Merge branch 'master' of /home/nimrod/Documents/Shore/Ansible/example

# Conflicts:
#	README.rst
#	defaults/main.yml
#	handlers/main.yml
#	molecule.yml
#	tasks/main.yml
#	tests/playbook.yml
#	vars/main.yml

.pre-commit-config.yaml

@@ -8,7 +8,7 @@
     -   id: check-merge-conflict
     -   id: flake8
     -   id: check-symlinks
--   repo: https://www.shore.co.il/git/ansible-pre-commit
+-   repo: https://github.com/adarnimrod/ansible-pre-commit.git
     sha: 0fadd691465b97db8992cfc66650f630e433324b
     hooks:
     -   id: ansible-syntax-check

.travis.yml

+---
+language: python
+python: "2.7"
+dist: trusty
+sudo: false
+group: beta
+services: [docker]
+cache:
+  - pip
+  - directories:
+      - $HOME/.pre-commit
+
+install:
+  - pip install -r tests/requirements.txt | cat
+  - ansible-galaxy install git+file://$(pwd),$(git rev-parse --abbrev-ref HEAD) -p .molecule/roles
+  - molecule dependency
+
+script:
+  - pre-commit run --all-files
+  - molecule test --driver docker
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/
+  email: false

README.rst

 MySQL
 #####
 
-An Ansible role to install and configure a MySQL server. The role creates an
-admin account, force SSL usage, configures UFW and daily backup.
+.. image:: https://travis-ci.org/adarnimrod/mysql.svg?branch=master
+    :target: https://travis-ci.org/adarnimrod/mysql
+
+Provision a MySQL server. This role will optionally configure SSL, an admin
+account, unique server-id, log to syslog, daily backups and a mail alias.
+Configuration templates can be placed inside :code:`templates/mysql/conf.d/`
+either inside the role or relative to the playbook. Other configuration is out
+of scope for this role and are left to user using the configuration templates.
 
 Requirements
 ------------
 
-See :code:`meta/main.yml`, :code:`requirements.yml` and assertions at top of
-:code:`tasks/main.yml`.
-
-Adding the role as a dependency
--------------------------------
-
-Add the following to your :code:`meta/main.yml`:
-
-.. code:: yaml
-
-    dependencies:
-    - src: https://www.shore.co.il/git/ansible-role-example
-      scm: git
-      name: example
-
-When :code: `ansible-galaxy` downloads your role it will also download its
-dependencies, ensuring this role will be present and run everytime your role
-runs.
-
-Adding the role to your playbooks
----------------------------------
-
-Add the following to your :code:`requirements.yml`:
-
-.. code:: yaml
-
-    - src: https://www.shore.co.il/git/ansible-role-example
-      scm: git
-      name: example
-
-and update your roles by running :code: `ansible-galaxy install -r
-requirements.yml`.
+See :code:`meta/main.yml` and assertions at the top of :code:`tasks/main.yml`.
 
 Role Variables
 --------------
@@ -58,19 +33,20 @@ See :code:`tests/playbook.yml`.
 Testing
 -------
 
-Testing requires Virtualbox and Vagrant (out of scope for this documentation).
-Install the Python dependencies, add pre-commit hooks by running:
+Testing requires Python 2.7 and either Docker or Vagrant and Virtualbox.
+Install the Python dependencies, dependent roles and roles required for
+testing:
 
 .. code:: shell
 
     pip install -r tests/requirements.txt
-    pre-commit install
+    ansible-galaxy install git+file://$(pwd),$(git rev-parse --abbrev-ref HEAD) -p .molecule/roles
+    molecule dependency
 
 To run the full test suite:
 
 .. code:: shell
 
-    ansible-galaxy install git+file://$(pwd),$(git rev-parse --abbrev-ref HEAD) -p .molecule/roles
     pre-commit run --all-files
     molecule test --platform all
 
@@ -91,5 +67,4 @@ at: https://www.shore.co.il/git/.
 TODO
 ----
 
-- Backup script.
 - Testing.

ansible.cfg

@@ -5,6 +5,7 @@ retry_files_enabled = False
 roles_path = .molecule/roles:.molecule/../roles:../:../../
 command_warnings = True
 deprecation_warnings = True
+callback_whitelist = profile_tasks
 
 [ssh_connection]
 pipelining = True

defaults/main.yml

 ---
-# defaults file for ansible-role-mysql
+# defaults file for mysql
 
 mysql_admin_password:
-mysql_tls_key: /etc/ssl/private/ssl-cert-snakeoil.key
-mysql_tls_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
+mysql_tls_key:
+mysql_tls_cert:
 mysql_mail_alias: root
 mysql_serverid: '{{ ansible_default_ipv4["address"]|ipaddr("int") }}'

handlers/main.yml

 ---
-# handlers file for ansible-role-mysql
+# handlers file for mysql
 
 - name: Restart MySQL
   service:

molecule.yml

@@ -5,15 +5,19 @@ ansible:
   diff: True
   config_file: ../ansible.cfg
 
+dependency:
+  name: galaxy
+  requirements_file: tests/requirements.yml
+
 vagrant:
   providers:
   - name: virtualbox
     type: virtualbox
   platforms:
-  - name: debian
+  - name: jessie
     box: debian/jessie64
   instances:
-  - name: ansible-role-mysql
+  - name: mysql
     options:
         append_platform_to_hostname: yes
   raw_config_args:
@@ -21,3 +25,17 @@ vagrant:
   - 'vbguest.auto_update = false'
   - 'landrush.enabled = false'
   - 'landrush_ip.override = false'
+
+docker:
+  containers:
+  - name: mysql-jessie
+    image: debian
+    image_version: jessie
+    command: /sbin/init
+    privileged: True
+    volume_mounts:
+      - /sys/fs/cgroup:/sys/fs/cgroup
+      - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
+    environment:
+        DEBIAN_FRONTEND: noninteractive
+        container: docker

tasks/backup.yml

 ---
+# tasks file for mysql backup
+
 - name: APT install cron
   apt:
       name: cron
@@ -10,7 +12,7 @@
   mysql_user:
     login_password: '{{ mysql_root_password|default(omit) }}'
     name: backup
-    host: '%'
+    host: localhost
     password: '{{ mysql_backup_password }}'
     priv: '*.*:SELECT,FILE,RELOAD,REPLICATION CLIENT'
     state: present

tasks/main.yml

 ---
-# tasks file for ansible-role-mysql
+# tasks file for mysql
+
 - name: Assertions
   assert:
     that:
         - ansible_os_family == 'Debian'
-        - ansible_distribution_release in ['wheezy', 'jessie', 'stretch', 'precise', 'trusty', 'xenial']
+        - ansible_distribution_release in mysql_version
 
 - name: Get groups
   getent:

templates/mysql/conf.d/serverid.cnf

 [mysqld]
+{% if mysql_serverid is defined %}
 server-id = {{ mysql_serverid }}
+{% endif %}

tests/playbook.yml

 ---
 - hosts: all
+  strategy: free
   roles:
-    - role: ansible-role-mysql
+    - role: mysql
       mysql_root_password: qwer12345
       mysql_backup_password: backup
       mysql_admin_password: admin
+      mysql_tls_key: /etc/ssl/private/ssl-cert-snakeoil.key
+      mysql_tls_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem

tests/requirements.txt

 ansible==2.2.0.0
-testinfra==1.4.3
-molecule==1.13.0
-ansible-lint==3.4.4
-pre-commit==0.9.3
+testinfra==1.4.5
+molecule==1.16.1
+ansible-lint==3.4.8
+pre-commit==0.9.4
 piprot==0.9.7
+python-vagrant==0.5.14
+docker-py==1.10.6

tests/requirements.yml

 ---
-- src: https://www.shore.co.il/git/ansible-role-openbsd-bootstrap
-  scm: git
-  name: openbsd_bootstrap
-- src: https://www.shore.co.il/git/ansible-role-debian-bootstrap
-  scm: git
-  name: debian_bootstrap
+- src: adarnimrod.openbsd-bootstrap
+  name: openbsd-bootstrap
+- src: adarnimrod.debian-bootstrap
+  name: debian-bootstrap

tests/test_example.py

+from testinfra.utils.ansible_runner import AnsibleRunner
+
+testinfra_hosts = AnsibleRunner('.molecule/ansible_inventory').get_hosts('all')
+
+
 def test_example(Command):
     assert Command('uname').rc == 0
 
 
 def test_root(Command, Sudo):
     with Sudo():
-        assert Command('whoami').stdout == 'root'
+        assert Command('whoami').stdout.strip() == 'root'

vars/main.yml

 ---
-# vars file for ansible-role-mysql
+# vars file for mysql
+
 mysql_version:
     precise: 5.5
     trusty: 5.5