Skip to content

Commit

Permalink
Add molecule testing, fix linting errors, rework PHP overrides (#5)
Browse files Browse the repository at this point in the history
Co-authored-by: Patrick M. Hausen <hausen@punkt.de>
  • Loading branch information
medanthelinium and pmhausen authored Aug 17, 2023
1 parent edc1f87 commit 0bdab70
Show file tree
Hide file tree
Showing 15 changed files with 212 additions and 43 deletions.
10 changes: 10 additions & 0 deletions .ansible-lint
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
skip_list:
- 'risky-shell-pipe'
- 'role-name'

warn_list:
- package-latest
- unnamed-task
- command-instead-of-shell
- no-handler
46 changes: 46 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
---
name: Test
run-name: Run molecule tests on the role
on:
push:
workflow_dispatch:

jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install dependencies.
run: pip install yamllint ansible-lint ansible

- name: Run ansible-lint
run: "ansible-lint"

molecule:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install dependencies.
run: |
python -m pip install --upgrade pip
pip install ansible docker molecule molecule-plugins
- name: Install Galaxy dependencies.
run: ansible-galaxy collection install -f community.docker community.mysql ansible.posix

- name: Run molecule
run: "molecule test"
6 changes: 6 additions & 0 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
repos:
- repo: https://github.com/ansible/ansible-lint.git
rev: v6.17.2
hooks:
- id: ansible-lint
33 changes: 33 additions & 0 deletions .yamllint
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
---
# Based on ansible-lint config
extends: default

rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
colons:
max-spaces-after: -1
level: error
commas:
max-spaces-after: -1
level: error
comments: disable
comments-indentation: disable
document-start: disable
empty-lines:
max: 3
level: error
hyphens:
level: error
indentation: disable
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
truthy: disable
2 changes: 1 addition & 1 deletion handlers/main.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
- name: Restart PHP-FPM
service:
ansible.builtin.service:
name: "{{ php.fpm.service }}"
state: restarted
8 changes: 7 additions & 1 deletion meta/main.yaml
Original file line number Diff line number Diff line change
@@ -1,2 +1,8 @@
---
dependencies: []
galaxy_info:
author: "Punkt.de"
license: ""
description: "Apache role for PHP"
role_name: "proserver_php"
namespace: "punktde"
min_ansible_version: "2.15"
7 changes: 7 additions & 0 deletions molecule/default/converge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
- name: Converge
hosts: all
tasks:
- name: "Include ansible-proserver-php"
ansible.builtin.include_role:
name: "ansible-proserver-php"
20 changes: 20 additions & 0 deletions molecule/default/molecule.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---
dependency:
name: galaxy
driver:
name: docker
platforms:
- name: instance
image: geerlingguy/docker-ubuntu2204-ansible
command: /lib/systemd/systemd
pre_build_image: true
privileged: true
cgroupns_mode: host
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:rw
provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
verifier:
name: ansible
10 changes: 10 additions & 0 deletions molecule/default/verify.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
# This is an example playbook to execute Ansible tests.

- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
ansible.builtin.assert:
that: true
21 changes: 15 additions & 6 deletions tasks/install.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,16 @@
- when: ansible_distribution == 'Ubuntu'
block:
---
- name: Make sure that the proserver user exists
ansible.builtin.user:
name: proserver

- name: Install PHP and extensions
apt:
name: "{{ ['php-fpm'] + php.install_extensions.items()|selectattr('1', 'eq', true)|map(attribute='0')|map('regex_replace', '^', 'php-')|list + (['composer'] if php.install_composer else []) }}"
notify: Restart PHP-FPM
- name: Install PHP and extensions
notify: Restart PHP-FPM
ansible.builtin.apt:
update-cache: yes
name: >-
{{
['php-fpm'] + php.install_extensions.items() |
selectattr('1', 'eq', true)|map(attribute='0') |
map('regex_replace', '^', 'php-') |
list + (['composer'] if php.install_composer else [])
}}
20 changes: 15 additions & 5 deletions tasks/main.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,17 @@
---
- import_tasks: install.yaml
- import_tasks: xdebug.yaml
- name: Install PHP and extensions (Ubuntu)
when: ansible_distribution == 'Ubuntu'
ansible.builtin.import_tasks: install.yaml

- name: Set up XDebug
when: php.xdebug.disable_by_default
- import_tasks: phpfpmtop.yaml
- import_tasks: phpfpm.yaml
- import_tasks: php.yaml
ansible.builtin.import_tasks: xdebug.yaml

- name: Set up phpfpmtop
ansible.builtin.import_tasks: phpfpmtop.yaml

- name: Configure PHP-FPM
ansible.builtin.import_tasks: phpfpm.yaml

- name: Configure PHP
ansible.builtin.import_tasks: php.yaml
35 changes: 21 additions & 14 deletions tasks/php.yaml
Original file line number Diff line number Diff line change
@@ -1,33 +1,40 @@
---
- name: Make sure that the configuration folder exists
ansible.builtin.file:
path: "{{ php.prefix.config }}/php"
owner: root
mode: "0755"
state: directory

- name: Template the overrides file
ini_file:
community.general.ini_file:
path: "{{ php.prefix.config }}/php/AAA-01-proserver.ini"
create: no
section: ''
option: "{{ key }}"
value: "{{ value }}"
state: "{{ 'absent' if key is in php['php.ini'] else 'present' }}"
option: "{{ item.key }}"
value: "{{ item.value }}"
state: "{{ 'absent' if item.key is in php['php.ini'] else 'present' }}"
mode: "0644"
owner: root
loop_control:
label: "{{ key }}={{ value }}"
vars:
key: "{{ item.0 }}"
value: "{{ item.1 }}"
loop: "{{ php_proserver_overrides | items() }}"
when: "ansible_system == 'FreeBSD'"
label: "{{ item.key }}={{ item.value }}"
loop: "{{ php_proserver_overrides | dict2items() }}"
when: ansible_system == 'FreeBSD'
notify: Restart PHP-FPM

- name: Update PHP configuration
ini_file:
community.general.ini_file:
path: "{{ php_ini }}"
create: no
section: PHP
option: "{{ key }}"
value: "{{ value }}"
state: "{{ 'absent' if value is none else 'present' }}"
owner: root
mode: "0644"
loop_control:
label: "{{ php_ini }} {{ key }}={{ value }}"
vars:
php_ini: "{{ item.0 }}"
key: "{{ item.1.0 }}"
value: "{{ item.1.1 }}"
loop: "{{ [php.prefix.config + '/php.ini', php.fpm.prefix.config + '/php.ini']|unique|product(php['php.ini'].items())|list }}"
loop: "{{ [php.prefix.config + '/php.ini', php.fpm.prefix.config + '/php.ini'] | unique | product(php['php.ini'].items()) | list }}"
notify: Restart PHP-FPM
6 changes: 4 additions & 2 deletions tasks/phpfpm.yaml
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
---
- name: Update PHP-FPM configuration
ini_file:
community.general.ini_file:
path: "{{ php_fpm_conf }}"
create: yes
section: "{{ item.pool }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
state: "{{ item.state }}"
owner: root
mode: "0644"
loop_control:
label: "{{ php_fpm_conf }} {{ item.option }}={{ item.value }}"
vars:
php_fpm_conf: "{{ php.fpm.prefix.pool_config }}/www.conf"
loop: "{{ php.fpm.pools|php_fpm_config_merge }}"
loop: "{{ php.fpm.pools | php_fpm_config_merge }}"
notify: Restart PHP-FPM
14 changes: 8 additions & 6 deletions tasks/phpfpmtop.yaml
Original file line number Diff line number Diff line change
@@ -1,28 +1,29 @@
---
- name: Enable PHP-FPM status API
lineinfile:
ansible.builtin.lineinfile:
path: "{{ item }}"
regexp: "^;?pm\\.status_path[\\s\\t]*="
line: "pm.status_path = /php-fpm/status"
with_items: "{{ php.fpm.pools.keys()|map('regex_replace', '^(.*)$', php.fpm.prefix.pool_config + '/\\1.conf')|list }}"
with_items: "{{ php.fpm.pools.keys() | map('regex_replace', '^(.*)$', php.fpm.prefix.pool_config + '/\\1.conf') | list }}"
notify: Restart PHP-FPM

- name: Create install dir for phpfpmtop
file:
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: proserver
group: proserver
mode: "0755"
with_items:
- /var/www/bin

- name: Install phpfpmtop
ignore_errors: "{{ ansible_check_mode }}"
get_url:
ansible.builtin.get_url:
url: "{{ php.phpfpmtop.release.url }}"
checksum: "{{ php.phpfpmtop.release.checksum }}"
dest: "{{ item }}"
mode: "u+x,g+x,o+x"
mode: "0755"
with_items:
- /var/www/bin/phpfpmtop
# Workaround for issues with NAT64 gateway
Expand All @@ -41,10 +42,11 @@
value: '"/php-fpm/status"'
loop_control:
label: "{{ php_phpfpmtop_config_file }} {{ item.section }}[{{ item.option }}]={{ item.value }}"
ini_file:
community.general.ini_file:
path: "{{ php_phpfpmtop_config_file }}"
section: "{{ item.section }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
owner: proserver
group: proserver
mode: "0644"
17 changes: 9 additions & 8 deletions tasks/xdebug.yaml
Original file line number Diff line number Diff line change
@@ -1,15 +1,16 @@
---
- name: Copy Xdebug toggle script
copy: src="{{ item.src }}" dest="{{ item.dest }}" mode="{{ item.mode }}"
loop_control:
label: "{{ item.dest }}"
with_items:
- src: xdebug
dest: /usr/local/bin/xdebug
mode: "u+x,g+x,o+x"
ansible.builtin.copy:
src: "xdebug"
dest: /usr/local/bin/xdebug
mode: "0755"

- name: Disable Xdebug
file: path="{{ item.path }}" state="{{ item.state }}"
ansible.builtin.file:
path: "{{ item.path }}"
state: "{{ item.state }}"
mode: "0644"
owner: root
loop_control:
label: "{{ item.path }}"
with_items:
Expand Down

0 comments on commit 0bdab70

Please sign in to comment.