diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 23a96ee20ab82a6bdaafd404d4978e2f5c142201..cd376053f41bd26de20304fa5e2316eb050eabb6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -8,7 +8,7 @@ - id: check-merge-conflict - id: flake8 - id: check-symlinks -- repo: https://www.shore.co.il/git/ansible-pre-commit +- repo: https://github.com/adarnimrod/ansible-pre-commit.git sha: 0fadd691465b97db8992cfc66650f630e433324b hooks: - id: ansible-syntax-check diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000000000000000000000000000000000000..abc583a44f62a169059b177cabed55bfe3ab9183 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,24 @@ +--- +language: python +python: "2.7" +dist: trusty +sudo: false +group: beta +services: [docker] +cache: + - pip + - directories: + - $HOME/.pre-commit + +install: + - pip install -r tests/requirements.txt | cat + - ansible-galaxy install git+file://$(pwd),$(git rev-parse --abbrev-ref HEAD) -p .molecule/roles + - molecule dependency + +script: + - pre-commit run --all-files + - molecule test --driver docker + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ + email: false diff --git a/README.rst b/README.rst index f3f5499025c4b4d02a80367954f4fe9bc5ad6f33..85e8b8dc8109f41eceddaa87713cf4697dc739b2 100644 --- a/README.rst +++ b/README.rst @@ -1,44 +1,19 @@ MySQL ##### -An Ansible role to install and configure a MySQL server. The role creates an -admin account, force SSL usage, configures UFW and daily backup. +.. image:: https://travis-ci.org/adarnimrod/mysql.svg?branch=master + :target: https://travis-ci.org/adarnimrod/mysql + +Provision a MySQL server. This role will optionally configure SSL, an admin +account, unique server-id, log to syslog, daily backups and a mail alias. +Configuration templates can be placed inside :code:`templates/mysql/conf.d/` +either inside the role or relative to the playbook. Other configuration is out +of scope for this role and are left to user using the configuration templates. Requirements ------------ -See :code:`meta/main.yml`, :code:`requirements.yml` and assertions at top of -:code:`tasks/main.yml`. - -Adding the role as a dependency -------------------------------- - -Add the following to your :code:`meta/main.yml`: - -.. code:: yaml - - dependencies: - - src: https://www.shore.co.il/git/ansible-role-example - scm: git - name: example - -When :code: `ansible-galaxy` downloads your role it will also download its -dependencies, ensuring this role will be present and run everytime your role -runs. - -Adding the role to your playbooks ---------------------------------- - -Add the following to your :code:`requirements.yml`: - -.. code:: yaml - - - src: https://www.shore.co.il/git/ansible-role-example - scm: git - name: example - -and update your roles by running :code: `ansible-galaxy install -r -requirements.yml`. +See :code:`meta/main.yml` and assertions at the top of :code:`tasks/main.yml`. Role Variables -------------- @@ -58,19 +33,20 @@ See :code:`tests/playbook.yml`. Testing ------- -Testing requires Virtualbox and Vagrant (out of scope for this documentation). -Install the Python dependencies, add pre-commit hooks by running: +Testing requires Python 2.7 and either Docker or Vagrant and Virtualbox. +Install the Python dependencies, dependent roles and roles required for +testing: .. code:: shell pip install -r tests/requirements.txt - pre-commit install + ansible-galaxy install git+file://$(pwd),$(git rev-parse --abbrev-ref HEAD) -p .molecule/roles + molecule dependency To run the full test suite: .. code:: shell - ansible-galaxy install git+file://$(pwd),$(git rev-parse --abbrev-ref HEAD) -p .molecule/roles pre-commit run --all-files molecule test --platform all @@ -91,5 +67,4 @@ at: https://www.shore.co.il/git/. TODO ---- -- Backup script. - Testing. diff --git a/ansible.cfg b/ansible.cfg index 2bc7613f4df5ddc0fe0f2719df832ddfff4bfe62..905e3c64897217cd1b88acde10920ae04c7c6011 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -5,6 +5,7 @@ retry_files_enabled = False roles_path = .molecule/roles:.molecule/../roles:../:../../ command_warnings = True deprecation_warnings = True +callback_whitelist = profile_tasks [ssh_connection] pipelining = True diff --git a/defaults/main.yml b/defaults/main.yml index 6d1103f9efe4c2ac1b1b9e2392beef485b021be4..ed2497cf49fb2223517733bfd1bd51018398e4d3 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,8 +1,8 @@ --- -# defaults file for ansible-role-mysql +# defaults file for mysql mysql_admin_password: -mysql_tls_key: /etc/ssl/private/ssl-cert-snakeoil.key -mysql_tls_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem +mysql_tls_key: +mysql_tls_cert: mysql_mail_alias: root mysql_serverid: '{{ ansible_default_ipv4["address"]|ipaddr("int") }}' diff --git a/handlers/main.yml b/handlers/main.yml index ce3fe1e8f898121475e2e82cce0be29bedc6387f..908e0caff1a9b40836d4872c472474507f471013 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,5 @@ --- -# handlers file for ansible-role-mysql +# handlers file for mysql - name: Restart MySQL service: diff --git a/library/__init__.py b/library/__init__.py new file mode 100644 index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391 diff --git a/molecule.yml b/molecule.yml index 737a7d7f9c8d0c49729f59af4ea9fe74b0d7c1ab..e822822996e4f2d47b08f01ec8bc8db244705f46 100644 --- a/molecule.yml +++ b/molecule.yml @@ -5,15 +5,19 @@ ansible: diff: True config_file: ../ansible.cfg +dependency: + name: galaxy + requirements_file: tests/requirements.yml + vagrant: providers: - name: virtualbox type: virtualbox platforms: - - name: debian + - name: jessie box: debian/jessie64 instances: - - name: ansible-role-mysql + - name: mysql options: append_platform_to_hostname: yes raw_config_args: @@ -21,3 +25,17 @@ vagrant: - 'vbguest.auto_update = false' - 'landrush.enabled = false' - 'landrush_ip.override = false' + +docker: + containers: + - name: mysql-jessie + image: debian + image_version: jessie + command: /sbin/init + privileged: True + volume_mounts: + - /sys/fs/cgroup:/sys/fs/cgroup + - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket + environment: + DEBIAN_FRONTEND: noninteractive + container: docker diff --git a/tasks/backup.yml b/tasks/backup.yml index 9eaaebe6437c42e8a094ff5345722f4cd1065d33..1a80b646d14c6dcb1a16c0d117f6f66f5b7ac749 100644 --- a/tasks/backup.yml +++ b/tasks/backup.yml @@ -1,4 +1,6 @@ --- +# tasks file for mysql backup + - name: APT install cron apt: name: cron @@ -10,7 +12,7 @@ mysql_user: login_password: '{{ mysql_root_password|default(omit) }}' name: backup - host: '%' + host: localhost password: '{{ mysql_backup_password }}' priv: '*.*:SELECT,FILE,RELOAD,REPLICATION CLIENT' state: present diff --git a/tasks/main.yml b/tasks/main.yml index ce2a4dcd6841d6321ba06c97f5d805f663d80278..2bd341bbc1f6cc04250312805095829f78c01ffa 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,10 +1,11 @@ --- -# tasks file for ansible-role-mysql +# tasks file for mysql + - name: Assertions assert: that: - ansible_os_family == 'Debian' - - ansible_distribution_release in ['wheezy', 'jessie', 'stretch', 'precise', 'trusty', 'xenial'] + - ansible_distribution_release in mysql_version - name: Get groups getent: diff --git a/templates/mysql/conf.d/serverid.cnf b/templates/mysql/conf.d/serverid.cnf index 65756add5bf5d8df3bda375a8f0e17a33cfefaa4..8f8da3a1909877a7c8c84aa7282b195f53860da9 100644 --- a/templates/mysql/conf.d/serverid.cnf +++ b/templates/mysql/conf.d/serverid.cnf @@ -1,2 +1,4 @@ [mysqld] +{% if mysql_serverid is defined %} server-id = {{ mysql_serverid }} +{% endif %} diff --git a/tests/playbook.yml b/tests/playbook.yml index 94657d08aa66795c4d87ee87861de78b2fc55887..d4de1a127b8f2528484be281a613202fa87db582 100644 --- a/tests/playbook.yml +++ b/tests/playbook.yml @@ -1,7 +1,10 @@ --- - hosts: all + strategy: free roles: - - role: ansible-role-mysql + - role: mysql mysql_root_password: qwer12345 mysql_backup_password: backup mysql_admin_password: admin + mysql_tls_key: /etc/ssl/private/ssl-cert-snakeoil.key + mysql_tls_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem diff --git a/tests/requirements.txt b/tests/requirements.txt index 0588c359a06c17f6d8a27f8d19be6cf89b2758b8..70cb7661036d9bd7cc73bfb2f4f8978edce7ea4c 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -1,6 +1,8 @@ ansible==2.2.0.0 -testinfra==1.4.3 -molecule==1.13.0 -ansible-lint==3.4.4 -pre-commit==0.9.3 +testinfra==1.4.5 +molecule==1.16.1 +ansible-lint==3.4.8 +pre-commit==0.9.4 piprot==0.9.7 +python-vagrant==0.5.14 +docker-py==1.10.6 diff --git a/tests/requirements.yml b/tests/requirements.yml index 8b9b2bcba3b4459621ff239243ac0375a081f20a..70716f60b9e624bc5a09442517a08667363949f4 100644 --- a/tests/requirements.yml +++ b/tests/requirements.yml @@ -1,7 +1,5 @@ --- -- src: https://www.shore.co.il/git/ansible-role-openbsd-bootstrap - scm: git - name: openbsd_bootstrap -- src: https://www.shore.co.il/git/ansible-role-debian-bootstrap - scm: git - name: debian_bootstrap +- src: adarnimrod.openbsd-bootstrap + name: openbsd-bootstrap +- src: adarnimrod.debian-bootstrap + name: debian-bootstrap diff --git a/tests/test_example.py b/tests/test_example.py index 12d4c7a5294fc8128e8ae695e8afaaa62a002f9b..aaea50030b9784f0528df9b936cf1903d3af5994 100644 --- a/tests/test_example.py +++ b/tests/test_example.py @@ -1,7 +1,12 @@ +from testinfra.utils.ansible_runner import AnsibleRunner + +testinfra_hosts = AnsibleRunner('.molecule/ansible_inventory').get_hosts('all') + + def test_example(Command): assert Command('uname').rc == 0 def test_root(Command, Sudo): with Sudo(): - assert Command('whoami').stdout == 'root' + assert Command('whoami').stdout.strip() == 'root' diff --git a/vars/main.yml b/vars/main.yml index 5536484ca34543c41b0b23bd091f2b5e9088a02b..99edfd4acdc8b60f0b5935ff24065697d94ebe41 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -1,5 +1,6 @@ --- -# vars file for ansible-role-mysql +# vars file for mysql + mysql_version: precise: 5.5 trusty: 5.5