From 4b52cbb1aea809b32ac02efd8ef1c53d451bca93 Mon Sep 17 00:00:00 2001 From: Bas Meijer Date: Tue, 30 Aug 2022 21:29:15 +0200 Subject: [PATCH] Updated --- handlers/main.yml | 6 +++--- meta/main.yml | 6 +++--- molecule/default/converge.yml | 7 +++++-- molecule/default/verify.yml | 11 ++++++----- tasks/firewall.yml | 4 ++-- tasks/main.yml | 28 ++++++++++++++-------------- 6 files changed, 33 insertions(+), 29 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 2ba5c1b..b3baf40 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,18 +1,18 @@ --- - name: Restart chronyd - service: + ansible.builtin.service: name: "{{ nettime_service }}" enabled: true state: restarted - name: Start chronyd - service: + ansible.builtin.service: name: "{{ nettime_service }}" state: "{{ start_nettime_service }}" - name: Restart timedated - systemd: + ansible.builtin.systemd: name: systemd-timedated daemon_reload: true enabled: true diff --git a/meta/main.yml b/meta/main.yml index 139dcd9..70184be 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -9,13 +9,13 @@ galaxy_info: license: MIT - min_ansible_version: 2.4.0 + min_ansible_version: "2.9.27" platforms: - name: EL versions: - - 7 - - 8 + - "7" + - "8" - name: Debian versions: - buster diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 784f9cc..47457f9 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,10 +1,13 @@ --- - hosts: all vars: + role_name: "{{ lookup('env','MOLECULE_PROJECT_DIRECTORY') | basename }}" manage_firewall: false # yamllint disable-line rule:line-length chrony_key: '1234 SHA256 HEX:DD4E59D2CAE16FFCEBF23D67201814A2FA63251E1B23A1AF3A99203121807C6C' - roles: - - role: base_nettime + tasks: + - name: "Include {{ role_name }}" + ansible.builtin.include_role: + name: "{{ role_name }}" ... diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 8e2759d..019568b 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -18,7 +18,7 @@ goss_format: tap tasks: - name: Download and install Goss - get_url: + ansible.builtin.get_url: url: "{{ goss_url }}" dest: "{{ goss_dst }}" checksum: "{{ goss_sha256sum }}" @@ -28,7 +28,7 @@ retries: 3 - name: Register test files - shell: "ls {{ goss_test_directory }}/test_*.yml" + ansible.builtin.shell: "ls {{ goss_test_directory }}/test_*.yml" changed_when: false register: test_files @@ -36,18 +36,19 @@ environment: # yamllint disable-line rule:line-length PATH: '/opt/rh/rh-git218/root/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' - command: "{{ goss_dst }} -g {{ item }} validate -f {{ goss_format }}" + # yamllint disable-line rule:line-length + ansible.builtin.command: "{{ goss_dst }} -g {{ item }} validate -f {{ goss_format }}" changed_when: false register: test_results with_items: "{{ test_files.stdout_lines }}" - name: Display details about the Goss results - debug: + ansible.builtin.debug: msg: "{{ item.stdout_lines }}" with_items: "{{ test_results.results }}" - name: Fail when tests fail - fail: + ansible.builtin.fail: msg: "Goss failed to validate" when: item.rc != 0 with_items: "{{ test_results.results }}" diff --git a/tasks/firewall.yml b/tasks/firewall.yml index 7674e51..4564e84 100644 --- a/tasks/firewall.yml +++ b/tasks/firewall.yml @@ -1,12 +1,12 @@ --- - name: Ensure firewall is installed - package: + ansible.builtin.package: name: "{{ nettime_firewall }}" state: present - name: Ensure firewall is running - systemd: + ansible.builtin.systemd: name: "{{ nettime_firewall }}" state: started changed_when: false diff --git a/tasks/main.yml b/tasks/main.yml index 9a32397..60194c8 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,17 +1,17 @@ --- - name: Include OS-specific variables. # yamllint disable-line rule:line-length - include_vars: "{{ ansible_os_family }}{{ ansible_distribution_major_version }}.yml" + ansible.builtin.include_vars: "{{ ansible_os_family }}{{ ansible_distribution_major_version }}.yml" tags: - goss - name: Update repositories cache when: ansible_os_family == 'Debian' - apt: + ansible.builtin.apt: update_cache: true - name: Ensure packages are installed - package: + ansible.builtin.package: name: "{{ nettime_packages }}" state: present register: nettime_package @@ -23,13 +23,13 @@ - name: Enable systemd-timedated when: nettime_package.failed - systemd: + ansible.builtin.systemd: name: systemd-timedated enabled: true notify: "Restart timedated" - name: Disable conflicting services - systemd: + ansible.builtin.systemd: name: "{{ item }}" state: stopped enabled: false @@ -45,7 +45,7 @@ when: - net_allow is defined - net_allow | length > 0 - lineinfile: + ansible.builtin.lineinfile: path: "{{ nettime_keyfile }}" regexp: '^{{ nettime_keyid }} ' line: "{{ chrony_key }}" @@ -61,7 +61,7 @@ notify: Restart chronyd - name: Is RTC time in local time zone - shell: | + ansible.builtin.shell: | set -o pipefail timedatectl|grep -c 'RTC in local TZ: yes' register: rtc_timezone @@ -70,11 +70,11 @@ - name: Use RTC time in UTC not local time zone when: rtc_timezone.stdout|int == 1 - command: timedatectl set-local-rtc 0 + ansible.builtin.command: timedatectl set-local-rtc 0 changed_when: true - name: Configure chrony - template: + ansible.builtin.template: src: chrony.conf.j2 dest: "{{ nettime_config }}" owner: root @@ -86,14 +86,14 @@ when: - ansible_os_family == 'Debian' - ansible_distribution_release == '11' - lineinfile: + ansible.builtin.lineinfile: path: /etc/default/chrony regexp: '^DAEMON_OPTS=' line: 'DAEMON_OPTS=""' state: present - name: Set drift - file: + ansible.builtin.file: path: "{{ nettime_driftfile }}" owner: "{{ nettime_user }}" group: "{{ nettime_group }}" @@ -102,13 +102,13 @@ changed_when: false - name: Enable chronyd - systemd: + ansible.builtin.systemd: name: "{{ nettime_service }}" enabled: true notify: Start chronyd - name: Ensure goss directory exists - file: + ansible.builtin.file: path: /etc/goss.d state: directory owner: root @@ -116,7 +116,7 @@ mode: 0700 - name: Copy goss tests template - template: + ansible.builtin.template: src: test_nettime.yml.j2 dest: /etc/goss.d/test_nettime.yml owner: root