feat: Initial commit.
This commit is contained in:
commit
5d138edb0b
10
.ansible-lint
Normal file
10
.ansible-lint
Normal file
@ -0,0 +1,10 @@
|
||||
---
|
||||
exclude_paths:
|
||||
- ./molecule
|
||||
- ./.travis.yml
|
||||
- ./.github
|
||||
parseable: true
|
||||
skip_list:
|
||||
- '204'
|
||||
use_default_rules: true
|
||||
verbosity: 1
|
3
.gitattributes
vendored
Normal file
3
.gitattributes
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*.yml linguist-detectable=true
|
||||
*.yaml linguist-detectable=true
|
||||
*.html linguist-detectable=false
|
2
.github/FUNDING.yml
vendored
Normal file
2
.github/FUNDING.yml
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
github: equinoxel
|
||||
patreon: laurivan
|
49
.github/ISSUE_TEMPLATE/bug_report.md
vendored
Normal file
49
.github/ISSUE_TEMPLATE/bug_report.md
vendored
Normal file
@ -0,0 +1,49 @@
|
||||
---
|
||||
name: Bug report
|
||||
about: Create a report to help us improve
|
||||
title: "[BUG]"
|
||||
labels: bug
|
||||
assignees: ''
|
||||
|
||||
---
|
||||
|
||||
<!--
|
||||
PREREQUISITES
|
||||
|
||||
Have you read Idealista's Code of Conduct? By filling an Issue, you are expected to comply with it,
|
||||
including treating everyone with respect: https://github.com/idealista/idealista/blob/master/CODE_OF_CONDUCT.md
|
||||
|
||||
Check that your issue isn't already filled: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aidealista
|
||||
|
||||
Check that there is not already provided the described functionality
|
||||
-->
|
||||
|
||||
### Description
|
||||
|
||||
[Description of the issue]
|
||||
|
||||
### Steps to Reproduce
|
||||
|
||||
1. [First Step]
|
||||
2. [Second Step]
|
||||
3. [and so on...]
|
||||
|
||||
**Expected behavior:**
|
||||
[What you expect to happen]
|
||||
|
||||
**Actual behavior:**
|
||||
[What actually happens]
|
||||
|
||||
**Reproduces how often:**
|
||||
[What percentage of the time does it reproduce?]
|
||||
|
||||
### Environment
|
||||
|
||||
- The release version/s you are using:
|
||||
- OS:
|
||||
- Ansible Version:
|
||||
- Python Version:
|
||||
- Others:
|
||||
### Additional Information
|
||||
|
||||
[Any additional information, configuration or data that might be necessary to reproduce the issue.]
|
3
.github/ISSUE_TEMPLATE/config.yml
vendored
Normal file
3
.github/ISSUE_TEMPLATE/config.yml
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
---
|
||||
|
||||
blank_issues_enabled: false
|
31
.github/ISSUE_TEMPLATE/feature_request.md
vendored
Normal file
31
.github/ISSUE_TEMPLATE/feature_request.md
vendored
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
name: Feature request
|
||||
about: Suggest an idea for this project
|
||||
title: "[FEATURE]"
|
||||
labels: enhancement
|
||||
assignees: ''
|
||||
|
||||
---
|
||||
|
||||
<!--
|
||||
PREREQUISITES
|
||||
|
||||
Have you read Idealista's Code of Conduct? By filling an Issue, you are expected to comply with it,
|
||||
including treating everyone with respect: https://github.com/idealista/idealista/blob/master/CODE_OF_CONDUCT.md
|
||||
|
||||
Check that your issue isn't already filled: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aidealista
|
||||
|
||||
Check that there is not already provided the described functionality
|
||||
-->
|
||||
|
||||
### Description
|
||||
|
||||
[Description of the issue]
|
||||
|
||||
### Why is this needed?
|
||||
|
||||
[A clear and concise description of why do you think this is needed]
|
||||
|
||||
### Additional Information
|
||||
|
||||
[Any additional information, configuration or data.]
|
27
.github/ISSUE_TEMPLATE/refactor.md
vendored
Normal file
27
.github/ISSUE_TEMPLATE/refactor.md
vendored
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
name: Refactor
|
||||
about: Found anything to refactor in this project?
|
||||
title: "[REFACTOR]"
|
||||
labels: clean-up
|
||||
assignees: ''
|
||||
|
||||
---
|
||||
|
||||
<!--
|
||||
PREREQUISITES
|
||||
|
||||
Have you read Idealista's Code of Conduct? By filling an Issue, you are expected to comply with it,
|
||||
including treating everyone with respect: https://github.com/idealista/idealista/blob/master/CODE_OF_CONDUCT.md
|
||||
|
||||
Check that your issue isn't already filled: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aidealista
|
||||
|
||||
Check that there is not already provided the described functionality
|
||||
-->
|
||||
|
||||
### Description
|
||||
|
||||
[Description of the issue]
|
||||
|
||||
### Link/s to the specific code that needs a refactor (if applicable)
|
||||
|
||||
[Links]
|
27
.github/ISSUE_TEMPLATE/support_request.md
vendored
Normal file
27
.github/ISSUE_TEMPLATE/support_request.md
vendored
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
name: Support Request
|
||||
about: Support request or question about this project
|
||||
title: "[SUPPORT]"
|
||||
labels: question
|
||||
assignees: ''
|
||||
|
||||
---
|
||||
|
||||
<!--
|
||||
PREREQUISITES
|
||||
|
||||
Have you read Idealista's Code of Conduct? By filling an Issue, you are expected to comply with it,
|
||||
including treating everyone with respect: https://github.com/idealista/idealista/blob/master/CODE_OF_CONDUCT.md
|
||||
|
||||
Check that your issue isn't already filled: https://github.com/issues?utf8=✓&q=is%3Aissue+user%3Aidealista
|
||||
|
||||
Check that there is not already provided the described functionality
|
||||
-->
|
||||
|
||||
### Description
|
||||
|
||||
[Description of the issue]
|
||||
|
||||
### Additional Information
|
||||
|
||||
Any additional information, configuration or data that might be necessary to reproduce the issue.
|
33
.github/stale.yml
vendored
Normal file
33
.github/stale.yml
vendored
Normal file
@ -0,0 +1,33 @@
|
||||
---
|
||||
issues:
|
||||
# Number of days of inactivity before an issue becomes stale
|
||||
daysUntilStale: 90
|
||||
# Number of days of inactivity before a stale issue is closed
|
||||
daysUntilClose: 7
|
||||
# Issues with these labels will never be considered stale
|
||||
exemptLabels:
|
||||
- "pinned"
|
||||
- "security"
|
||||
- "good first issue"
|
||||
# Label to use when marking an issue as stale
|
||||
staleLabel: wontfix
|
||||
# Comment to post when marking an issue as stale. Set to `false` to disable
|
||||
markComment: >
|
||||
This issue has been automatically marked as stale because it has not had
|
||||
recent activity. It will be closed if no further activity occurs. Thank you
|
||||
for your contributions.
|
||||
# Comment to post when closing a stale issue. Set to `false` to disable
|
||||
closeComment: false
|
||||
|
||||
pulls:
|
||||
# Number of days of inactivity before a pull request becomes stale
|
||||
daysUntilStale: 90
|
||||
# Number of days of inactivity before a stale pull request is closed
|
||||
daysUntilClose: 7
|
||||
# Comment to post when marking a pull request as stale. Set to `false` to disable
|
||||
markComment: >
|
||||
This pull request has been automatically marked as stale because it has not had
|
||||
recent activity. It will be closed if no further activity occurs. Thank you
|
||||
for your contributions.
|
||||
# Comment to post when closing a stale pull request. Set to `false` to disable
|
||||
closeComment: false
|
15
.gitignore
vendored
Normal file
15
.gitignore
vendored
Normal file
@ -0,0 +1,15 @@
|
||||
|
||||
tests/playbook.retry
|
||||
tests/.cache
|
||||
__pycache__
|
||||
.pytest_cache
|
||||
.molecule
|
||||
.cache
|
||||
.venv
|
||||
|
||||
*.iml
|
||||
.idea
|
||||
.project
|
||||
|
||||
*.pyc
|
||||
**/.vscode
|
25
.travis.yml
Normal file
25
.travis.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
dist: xenial
|
||||
language: python
|
||||
python: "3.9"
|
||||
os: linux
|
||||
services:
|
||||
- docker
|
||||
install:
|
||||
- pip install -I pipenv
|
||||
- pipenv sync
|
||||
env:
|
||||
jobs:
|
||||
- MOLECULE_DISTRO=debian:buster-slim
|
||||
- MOLECULE_DISTRO=debian:bullseye-slim
|
||||
script:
|
||||
- pipenv run molecule test --all
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
||||
email:
|
||||
if: branch = main
|
||||
on_success: change
|
||||
on_failure: always
|
||||
recipients:
|
||||
- laur.ivan@gmail.com
|
33
.yamllint
Normal file
33
.yamllint
Normal file
@ -0,0 +1,33 @@
|
||||
---
|
||||
# Based on ansible-lint config
|
||||
extends: default
|
||||
|
||||
ignore: |
|
||||
molecule/**/tests/
|
||||
.venv
|
||||
.github
|
||||
.travis.yml
|
||||
|
||||
rules:
|
||||
braces:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
brackets:
|
||||
max-spaces-inside: 1
|
||||
level: error
|
||||
colons:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
commas:
|
||||
max-spaces-after: -1
|
||||
level: error
|
||||
empty-lines:
|
||||
max: 3
|
||||
level: error
|
||||
hyphens:
|
||||
level: error
|
||||
key-duplicates: enable
|
||||
line-length: disable
|
||||
new-lines:
|
||||
type: unix
|
||||
truthy: disable
|
18
CHANGELOG.md
Normal file
18
CHANGELOG.md
Normal file
@ -0,0 +1,18 @@
|
||||
# Change Log
|
||||
|
||||
All notable changes to this project will be documented in this file.
|
||||
This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a changelog](https://github.com/olivierlacan/keep-a-changelog).
|
||||
|
||||
## [Unreleased](https://github.com/equinoxel/ansible-role-sonarqube/tree/develop)
|
||||
### Changed
|
||||
### Added
|
||||
### Removed
|
||||
### Fixed
|
||||
|
||||
## [X.Y.Z](https://github.com/equinoxel/ansible-role-sonarqube/tree/X.Y.Z)
|
||||
### [Full Changelog](https://github.com/equinoxel/ansible-role-sonarqube/compare/1.0.0...X.Y.Z)
|
||||
### Changed
|
||||
*[#<issue_number>](https://github.com/equinoxel/ansible-role-sonarqube/issues/<issue_number>) \<Change description\>* @\<author\>
|
||||
|
||||
## [1.0.0](https://github.com/equinoxel/ansible-role-sonarqube/tree/1.0.0)
|
||||
- Initial release
|
10
LICENSE
Normal file
10
LICENSE
Normal file
@ -0,0 +1,10 @@
|
||||
The MIT License (MIT)
|
||||
=====================
|
||||
|
||||
Copyright © 2023 Laur IVAN
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
47
README.md
Normal file
47
README.md
Normal file
@ -0,0 +1,47 @@
|
||||
# Sonarqube Ansible role
|
||||
|
||||
This role installs Sonarqube via Docker compose.
|
||||
|
||||
## Requirements
|
||||
|
||||
None
|
||||
|
||||
## Role Variables
|
||||
|
||||
All variables are listed below (see also `defaults/main.yml`).
|
||||
|
||||
```yml
|
||||
---
|
||||
```
|
||||
|
||||
## Dependencies
|
||||
|
||||
You need a machine with docker and docker-compose installed.
|
||||
|
||||
## Example Playbook
|
||||
|
||||
```yml
|
||||
- hosts: servers
|
||||
roles:
|
||||
- 'laurivan.Sonarqube'
|
||||
```
|
||||
|
||||
## License
|
||||
|
||||
This project is licensed under the [MIT](https://opensource.org/licenses/MIT) license - see the [LICENSE](LICENSE) file for details.
|
||||
|
||||
![MIT License](https://img.shields.io/badge/license-MIT%20License-brightgreen)
|
||||
|
||||
## Author Information
|
||||
|
||||
This role was created in 2023 by [Laur Ivan](https://www.laurivan.com).
|
||||
|
||||
## Built With
|
||||
|
||||
![Ansible](https://img.shields.io/badge/ansible-5.2.0-green.svg)
|
||||
![Molecule](https://img.shields.io/badge/molecule-3.4.0-green.svg)
|
||||
![Goss](https://img.shields.io/badge/goss-0.3.16-green.svg)
|
||||
|
||||
## Contributing
|
||||
|
||||
Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct, and the process for submitting pull requests to us.
|
44
defaults/main.yml
Normal file
44
defaults/main.yml
Normal file
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
## General
|
||||
sonarqube_image: sonarqube:latest
|
||||
|
||||
sonarqube_http_port: 3000
|
||||
|
||||
# Sonarqube paths
|
||||
sonarqube_root_path: /var/local
|
||||
# sonarqube_data_base: "{{ sonarqube_root_path }}/sonarqube"
|
||||
sonarqube_config_path: "{{ sonarqube_root_path }}/conf/sonarqube"
|
||||
|
||||
# sonarqube_data_volume: "{{ sonarqube_data_base }}/data"
|
||||
# sonarqube_conf_volume: "{{ sonarqube_data_base }}/conf"
|
||||
# sonarqube_logs_volume: "{{ sonarqube_data_base }}/logs"
|
||||
# sonarqube_extensions_volume: "{{ sonarqube_data_base }}/extensions"
|
||||
# sonarqube_bundled_plugins_volume: "{{ sonarqube_data_base }}/bundled_plugins"
|
||||
|
||||
# sonarqube_db_volume: "{{ sonarqube_data_base }}/posgresql/db"
|
||||
# sonarqube_db_data_volume: "{{ sonarqube_data_base }}/posgresql/data"
|
||||
|
||||
sonarqube_db_user: "changeme"
|
||||
sonarqube_db_password: "changeme"
|
||||
|
||||
# Add other paths here to make sure they're created automatically
|
||||
#
|
||||
sonarqube_skeleton_paths:
|
||||
- "{{ sonarqube_config_path }}"
|
||||
# - "{{ sonarqube_data_volume }}"
|
||||
# - "{{ sonarqube_conf_volume }}"
|
||||
# - "{{ sonarqube_logs_volume }}"
|
||||
# - "{{ sonarqube_extensions_volume }}"
|
||||
# - "{{ sonarqube_bundled_plugins_volume }}"
|
||||
# - "{{ sonarqube_db_volume }}"
|
||||
# - "{{ sonarqube_db_data_volume }}"
|
||||
|
||||
# Add more templates to be copied into the config
|
||||
sonarqube_configuration_files:
|
||||
- "docker-compose.yml"
|
||||
- "env.sonarqube.conf"
|
||||
- "env.db.conf"
|
||||
|
||||
# Documentation
|
||||
sonarqube_documentation_link: "https://www.laurivan.com"
|
2
handlers/main.yml
Normal file
2
handlers/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
---
|
||||
# Handlers for sonarqube
|
25
meta/main.yml
Normal file
25
meta/main.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
|
||||
galaxy_info:
|
||||
author: Laur Ivan (laur.ivan@gmail.com)
|
||||
namespace: laurivan
|
||||
role_name: sonarqube
|
||||
description: Sonarqube Role
|
||||
min_ansible_version: "2.4"
|
||||
min_ansible_container_version: "2.4"
|
||||
license: MIT
|
||||
galaxy_tags:
|
||||
- sonarqube
|
||||
- testing
|
||||
- security
|
||||
platforms:
|
||||
- name: Debian
|
||||
versions:
|
||||
- bullseye
|
||||
- buster
|
||||
|
||||
- name: Ubuntu
|
||||
versions:
|
||||
- bionic
|
||||
- focal
|
||||
- jammy
|
27
molecule/default/cleanup.yml
Normal file
27
molecule/default/cleanup.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
- name: Clean up
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
tasks:
|
||||
- name: Load the defaults
|
||||
ansible.builtin.include_vars:
|
||||
dir: "../../defaults"
|
||||
|
||||
- name: Check if the docker-compose file exists.
|
||||
ansible.builtin.stat:
|
||||
path: "{{ sonarqube_config_path | expanduser | realpath }}/docker-compose.yml"
|
||||
register: docker_compose_file
|
||||
|
||||
- name: Remove docker-compose.
|
||||
community.docker.docker_compose:
|
||||
project_src: "{{ sonarqube_config_path | expanduser | realpath }}/"
|
||||
build: false
|
||||
state: absent
|
||||
when: docker_compose_file.stat.exists
|
||||
become: false
|
||||
|
||||
- name: Remove the docker-compose file
|
||||
ansible.builtin.file:
|
||||
path: "{{ sonarqube_config_path | expanduser | realpath }}/docker-compose.yml"
|
||||
state: absent
|
||||
when: docker_compose_file.stat.exists
|
5
molecule/default/converge.yml
Normal file
5
molecule/default/converge.yml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: Converge
|
||||
hosts: sonarqube_group
|
||||
roles:
|
||||
- role: "laurivan.sonarqube"
|
27
molecule/default/destroy.yml
Normal file
27
molecule/default/destroy.yml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
- name: Destroy
|
||||
hosts: localhost
|
||||
connection: local
|
||||
gather_facts: false
|
||||
no_log: "{{ molecule_no_log }}"
|
||||
tasks:
|
||||
# Developer must implement.
|
||||
- name: Remove the docker image
|
||||
community.docker.docker_container:
|
||||
name: sonarqube
|
||||
state: absent
|
||||
|
||||
# Mandatory configuration for Molecule to function.
|
||||
|
||||
- name: Populate instance config
|
||||
ansible.builtin.set_fact:
|
||||
instance_conf: {}
|
||||
|
||||
- name: Dump instance config
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
# Molecule managed
|
||||
{{ instance_conf | to_json | from_json | to_yaml }}
|
||||
dest: "{{ molecule_instance_config }}"
|
||||
mode: 0600
|
||||
when: server.changed | default(false) | bool
|
37
molecule/default/molecule.yml
Normal file
37
molecule/default/molecule.yml
Normal file
@ -0,0 +1,37 @@
|
||||
---
|
||||
dependency:
|
||||
name: galaxy
|
||||
options:
|
||||
ignore-certs: true
|
||||
ignore-errors: true
|
||||
role-file: molecule/requirements.yml
|
||||
requirements-file: molecule/requirements.yml
|
||||
driver:
|
||||
name: docker
|
||||
lint: |
|
||||
yamllint .
|
||||
ansible-lint .
|
||||
platforms:
|
||||
- name: sonarqube
|
||||
groups:
|
||||
- sonarqube_group
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
privileged: true
|
||||
pre_build_image: true
|
||||
capabilities:
|
||||
- SYS_ADMIN
|
||||
tmpfs:
|
||||
- /tmp
|
||||
- /run
|
||||
- /run/lock
|
||||
volumes:
|
||||
- '/sys/fs/cgroup:/sys/fs/cgroup:ro'
|
||||
- '/var/run/docker.sock:/tmp/docker_mounted.sock'
|
||||
command: '/lib/systemd/systemd'
|
||||
stop_signal: 'RTMIN+3'
|
||||
provisioner:
|
||||
name: ansible
|
||||
playbooks:
|
||||
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
|
||||
verifier:
|
||||
name: ansible
|
38
molecule/default/prepare.yml
Normal file
38
molecule/default/prepare.yml
Normal file
@ -0,0 +1,38 @@
|
||||
---
|
||||
- name: Setup the test machine
|
||||
hosts: sonarqube
|
||||
tasks:
|
||||
- name: Check if /var/run/docker.sock already exists
|
||||
ansible.builtin.stat:
|
||||
path: "/var/run/docker.sock"
|
||||
register: docker_sock_stat
|
||||
|
||||
- name: Create docker.sock
|
||||
ansible.builtin.raw: touch /var/run/docker.sock
|
||||
become: true
|
||||
changed_when: false
|
||||
when: not docker_sock_stat.stat.exists
|
||||
|
||||
- name: Move docker.sock from tmp
|
||||
ansible.builtin.raw: >
|
||||
mount --move /tmp/docker_mounted.sock /var/run/docker.sock
|
||||
become: true
|
||||
changed_when: false
|
||||
when: not docker_sock_stat.stat.exists
|
||||
|
||||
- name: Update apt cache.
|
||||
ansible.builtin.apt: update_cache=yes cache_valid_time=600
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Install python requests
|
||||
ansible.builtin.pip:
|
||||
name:
|
||||
- requests
|
||||
- docker
|
||||
- docker-compose
|
||||
|
||||
- name: Install docker
|
||||
vars:
|
||||
docker_service_manage: false
|
||||
ansible.builtin.include_role:
|
||||
name: geerlingguy.docker
|
4
molecule/default/requirements.yml
Normal file
4
molecule/default/requirements.yml
Normal file
@ -0,0 +1,4 @@
|
||||
---
|
||||
roles:
|
||||
- geerlingguy.docker
|
||||
collections: []
|
12
molecule/default/tests/test_app.yml
Normal file
12
molecule/default/tests/test_app.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
## TODO: Remember to adapt goss tests to your convenience
|
||||
|
||||
|
||||
## Check if ports are really exposed
|
||||
# port:
|
||||
# # Check port at IPv6
|
||||
# # https://github.com/aelsabbahy/goss/issues/177
|
||||
# tcp6:<port>:
|
||||
# listening: true
|
||||
# ip:
|
||||
# - '::'
|
59
molecule/default/verify.yml
Normal file
59
molecule/default/verify.yml
Normal file
@ -0,0 +1,59 @@
|
||||
---
|
||||
# This is an example playbook to execute goss tests.
|
||||
# Tests need distributed to the appropriate ansible host/groups
|
||||
# prior to execution by `goss validate`.
|
||||
|
||||
- name: Verify sonarqube
|
||||
hosts:
|
||||
- sonarqube
|
||||
become: true
|
||||
vars:
|
||||
goss_version: v0.3.16
|
||||
goss_arch: amd64
|
||||
goss_dst: /usr/local/bin/goss
|
||||
goss_sha256sum: 827e354b48f93bce933f5efcd1f00dc82569c42a179cf2d384b040d8a80bfbfb
|
||||
goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
|
||||
goss_test_directory: /tmp
|
||||
goss_format: documentation
|
||||
|
||||
vars_files:
|
||||
- ../../defaults/main.yml
|
||||
|
||||
tasks:
|
||||
- name: Download and install Goss
|
||||
get_url:
|
||||
url: "{{ goss_url }}"
|
||||
dest: "{{ goss_dst }}"
|
||||
checksum: "sha256:{{ goss_sha256sum }}"
|
||||
mode: 0755
|
||||
register: download_goss
|
||||
until: download_goss is succeeded
|
||||
retries: 3
|
||||
|
||||
- name: Copy Goss tests to remote
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ goss_test_directory }}/{{ item | basename }}"
|
||||
with_fileglob:
|
||||
- "tests/test_*.yml"
|
||||
|
||||
- name: Register test files
|
||||
shell: "ls {{ goss_test_directory }}/test_*.yml"
|
||||
register: test_files
|
||||
|
||||
- name: Execute Goss tests
|
||||
command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
|
||||
register: test_results
|
||||
with_items: "{{ test_files.stdout_lines }}"
|
||||
ignore_errors: true
|
||||
|
||||
- name: Display details about the Goss results
|
||||
debug:
|
||||
msg: "{{ item.stdout_lines }}"
|
||||
with_items: "{{ test_results.results }}"
|
||||
|
||||
- name: Fail when tests fail
|
||||
fail:
|
||||
msg: "Goss failed to validate"
|
||||
when: item.rc != 0
|
||||
with_items: "{{ test_results.results }}"
|
23
tasks/config.yml
Normal file
23
tasks/config.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
- name: "SONARQUBE | Set up directories"
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: "{{ item }}"
|
||||
owner: "{{ ansible_effective_user_id }}"
|
||||
group: "{{ ansible_effective_group_id }}"
|
||||
mode: "0750"
|
||||
with_items:
|
||||
- "{{ sonarqube_skeleton_paths }}"
|
||||
tags:
|
||||
- sonarqube_configure
|
||||
become: true
|
||||
|
||||
- name: "SONARQUBE | Write configuration files"
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}.j2"
|
||||
dest: "{{ sonarqube_config_path | expanduser | realpath }}/{{ item }}"
|
||||
mode: '0640'
|
||||
with_items:
|
||||
- "{{ sonarqube_configuration_files }}"
|
||||
tags:
|
||||
- sonarqube_configure
|
7
tasks/install.yml
Normal file
7
tasks/install.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: "SONARQUBE | Ensure sonarqube is running"
|
||||
community.docker.docker_compose:
|
||||
project_src: "{{ sonarqube_config_path | expanduser | realpath }}"
|
||||
build: false
|
||||
tags:
|
||||
- sonarqube_install
|
11
tasks/main.yml
Normal file
11
tasks/main.yml
Normal file
@ -0,0 +1,11 @@
|
||||
---
|
||||
|
||||
- name: "SONARQUBE | Configure"
|
||||
ansible.builtin.import_tasks: config.yml
|
||||
tags:
|
||||
- sonarqube_configure
|
||||
|
||||
- name: "SONARQUBE | Install"
|
||||
ansible.builtin.import_tasks: install.yml
|
||||
tags:
|
||||
- sonarqube_install
|
43
templates/docker-compose.yml.j2
Normal file
43
templates/docker-compose.yml.j2
Normal file
@ -0,0 +1,43 @@
|
||||
# sonarqube docker compose
|
||||
version: '3.9'
|
||||
services:
|
||||
sonarqube:
|
||||
image: "{{ sonarqube_image }}"
|
||||
container_name: sonarqube-service
|
||||
restart: always
|
||||
env_file:
|
||||
- "{{ sonarqube_config_path | expanduser }}/env.sonarqube.conf"
|
||||
ports:
|
||||
- "{{ sonarqube_http_port }}"
|
||||
# Add more ports if necessary
|
||||
networks:
|
||||
- sonarqube-net
|
||||
# optional
|
||||
volumes:
|
||||
- sonarqube_conf:/opt/sonarqube/conf
|
||||
- sonarqube_data:/opt/sonarqube/data
|
||||
- sonarqube_extensions:/opt/sonarqube/extensions
|
||||
- sonarqube_bundled-plugins:/opt/sonarqube/lib/bundled-plugins
|
||||
depends_on:
|
||||
- db
|
||||
|
||||
db:
|
||||
image: postgres:12
|
||||
container_name: sonarqube-db
|
||||
restart: always
|
||||
env_file:
|
||||
- "{{ sonarqube_config_path | expanduser }}/env.db.conf"
|
||||
volumes:
|
||||
- sonarqube_db:/var/lib/postgresql
|
||||
- postgresql_data:/var/lib/postgresql/data
|
||||
|
||||
volumes:
|
||||
postgresql_data:
|
||||
sonarqube_bundled-plugins:
|
||||
sonarqube_conf:
|
||||
sonarqube_data:
|
||||
sonarqube_db:
|
||||
sonarqube_extensions:
|
||||
|
||||
networks:
|
||||
sonarqube-net: {}
|
4
templates/env.db.conf.j2
Normal file
4
templates/env.db.conf.j2
Normal file
@ -0,0 +1,4 @@
|
||||
# Database configuration
|
||||
POSTGRES_USER={{ sonarqube_db_user }}
|
||||
POSTGRES_PASSWORD={{ sonarqube_db_password }}
|
||||
POSTGRES_DB=sonarqube
|
5
templates/env.sonarqube.conf.j2
Normal file
5
templates/env.sonarqube.conf.j2
Normal file
@ -0,0 +1,5 @@
|
||||
# Add environment variables for sonarqube here
|
||||
# Note: This is a .ini file format
|
||||
SONAR_JDBC_URL=jdbc:postgresql://db:5432/sonarqube
|
||||
SONAR_JDBC_USERNAME={{ sonarqube_db_user }}
|
||||
SONAR_JDBC_PASSWORD={{ sonarqube_db_password }}
|
6
test-requirements.txt
Normal file
6
test-requirements.txt
Normal file
@ -0,0 +1,6 @@
|
||||
ansible==7.2.0
|
||||
molecule==4.0.4
|
||||
docker==6.0.1
|
||||
molecule-docker==2.1.0
|
||||
ansible-lint==6.14.4
|
||||
yamllint==1.30.0
|
Loading…
Reference in New Issue
Block a user