From 952a64516d7b46f5e00e74dc016ad8ebbdcc3970 Mon Sep 17 00:00:00 2001 From: trfore Date: Mon, 29 Apr 2024 18:21:21 -0500 Subject: [PATCH 01/20] ci: update format and lint config files --- .ansible-lint | 9 ++ .gitignore | 143 +++++++++++++++++++++++++- .pre-commit-config.yaml | 35 ++++--- .prettierignore | 15 ++- .prettierrc.yaml | 10 ++ .yamllint | 7 +- molecule/default/requirements.yml | 4 +- molecule/pkg-install/requirements.yml | 1 + 8 files changed, 201 insertions(+), 23 deletions(-) create mode 100644 .ansible-lint create mode 100644 .prettierrc.yaml create mode 120000 molecule/pkg-install/requirements.yml diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..bda25be --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,9 @@ +profile: production +exclude_paths: + - .github/workflows/ + - .tox/ + - .venv/ + - changelogs/changelog.yaml +warn_list: + - command-instead-of-shell + - yaml[line-length] diff --git a/.gitignore b/.gitignore index 19977ac..385e812 100644 --- a/.gitignore +++ b/.gitignore @@ -1,13 +1,154 @@ # ansible *.retry */__pycache__ -*.pyc +*.py[cod] +*$py.class .cache +/tests/output/ +/changelogs/.plugin-cache.yaml # ansible extras - typical development *.deb *.tgz *.tar.gz* +# ansible docs - sphinx local build files +docs/rst +docs/.gitignore +docs/antsibull-docs.cfg +docs/build.sh +docs/conf.py +docs/requirements.txt + # general extras .DS_Store + +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +pip-wheel-metadata/ +share/python-wheels/ +*.egg-info/ +.installed.cfg +*.egg +MANIFEST + +# PyInstaller +# Usually these files are written by a python script from a template +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.nox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +*.py,cover +.hypothesis/ +.pytest_cache/ + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py +db.sqlite3 +db.sqlite3-journal + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# IPython +profile_default/ +ipython_config.py + +# pyenv +.python-version + +# pipenv +# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. +# However, in case of collaboration, if having platform-specific dependencies or dependencies +# having no cross-platform support, pipenv may install dependencies that don't work, or not +# install all needed dependencies. +#Pipfile.lock + +# PEP 582; used by e.g. github.com/David-OConnor/pyflow +__pypackages__/ + +# Celery stuff +celerybeat-schedule +celerybeat.pid + +# SageMath parsed files +*.sage.py + +# Environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ +.dmypy.json +dmypy.json + +# Pyre type checker +.pyre/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 9a5aaf0..66bf309 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -4,28 +4,17 @@ repos: hooks: - id: check-merge-conflict - id: check-symlinks + - id: check-yaml + args: [--allow-multiple-documents] - id: debug-statements - id: end-of-file-fixer - id: no-commit-to-branch args: [--branch, main] - id: trailing-whitespace args: [--markdown-linebreak-ext=md] - - id: check-yaml - args: [--allow-multiple-documents] - - - repo: https://github.com/asottile/add-trailing-comma - rev: v3.0.0 - hooks: - - id: add-trailing-comma - - - repo: https://github.com/adrienverge/yamllint - rev: v1.31.0 - hooks: - - id: yamllint - args: [-c=.yamllint] - - repo: https://github.com/robertdebock/pre-commit - rev: v1.5.2 + - repo: https://github.com/trfore/pre-commit + rev: v1.5.3 hooks: - id: ansible_role_find_unused_variable - id: ansible_role_fix_readability @@ -34,3 +23,19 @@ repos: - id: ansible_role_find_horizontal_when - id: ansible_role_find_empty_files - id: ansible_role_find_empty_directories + + - repo: https://github.com/pre-commit/mirrors-prettier + rev: v3.1.0 + hooks: + - id: prettier + + - repo: https://github.com/adrienverge/yamllint + rev: v1.35.1 + hooks: + - id: yamllint + args: [-c=.yamllint] + + - repo: https://github.com/ansible/ansible-lint + rev: v24.2.2 + hooks: + - id: ansible-lint diff --git a/.prettierignore b/.prettierignore index 6977fdc..91b6439 100644 --- a/.prettierignore +++ b/.prettierignore @@ -1,4 +1,11 @@ -# linted by yamllint -*.yaml -*.yml -.pylintrc +# environments +.env +.venv +env/ +venv/ +ENV/ +env.bak/ +venv.bak/ + +# formatted by antsibull-changelog +changelogs/changelog.yaml diff --git a/.prettierrc.yaml b/.prettierrc.yaml new file mode 100644 index 0000000..8e025a9 --- /dev/null +++ b/.prettierrc.yaml @@ -0,0 +1,10 @@ +# .prettierrc.yaml +bracketSpacing: true +endOfLine: "lf" +printWidth: 160 +proseWrap: "preserve" +quoteProps: "as-needed" +semi: true +singleQuote: false +tabWidth: 2 +trailingComma: "es5" diff --git a/.yamllint b/.yamllint index 8827676..e8c07f9 100644 --- a/.yamllint +++ b/.yamllint @@ -2,6 +2,10 @@ # Based on ansible-lint config extends: default +ignore: + - .tox/ + - .venv/ + rules: braces: max-spaces-inside: 1 @@ -15,7 +19,8 @@ rules: commas: max-spaces-after: -1 level: error - comments: disable + comments: + min-spaces-from-content: 1 # prettier compatibility comments-indentation: disable document-start: disable empty-lines: diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml index daf2142..74f5f37 100644 --- a/molecule/default/requirements.yml +++ b/molecule/default/requirements.yml @@ -1,4 +1,4 @@ --- roles: - - trfore.jsvc - - trfore.mongodb_install + - name: trfore.jsvc + - name: trfore.mongodb_install diff --git a/molecule/pkg-install/requirements.yml b/molecule/pkg-install/requirements.yml new file mode 120000 index 0000000..b6f4a01 --- /dev/null +++ b/molecule/pkg-install/requirements.yml @@ -0,0 +1 @@ +../default/requirements.yml \ No newline at end of file From 172c515ba9996b4f075575da91eea8ab9627d0f7 Mon Sep 17 00:00:00 2001 From: trfore Date: Mon, 29 Apr 2024 18:22:17 -0500 Subject: [PATCH 02/20] chore: split role and dev requirements --- requirements.txt | 10 ---------- requirements/dev-requirements.txt | 11 +++++++++++ 2 files changed, 11 insertions(+), 10 deletions(-) create mode 100644 requirements/dev-requirements.txt diff --git a/requirements.txt b/requirements.txt index ddb3646..18e7265 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,11 +1 @@ -ansible>=7.4 -ansible-compat>=4.1.7 ansible-core>=2.14 -ansible-lint>=6.14.0 -molecule>=4.0.0,<25.0.0 -molecule-plugins[docker]>=23.0.0 -paramiko>=3.0.0 -pre-commit>=3.2.0 -pylint>=2.17.0 -pytest-testinfra>=7.0.0 -yamllint>=1.30.0 diff --git a/requirements/dev-requirements.txt b/requirements/dev-requirements.txt new file mode 100644 index 0000000..9bc21e3 --- /dev/null +++ b/requirements/dev-requirements.txt @@ -0,0 +1,11 @@ +-r ../requirements.txt +ansible>=7.4 +ansible-compat>=4.1.7 +ansible-lint>=6.14.0 +molecule>=4.0.0,<25.0.0 +molecule-plugins[docker]>=23.0.0 +paramiko>=3.0.0 +pre-commit>=3.2.0 +pylint>=3.0.0 +tox>=4.0.0 +yamllint>=1.30.0 From b762548fae0720db59bd542b253b004247e853f4 Mon Sep 17 00:00:00 2001 From: trfore Date: Mon, 29 Apr 2024 18:23:37 -0500 Subject: [PATCH 03/20] docs: initial contribution guide --- CONTRIBUTING.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..e34bd73 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,23 @@ +# Contributing + +## Contribute + +### Setup a Dev Environment + +```sh +python3 -m venv .venv && source .venv/bin/activate +python3 -m pip install -r requirements/dev-requirements.txt +pre-commit install +``` + +### Running Test + +```sh +pre-commit run --all-files +``` + +## Additional References + +- [Ansible community guide](https://docs.ansible.com/ansible/devel/community/index.html) +- [Github Docs: Forking a repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/fork-a-repo#forking-a-repository) +- [Ansible Docs: `ansible-core` support matrix](https://docs.ansible.com/ansible/latest/reference_appendices/release_and_maintenance.html#ansible-core-support-matrix) From 5d1ec3a21464cfa62a4fef1e36ed88be91a41cdb Mon Sep 17 00:00:00 2001 From: trfore Date: Mon, 29 Apr 2024 18:35:02 -0500 Subject: [PATCH 04/20] style: format using updated linters --- handlers/main.yml | 2 +- molecule/default/converge.yml | 2 +- molecule/ubuntu-jre8/converge.yml | 4 ++-- tasks/main.yml | 36 +++++++++++++++---------------- tasks/omada-non-root.yml | 10 ++++----- 5 files changed, 27 insertions(+), 27 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index c5e0dc1..c1e678f 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,7 +1,7 @@ --- - name: Remove tar folder ansible.builtin.file: - path: '{{ omada_tar.dest }}' + path: "{{ omada_tar.dest }}" state: absent when: omada_remove_tar_folder diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 1410aac..74824a9 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -24,4 +24,4 @@ tasks: - name: Install Omada SDN ansible.builtin.include_role: - name: 'ansible-role-omada-install' + name: "ansible-role-omada-install" diff --git a/molecule/ubuntu-jre8/converge.yml b/molecule/ubuntu-jre8/converge.yml index e35b4f0..e027841 100644 --- a/molecule/ubuntu-jre8/converge.yml +++ b/molecule/ubuntu-jre8/converge.yml @@ -4,7 +4,7 @@ vars: mongodb_pkg_install: true - omada_dependencies: ['curl', 'openjdk-8-jre-headless', 'jsvc'] + omada_dependencies: ["curl", "openjdk-8-jre-headless", "jsvc"] pre_tasks: - name: Update APT cache @@ -22,5 +22,5 @@ tasks: - name: Install Omada SDN ansible.builtin.include_role: - name: 'ansible-role-omada-install' + name: "ansible-role-omada-install" when: ansible_distribution == 'Ubuntu' diff --git a/tasks/main.yml b/tasks/main.yml index fdec18a..33ea081 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,16 +1,16 @@ - name: Install essential packages - ansible.builtin.include_tasks: '{{ ansible_os_family | lower }}.yml' + ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml" when: ansible_os_family == 'Debian' - name: Add OS specific variables - ansible.builtin.include_vars: '{{ ansible_os_family | lower }}.yml' + ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml" when: omada_dependencies is not defined - name: Install omada dependencies ansible.builtin.package: - name: '{{ omada_dep_pkg }}' + name: "{{ omada_dep_pkg }}" state: present - loop: '{{ omada_dependencies }}' + loop: "{{ omada_dependencies }}" loop_control: loop_var: omada_dep_pkg register: package_status @@ -18,16 +18,16 @@ delay: 10 retries: 6 -- name: Verify that required string variables are defined +- name: Check Required Variables ansible.builtin.assert: - that: omada_req_var is defined and omada_req_var | length > 0 and omada_req_var != None - fail_msg: ' needs to be set for the role to work' - success_msg: 'required variable is defined' + that: "{{ req_var }} is defined and {{ req_var }} | length > 0 and {{ req_var }} != None" + fail_msg: "{{ req_var }} needs to be set for the role to work" + success_msg: "{{ req_var }} is defined" + quiet: true loop: - omada_tar_src - - omada_tar_src_remote loop_control: - loop_var: omada_req_var + loop_var: req_var - name: Gather the package facts ansible.builtin.package_facts: @@ -42,7 +42,7 @@ - name: Error when jsvc is missing ansible.builtin.fail: - msg: 'Error: jsvc is not present, Omada SDN requires jsvc' + msg: "Error: jsvc is not present, Omada SDN requires jsvc" when: - "'jsvc' not in ansible_facts.packages" - not jsvc_binary.stat.exists @@ -55,17 +55,17 @@ - name: Create a temporary directory for omada tar file ansible.builtin.file: - path: '{{ omada_tar_dir }}/{{ omada_tar_folder }}' + path: "{{ omada_tar_dir }}/{{ omada_tar_folder }}" state: directory - mode: '0775' + mode: "0775" when: not omada_binary.stat.exists register: omada_temp_dir - name: Download and extract omada software ansible.builtin.unarchive: - src: '{{ omada_tar_src }}' - dest: '{{ omada_temp_dir.path }}' - remote_src: '{{ omada_tar_src_remote }}' + src: "{{ omada_tar_src }}" + dest: "{{ omada_temp_dir.path }}" + remote_src: "{{ omada_tar_src_remote }}" extra_opts: - --strip-components=1 register: omada_tar @@ -73,9 +73,9 @@ - name: Run omada install script become: true - ansible.builtin.command: './install.sh -y' + ansible.builtin.command: "./install.sh -y" args: - chdir: '{{ omada_tar.dest }}' + chdir: "{{ omada_tar.dest }}" creates: /opt/tplink/EAPController/bin/control.sh register: omada_install when: omada_tar.changed # noqa: no-handler diff --git a/tasks/omada-non-root.yml b/tasks/omada-non-root.yml index 0267533..c636163 100644 --- a/tasks/omada-non-root.yml +++ b/tasks/omada-non-root.yml @@ -2,7 +2,7 @@ - name: Create omada user ansible.builtin.user: name: omada - comment: 'omada service account' + comment: "omada service account" system: true shell: /usr/sbin/nologin home: /opt/tplink/EAPController/data @@ -16,7 +16,7 @@ - name: Modify 'control.sh', change default 'OMADA_USER' ansible.builtin.lineinfile: path: /opt/tplink/EAPController/bin/control.sh - search_string: 'OMADA_USER=${OMADA_USER:-root}' + search_string: "OMADA_USER=${OMADA_USER:-root}" line: OMADA_USER=${OMADA_USER:-omada} - name: Modify 'control.sh', change 'PID_FILE' path @@ -28,12 +28,12 @@ - name: Modify 'control.sh', remove 'check_root_perms' func call ansible.builtin.lineinfile: path: /opt/tplink/EAPController/bin/control.sh - search_string: 'check_root_perms' - line: '#check_root_perms' + search_string: "check_root_perms" + line: "#check_root_perms" - name: Change omada directories to non-root owner & group ansible.builtin.file: - path: '{{ omada_dir }}' + path: "{{ omada_dir }}" state: directory recurse: true owner: omada From 718eec392f3d2910c6b7b851af6548c3dcadf7ae Mon Sep 17 00:00:00 2001 From: trfore Date: Mon, 29 Apr 2024 18:36:26 -0500 Subject: [PATCH 05/20] test: add check for local binary --- molecule/default/verify.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index 4b959f5..f944c7f 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -2,9 +2,19 @@ - name: Verify hosts: all gather_facts: false - tasks: - - name: Test Omada SDN is running + - name: Test | Get Binary File Info + ansible.builtin.stat: + path: /usr/bin/tpeap + register: file_info + + - name: Test | Check Omada Binary Exists + ansible.builtin.assert: + that: + - file_info.stat.exists + quiet: true + + - name: Test | Check Omada SDN is running ansible.builtin.uri: url: https://127.0.0.1:8043/login status_code: 200 From 2b40979163b497fe727ea58b47557081e93a6a53 Mon Sep 17 00:00:00 2001 From: trfore Date: Mon, 29 Apr 2024 18:43:52 -0500 Subject: [PATCH 06/20] refactor: consolidate debian task files --- tasks/debian-container.yml | 8 -------- tasks/debian.yml | 10 ++++++++-- 2 files changed, 8 insertions(+), 10 deletions(-) delete mode 100644 tasks/debian-container.yml diff --git a/tasks/debian-container.yml b/tasks/debian-container.yml deleted file mode 100644 index 2b40e80..0000000 --- a/tasks/debian-container.yml +++ /dev/null @@ -1,8 +0,0 @@ -# openjdk dep issue when installed in a container without man directory -# ref: https://github.com/geerlingguy/ansible-role-java/issues/64 -# sol: https://github.com/geerlingguy/ansible-role-java/commit/ee7c12b13aa594dc747892860e563f45794e94d0 -- name: Ensure 'man' directory exists. - ansible.builtin.file: - path: /usr/share/man/man1 - state: directory - recurse: true diff --git a/tasks/debian.yml b/tasks/debian.yml index dcb8173..a476859 100644 --- a/tasks/debian.yml +++ b/tasks/debian.yml @@ -1,6 +1,12 @@ --- -- name: Create 'man' directory when containerized - ansible.builtin.include_tasks: debian-container.yml +# openjdk dep issue when installed in a container without man directory +# ref: https://github.com/geerlingguy/ansible-role-java/issues/64 +# sol: https://github.com/geerlingguy/ansible-role-java/commit/ee7c12b13aa594dc747892860e563f45794e94d0 +- name: Ensure 'man' Directory Exists (Debian & Ubuntu) + ansible.builtin.file: + path: /usr/share/man/man1 + state: directory + recurse: true when: - ansible_virtualization_type in ['docker', 'container', 'containerd'] - ansible_os_family == 'Debian' From 5520b4936621d354b6fa093d0f4db18b68907cb3 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 13:53:19 -0500 Subject: [PATCH 07/20] chore: rm unused file --- tasks/redhat.yml | 1 - 1 file changed, 1 deletion(-) delete mode 100644 tasks/redhat.yml diff --git a/tasks/redhat.yml b/tasks/redhat.yml deleted file mode 100644 index ed97d53..0000000 --- a/tasks/redhat.yml +++ /dev/null @@ -1 +0,0 @@ ---- From aafc5aa37a3cd80ff1b0cc71b6cda48617eefdf0 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 13:56:36 -0500 Subject: [PATCH 08/20] refactor: consolidate variable files, use ansible magic import --- tasks/main.yml | 27 +++++++++++---------------- vars/debian.yml | 4 ---- vars/main.yml | 4 ++++ vars/redhat.yml | 4 ---- 4 files changed, 15 insertions(+), 24 deletions(-) delete mode 100644 vars/debian.yml create mode 100644 vars/main.yml delete mode 100644 vars/redhat.yml diff --git a/tasks/main.yml b/tasks/main.yml index 33ea081..cf5cd8e 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,22 +2,6 @@ ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml" when: ansible_os_family == 'Debian' -- name: Add OS specific variables - ansible.builtin.include_vars: "{{ ansible_os_family | lower }}.yml" - when: omada_dependencies is not defined - -- name: Install omada dependencies - ansible.builtin.package: - name: "{{ omada_dep_pkg }}" - state: present - loop: "{{ omada_dependencies }}" - loop_control: - loop_var: omada_dep_pkg - register: package_status - until: package_status is success - delay: 10 - retries: 6 - - name: Check Required Variables ansible.builtin.assert: that: "{{ req_var }} is defined and {{ req_var }} | length > 0 and {{ req_var }} != None" @@ -29,6 +13,17 @@ loop_control: loop_var: req_var +- name: Install Omada Dependencies + ansible.builtin.package: + name: "{{ omada_dep_pkg }}" + state: present + loop: "{{ omada_dependencies }}" + loop_control: + loop_var: omada_dep_pkg + register: package_status + until: package_status is success + delay: 10 + retries: 6 - name: Gather the package facts ansible.builtin.package_facts: manager: auto diff --git a/vars/debian.yml b/vars/debian.yml deleted file mode 100644 index 33976b4..0000000 --- a/vars/debian.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -omada_dependencies: - - curl - - openjdk-11-jre-headless # OpenJDK 11 or higher, requires JSVC 1.1.0+ diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..00c3bcf --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,4 @@ +--- +omada_dependencies: + - curl + - "{{ 'java-11-openjdk-headless.x86_64' if ansible_os_family == 'RedHat' else 'openjdk-11-jre-headless' }}" # OpenJDK 11 or higher, requires JSVC 1.1.0+ diff --git a/vars/redhat.yml b/vars/redhat.yml deleted file mode 100644 index cd73e3e..0000000 --- a/vars/redhat.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -omada_dependencies: - - curl - - java-11-openjdk-headless.x86_64 From 2f2b7559fcc81d5d8747714d8d8010bffbb6da7f Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 13:58:51 -0500 Subject: [PATCH 09/20] refactor: group jsvc check task --- tasks/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index cf5cd8e..ef1fe7f 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -24,24 +24,24 @@ until: package_status is success delay: 10 retries: 6 + +- name: Check for jsvc Binary + block: - name: Gather the package facts ansible.builtin.package_facts: manager: auto - tags: jsvc -- name: Check for jsvc binary + - name: Check for jsvc Binary ansible.builtin.stat: path: /usr/bin/jsvc register: jsvc_binary - tags: jsvc -- name: Error when jsvc is missing + - name: Error When jsvc Is Missing ansible.builtin.fail: msg: "Error: jsvc is not present, Omada SDN requires jsvc" when: - "'jsvc' not in ansible_facts.packages" - not jsvc_binary.stat.exists - tags: jsvc - name: Check for omada binary ansible.builtin.stat: From c7a9d19a3c68cedd7643c3731b8cc23d16255b95 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 13:59:25 -0500 Subject: [PATCH 10/20] refactor: group tar install task --- tasks/main.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index ef1fe7f..c7461ee 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -48,15 +48,17 @@ path: /usr/bin/tpeap register: omada_binary -- name: Create a temporary directory for omada tar file +- name: Install Omada SDN Using Tar File + when: not omada_binary.stat.exists + block: + - name: Create a Temporary Directory for Omada Tar File ansible.builtin.file: path: "{{ omada_tar_dir }}/{{ omada_tar_folder }}" state: directory mode: "0775" - when: not omada_binary.stat.exists register: omada_temp_dir -- name: Download and extract omada software + - name: Download and Extract Omada Software ansible.builtin.unarchive: src: "{{ omada_tar_src }}" dest: "{{ omada_temp_dir.path }}" @@ -64,7 +66,6 @@ extra_opts: - --strip-components=1 register: omada_tar - when: not omada_binary.stat.exists - name: Run omada install script become: true From 61f01592c9d5295a5db6f296e1c79251d8a83fc4 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:01:00 -0500 Subject: [PATCH 11/20] style: update style and lint using updated config --- molecule/default/converge.yml | 2 - tasks/main.yml | 74 +++++++++++++++++------------------ tasks/omada-non-root.yml | 12 +++--- 3 files changed, 43 insertions(+), 45 deletions(-) diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 74824a9..89b326b 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,10 +1,8 @@ --- - name: Converge hosts: all - vars: mongodb_pkg_install: true - pre_tasks: - name: Update APT cache ansible.builtin.apt: diff --git a/tasks/main.yml b/tasks/main.yml index c7461ee..6168d38 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,4 +1,4 @@ -- name: Install essential packages +- name: Install Essential Packages ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml" when: ansible_os_family == 'Debian' @@ -27,23 +27,23 @@ - name: Check for jsvc Binary block: -- name: Gather the package facts - ansible.builtin.package_facts: - manager: auto + - name: Gather the package facts + ansible.builtin.package_facts: + manager: auto - name: Check for jsvc Binary - ansible.builtin.stat: - path: /usr/bin/jsvc - register: jsvc_binary + ansible.builtin.stat: + path: /usr/bin/jsvc + register: jsvc_binary - name: Error When jsvc Is Missing - ansible.builtin.fail: - msg: "Error: jsvc is not present, Omada SDN requires jsvc" - when: - - "'jsvc' not in ansible_facts.packages" - - not jsvc_binary.stat.exists + ansible.builtin.fail: + msg: "Error: jsvc is not present, Omada SDN requires jsvc" + when: + - "'jsvc' not in ansible_facts.packages" + - not jsvc_binary.stat.exists -- name: Check for omada binary +- name: Check for Omada Binary ansible.builtin.stat: path: /usr/bin/tpeap register: omada_binary @@ -52,34 +52,34 @@ when: not omada_binary.stat.exists block: - name: Create a Temporary Directory for Omada Tar File - ansible.builtin.file: - path: "{{ omada_tar_dir }}/{{ omada_tar_folder }}" - state: directory - mode: "0775" - register: omada_temp_dir + ansible.builtin.file: + path: "{{ omada_tar_dir }}/{{ omada_tar_folder }}" + state: directory + mode: "0775" + register: omada_temp_dir - name: Download and Extract Omada Software - ansible.builtin.unarchive: - src: "{{ omada_tar_src }}" - dest: "{{ omada_temp_dir.path }}" - remote_src: "{{ omada_tar_src_remote }}" - extra_opts: - - --strip-components=1 - register: omada_tar + ansible.builtin.unarchive: + src: "{{ omada_tar_src }}" + dest: "{{ omada_temp_dir.path }}" + remote_src: "{{ omada_tar_src_remote }}" + extra_opts: + - --strip-components=1 + register: omada_tar -- name: Run omada install script - become: true - ansible.builtin.command: "./install.sh -y" - args: - chdir: "{{ omada_tar.dest }}" - creates: /opt/tplink/EAPController/bin/control.sh - register: omada_install - when: omada_tar.changed # noqa: no-handler - notify: - - Remove tar folder - - Enable omada service + - name: Run Omada Install Script + become: true + ansible.builtin.command: "./install.sh -y" + args: + chdir: "{{ omada_tar.dest }}" + creates: /opt/tplink/EAPController/bin/control.sh + register: omada_install + when: omada_tar.changed # noqa: no-handler + notify: + - Remove tar folder + - Enable omada service -- name: Configure omada to run as non-root user +- name: Configure Omada to Run as Non-root User ansible.builtin.include_tasks: omada-non-root.yml when: - omada_install.changed # noqa: no-handler diff --git a/tasks/omada-non-root.yml b/tasks/omada-non-root.yml index c636163..f27ecf5 100644 --- a/tasks/omada-non-root.yml +++ b/tasks/omada-non-root.yml @@ -1,5 +1,5 @@ --- -- name: Create omada user +- name: Omada Non-root | Create 'omada' User ansible.builtin.user: name: omada comment: "omada service account" @@ -8,30 +8,30 @@ home: /opt/tplink/EAPController/data state: present -- name: Stop omada service +- name: Omada Non-root | Stop Omada Service ansible.builtin.command: tpeap stop register: tpeap_status changed_when: tpeap_status.rc != 0 -- name: Modify 'control.sh', change default 'OMADA_USER' +- name: Omada Non-root | Modify 'control.sh', Change Default 'OMADA_USER' ansible.builtin.lineinfile: path: /opt/tplink/EAPController/bin/control.sh search_string: "OMADA_USER=${OMADA_USER:-root}" line: OMADA_USER=${OMADA_USER:-omada} -- name: Modify 'control.sh', change 'PID_FILE' path +- name: Omada Non-root | Modify 'control.sh', Change 'PID_FILE' Path ansible.builtin.lineinfile: path: /opt/tplink/EAPController/bin/control.sh search_string: 'PID_FILE="/var/run/${NAME}.pid"' line: 'PID_FILE="${OMADA_HOME}/data/${NAME}.pid"' -- name: Modify 'control.sh', remove 'check_root_perms' func call +- name: Omada Non-root | Modify 'control.sh', Remove 'check_root_perms' Func Call ansible.builtin.lineinfile: path: /opt/tplink/EAPController/bin/control.sh search_string: "check_root_perms" line: "#check_root_perms" -- name: Change omada directories to non-root owner & group +- name: Omada Non-root | Change Omada Directories Owner & Group ansible.builtin.file: path: "{{ omada_dir }}" state: directory From db1b5a80ea889e1ef048b7b69d5533d7c71e0372 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:02:55 -0500 Subject: [PATCH 12/20] test: add check for jdk pkg --- molecule/default/verify.yml | 11 ++++++++++- molecule/ubuntu-jre8/verify.yml | 33 ++++++++++++++++++++++++++++++++- 2 files changed, 42 insertions(+), 2 deletions(-) mode change 120000 => 100644 molecule/ubuntu-jre8/verify.yml diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index f944c7f..15aee36 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -1,8 +1,17 @@ --- - name: Verify hosts: all - gather_facts: false + gather_facts: true + vars: + jdk_pkg: "{{ 'java-11-openjdk-headless' if ansible_os_family == 'RedHat' else 'openjdk-11-jre-headless' }}" tasks: + - name: Test | Gather Package Facts + ansible.builtin.package_facts: + + - name: Test | Check OpenJDK Package + ansible.builtin.assert: + that: "jdk_pkg in ansible_facts.packages" + - name: Test | Get Binary File Info ansible.builtin.stat: path: /usr/bin/tpeap diff --git a/molecule/ubuntu-jre8/verify.yml b/molecule/ubuntu-jre8/verify.yml deleted file mode 120000 index 15a7868..0000000 --- a/molecule/ubuntu-jre8/verify.yml +++ /dev/null @@ -1 +0,0 @@ -../default/verify.yml \ No newline at end of file diff --git a/molecule/ubuntu-jre8/verify.yml b/molecule/ubuntu-jre8/verify.yml new file mode 100644 index 0000000..024bbc8 --- /dev/null +++ b/molecule/ubuntu-jre8/verify.yml @@ -0,0 +1,32 @@ +--- +- name: Verify + hosts: all + gather_facts: true + tasks: + - name: Test | Gather Package Facts + ansible.builtin.package_facts: + + - name: Test | Check OpenJDK Package + ansible.builtin.assert: + that: "'openjdk-8-jre-headless' in ansible_facts.packages" + + - name: Test | Get Binary File Info + ansible.builtin.stat: + path: /usr/bin/tpeap + register: file_info + + - name: Test | Check Omada Binary Exists + ansible.builtin.assert: + that: + - file_info.stat.exists + quiet: true + + - name: Test | Check Omada SDN is running + ansible.builtin.uri: + url: https://127.0.0.1:8043/login + status_code: 200 + validate_certs: false + register: result + until: result.status == 200 + retries: 12 + delay: 10 From 3de21e6b4e75515cff70aef2d8ead0279d886f78 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:04:39 -0500 Subject: [PATCH 13/20] ci: change lint to only run on docs --- .github/workflows/lint.yml | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 8cda803..4a3781c 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,12 +1,30 @@ name: Lint on: - workflow_dispatch: + pull_request: + branches: ["main"] + paths: + - "**.md" + - "LICENSE" push: branches: ["*"] - paths-ignore: + paths: + - "**.md" - "LICENSE" - - "README.md" + +concurrency: + group: ${{ github.workflow}}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true jobs: - lint_ansible: - uses: trfore/ansible-role/.github/workflows/lint_ansible.yml@main # remote repo + format: + uses: trfore/ansible-role/.github/workflows/format.yml@main + + check: + needs: + - format + runs-on: ubuntu-latest + steps: + - run: >- + python -c "assert set([ + '${{ needs.format.result }}', + ]) == {'success'}" From 0c1b707eb488b7a50ccfbb3a22d2e37ffab64ce0 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:05:55 -0500 Subject: [PATCH 14/20] ci: add format job and final check to ci workflow --- .github/workflows/ci.yml | 37 +++++++++++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5ed6a22..767912d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,19 +1,29 @@ name: CI on: - workflow_dispatch: pull_request: branches: ["*"] paths-ignore: + - "**.md" - "LICENSE" - - "README.md" + workflow_dispatch: + +concurrency: + group: ${{ github.workflow}}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true jobs: - lint_ansible: - uses: trfore/ansible-role/.github/workflows/lint_ansible.yml@main # remote repo + format: + uses: trfore/ansible-role/.github/workflows/format.yml@main - molecule_test: + lint: needs: - - lint_ansible + - format + uses: trfore/ansible-role/.github/workflows/lint_ansible.yml@main + + test: + needs: + - format + - lint strategy: fail-fast: false matrix: @@ -32,3 +42,18 @@ jobs: distro: ${{ matrix.distro }} experimental: ${{ matrix.experimental }} molecule_scenario: ${{ matrix.molecule_scenario }} + requirements_file: "requirements/dev-requirements.txt" + + check: + needs: + - format + - lint + - test + runs-on: ubuntu-latest + steps: + - run: >- + python -c "assert set([ + '${{ needs.format.result }}', + '${{ needs.lint.result }}', + '${{ needs.test.result }}', + ]) == {'success'}" From 9b12d83974d628ea09084c2c3d22b87ecf3377b5 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:09:40 -0500 Subject: [PATCH 15/20] refactor: moved omada_tar_folder precedence higher and to vars file --- defaults/main.yml | 1 - vars/main.yml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index e71dd96..297b7b8 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,6 +3,5 @@ omada_tar_src: https://static.tp-link.com/upload/software/2024/202402/20240227/Omada_SDN_Controller_v5.13.30.8_linux_x64.tar.gz omada_tar_src_remote: true omada_tar_dir: /var/tmp -omada_tar_folder: "{{ omada_tar_src | basename | splitext | first | splitext | first }}" omada_non_root: true omada_remove_tar_folder: false diff --git a/vars/main.yml b/vars/main.yml index 00c3bcf..aa05d01 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -2,3 +2,4 @@ omada_dependencies: - curl - "{{ 'java-11-openjdk-headless.x86_64' if ansible_os_family == 'RedHat' else 'openjdk-11-jre-headless' }}" # OpenJDK 11 or higher, requires JSVC 1.1.0+ +omada_tar_folder: "{{ omada_tar_src | basename | splitext | first | splitext | first }}" From 323e1da366c8ae64968e05f62c3befc9ef0cccc5 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:11:53 -0500 Subject: [PATCH 16/20] test: add tox file for local testing --- tox.ini | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 tox.ini diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..ea334df --- /dev/null +++ b/tox.ini @@ -0,0 +1,45 @@ +[tox] +minversion = 4.0.0 +envlist = + lint + py-ansible{2.16}-ubuntu{20}-{default} + py-ansible{2.16}-ubuntu20-{jre8} + py-ansible{2.16}-{centos,debian}-{default} + +[testenv] +description = + default-ubuntu20: Run molecule scenario on Ubuntu 20.04 (default) + default-centos: Run molecule scenario on CentOS 8 (default) + default-debian: Run molecule scenario on Debian 10 (default) + jre8: Run molecule scenario on Ubuntu 20.04 (JRE 8) +deps = + ansible2.16: ansible-core == 2.16.* + docker + molecule + molecule-plugins[docker] + pytest + pytest-testinfra +commands = + default: molecule {posargs:test -s default} + jre8: molecule {posargs:test -s ubuntu-jre8} +setenv = + MOLECULE_EPHEMERAL_DIRECTORY={work_dir}/{env_name}/.cache/molecule + MOLECULE_NAME={env_name} + centos: MOLECULE_IMAGE=trfore/docker-centos8-systemd + debian: MOLECULE_IMAGE=trfore/docker-debian10-systemd + ubuntu20: MOLECULE_IMAGE=trfore/docker-ubuntu2004-systemd + PY_COLORS=1 + TOX_ENVNAME={env_name} +passenv = + DOCKER_HOST + MOLECULE_IMAGE + +[testenv:lint] +description = Run all linting tasks +skip_install = true +deps = + pre-commit +commands = + pre-commit run {posargs:--all --show-diff-on-failure} +setenv = + TOX_ENVNAME={env_name} From 236ac4c1ef236c74f6feed9a78152cf57de0019f Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:19:50 -0500 Subject: [PATCH 17/20] style: format and lint readme --- README.md | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 5258342..2e46142 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ ansible-galaxy role install trfore.omada_install ## Tested Platforms and Versions - MongoDB Community: `4.4.x` -- Omada SDN: `5.9.x` +- Omada SDN: `5.x.x` - CentOS Stream 8 - Debian 10 - Ubuntu 20.04 @@ -48,7 +48,7 @@ ansible-galaxy role install trfore.omada_install - NOTE: For **Ubuntu 20.04** targets, this role installs **OpenJDK 11**. While `jsvc` is available via APT, it is `< 1.1.0` and will **only work with OpenJDK 8**. If you prefer to use this older version, set `omada_dependencies` to the following in your playbook (see 'Example Playbooks' section below): ```yaml - omada_dependencies: ['curl', 'openjdk-8-jre-headless', 'jsvc'] + omada_dependencies: ["curl", "openjdk-8-jre-headless", "jsvc"] ``` ## Role Variables @@ -64,7 +64,7 @@ Available variables are listed below, along with default values (see `defaults/m | omada_non_root | `true` | Boolean, configure Omada SDN to run as a non-root user | No | | omada_remove_tar_folder | `false` | Boolean, remove the temporary directory on the remote host | No | -OS specific variables are listed below, along with default values (see `vars/debian.yml` and `vars/redhat.yml`): +OS specific variables are listed below, along with default values (see `vars/main.yml`): | Variable | Default | Description | Required | | ------------------ | --------------------------------------------- | ---------------------------------------- | -------- | @@ -117,7 +117,7 @@ OS specific variables are listed below, along with default values (see `vars/deb - hosts: servers become: true vars: - omada_dependencies: ['curl', 'openjdk-8-jre-headless', 'jsvc'] + omada_dependencies: ["curl", "openjdk-8-jre-headless", "jsvc"] roles: - name: Install MongoDB Community role: trfore.mongodb_install @@ -135,14 +135,13 @@ MIT Taylor Fore (https://github.com/trfore) -## Related Roles & Playbooks +## Related Roles | Github | Ansible Galaxy | | ------------------------------ | ------------------------ | | [ansible-role-jsvc] | [trfore.jsvc] | | [ansible-role-mongodb-install] | [trfore.mongodb_install] | | [ansible-role-omada-install] | [trfore.omada_install] | -| [ansible-playbook-omada] | | ## References @@ -162,6 +161,5 @@ Taylor Fore (https://github.com/trfore) [trfore.jsvc]: https://galaxy.ansible.com/trfore/jsvc [ansible-role-mongodb-install]: https://github.com/trfore/ansible-role-mongodb-install [trfore.mongodb_install]: https://galaxy.ansible.com/trfore/mongodb_install -[ansible-playbook-omada]: https://github.com/trfore/ansible-playbook-omada [ansible-role-omada-install]: https://github.com/trfore/ansible-role-omada-install [trfore.omada_install]: https://galaxy.ansible.com/trfore/omada_install From 6349a6eb75eac5fd7ff41b35986763c9ee18fa77 Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 14:20:26 -0500 Subject: [PATCH 18/20] docs: add code example to test controller --- README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/README.md b/README.md index 2e46142..65573d1 100644 --- a/README.md +++ b/README.md @@ -90,6 +90,18 @@ OS specific variables are listed below, along with default values (see `vars/mai - name: Install Omada SDN role: trfore.omada_install + + post_tasks: + - name: Test Omada SDN Is Running + tags: ["omada", "test"] + ansible.builtin.uri: + url: https://127.0.0.1:8043/login + status_code: 200 + validate_certs: false + register: result + until: result.status == 200 + retries: 12 + delay: 10 ``` - If you manually download the tar file. From 462c100f2f5eeb55c60901d226d4d15aeabee03d Mon Sep 17 00:00:00 2001 From: trfore Date: Sat, 4 May 2024 16:21:04 -0500 Subject: [PATCH 19/20] chore: update to full semver --- requirements.txt | 2 +- requirements/dev-requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 18e7265..b05ec0b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1 +1 @@ -ansible-core>=2.14 +ansible-core>=2.14.0 diff --git a/requirements/dev-requirements.txt b/requirements/dev-requirements.txt index 9bc21e3..227ef4c 100644 --- a/requirements/dev-requirements.txt +++ b/requirements/dev-requirements.txt @@ -1,5 +1,5 @@ -r ../requirements.txt -ansible>=7.4 +ansible>=7.4.0 ansible-compat>=4.1.7 ansible-lint>=6.14.0 molecule>=4.0.0,<25.0.0 From 73bf3fc354ca78fb512b8c9b2e8967166dc5fa13 Mon Sep 17 00:00:00 2001 From: trfore Date: Sun, 5 May 2024 18:03:23 -0500 Subject: [PATCH 20/20] test: add ANSIBLE_ROLES_PATH to tox and update contribution guide --- CONTRIBUTING.md | 18 ++++++++++++++++++ tox.ini | 1 + 2 files changed, 19 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e34bd73..a6013ee 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -14,6 +14,24 @@ pre-commit install ```sh pre-commit run --all-files + +# list environments and test +tox list +# lint all files +tox -e lint run +# run a specific test environment +tox -e py-ansible2.16-ubuntu20 run +# run all test in parallel +tox run-parallel +``` + +- For iterative development and testing, the tox molecule environments are written to accept `molecule` arguments. This allows for codebase changes to be tested as you write across multiple distros and versions of `ansible-core`. + +```sh +# molecule converge +tox -e py-ansible2.16-ubuntu20 run -- converge -s default +# molecule test w/o destroying the container +tox -r -e py-ansible2.16-ubuntu20-jre8 -- test -s ubuntu20-jre8 --destroy=never ``` ## Additional References diff --git a/tox.ini b/tox.ini index ea334df..268cb5e 100644 --- a/tox.ini +++ b/tox.ini @@ -23,6 +23,7 @@ commands = default: molecule {posargs:test -s default} jre8: molecule {posargs:test -s ubuntu-jre8} setenv = + ANSIBLE_ROLES_PATH={work_dir}/{env_name}/.ansible/roles MOLECULE_EPHEMERAL_DIRECTORY={work_dir}/{env_name}/.cache/molecule MOLECULE_NAME={env_name} centos: MOLECULE_IMAGE=trfore/docker-centos8-systemd