diff --git a/.gitignore b/.gitignore index c9b2377..f56f5b5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *.retry -tests/test.sh +*/__pycache__ +*.pyc diff --git a/.travis.yml b/.travis.yml index 07a44c9..a8851b7 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,28 +1,31 @@ --- +language: python services: docker env: - - distro: centos7 - - distro: ubuntu1804 - - distro: ubuntu1604 - - distro: ubuntu1404 - - distro: debian9 - - distro: fedora27 + global: + - ROLE_NAME: docker + matrix: + - MOLECULE_DISTRO: centos7 + - MOLECULE_DISTRO: ubuntu1804 + - MOLECULE_DISTRO: ubuntu1604 + - MOLECULE_DISTRO: ubuntu1404 + - MOLECULE_DISTRO: debian9 + - MOLECULE_DISTRO: fedora27 + +install: + # Install test dependencies. + - pip install molecule docker + +before_script: + # Use actual Ansible Galaxy role name for the project directory. + - cd ../ + - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME + - cd geerlingguy.$ROLE_NAME script: - # Configure test script so we can run extra tests after playbook is run. - - export container_id=$(date +%s) - - export cleanup=false - - # Download test shim. - - wget -O ${PWD}/tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/ - - chmod +x ${PWD}/tests/test.sh - # Run tests. - - ${PWD}/tests/test.sh - - # Test whether Docker is running correctly (Dockerception!). - - docker exec --tty ${container_id} docker run hello-world + - molecule test notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/README.md b/README.md index 8b0755f..9a49840 100644 --- a/README.md +++ b/README.md @@ -22,12 +22,12 @@ The `docker_edition` should be either `ce` (Community Edition) or `ee` (Enterpri You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_package_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play). docker_service_state: started - docker_service_enabled: yes + docker_service_enabled: true docker_restart_handler_state: restarted Variables to control the state of the `docker` service, and whether it should start on boot. If you're installing Docker inside a Docker container without systemd or sysvinit, you should set these to `stopped` and set the enabled variable to `no`. - docker_install_compose: True + docker_install_compose: true docker_compose_version: "1.22.0" docker_compose_path: /usr/local/bin/docker-compose diff --git a/defaults/main.yml b/defaults/main.yml index c12e9e9..2bcb620 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -6,11 +6,11 @@ docker_package_state: present # Service options. docker_service_state: started -docker_service_enabled: yes +docker_service_enabled: true docker_restart_handler_state: restarted # Docker Compose options. -docker_install_compose: True +docker_install_compose: true docker_compose_version: "1.22.0" docker_compose_path: /usr/local/bin/docker-compose @@ -18,7 +18,7 @@ docker_compose_path: /usr/local/bin/docker-compose docker_apt_release_channel: stable docker_apt_arch: amd64 docker_apt_repository: "deb [arch={{ docker_apt_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}" -docker_apt_ignore_key_error: True +docker_apt_ignore_key_error: true # Used only for RedHat/CentOS/Fedora. docker_yum_repo_url: https://download.docker.com/linux/{{ (ansible_distribution == "Fedora") | ternary("fedora","centos") }}/docker-{{ docker_edition }}.repo diff --git a/meta/main.yml b/meta/main.yml index 939d881..0dfa4cd 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -8,21 +8,22 @@ galaxy_info: license: "license (BSD, MIT)" min_ansible_version: 2.4 platforms: - - name: EL - versions: - - 6 - - 7 - - name: Fedora - versions: - - all - - name: Debian - versions: - - jessie - - name: Ubuntu - versions: - - trusty - - xenial - - bionic + - name: EL + versions: + - 6 + - 7 + - name: Fedora + versions: + - all + - name: Debian + versions: + - jessie + - stretch + - name: Ubuntu + versions: + - trusty + - xenial + - bionic galaxy_tags: - web - system diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml new file mode 100644 index 0000000..2ca6fea --- /dev/null +++ b/molecule/default/molecule.yml @@ -0,0 +1,29 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint + options: + config-file: molecule/default/yaml-lint.yml +platforms: + - name: instance + image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + privileged: true + pre_build_image: true +provisioner: + name: ansible + lint: + name: ansible-lint + playbooks: + converge: ${MOLECULE_PLAYBOOK:-playbook.yml} +scenario: + name: default +verifier: + name: testinfra + lint: + name: flake8 diff --git a/tests/test.yml b/molecule/default/playbook.yml similarity index 56% rename from tests/test.yml rename to molecule/default/playbook.yml index cdbbb3f..dad331d 100644 --- a/tests/test.yml +++ b/molecule/default/playbook.yml @@ -1,13 +1,12 @@ --- -- hosts: all +- name: Converge + hosts: all + become: true pre_tasks: - name: Update apt cache. apt: update_cache=yes cache_valid_time=600 when: ansible_os_family == 'Debian' - - name: Install test dependencies. - package: name=curl state=present - roles: - - role_under_test + - role: geerlingguy.docker diff --git a/molecule/default/yaml-lint.yml b/molecule/default/yaml-lint.yml new file mode 100644 index 0000000..7aeec5a --- /dev/null +++ b/molecule/default/yaml-lint.yml @@ -0,0 +1,6 @@ +--- +extends: default +rules: + line-length: + max: 200 + level: warning diff --git a/tasks/docker-1809-shim.yml b/tasks/docker-1809-shim.yml new file mode 100644 index 0000000..286254b --- /dev/null +++ b/tasks/docker-1809-shim.yml @@ -0,0 +1,16 @@ +--- +- name: Ensure containerd service dir exists. + file: + path: /etc/systemd/system/containerd.service.d + state: directory + +- name: Add shim to ensure Docker can start in all environments. + template: + src: override.conf.j2 + dest: /etc/systemd/system/containerd.service.d/override.conf + register: override_template + +- name: Reload systemd daemon if template is changed. + systemd: + daemon_reload: true + when: override_template is changed diff --git a/tasks/docker-users.yml b/tasks/docker-users.yml index afebd9a..b3b6e0f 100644 --- a/tasks/docker-users.yml +++ b/tasks/docker-users.yml @@ -3,5 +3,5 @@ user: name: "{{ item }}" groups: docker - append: yes + append: true with_items: "{{ docker_users }}" diff --git a/tasks/main.yml b/tasks/main.yml index e945329..f248279 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -11,36 +11,9 @@ state: "{{ docker_package_state }}" notify: restart docker -- name: enable remote docker access - block: - - name: add docker.service.d/override.conf override - copy: - dest: /etc/systemd/system/docker.service.d/startup_options.conf - content: | - # /etc/systemd/system/docker.service.d/override.conf - [Service] - ExecStart= - ExecStart=/usr/bin/dockerd -H fd:// -H tcp://0.0.0.0:2375 - register: docker_override - - - name: reload docker daemon - systemd: - daemon_reload: yes - when: docker_override is changed - - - name: restart docker service - service: - name: docker - state: restarted - daemon_reload: yes - when: docker_override is changed - - when: ( - docker_remote_access is defined - ) and ( - ( docker_remote_access ) - ) - +# TODO: Remove this shim once 18.09.1 or later is released. +- import_tasks: docker-1809-shim.yml + when: ansible_service_mgr == 'systemd' - name: Ensure Docker is started and enabled at boot. service: diff --git a/tasks/setup-Debian.yml b/tasks/setup-Debian.yml index 312de84..23a49ae 100644 --- a/tasks/setup-Debian.yml +++ b/tasks/setup-Debian.yml @@ -1,11 +1,10 @@ --- - name: Ensure old versions of Docker are not installed. package: - name: '{{ item }}' + name: + - docker + - docker-engine state: absent - with_items: - - docker - - docker-engine - name: Ensure dependencies are installed. apt: @@ -29,11 +28,11 @@ - name: Add Docker apt key (alternative for older systems without SNI). shell: "curl -sSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -" args: - warn: no + warn: false when: add_repository_key is failed - name: Add Docker repository. apt_repository: repo: "{{ docker_apt_repository }}" state: present - update_cache: yes + update_cache: true diff --git a/tasks/setup-RedHat.yml b/tasks/setup-RedHat.yml index 1d44e7b..0cd1a50 100644 --- a/tasks/setup-RedHat.yml +++ b/tasks/setup-RedHat.yml @@ -1,12 +1,11 @@ --- - name: Ensure old versions of Docker are not installed. package: - name: '{{ item }}' + name: + - docker + - docker-common + - docker-engine state: absent - with_items: - - docker - - docker-common - - docker-engine - name: Add Docker GPG key. rpm_key: diff --git a/templates/override.conf.j2 b/templates/override.conf.j2 new file mode 100644 index 0000000..adab53c --- /dev/null +++ b/templates/override.conf.j2 @@ -0,0 +1,3 @@ +# {{ ansible_managed }} +[Service] +ExecStartPre= diff --git a/tests/README.md b/tests/README.md deleted file mode 100644 index 6fb2117..0000000 --- a/tests/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Ansible Role tests - -To run the test playbook(s) in this directory: - - 1. Install and start Docker. - 1. Download the test shim (see .travis.yml file for the URL) into `tests/test.sh`: - - `wget -O tests/test.sh https://gist.githubusercontent.com/geerlingguy/73ef1e5ee45d8694570f334be385e181/raw/` - 1. Make the test shim executable: `chmod +x tests/test.sh`. - 1. Run (from the role root directory) `distro=[distro] playbook=[playbook] ./tests/test.sh` - -If you don't want the container to be automatically deleted after the test playbook is run, add the following environment variables: `cleanup=false container_id=$(date +%s)`