From 3466fdc891fd128a2a22cbec27914ac7705d9b05 Mon Sep 17 00:00:00 2001 From: Dale Anderson Date: Thu, 30 May 2024 10:27:25 -0700 Subject: [PATCH 1/5] Fix yamllint costmetic issues --- meta/main.yml | 14 +++++----- molecule/default/prepare.yml | 3 +- molecule/default/verify.yml | 2 +- tasks/main.yml | 53 ++++++++++++++++++------------------ 4 files changed, 37 insertions(+), 35 deletions(-) diff --git a/meta/main.yml b/meta/main.yml index ac3f71c..0ca71a6 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -8,10 +8,10 @@ galaxy_info: license: GPLv3 min_ansible_version: 2.0 platforms: - - name: Ubuntu - versions: - - focal - - jammy - - noble - galaxy_tags: [] -dependencies: [] + - name: Ubuntu + versions: + - focal + - jammy + - noble + galaxy_tags: [ ] +dependencies: [ ] diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index bfa353d..fdcc5f0 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -1,3 +1,4 @@ +--- - name: Bootstrap hosts: all become: true @@ -8,7 +9,7 @@ - name: Prepare hosts: all become: true - gather_facts: yes + gather_facts: true tasks: - name: Update cache apt: update_cache=true cache_valid_time=600 diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index ce24aa7..dad0cf4 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -1,7 +1,7 @@ --- - name: Check mariadb is configured hosts: all - become: yes + become: true tasks: diff --git a/tasks/main.yml b/tasks/main.yml index 1d37b68..13000c2 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,3 +1,4 @@ +--- - set_fact: _supported_ubuntu_versions: - '18.04' @@ -32,33 +33,33 @@ - name: Apply apt config for explicitly specified MariaDB versions block: - - name: Add apt key for MariaDB - apt_key: - keyserver: keyserver.ubuntu.com - id: F1656F24C74CD1D8 - - name: Add apt repo for MariaDB - apt_repository: - repo: > - {{ mariadb_repo_deb_line }} - state: present - filename: mariadb - update_cache: true - tags: - - apt-repo + - name: Add apt key for MariaDB + apt_key: + keyserver: keyserver.ubuntu.com + id: F1656F24C74CD1D8 + - name: Add apt repo for MariaDB + apt_repository: + repo: > + {{ mariadb_repo_deb_line }} + state: present + filename: mariadb + update_cache: true + tags: + - apt-repo when: mariadb_version != 'auto' - name: Install MariaDB Server apt: name: mariadb-server state: present - update_cache: yes + update_cache: true when: client_only == false - name: Install MariaDB client apt: name: mariadb-client state: present - update_cache: yes + update_cache: true when: client_only == true - name: Install python module @@ -78,13 +79,13 @@ command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' register: mysql_anonymous_hosts changed_when: false - check_mode: no + check_mode: false - name: Remove anonymous MySQL users. mysql_user: - name: "" - host: "{{ item }}" - state: absent + name: "" + host: "{{ item }}" + state: absent with_items: "{{ mysql_anonymous_hosts.stdout_lines|default([]) }}" - name: Remove the test database @@ -162,12 +163,12 @@ - name: Save mysql root password credentials to /root/.my.cnf template: src=root/my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 backup=yes when: ( - mysql_password_changed is defined - and mysql_password_changed is changed + mysql_password_changed is defined + and mysql_password_changed is changed ) or ( - client_only == true - and mysql_root_password is defined + client_only == true + and mysql_root_password is defined ) - name: Apply Acro's MariaDB 10.0 server config to Ubuntu 16.04 @@ -176,7 +177,7 @@ dest: /etc/mysql/conf.d/acro.cnf owner: root mode: 0644 - backup: yes + backup: true notify: - armdb restart mysql when: ansible_distribution_version == '16.04' @@ -189,7 +190,7 @@ owner: root group: root mode: 0644 - backup: yes + backup: true notify: - armdb restart mysql when: ansible_distribution == 'Ubuntu' and @@ -202,6 +203,6 @@ dest: "{{ mysql_include_dir }}/99-acromedia-client-overrides.cnf" owner: root mode: 0644 - backup: yes + backup: true when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int >= 18 From 1c4a1eb31848818d1ffbb4bb61bdd3c103cd0dea Mon Sep 17 00:00:00 2001 From: Dale Anderson Date: Thu, 30 May 2024 10:27:38 -0700 Subject: [PATCH 2/5] Put linting back in place --- .github/workflows/molecule.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml index 7d20785..b470cb2 100644 --- a/.github/workflows/molecule.yml +++ b/.github/workflows/molecule.yml @@ -11,27 +11,27 @@ on: schedule: - cron: '5 4 */14 * *' # Twice / month, at 4:05 AM. jobs: -# lint: -# runs-on: ubuntu-20.04 -# steps: -# - name: checkout -# uses: actions/checkout@v4 -# - name: ansible-lint -# uses: ansible-community/ansible-lint-action@main + lint: + runs-on: ubuntu-20.04 + steps: + - name: checkout + uses: actions/checkout@v4 + - name: ansible-lint + uses: ansible-community/ansible-lint-action@main test: -# needs: -# - lint + needs: + - lint runs-on: ubuntu-20.04 strategy: fail-fast: true matrix: config: - image: "ubuntu" - tag: "latest" # latest == noble, as of this writing. + tag: "latest" # latest == noble, as of this writing. - image: "ubuntu" tag: "jammy" -# - image: "ubuntu" -# tag: "focal" # Service start times out in molecule tests. No idea why. :-( + # - image: "ubuntu" # Not testing focal, because the "service start" + # tag: "focal" # task times out in molecule tests, and nobody knows why. steps: - name: checkout uses: actions/checkout@v4 From 9fb4b9219d2aedf37fcb00da9ff6ce69829de580 Mon Sep 17 00:00:00 2001 From: Dale Anderson Date: Thu, 30 May 2024 10:50:35 -0700 Subject: [PATCH 3/5] Fix ansible-lint issues --- handlers/main.yml | 8 +--- meta/main.yml | 2 +- requirements.yml | 2 + tasks/main.yml | 96 +++++++++++++++++++++++++---------------------- 4 files changed, 56 insertions(+), 52 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 864c69a..c6ce699 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,9 +1,5 @@ --- -- name: armdb restart mysql - service: +- name: ArMDB restart mysql + ansible.builtin.service: name: mysql state: restarted - -- name: armdb systemctl daemon-reexec - ansible.builtin.systemd: - daemon_reexec: true diff --git a/meta/main.yml b/meta/main.yml index 0ca71a6..67776ec 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,7 +6,7 @@ galaxy_info: description: Installs MariaDB on Ubuntu company: Acro Media Inc. license: GPLv3 - min_ansible_version: 2.0 + min_ansible_version: '2.0' platforms: - name: Ubuntu versions: diff --git a/requirements.yml b/requirements.yml index 4aca381..d789011 100644 --- a/requirements.yml +++ b/requirements.yml @@ -2,3 +2,5 @@ roles: - name: robertdebock.bootstrap collections: + - name: community.mysql + version: 3.9.0 diff --git a/tasks/main.yml b/tasks/main.yml index 13000c2..99880d1 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,5 +1,6 @@ --- -- set_fact: +- name: Define the list of supported ubuntu versions + ansible.builtin.set_fact: _supported_ubuntu_versions: - '18.04' - '20.04' @@ -7,38 +8,41 @@ - '24.04' - name: Check if OS is Ubuntu LTS - assert: + ansible.builtin.assert: that: - ansible_distribution == 'Ubuntu' - ansible_distribution_version in _supported_ubuntu_versions fail_msg: Server must be Ubuntu LTS - name: Check for existence of /root/.my.cnf - stat: path=/root/.my.cnf + ansible.builtin.stat: + path: /root/.my.cnf register: root_my_cnf - name: Fail when /root/.my.cnf doesn't exist, and no root password has been provided - fail: + ansible.builtin.fail: msg: Could not read password from /root/.my.cnf. If this is the first time running your playbook, append ` --extra-vars mysql_root_password=$(openssl rand -base64 24) ` to your command line. Setting the mysql root password only needs to be done once. when: root_my_cnf is defined and root_my_cnf.stat is defined - and root_my_cnf.stat.exists == False + and (not root_my_cnf.stat.exists) and mysql_root_password is not defined - name: Install software-properties-common - apt: + ansible.builtin.apt: name: software-properties-common update_cache: true state: present - name: Apply apt config for explicitly specified MariaDB versions + when: mariadb_version != 'auto' block: - name: Add apt key for MariaDB - apt_key: + ansible.legacy.apt_key: keyserver: keyserver.ubuntu.com id: F1656F24C74CD1D8 + - name: Add apt repo for MariaDB - apt_repository: + ansible.builtin.apt_repository: repo: > {{ mariadb_repo_deb_line }} state: present @@ -46,56 +50,57 @@ update_cache: true tags: - apt-repo - when: mariadb_version != 'auto' - name: Install MariaDB Server - apt: + when: not client_only + ansible.builtin.apt: name: mariadb-server state: present update_cache: true - when: client_only == false - name: Install MariaDB client - apt: + when: client_only + ansible.builtin.apt: name: mariadb-client state: present update_cache: true - when: client_only == true - name: Install python module - apt: + ansible.builtin.apt: name: - python3-mysqldb state: present -- block: +- name: Install MariaDB Server + when: not client_only + block: - name: Ensure mariadb service is running and starts on boot - service: + ansible.builtin.service: name: mariadb state: started enabled: true - name: Get list of hosts for the anonymous user. - command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' + ansible.builtin.command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' register: mysql_anonymous_hosts changed_when: false check_mode: false - name: Remove anonymous MySQL users. - mysql_user: + community.mysql.mysql_user: name: "" host: "{{ item }}" state: absent - with_items: "{{ mysql_anonymous_hosts.stdout_lines|default([]) }}" + with_items: "{{ mysql_anonymous_hosts.stdout_lines | default([]) }}" - name: Remove the test database - mysql_db: + community.mysql.mysql_db: name: test state: absent ignore_errors: "{{ ansible_check_mode }}" - name: Override default bind address - copy: + ansible.builtin.copy: dest: "{{ mysql_include_dir }}/99-acromedia-bind-address.cnf" content: | [mysqld] @@ -107,13 +112,14 @@ backup: false when: mysql_bind_address != '127.0.0.1' notify: - - armdb restart mysql + - ArMDB restart mysql - - debug: + - name: Debug mysql_allow_from + ansible.builtin.debug: var: mysql_allow_from - name: Give mysql root permission to run commands from places other than localhost (mysql_allow_from = scalar) - mysql_user: + community.mysql.mysql_user: name: "{{ mysql_user }}" priv: "*.*:ALL,GRANT" append_privs: true @@ -126,7 +132,7 @@ and mysql_allow_from != 'localhost' - name: Give mysql root permission to run commands from places other than localhost (mysql_allow_from = list) - mysql_user: + community.mysql.mysql_user: name: "{{ mysql_user }}" priv: "*.*:ALL,GRANT" append_privs: true @@ -140,9 +146,8 @@ and mysql_allow_from |length > 0 with_items: "{{ mysql_allow_from }}" - - name: Update mysql root password - mysql_user: + community.mysql.mysql_user: name: "{{ mysql_user }}" host: "{{ item }}" password: "{{ mysql_root_password }}" @@ -153,38 +158,42 @@ - localhost when: (root_my_cnf is defined and root_my_cnf.stat is defined - and root_my_cnf.stat.exists == False) - or mysql_root_password is defined + and not root_my_cnf.stat.exists + ) or mysql_root_password is defined register: mysql_password_changed - when: client_only == false - - - name: Save mysql root password credentials to /root/.my.cnf - template: src=root/my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 backup=yes + ansible.builtin.template: + src: root/my.cnf.j2 + dest: /root/.my.cnf + owner: root + mode: '0600' + backup: true when: ( mysql_password_changed is defined and mysql_password_changed is changed ) or ( - client_only == true - and mysql_root_password is defined + client_only and mysql_root_password is defined ) - name: Apply Acro's MariaDB 10.0 server config to Ubuntu 16.04 - template: + when: ansible_distribution_version == '16.04' + and not client_only + ansible.builtin.template: src: etc/mysql/conf.d/acro.cnf.j2 dest: /etc/mysql/conf.d/acro.cnf owner: root mode: 0644 backup: true notify: - - armdb restart mysql - when: ansible_distribution_version == '16.04' - and client_only == false + - ArMDB restart mysql - name: Apply MariaDB server customizations on Ubuntu >= 18.04 - template: + when: ansible_distribution == 'Ubuntu' and + ansible_distribution_major_version|int >= 18 + and not client_only + ansible.builtin.template: src: etc/mysql/mariadb.conf.d/99-acromedia-server-overrides.cnf.j2 dest: "{{ mysql_include_dir }}/99-acromedia-server-overrides.cnf" owner: root @@ -192,13 +201,10 @@ mode: 0644 backup: true notify: - - armdb restart mysql - when: ansible_distribution == 'Ubuntu' and - ansible_distribution_major_version|int >= 18 - and client_only == false + - ArMDB restart mysql - name: Apply MariaDB cient customizations on Ubuntu >= 18.04 - template: + ansible.builtin.template: src: etc/mysql/mariadb.conf.d/99-acromedia-client-overrides.cnf.j2 dest: "{{ mysql_include_dir }}/99-acromedia-client-overrides.cnf" owner: root From 2eb5c1cede471522c48d3e644766fa9f67b8e2cb Mon Sep 17 00:00:00 2001 From: Dale Anderson Date: Thu, 30 May 2024 10:57:36 -0700 Subject: [PATCH 4/5] Bump runners to next version --- .github/workflows/molecule.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml index b470cb2..a84ddff 100644 --- a/.github/workflows/molecule.yml +++ b/.github/workflows/molecule.yml @@ -12,7 +12,7 @@ on: - cron: '5 4 */14 * *' # Twice / month, at 4:05 AM. jobs: lint: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: checkout uses: actions/checkout@v4 @@ -21,7 +21,7 @@ jobs: test: needs: - lint - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 strategy: fail-fast: true matrix: From 61d25f47b48fe0c2c52a8fc19b42be06809308a8 Mon Sep 17 00:00:00 2001 From: Dale Anderson Date: Thu, 30 May 2024 11:01:05 -0700 Subject: [PATCH 5/5] Revert "Bump runners to next version" This reverts commit 2eb5c1cede471522c48d3e644766fa9f67b8e2cb. --- .github/workflows/molecule.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml index a84ddff..b470cb2 100644 --- a/.github/workflows/molecule.yml +++ b/.github/workflows/molecule.yml @@ -12,7 +12,7 @@ on: - cron: '5 4 */14 * *' # Twice / month, at 4:05 AM. jobs: lint: - runs-on: ubuntu-22.04 + runs-on: ubuntu-20.04 steps: - name: checkout uses: actions/checkout@v4 @@ -21,7 +21,7 @@ jobs: test: needs: - lint - runs-on: ubuntu-22.04 + runs-on: ubuntu-20.04 strategy: fail-fast: true matrix: