From f3b742389eebf5cf2cab8519714a4b028e7036c6 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Thu, 20 Oct 2016 22:34:19 +0300
Subject: [PATCH] - Forked from ansible-role-example. - Added test for SNI
support. - Added OpenBSD 5.6, Debian Jessie and Ubuntu Trusty and Xenial as
test platforms. - Add symlink to pip on OpenBSD so that the pip Ansible
module works without specifying the path to the executable. - Install
packages that add support for SSL SNI on versions older than 2.7.9.
---
README.rst | 8 +++-----
defaults/main.yml | 2 +-
handlers/main.yml | 2 +-
meta/main.yml | 17 +++++++++++++----
molecule.yml | 12 ++++++++++--
tasks/main.yml | 27 ++++++++++++++++++++++++---
tasks/pip_symlink.yml | 14 ++++++++++++++
tasks/sni.yml | 29 +++++++++++++++++++++++++++++
tests/playbook.yml | 12 +++++++++---
tests/test_sni.py | 8 ++++++++
vars/main.yml | 2 +-
11 files changed, 113 insertions(+), 20 deletions(-)
create mode 100644 tasks/pip_symlink.yml
create mode 100644 tasks/sni.yml
create mode 100644 tests/test_sni.py
diff --git a/README.rst b/README.rst
index 06fb1d6..dc0b893 100644
--- a/README.rst
+++ b/README.rst
@@ -1,9 +1,7 @@
-Example
-#######
+Python 2.7
+##########
-An (empty) example Ansible role complete with working tests out of the box. For
-more information read the `blog post
-<https://www.shore.co.il/blog/ansible-example-role/>`_.
+Install Python 2.7, pip and packages to enable SSL SNI support (if needed).
Requirements
------------
diff --git a/defaults/main.yml b/defaults/main.yml
index 25ca86f..ec34262 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,2 +1,2 @@
---
-# defaults file for ansible-role-example
+# defaults file for ansible-role-python27
diff --git a/handlers/main.yml b/handlers/main.yml
index 1d74a03..6c671a6 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,2 +1,2 @@
---
-# handlers file for ansible-role-example
+# handlers file for ansible-role-python27
diff --git a/meta/main.yml b/meta/main.yml
index ba13102..b816f20 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -7,9 +7,18 @@ galaxy_info:
platforms:
- name: OpenBSD
versions:
+ - 5.6
+ - 5.7
+ - 5.8
- 5.9
+ - 6.0
+ - name: Debian
+ versions:
+ - jessie
+ - stretch
+ - name: Ubuntu
+ versions:
+ - trusty
+ - xenial
galaxy_tags: [ ansible ]
-dependencies:
- - src: https://www.shore.co.il/git/ansible-role-openbsd-bootstrap
- scm: git
- role: openbsd_bootstrap
+dependencies: []
diff --git a/molecule.yml b/molecule.yml
index a62eaa4..cc6f67e 100644
--- a/molecule.yml
+++ b/molecule.yml
@@ -13,10 +13,18 @@ vagrant:
- name: virtualbox
type: virtualbox
platforms:
- - name: openbsd
+ - name: openbsd56
+ box: tmatilai/openbsd-5.6
+ - name: openbsd60
box: kaorimatz/openbsd-6.0-amd64
+ - name: trusty
+ box: ubuntu/trusty64
+ - name: xenial
+ box: ubuntu/xenial64
+ - name: jessie
+ box: debian/jessie64
instances:
- - name: ansible-role-example
+ - name: ansible-role-python27
options:
append_platform_to_hostname: yes
raw_config_args:
diff --git a/tasks/main.yml b/tasks/main.yml
index d519beb..3376419 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,8 +1,29 @@
---
-# tasks file for ansible-role-example
+# tasks file for ansible-role-python27
- name: Assertions
assert:
that:
- - ansible_os_family == 'OpenBSD'
- - ansible_distribution_release == '6.0'
+ - ansible_os_family in ['OpenBSD', 'Debian']
+ - ansible_distribution_release in ['5.6', '5.7', '5.8', '5.9', '6.0', 'trusty', 'xenial', 'jessie', 'stretch']
+
+- name: APT install
+ when: ansible_pkg_mgr == 'apt'
+ apt:
+ name: python-pip
+ state: present
+ update_cache: yes
+ cache_valid_time: 3600
+
+- name: pkg add
+ when: ansible_pkg_mgr == 'openbsd_pkg'
+ openbsd_pkg:
+ name: py-pip
+ state: present
+ register: python27_pkg_add_pip
+
+- include: pip_symlink.yml
+ when: ansible_os_family == 'OpenBSD'
+
+- include: sni.yml
+ when: ansible_python_version|version_compare('2.7.9', '<')
diff --git a/tasks/pip_symlink.yml b/tasks/pip_symlink.yml
new file mode 100644
index 0000000..74aad8a
--- /dev/null
+++ b/tasks/pip_symlink.yml
@@ -0,0 +1,14 @@
+---
+- name: Check at which path the pip executable is installed
+ stat:
+ path: /usr/local/bin/pip-2.7
+ register: python27_stat_pip
+
+- name: Symlink pip
+ file:
+ path: /usr/bin/pip
+ src: '{{ "/usr/local/bin/pip-2.7" if python27_stat_pip.stat.exists else "/usr/local/bin/pip2.7" }}'
+ state: link
+ owner: root
+ group: 0
+ mode: 0o0755
diff --git a/tasks/sni.yml b/tasks/sni.yml
new file mode 100644
index 0000000..880c34a
--- /dev/null
+++ b/tasks/sni.yml
@@ -0,0 +1,29 @@
+---
+- name: APT install SSL SNI pre-requisites
+ when: ansible_pkg_mgr == 'apt'
+ apt:
+ name: [python2.7-dev, libssl-dev, libffi-dev]
+ state: present
+ update_cache: yes
+ cache_valid_time: 3600
+ force: yes
+
+- name: pkg add SSL SNI pre-requisites
+ when: ansible_pkg_mgr == 'openbsd_pkg'
+ openbsd_pkg:
+ name: py-openssl
+ state: present
+
+- name: pip install SSL SNI support
+ with_items:
+ - setuptools[certs]>=28.1.0
+ - pip>=7
+ - urllib3[secure]>=1.11
+ - ndg-httpsclient>=0.4.0
+ pip:
+ name: '{{ item }}'
+ state: present
+
+# Include again in case the pip executable has changed during the SNI tasks.
+- include: pip_symlink.yml
+ when: ansible_os_family == 'OpenBSD'
diff --git a/tests/playbook.yml b/tests/playbook.yml
index e739a2b..ff1e515 100644
--- a/tests/playbook.yml
+++ b/tests/playbook.yml
@@ -1,5 +1,11 @@
---
+- hosts: ansible-role-python27-openbsd*
+ gather_facts: False
+ roles: [ansible-role-openbsd-bootstrap]
+
+- hosts: ansible-role-python27-xenial
+ gather_facts: False
+ roles: [ansible-role-debian-bootstrap]
+
- hosts: all
- gather_facts: false
- roles:
- - role: ansible-role-example
+ roles: [ansible-role-python27]
diff --git a/tests/test_sni.py b/tests/test_sni.py
new file mode 100644
index 0000000..3f90cb2
--- /dev/null
+++ b/tests/test_sni.py
@@ -0,0 +1,8 @@
+import pytest
+
+
+@pytest.mark.parametrize('error', ['InsecureRequestWarning',
+ 'InsecurePlatformWarning',
+ 'SNIMissingWarning'])
+def test_sni(Command, error):
+ assert error not in Command('pip install nonexistant-package').stderr
diff --git a/vars/main.yml b/vars/main.yml
index 2417503..5bbce1b 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,2 +1,2 @@
---
-# vars file for ansible-role-example
+# vars file for ansible-role-python27
--
GitLab