Dev/ansible-role-sonarqube
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore: Better linting.

Browse Source
This commit is contained in:
Laur Ivan 2023-04-29 20:48:33 +02:00
parent 9b42e51137
commit 19a65164f4
16 changed files with 122 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.ansible-lint
View File

@ -1,6 +1,6 @@
---
exclude_paths:
- ./molecule
# - ./molecule
- ./.travis.yml
- ./.github
parseable: true

6
.yamllint
View File

@ -31,3 +31,9 @@ rules:
new-lines:
type: unix
truthy: disable
quoted-strings:
quote-type: any
required: only-when-needed
key-ordering: disable
document-end:
present: false

6
defaults/main.yml
View File

@ -1,8 +1,8 @@
---
## General
sonarqube_image: sonarqube
sonarqube_db_image: postgres
sonarqube_image: "sonarqube"
sonarqube_db_image: "postgres"
sonarqube_http_port: 9000
sonarqube_api_port: 9001
@ -14,7 +14,7 @@ sonarqube_nofile: 131072
sonarqube_nproc: 8192
# Sonarqube paths
sonarqube_root_path: /var/local
sonarqube_root_path: "/var/local"
sonarqube_config_path: "{{ sonarqube_root_path }}/conf/sonarqube"
sonarqube_db_user: "changeme"

30
meta/main.yml
View File

@ -1,25 +1,25 @@
---
galaxy_info:
author: Laur Ivan (laur.ivan@gmail.com)
namespace: laurivan
role_name: sonarqube
description: Sonarqube Role
author: "Laur Ivan (laur.ivan@gmail.com)"
namespace: "laurivan"
role_name: "sonarqube"
description: "Sonarqube Role"
min_ansible_version: "2.4"
min_ansible_container_version: "2.4"
license: MIT
license: "MIT"
galaxy_tags:
- sonarqube
- testing
- security
- "sonarqube"
- "testing"
- "security"
platforms:
- name: Debian
- name: "Debian"
versions:
- bullseye
- buster
- "bullseye"
- "buster"
- name: Ubuntu
- name: "Ubuntu"
versions:
- bionic
- focal
- jammy
- "bionic"
- "focal"
- "jammy"

22
molecule/default/cleanup.yml
View File

@ -1,27 +1,27 @@
---
- name: Clean up
hosts: all
- name: "Clean up"
hosts: "all"
gather_facts: true
tasks:
- name: Load the defaults
- name: "Load the defaults"
ansible.builtin.include_vars:
dir: "../../defaults"
- name: Check if the docker-compose file exists.
- name: "Check if the docker-compose file exists."
ansible.builtin.stat:
path: "{{ sonarqube_config_path | expanduser | realpath }}/docker-compose.yml"
register: docker_compose_file
register: "docker_compose_file"
- name: Remove docker-compose.
- name: "Remove docker-compose."
community.docker.docker_compose:
project_src: "{{ sonarqube_config_path | expanduser | realpath }}/"
build: false
state: absent
when: docker_compose_file.stat.exists
state: "absent"
when: "docker_compose_file.stat.exists"
become: false
- name: Remove the docker-compose file
- name: "Remove the docker-compose file"
ansible.builtin.file:
path: "{{ sonarqube_config_path | expanduser | realpath }}/docker-compose.yml"
state: absent
when: docker_compose_file.stat.exists
state: "absent"
when: "docker_compose_file.stat.exists"

4
molecule/default/converge.yml
View File

@ -1,5 +1,5 @@
---
- name: Converge
hosts: sonarqube_group
- name: "Converge"
hosts: "sonarqube_group"
roles:
- role: "laurivan.sonarqube"

18
molecule/default/destroy.yml
View File

@ -1,27 +1,27 @@
---
- name: Destroy
hosts: localhost
connection: local
- name: "Destroy"
hosts: "localhost"
connection: "local"
gather_facts: false
no_log: "{{ molecule_no_log }}"
tasks:
# Developer must implement.
- name: Remove the docker image
- name: "Remove the docker image"
community.docker.docker_container:
name: sonarqube
state: absent
name: "sonarqube"
state: "absent"
# Mandatory configuration for Molecule to function.
- name: Populate instance config
- name: "Populate instance config"
ansible.builtin.set_fact:
instance_conf: {}
- name: Dump instance config
- name: "Dump instance config"
ansible.builtin.copy:
content: |
# Molecule managed
{{ instance_conf | to_json | from_json | to_yaml }}
dest: "{{ molecule_instance_config }}"
mode: 0600
when: server.changed | default(false) | bool
when: "server.changed | default(false) | bool"

26
molecule/default/molecule.yml
View File

@ -1,37 +1,37 @@
---
dependency:
name: galaxy
name: "galaxy"
options:
ignore-certs: true
ignore-errors: true
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
role-file: "molecule/requirements.yml"
requirements-file: "molecule/requirements.yml"
driver:
name: docker
name: "docker"
lint: |
yamllint .
ansible-lint .
platforms:
- name: sonarqube
- name: "sonarqube"
groups:
- sonarqube_group
- "sonarqube_group"
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
privileged: true
pre_build_image: true
capabilities:
- SYS_ADMIN
- "SYS_ADMIN"
tmpfs:
- /tmp
- /run
- /run/lock
- "/tmp"
- "/run"
- "/run/lock"
volumes:
- '/sys/fs/cgroup:/sys/fs/cgroup:ro'
- '/var/run/docker.sock:/tmp/docker_mounted.sock'
command: '/lib/systemd/systemd'
stop_signal: 'RTMIN+3'
provisioner:
name: ansible
name: "ansible"
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
converge: "${MOLECULE_PLAYBOOK:-converge.yml}"
verifier:
name: ansible
name: "ansible"

32
molecule/default/prepare.yml
View File

@ -1,38 +1,38 @@
---
- name: Setup the test machine
hosts: sonarqube
- name: "Setup the test machine"
hosts: "sonarqube"
tasks:
- name: Check if /var/run/docker.sock already exists
- name: "Check if /var/run/docker.sock already exists"
ansible.builtin.stat:
path: "/var/run/docker.sock"
register: docker_sock_stat
register: "docker_sock_stat"
- name: Create docker.sock
- name: "Create docker.sock"
ansible.builtin.raw: touch /var/run/docker.sock
become: true
changed_when: false
when: not docker_sock_stat.stat.exists
when: "not docker_sock_stat.stat.exists"
- name: Move docker.sock from tmp
- name: "Move docker.sock from tmp"
ansible.builtin.raw: >
mount --move /tmp/docker_mounted.sock /var/run/docker.sock
become: true
changed_when: false
when: not docker_sock_stat.stat.exists
when: "not docker_sock_stat.stat.exists"
- name: Update apt cache.
- name: "Update apt cache."
ansible.builtin.apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
when: "ansible_os_family == 'Debian'"
- name: Install python requests
- name: "Install python requests"
ansible.builtin.pip:
name:
- requests
- docker
- docker-compose
- "requests"
- "docker"
- "docker-compose"
- name: Install docker
- name: "Install docker"
vars:
docker_service_manage: false
ansible.builtin.include_role:
name: geerlingguy.docker
name: "geerlingguy.docker"

2
molecule/default/requirements.yml
View File

@ -1,4 +1,4 @@
---
roles:
- geerlingguy.docker
- "geerlingguy.docker"
collections: []

12
molecule/default/tests/test_app.yml
View File

@ -1,12 +1,6 @@
---
## TODO: Remember to adapt goss tests to your convenience
http:
"http://localhost:{{ sonarqube_http_port }}/":
status: 200
## Check if ports are really exposed
# port:
# # Check port at IPv6
# # https://github.com/aelsabbahy/goss/issues/177
# tcp6:<port>:
# listening: true
# ip:
# - '::'

40
molecule/default/verify.yml
View File

@ -3,57 +3,57 @@
# Tests need distributed to the appropriate ansible host/groups
# prior to execution by `goss validate`.
- name: Verify sonarqube
- name: "Verify sonarqube"
hosts:
- sonarqube
- "sonarqube"
become: true
vars:
goss_version: v0.3.16
goss_arch: amd64
goss_dst: /usr/local/bin/goss
goss_sha256sum: 827e354b48f93bce933f5efcd1f00dc82569c42a179cf2d384b040d8a80bfbfb
goss_version: "v0.3.16"
goss_arch: "amd64"
goss_dst: "/usr/local/bin/goss"
goss_sha256sum: "827e354b48f93bce933f5efcd1f00dc82569c42a179cf2d384b040d8a80bfbfb"
goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
goss_test_directory: /tmp
goss_format: documentation
goss_test_directory: "/tmp"
goss_format: "documentation"
vars_files:
- ../../defaults/main.yml
- "../../defaults/main.yml"
tasks:
- name: Download and install Goss
- name: "Download and install Goss"
get_url:
url: "{{ goss_url }}"
dest: "{{ goss_dst }}"
checksum: "sha256:{{ goss_sha256sum }}"
mode: 0755
register: download_goss
until: download_goss is succeeded
register: "download_goss"
until: "download_goss is succeeded"
retries: 3
- name: Copy Goss tests to remote
- name: "Copy Goss tests to remote"
template:
src: "{{ item }}"
dest: "{{ goss_test_directory }}/{{ item | basename }}"
with_fileglob:
- "tests/test_*.yml"
- name: Register test files
- name: "Register test files"
shell: "ls {{ goss_test_directory }}/test_*.yml"
register: test_files
register: "test_files"
- name: Execute Goss tests
- name: "Execute Goss tests"
command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
register: test_results
register: "test_results"
with_items: "{{ test_files.stdout_lines }}"
ignore_errors: true
- name: Display details about the Goss results
- name: "Display details about the Goss results"
debug:
msg: "{{ item.stdout_lines }}"
with_items: "{{ test_results.results }}"
- name: Fail when tests fail
- name: "Fail when tests fail"
fail:
msg: "Goss failed to validate"
when: item.rc != 0
when: "item.rc != 0"
with_items: "{{ test_results.results }}"

1
sonar-project.properties
View File

@ -2,6 +2,7 @@ sonar.projectKey=ansible-role-sonarqube
sonar.projectVersion=v1.1.4
sonar.projectName=ansible-role-sonarqube
sonar.ansible-lint=.ansible-lint
sonar.language=ansible,yaml
sonar.sources=.
sonar.host.url=http://10.0.0.27:39000

20
tasks/config.yml
View File

@ -1,7 +1,7 @@
---
- name: "SONARQUBE | Set up directories"
ansible.builtin.file:
state: directory
state: "directory"
path: "{{ item }}"
owner: "{{ ansible_effective_user_id }}"
group: "{{ ansible_effective_group_id }}"
@ -9,7 +9,7 @@
with_items:
- "{{ sonarqube_skeleton_paths }}"
tags:
- sonarqube_configure
- "sonarqube_configure"
become: true
- name: "SONARQUBE | Write configuration files"
@ -20,7 +20,7 @@
with_items:
- "{{ sonarqube_configuration_files }}"
tags:
- sonarqube_configure
- "sonarqube_configure"
- name: "SONARQUBE | Set up nofiles and nproc for ansible user"
community.general.pam_limits:
@ -33,20 +33,26 @@
# Type "-" for enforcing both soft and hard resource limits together for more details read `man limits.conf`.
- { limit_type: '-', limit_item: 'nofile', value: "{{ sonarqube_nofile }}" }
- { limit_type: '-', limit_item: 'nproc', value: "{{ sonarqube_nproc }}" }
tags:
- "sonarqube_configure"
become: true
- name: "SONARQUBE | Set up the max files"
ansible.posix.sysctl:
name: fs.file-max
name: "fs.file-max"
value: "{{ sonarqube_fs_file_max }}"
state: present
state: "present"
reload: true
tags:
- "sonarqube_configure"
become: true
- name: "SONARQUBE | Set up the VM max_map_count"
ansible.posix.sysctl:
name: vm.max_map_count
name: "vm.max_map_count"
value: "{{ sonarqube_vm_max_map_count }}"
state: present
state: "present"
reload: true
tags:
- "sonarqube_configure"
become: true

2
tasks/install.yml
View File

@ -4,4 +4,4 @@
project_src: "{{ sonarqube_config_path | expanduser | realpath }}"
build: false
tags:
- sonarqube_install
- "sonarqube_install"

8
tasks/main.yml
View File

@ -1,11 +1,11 @@
---
- name: "SONARQUBE | Configure"
ansible.builtin.import_tasks: config.yml
ansible.builtin.import_tasks: "config.yml"
tags:
- sonarqube_configure
- "sonarqube_configure"
- name: "SONARQUBE | Install"
ansible.builtin.import_tasks: install.yml
ansible.builtin.import_tasks: "install.yml"
tags:
- sonarqube_install
- "sonarqube_install"