Add RHEL distro to Molecule tests (#498)

This commit is contained in:
Alessandro Fael Garcia 2022-03-17 23:50:41 +01:00 committed by GitHub
parent 16d1d18d6c
commit e6f5dda35e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
20 changed files with 167 additions and 58 deletions

View File

@ -2,6 +2,10 @@
## 0.23.1 (Unreleased) ## 0.23.1 (Unreleased)
FEATURES:
Add Molecule testing infrastructure for RHEL 7/8.
BUG FIXES: BUG FIXES:
Ansible check mode runs will no longer fail if NGINX has not yet been installed. Ansible check mode runs will no longer fail if NGINX has not yet been installed.

View File

@ -22,7 +22,7 @@ nginx_type: opensource
# Default is true. # Default is true.
nginx_start: true nginx_start: true
# Specify whether you want to maintain your version of NGINX, upgrade to the latest version, or remove NGINX. # Specify whether you want to install NGINX, upgrade to the latest version, or remove NGINX.
# Can be used with `nginx_version` to fine tune control which version of NGINX is installed/used on each playbook execution. # Can be used with `nginx_version` to fine tune control which version of NGINX is installed/used on each playbook execution.
# Using 'install' will install the latest version (or 'nginx_version') of NGINX on a fresh install. # Using 'install' will install the latest version (or 'nginx_version') of NGINX on a fresh install.
# Using 'upgrade' will upgrade NGINX to the latest version (that matches your 'nginx_version') of NGINX on every playbook execution. Does not work on Alpine Linux. # Using 'upgrade' will upgrade NGINX to the latest version (that matches your 'nginx_version') of NGINX on every playbook execution. Does not work on Alpine Linux.
@ -42,12 +42,6 @@ nginx_manage_repo: true
# Default is nginx_repository. # Default is nginx_repository.
nginx_install_from: nginx_repository nginx_install_from: nginx_repository
# Specify whether or not you want this role to install the epel-release package.
# Using 'true' will install epel-release if other criteria are met.
# Using 'false' will not install epel-release.
# Default is true.
nginx_install_epel_release: true
# Specify source install options for NGINX Open Source. # Specify source install options for NGINX Open Source.
# Options represent whether to install from source also or to install from packages (default). # Options represent whether to install from source also or to install from packages (default).
# These only apply if 'nginx_install_from' is set to 'source'. # These only apply if 'nginx_install_from' is set to 'source'.
@ -59,6 +53,13 @@ nginx_install_source_pcre: false
nginx_install_source_openssl: true nginx_install_source_openssl: true
nginx_install_source_zlib: false nginx_install_source_zlib: false
# Specify source install module for NGINX Open Source.
# You can select any of the static modules listed on http://nginx.org/en/docs/configure.html.
# Format is '--with-*' where '*' should be used as static module name in the list below. (see an example below).
# Default is 'http_ssl_module'. (DO NOT remove it if you need SSL support).
nginx_static_modules: ['http_ssl_module']
# nginx_static_modules: ['http_v2_module'] # Example for '--with-http_v2_module'
# (Optional) Choose where to fetch the NGINX signing key from. # (Optional) Choose where to fetch the NGINX signing key from.
# Default is the official NGINX signing key host. # Default is the official NGINX signing key host.
# nginx_signing_key: http://nginx.org/keys/nginx_signing.key # nginx_signing_key: http://nginx.org/keys/nginx_signing.key
@ -88,12 +89,11 @@ nginx_setup_license: true
# Default is true. # Default is true.
nginx_remove_license: true nginx_remove_license: true
# Install NGINX Static Modules. # Specify whether or not you want this role to install the EPEL package when installing certain NGINX Plus modules.
# You can select any of the static modules listed on http://nginx.org/en/docs/configure.html. # Using 'true' will install EPEL.
# Format is '--with-*' where '*' should be used as static module name in the list below. (see an example below). # Using 'false' will not install EPEL.
# Default is 'http_ssl_module'. (DO NOT remove it if you need SSL support). # Default is true.
nginx_static_modules: ['http_ssl_module'] nginx_install_epel_release: true
# nginx_static_modules: ['http_v2_module'] # Example for '--with-http_v2_module'
# Install NGINX Dynamic Modules. # Install NGINX Dynamic Modules.
# You can select any of the dynamic modules listed below. Beware of NGINX Plus only dynamic modules (these are marked). # You can select any of the dynamic modules listed below. Beware of NGINX Plus only dynamic modules (these are marked).

View File

@ -25,7 +25,7 @@ RUN \
&& dnf clean all; \ && dnf clean all; \
elif [ $(command -v yum) ]; then \ elif [ $(command -v yum) ]; then \
yum makecache fast \ yum makecache fast \
&& yum install -y bash iproute initscripts sudo /usr/bin/python /usr/bin/python2-config vim yum-plugin-ovl \ && yum install -y bash iproute initscripts sudo /usr/bin/python /usr/bin/python2-config vim yum-plugin-ovl http://mirror.centos.org/centos/7/os/x86_64/Packages/pcre2-10.23-2.el7.x86_64.rpm \
&& sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf \ && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf \
&& yum clean all; \ && yum clean all; \
elif [ $(command -v zypper) ]; then \ elif [ $(command -v zypper) ]; then \

View File

@ -12,26 +12,20 @@
when: ansible_facts['os_family'] == "Debian" when: ansible_facts['os_family'] == "Debian"
- name: Set repo if Red Hat - name: Set repo if Red Hat
set_fact: set_fact:
version: "-1.21.5-1.{{ (ansible_facts['distribution']=='Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx" version: "-1.21.5-1.{{ (ansible_facts['distribution'] == 'Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx"
when: ansible_facts['os_family'] == "RedHat" when: ansible_facts['os_family'] == "RedHat"
- name: Enable NGINX @CentOS-AppStream dnf modules
shell:
args:
cmd: dnf module info nginx | grep -q 'Stream.*\[e\]' && echo -n ENABLED || dnf module enable -y nginx # noqa command-instead-of-module
register: dnf_module_enable
changed_when: dnf_module_enable.stdout != 'ENABLED'
when: ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution_major_version'] is version('8', '==')
tasks: tasks:
- name: Install NGINX - name: Install NGINX
include_role: include_role:
name: ansible-role-nginx name: ansible-role-nginx
vars: vars:
nginx_debug_output: true nginx_version: "{{ version }}"
nginx_service_modify: true
nginx_service_timeout: 95
nginx_selinux: true nginx_selinux: true
nginx_selinux_tcp_ports: nginx_selinux_tcp_ports:
- 80 - 80
- 443 - 443
nginx_version: "{{ version }}"
nginx_logrotate_conf_enable: true nginx_logrotate_conf_enable: true
nginx_logrotate_conf: nginx_logrotate_conf:
paths: paths:

View File

@ -48,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -12,7 +12,7 @@
when: ansible_facts['os_family'] == "Debian" when: ansible_facts['os_family'] == "Debian"
- name: Set repo if Red Hat - name: Set repo if Red Hat
set_fact: set_fact:
version: "-1.20.2-1.{{ (ansible_facts['distribution']=='Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx" version: "-1.20.2-1.{{ (ansible_facts['distribution'] == 'Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx"
when: ansible_facts['os_family'] == "RedHat" when: ansible_facts['os_family'] == "RedHat"
tasks: tasks:
- name: Install NGINX - name: Install NGINX

View File

@ -27,6 +27,13 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init" command: "/sbin/init"
- name: alpine-3.15
image: alpine:3.15
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: amazonlinux-2 - name: amazonlinux-2
image: amazonlinux:2 image: amazonlinux:2
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2
@ -41,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -4,23 +4,16 @@
pre_tasks: pre_tasks:
- name: Set repo if Alpine - name: Set repo if Alpine
set_fact: set_fact:
version: "=1.21.4-r1" version: "=1.21.5-r1"
when: ansible_facts['os_family'] == "Alpine" when: ansible_facts['os_family'] == "Alpine"
- name: Set repo if Debian - name: Set repo if Debian
set_fact: set_fact:
version: "=1.21.4-1~{{ ansible_facts['distribution_release'] }}" version: "=1.21.5-1~{{ ansible_facts['distribution_release'] }}"
when: ansible_facts['os_family'] == "Debian" when: ansible_facts['os_family'] == "Debian"
- name: Set repo if Red Hat - name: Set repo if Red Hat
set_fact: set_fact:
version: "-1.21.4-1.{{ (ansible_facts['distribution']=='Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx" version: "-1.21.5-1.{{ (ansible_facts['distribution'] == 'Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx"
when: ansible_facts['os_family'] == "RedHat" when: ansible_facts['os_family'] == "RedHat"
- name: Enable NGINX @CentOS-AppStream dnf modules
shell:
args:
cmd: dnf module info nginx | grep -q 'Stream.*\[e\]' && echo -n ENABLED || dnf module enable -y nginx # noqa command-instead-of-module
register: dnf_module_enable
changed_when: dnf_module_enable.stdout != 'ENABLED'
when: ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution_major_version'] is version('8', '==')
tasks: tasks:
- name: Install NGINX - name: Install NGINX
include_role: include_role:

View File

@ -6,21 +6,11 @@
include_role: include_role:
name: ansible-role-nginx name: ansible-role-nginx
vars: vars:
nginx_debug_output: true
nginx_service_modify: true
nginx_service_timeout: 95
nginx_selinux: true
nginx_selinux_tcp_ports:
- 80
- 443
nginx_modules: nginx_modules:
- brotli - brotli
- geoip - geoip
- image-filter - image-filter
- name: njs - name: njs
# version: =1.19.4+0.4.4-1~bionic
state: present state: present
- perl - perl
- xslt - xslt

View File

@ -48,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -48,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -6,8 +6,6 @@
include_role: include_role:
name: ansible-role-nginx name: ansible-role-nginx
vars: vars:
nginx_debug_output: true
nginx_install_from: source nginx_install_from: source
nginx_branch: stable nginx_branch: stable
nginx_static_modules: ['http_ssl_module'] nginx_static_modules: ['http_ssl_module']

View File

@ -48,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -48,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -6,6 +6,6 @@
include_role: include_role:
name: ansible-role-nginx name: ansible-role-nginx
vars: vars:
nginx_setup: uninstall
nginx_type: plus nginx_type: plus
nginx_setup_license: false nginx_setup_license: false
nginx_setup: uninstall

View File

@ -48,6 +48,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -20,6 +20,20 @@ platforms:
volumes: volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw" - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init" command: "/usr/sbin/init"
- name: rhel-7
image: registry.access.redhat.com/ubi7/ubi:7.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: rhel-8
image: registry.access.redhat.com/ubi8/ubi:8.5
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: debian-buster - name: debian-buster
image: debian:buster-slim image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2 dockerfile: ../common/Dockerfile.j2

View File

@ -12,15 +12,8 @@
when: ansible_facts['os_family'] == "Debian" when: ansible_facts['os_family'] == "Debian"
- name: Set repo if Red Hat - name: Set repo if Red Hat
set_fact: set_fact:
version: "-1.21.5-1.{{ (ansible_facts['distribution']=='Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx" version: "-1.21.5-1.{{ (ansible_facts['distribution'] == 'Amazon') | ternary('amzn2', ('el' + ansible_facts['distribution_major_version'] | string)) }}.ngx"
when: ansible_facts['os_family'] == "RedHat" when: ansible_facts['os_family'] == "RedHat"
- name: Enable NGINX @CentOS-AppStream dnf modules
shell:
args:
cmd: dnf module info nginx | grep -q 'Stream.*\[e\]' && echo -n ENABLED || dnf module enable -y nginx # noqa command-instead-of-module
register: dnf_module_enable
changed_when: dnf_module_enable.stdout != 'ENABLED'
when: ansible_facts['os_family'] == "RedHat" and ansible_facts['distribution_major_version'] is version('8', '==')
tasks: tasks:
- name: Install NGINX - name: Install NGINX
include_role: include_role:

View File

@ -1,5 +1,5 @@
--- ---
- name: (CentOS) Install GeoIP dependencies - name: (CentOS) Install GeoIP EPEL dependencies
yum: yum:
name: epel-release name: epel-release
when: when:
@ -7,6 +7,22 @@
- '"geoip" in nginx_modules' - '"geoip" in nginx_modules'
- nginx_install_epel_release | bool - nginx_install_epel_release | bool
- name: (RHEL) Install GeoIP2 and/or OpenTracing EPEL dependencies
block:
- name: (RHEL) Import EPEL GPG key
rpm_key:
state: present
key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-{{ ansible_facts['distribution_major_version'] }}
- name: (RHEL) Install package dependencies
yum:
name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_facts['distribution_major_version'] }}.noarch.rpm
when:
- ansible_facts['distribution'] == "RedHat"
- (ansible_facts['distribution_major_version'] == 7 and '"geoip2" in nginx_modules')
or '"opentracing" in nginx_modules'
- nginx_install_epel_release | bool
- name: Setup NGINX modules - name: Setup NGINX modules
package: package:
name: "nginx-{{ (nginx_type == 'plus') | ternary('plus-', '') }}module-{{ item.name | default(item) }}\ name: "nginx-{{ (nginx_type == 'plus') | ternary('plus-', '') }}module-{{ item.name | default(item) }}\

View File

@ -23,14 +23,16 @@
- name: (CentOS/RHEL) Install build tools - name: (CentOS/RHEL) Install build tools
yum: yum:
name: name:
- "@Development tools"
- ca-certificates - ca-certificates
- gcc - gcc
- gd - gd
- gd-devel - gd-devel
- glibc - glibc
- glibc-common - glibc-common
- make
- perl-core - perl-core
- tar
- unzip
- wget - wget
- zlib-devel - zlib-devel
update_cache: true update_cache: true