✅ Add Ansible molecule
parent
539dc205f5
commit
ec779b858a
|
@ -0,0 +1,19 @@
|
|||
# Molecule managed
|
||||
|
||||
{% if item.registry is defined %}
|
||||
FROM {{ item.registry.url }}/{{ item.image }}
|
||||
{% else %}
|
||||
FROM {{ item.image }}
|
||||
{% endif %}
|
||||
|
||||
{% if item.env is defined %}
|
||||
{% for var, value in item.env.items() %}
|
||||
{% if value %}
|
||||
ENV {{ var }} {{ value }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y python3 sudo bash ca-certificates iproute2 python-apt-common \
|
||||
&& apt-get clean
|
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
|
||||
scenario:
|
||||
test_sequence:
|
||||
- dependency
|
||||
- syntax
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- idempotence
|
||||
- verify
|
||||
- destroy
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
requirements-file: ../../requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
role_name_check: 1
|
||||
provisioner:
|
||||
name: ansible
|
||||
config_options:
|
||||
defaults:
|
||||
deprecation_warnings: false
|
||||
callback_whitelist: timer,profile_tasks
|
||||
fact_caching: jsonfile
|
||||
fact_caching_connection: ./cache
|
||||
forks: 100
|
||||
connection:
|
||||
pipelining: true
|
||||
playbooks:
|
||||
converge: ../_shared/converge.yml
|
||||
prepare: ../_shared/prepare.yml
|
||||
verify: ../_shared/verify.yml
|
||||
verifier:
|
||||
name: ansible
|
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
|
||||
- name: Converge
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
handlers:
|
||||
- name: Reload nginx
|
||||
ansible.builtin.service:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
tasks:
|
||||
- name: Include role
|
||||
ansible.builtin.include_role:
|
||||
name: "hanxhx.php"
|
||||
post_tasks:
|
||||
- name: TEMPLATE | Nginx site config
|
||||
ansible.builtin.template:
|
||||
src: "../../tests/templates/nginx.conf.j2"
|
||||
dest: "{{ __nginx_conf }}"
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
notify: Reload nginx
|
||||
vars_files:
|
||||
- vars/misc.yml
|
|
@ -0,0 +1,82 @@
|
|||
---
|
||||
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
vars_files:
|
||||
- vars/misc.yml
|
||||
|
||||
handlers:
|
||||
- name: Reload nginx
|
||||
ansible.builtin.service:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
|
||||
tasks:
|
||||
|
||||
- name: INCLUDE_TASKS | Pre tasks related to OS
|
||||
ansible.builtin.include_tasks: "../../tests/includes/pre_{{ ansible_os_family }}.yml"
|
||||
|
||||
- name: USER | Create PHP user
|
||||
ansible.builtin.user:
|
||||
name: 'foo'
|
||||
system: true
|
||||
create_home: false
|
||||
shell: '/usr/sbin/nologin'
|
||||
|
||||
- name: COMMAND | Fix nginx config
|
||||
ansible.builtin.command: "cp {{ __nginx_conf | dirname }}/fastcgi_params {{ __nginx_conf | dirname }}/fastcgi.conf"
|
||||
args:
|
||||
creates: "{{ __nginx_conf | dirname }}/fastcgi.conf"
|
||||
notify: Reload nginx
|
||||
|
||||
- name: LINEINFILE | Fix nginx config (second step)
|
||||
ansible.builtin.lineinfile:
|
||||
regexp: '^fastcgi_param\s+SCRIPT_FILENAME'
|
||||
line: "fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;"
|
||||
dest: "{{ __nginx_conf | dirname }}/fastcgi.conf"
|
||||
notify: Reload nginx
|
||||
|
||||
- name: SERVICE | Ensure nginx is started
|
||||
ansible.builtin.service:
|
||||
name: nginx
|
||||
state: started
|
||||
when: ansible_virtualization_type != 'docker'
|
||||
|
||||
- name: Start nginx if testing with Docker
|
||||
when: ansible_virtualization_type == 'docker'
|
||||
block:
|
||||
|
||||
- name: COMMAND | Docker nginx status
|
||||
ansible.builtin.command: service nginx status
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
register: ngs
|
||||
|
||||
- name: COMMAND | Docker start nginx
|
||||
ansible.builtin.command: service nginx start
|
||||
when: ngs.stdout.find('nginx is not running') != -1
|
||||
|
||||
- name: FILE | Create /var/www
|
||||
ansible.builtin.file:
|
||||
dest: /var/www
|
||||
state: directory
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
|
||||
- name: COPY | Add phpinfo
|
||||
ansible.builtin.copy:
|
||||
dest: /var/www/phpinfo.php
|
||||
content: '<?php phpinfo();'
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
|
||||
- name: COPY | Add ini test file
|
||||
ansible.builtin.copy:
|
||||
dest: /var/www/ini.php
|
||||
content: '<?php echo ini_get("memory_limit") . "\n";'
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
|
@ -0,0 +1,36 @@
|
|||
---
|
||||
|
||||
# Force SysVinit, since systemd won't work in a Docker container
|
||||
ansible_service_mgr: "sysvinit"
|
||||
|
||||
# ----------------------------------------
|
||||
# Copied from {role_dir}/tests/test.yml
|
||||
# ----------------------------------------
|
||||
vhost: 'test.local'
|
||||
php_extra_packages:
|
||||
- '{{ php_package_prefix }}pgsql'
|
||||
php_install_xdebug: true
|
||||
php_autoremove_default_pool: true
|
||||
php_ini_fpm:
|
||||
display_errors: 'Off'
|
||||
php_ini_cli:
|
||||
error_reporting: 'E_ALL'
|
||||
php_fpm_poold:
|
||||
- pool_name: 'test_ansible'
|
||||
listen: '/run/php/php-ansible1.sock'
|
||||
pm: 'dynamic'
|
||||
pm_max_children: 250
|
||||
pm_start_servers: 10
|
||||
pm_min_spare_servers: 10
|
||||
pm_max_spare_servers: 20
|
||||
status_path: '/status'
|
||||
ping_path: '/ping'
|
||||
ping_response: 'ok'
|
||||
- name: 'test_ansible2'
|
||||
user: 'foo'
|
||||
php_env:
|
||||
foo: bar
|
||||
php_value:
|
||||
display_errors: 'Off'
|
||||
php_admin_value:
|
||||
memory_limit: '98M'
|
|
@ -0,0 +1,74 @@
|
|||
---
|
||||
|
||||
- name: Verify
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
vars_files:
|
||||
- vars/misc.yml
|
||||
tasks:
|
||||
|
||||
- name: COMMAND | Test php-cli
|
||||
ansible.builtin.command: php -v
|
||||
changed_when: false
|
||||
|
||||
- name: SHELL | Check vhost
|
||||
ansible.builtin.shell: "set -o pipefail && curl -v -H 'Host: {{ vhost }}' http://127.0.0.1/phpinfo.php 2> /dev/null | grep h1 | grep 'PHP Version'"
|
||||
args:
|
||||
executable: /bin/bash
|
||||
changed_when: false
|
||||
register: c
|
||||
failed_when: c.stdout == ''
|
||||
|
||||
- name: BLOCK | Test explicit version
|
||||
when: php_version is defined
|
||||
block:
|
||||
|
||||
- name: SHELL | Test php-cli (explicit version)
|
||||
ansible.builtin.shell: set -o pipefail && php -i | grep '^PHP Version => {{ php_version }}' | head -n 1
|
||||
changed_when: false
|
||||
register: p
|
||||
failed_when: p.stdout == ''
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
||||
- name: SHELL | Check vhost
|
||||
ansible.builtin.shell: "set -o pipefail && curl -v -H 'Host: {{ vhost }}' http://127.0.0.1/phpinfo.php 2> /dev/null | grep h1 | grep -o 'PHP Version {{ php_version }}' | sed -r 's/<//g'"
|
||||
args:
|
||||
executable: /bin/bash
|
||||
changed_when: false
|
||||
register: c
|
||||
failed_when: c.stdout == ''
|
||||
|
||||
- name: SHELL | Check custom php value
|
||||
ansible.builtin.shell: "curl -H 'Host: {{ vhost }}' http://127.0.0.1/ini.php 2> /dev/null"
|
||||
changed_when: false
|
||||
register: c
|
||||
failed_when: 'php_fpm_poold.1.php_admin_value.memory_limit not in c.stdout'
|
||||
|
||||
- name: URI | Check ping
|
||||
ansible.builtin.uri:
|
||||
url: "http://localhost{{ php_fpm_poold.0.ping_path }}"
|
||||
when: php_fpm_poold.0.ping_path is defined
|
||||
|
||||
- name: URI | Check status
|
||||
ansible.builtin.uri:
|
||||
url: "http://localhost{{ php_fpm_poold.0.status_path }}"
|
||||
when: php_fpm_poold.0.status_path is defined
|
||||
|
||||
- name: Debian extra checks
|
||||
when: ansible_os_family == 'Debian'
|
||||
block:
|
||||
|
||||
- name: SHELL | Check if we installed multiple PHP versions
|
||||
ansible.builtin.shell: set -o pipefail && (dpkg -l | grep 'php[[:digit:]].*common' | wc -l)
|
||||
args:
|
||||
executable: /bin/bash
|
||||
failed_when: false
|
||||
changed_when: false
|
||||
register: check_multiple_php
|
||||
|
||||
|
||||
- name: FAIL | If we have multiple PHP version
|
||||
ansible.builtin.fail:
|
||||
msg: "Multiple PHP versions detected"
|
||||
when: check_multiple_php.stdout != '1'
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
|
||||
platforms:
|
||||
- name: debian-10
|
||||
image: dokken/debian-10
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
- name: debian-10-php-7.4
|
||||
image: dokken/debian-10
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
|
||||
provisioner:
|
||||
inventory:
|
||||
group_vars:
|
||||
all:
|
||||
__nginx_conf: /etc/nginx/nginx.conf
|
||||
host_vars:
|
||||
debian-10-php-7.4:
|
||||
php_version: '7.4'
|
|
@ -0,0 +1,32 @@
|
|||
---
|
||||
|
||||
platforms:
|
||||
- name: debian-11
|
||||
image: dokken/debian-11
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
- name: debian-11-php-8.0
|
||||
image: dokken/debian-11
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
|
||||
provisioner:
|
||||
inventory:
|
||||
group_vars:
|
||||
all:
|
||||
__nginx_conf: /etc/nginx/nginx.conf
|
||||
host_vars:
|
||||
debian-11-php-8.0:
|
||||
php_version: '8.0'
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
|
||||
platforms:
|
||||
- name: debian-12
|
||||
image: dokken/debian-12
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
|
||||
provisioner:
|
||||
inventory:
|
||||
group_vars:
|
||||
all:
|
||||
__nginx_conf: /etc/nginx/nginx.conf
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
|
||||
platforms:
|
||||
- name: ubuntu-18.04
|
||||
image: dokken/ubuntu-18.04
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
|
||||
provisioner:
|
||||
inventory:
|
||||
group_vars:
|
||||
all:
|
||||
__nginx_conf: /etc/nginx/nginx.conf
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
|
||||
platforms:
|
||||
- name: ubuntu-20.04
|
||||
image: dokken/ubuntu-20.04
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
|
||||
provisioner:
|
||||
inventory:
|
||||
group_vars:
|
||||
all:
|
||||
__nginx_conf: /etc/nginx/nginx.conf
|
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
|
||||
platforms:
|
||||
- name: ubuntu-22.04
|
||||
image: dokken/ubuntu-22.04
|
||||
command: /lib/systemd/systemd
|
||||
dockerfile: ../_shared/Dockerfile.j2
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
cgroupns_mode: host
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:rw
|
||||
privileged: true
|
||||
|
||||
provisioner:
|
||||
inventory:
|
||||
group_vars:
|
||||
all:
|
||||
__nginx_conf: /etc/nginx/nginx.conf
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
|
||||
collections:
|
||||
- community.general
|
|
@ -19,6 +19,6 @@
|
|||
- nginx
|
||||
- vim
|
||||
|
||||
- name: INCLUDE_TASKS | Sury
|
||||
- name: INCLUDE_TASKS | Sury (only if a specific php_version is defined)
|
||||
ansible.builtin.include_tasks: Debian/sury.yml
|
||||
when: php_version != php_default_version
|
||||
when: php_version is defined
|
||||
|
|
|
@ -2,7 +2,7 @@ events {
|
|||
worker_connections 1024;
|
||||
}
|
||||
|
||||
user {{ php_default_user_group }};
|
||||
user root;
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
|
|
Loading…
Reference in New Issue