Merge pull request #1 from T-Systems-MMS/updates

some basic improvements
T-Systems-MMS · Oct 26, 2021 · 71cebd1 · 71cebd1
2 parents 74c3833 + 80dc0bf
commit 71cebd1
Show file tree

Hide file tree

Showing 6 changed files with 37 additions and 39 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,5 +1,4 @@
 ---
 cni_plugin_dir: /opt/cni/bin
-cni_plugin_release_version: v1.0.0
+cni_plugin_release_version: v1.0.1
 cni_plugin_release_url: https://github.com/containernetworking/plugins/releases/download
-cni_plugin_remove_download: false
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -2,6 +2,10 @@
 - name: Converge
   hosts: all
   tasks:
+    - name: workaround for https://github.com/ansible/ansible/issues/66304
+      set_fact:
+        ansible_virtualization_type: "docker"
+
     - name: "Include ansible-role-cniplugins"
       include_role:
         name: "t_systems_mms.cniplugins"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -16,4 +16,4 @@ provisioner:
   name: ansible
 
 verifier:
-  name: testinfra
+  name: ansible
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
@@ -0,0 +1,9 @@
+---
+- name: prepare molecule environment
+  hosts: all
+  become: true
+  tasks:
+    - name: set ansible_python_interpreter to "/usr/bin/python3" on fedora
+      set_fact:
+        ansible_python_interpreter: "/usr/bin/python3"
+      when: ansible_facts.distribution == 'Fedora'
diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
@@ -1,10 +1,18 @@
 ---
-# This is an example playbook to execute Ansible tests.
-
 - name: Verify
   hosts: all
-  gather_facts: false
   tasks:
-  - name: Example assertion
+  - name: load defaults from role
+    include_vars: "../../defaults/main.yml"
+
+  - name: check the return string of the downloaded binary
+    command: "{{ cni_plugin_dir }}/bridge"
+    register: result
+
+  - debug:
+      var: result
+
+  - name: check that a downloaded binary exists
     assert:
-      that: true
+      that:
+        - "cni_plugin_release_version in result.stderr"
diff --git a/tasks/linux/main.yml b/tasks/linux/main.yml
@@ -4,27 +4,14 @@
     path: "{{ cni_plugin_dir }}"
     state: directory
 
-- name: check if release package is already present
-  stat:
-    path: "{{ cni_plugin_dir }}/cni-plugins-linux-amd64-{{ cni_plugin_release_version }}.tgz"
-  register: plugin_release
-
-- name: donwload plugin
-  get_url:
-    url: "{{ cni_plugin_release_url }}/{{ cni_plugin_release_version }}/cni-plugins-linux-amd64-{{ cni_plugin_release_version }}.tgz"
-    dest: "{{ cni_plugin_dir }}"
-    mode: 0640
-  changed_when: false
-  when:
-  - not plugin_release.stat.exists
-
-- name: extract file
+- name: download plugins and extract them
   unarchive:
     remote_src: true
-    src: "{{ cni_plugin_dir }}/cni-plugins-linux-amd64-{{ cni_plugin_release_version }}.tgz"
+    src: "{{ cni_plugin_release_url }}/{{ cni_plugin_release_version }}/cni-plugins-linux-amd64-{{ cni_plugin_release_version }}.tgz"
     dest: "{{ cni_plugin_dir }}"
-  when:
-  - not plugin_release.stat.exists
+    owner: root
+    group: root
+    mode: "0755"
 
 - name: enable container routing through iptables
   ansible.posix.sysctl:
@@ -33,16 +20,7 @@
     value: 1
     reload: true
   with_items:
-  - net.bridge.bridge-nf-call-iptables
-  - net.bridge.bridge-nf-call-arptables
-  - net.bridge.bridge-nf-call-ip6tables
-  become: true
-  ignore_errors: true # https://github.com/geerlingguy/docker-debian10-ansible/issues/2
-
-- name: remove downloaded compressed file
-  file:
-    path: "{{ cni_plugin_dir }}/cni-plugins-linux-amd64-{{ cni_plugin_release_version }}.tgz"
-    state: absent
-  changed_when: false
-  when:
-  - cni_plugin_remove_download
+    - net.bridge.bridge-nf-call-iptables
+    - net.bridge.bridge-nf-call-arptables
+    - net.bridge.bridge-nf-call-ip6tables
+  when: ansible_virtualization_type not in ['docker', 'lxc', 'openvz']