7 +32,7 @@ platforms:
     config_options:
       ssh.keep_alive: yes
       ssh.remote_user: "'vagrant'"
-    groups: 
+    groups:
       - pgpool
     memory: 1024
     cpus: 1
@@ -41,25 +44,20 @@ platforms:
 provisioner:
   name: ansible
   log: true
-  config_options:
-    defaults:
-      callback_whitelist: "profile_tasks,timer"
-      allow_world_readable_tmpfiles: true
-      ansible_python_interpreter: /usr/bin/python3
   inventory:
     host_vars:
       pgsql01:
         # ansible
         ansible_host: 192.168.30.10
         # repmgr
-        repmgr_node_id: 1 
+        repmgr_node_id: 1
         # pgpool
         pgpool_wd_hostname: pgsql01
         pgpool_wd_priority: 1
         # watchdog
         pgpool_heartbeat_destination:
           - hostname: pgsql02
-        pgpool_other_settings: 
+        pgpool_other_settings:
           - hostname: pgsql02
       pgsql02:
         # ansible
@@ -71,5 +69,11 @@ provisioner:
         # watchdog
         pgpool_heartbeat_destination:
           - hostname: pgsql01
-        pgpool_other_settings: 
+        pgpool_other_settings:
           - hostname: pgsql01
+  config_options:
+    defaults:
+      callback_whitelist: "profile_tasks,timer"
+      allow_world_readable_tmpfiles: true
+      interpreter_python: /usr/bin/python3
+      pipelining: true

molecule/default/prepare.yml

@@ -4,68 +4,6 @@
   gather_facts: no
   become: yes
 
-  vars:
-    ansible_python_interpreter: /usr/bin/python3
-    repmgr_version: "5.1"
-    repmgr_master: pgsql01
-    repmgr_target_group: pgpool
-    repmgr_promote_command: /usr/bin/repmgr standby promote -f /etc/repmgr.conf --log-to-file
-    repmgr_follow_command: /usr/bin/repmgr standby follow -f /etc/repmgr.conf --log-to-file --upstream-node-id=%n
-    repmgr_monitoring_history: "yes"
-    repmgr_connection_check_type: query
-    repmgr_log_level: INFO
-    postgresql_version: 12
-    postgresql_listen_addresses: "*"
-    postgresql_port: 5432
-    postgresql_max_connections: 128
-    postgresql_wal_level: "replica"
-    postgresql_max_wal_senders: 10
-    postgresql_max_replication_slots: 10
-    postgresql_wal_keep_segments: 100
-    postgresql_hot_standby: on
-    postgresql_data_checksums: true
-    postgresql_wal_compression: on
-    postgresql_wal_log_hints: on
-    postgresql_ext_install_repmgr: yes
-    postgresql_shared_preload_libraries:
-      - repmgr
-    postgresql_log_checkpoints: on
-    postgresql_log_connections: on
-    postgresql_log_disconnections: on
-    postgresql_log_temp_files: 0
-    # pg_hba.conf
-    postgresql_pg_hba_custom:
-      - { type: "host", database: "replication", user: "{{ repmgr_user }}", address: "192.168.30.0/24", method: "trust" }  
-      - { type: "host", database: "replication", user: "{{ repmgr_user }}", address: "127.0.0.1/32", method: "trust" }  
-      - { type: "host", database: "{{ repmgr_database }}", user: "{{ repmgr_user }}", address: "127.0.0.1/32", method: "trust" }  
-      - { type: "host", database: "{{ repmgr_database }}", user: "{{ repmgr_user }}", address: "192.168.30.0/24", method: "trust" }  
-      - { type: "host", database: "all", user: "postgres", address: "192.168.30.0/24", method: "trust" }
-      - { type: "host", database: "testdb", user: "all", address: "192.168.0.0/16", method: "trust" }
-    # Databases
-    postgresql_databases:
-      - name: "{{ repmgr_database }}"
-        owner: "{{ repmgr_user }}"
-        encoding: "UTF-8"
-      - name: testdb
-        owner: admin
-        encoding: "UTF-8"
-    # Users
-    postgresql_users:
-      - name: "{{ repmgr_user }}"
-        pass: "{{ repmgr_password }}"
-      - name: admin
-        pass: secret # postgresql >=10 does not accept unencrypted passwords
-        encrypted: yes
-    # Roles
-    postgresql_user_privileges:
-      - name: "{{ repmgr_user }}"
-        db: "{{ repmgr_database }}"
-        priv: "ALL"
-        role_attr_flags: "SUPERUSER,REPLICATION"
-      - name: admin
-        db: testdb
-        role_attr_flags: "SUPERUSER"
-
   pre_tasks:
     - name: Wait for SSH
       wait_for_connection:
@@ -97,4 +35,65 @@
       loop: "{{ groups[repmgr_target_group] }}"
 
   roles:
-    - name: fidanf.postgresql-ha
+    - name: fidanf.postgresql_ha
+      vars:
+        repmgr_version: 5.2
+        repmgr_version_debian: 5.2.1-1.pgdg100+1
+        repmgr_master: pgsql01
+        repmgr_target_group: pgpool
+        repmgr_promote_command: /usr/bin/repmgr standby promote -f /etc/repmgr.conf --log-to-file
+        repmgr_follow_command: /usr/bin/repmgr standby follow -f /etc/repmgr.conf --log-to-file --upstream-node-id=%n
+        repmgr_monitoring_history: "yes"
+        repmgr_connection_check_type: query
+        repmgr_log_level: INFO
+        postgresql_version: 12
+        postgresql_listen_addresses: "*"
+        postgresql_port: 5432
+        postgresql_max_connections: 128
+        postgresql_wal_level: "replica"
+        postgresql_max_wal_senders: 10
+        postgresql_max_replication_slots: 10
+        postgresql_wal_keep_segments: 100
+        postgresql_hot_standby: on
+        postgresql_data_checksums: true
+        postgresql_wal_compression: on
+        postgresql_wal_log_hints: on
+        postgresql_ext_install_repmgr: yes
+        postgresql_shared_preload_libraries:
+          - repmgr
+        postgresql_log_checkpoints: on
+        postgresql_log_connections: on
+        postgresql_log_disconnections: on
+        postgresql_log_temp_files: 0
+        # pg_hba.conf
+        postgresql_pg_hba_custom:
+          - { type: "host", database: "replication", user: "{{ repmgr_user }}", address: "192.168.30.0/24", method: "trust" }  
+          - { type: "host", database: "replication", user: "{{ repmgr_user }}", address: "127.0.0.1/32", method: "trust" }  
+          - { type: "host", database: "{{ repmgr_database }}", user: "{{ repmgr_user }}", address: "127.0.0.1/32", method: "trust" }  
+          - { type: "host", database: "{{ repmgr_database }}", user: "{{ repmgr_user }}", address: "192.168.30.0/24", method: "trust" }  
+          - { type: "host", database: "all", user: "postgres", address: "192.168.30.0/24", method: "trust" }
+          - { type: "host", database: "testdb", user: "all", address: "192.168.0.0/16", method: "trust" }
+        # Databases
+        postgresql_databases:
+          - name: "{{ repmgr_database }}"
+            owner: "{{ repmgr_user }}"
+            encoding: "UTF-8"
+          - name: testdb
+            owner: admin
+            encoding: "UTF-8"
+        # Users
+        postgresql_users:
+          - name: "{{ repmgr_user }}"
+            pass: "{{ repmgr_password }}"
+          - name: admin
+            pass: secret # postgresql >=10 does not accept unencrypted passwords
+            encrypted: yes
+        # Roles
+        postgresql_user_privileges:
+          - name: "{{ repmgr_user }}"
+            db: "{{ repmgr_database }}"
+            priv: "ALL"
+            role_attr_flags: "SUPERUSER,REPLICATION"
+          - name: admin
+            db: testdb
+            role_attr_flags: "SUPERUSER"

molecule/default/requirements.yml

@@ -1,4 +1,5 @@
 ---
-- src: https://github.com/fidanf/ansible-role-postgresql-ha
-  name: fidanf.postgresql-ha
-  version: master
+roles:
+  - src: https://github.com/fidanf/ansible-role-postgresql-ha
+    name: fidanf.postgresql_ha
+    version: 2.4.2

requirements.txt

@@ -1,14 +1,14 @@
 ansible>=2.10.7,<2.11.0
-molecule==3.2.0
+molecule
 molecule-vagrant==0.6.1
-ansible-lint==4.3.7
-yamllint==1.26.0
+pyyaml<6,>=5.1
+ansible-lint
+yamllint
 python-vagrant
 docker
 docker-compose
 netaddr
 dnspython
 cryptography
 jsondiff
-pyyaml
 pyOpenSSL