From 7fd9527f6a5d88ee327666c932aa64a16c726cf2 Mon Sep 17 00:00:00 2001 From: Teodoro Cook Date: Sat, 18 Nov 2023 09:52:05 -0600 Subject: [PATCH] Add package lock feature (#12) --- .talismanrc | 2 -- defaults/main.yml | 3 ++ molecule/hold/converge.yml | 40 ++++++++++++++++++++++++ molecule/hold/molecule.yml | 64 ++++++++++++++++++++++++++++++++++++++ molecule/hold/prepare.yml | 12 +++++++ molecule/hold/verify.yml | 40 ++++++++++++++++++++++++ tasks/lock.yml | 12 +++++++ tasks/main.yml | 17 +++++++--- 8 files changed, 183 insertions(+), 7 deletions(-) create mode 100644 molecule/hold/converge.yml create mode 100644 molecule/hold/molecule.yml create mode 100644 molecule/hold/prepare.yml create mode 100644 molecule/hold/verify.yml create mode 100644 tasks/lock.yml diff --git a/.talismanrc b/.talismanrc index a5d2428..6c91ec8 100644 --- a/.talismanrc +++ b/.talismanrc @@ -1,8 +1,6 @@ fileignoreconfig: - filename: poetry.lock ignore_detectors: [filecontent] - - filename: Makefile - ignore_detectors: [filecontent] - filename: .github/workflows/release.yml ignore_detectors: [filecontent] - filename: templates/systemd.service.j2 diff --git a/defaults/main.yml b/defaults/main.yml index 1e86ee8..592a321 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,11 +3,14 @@ mongos_package_name: - mongodb-org-server - mongodb-org-mongos - mongodb-mongosh + - python3-pymongo + - python3-gnupg - pkg-config mongos_package_state: present mongos_service_name: mongos mongos_service_port: 27017 mongos_service_state: started +mongos_service_manage: true mongos_service_enabled: "{{ mongos_service_state != 'stopped' }}" mongos_config_file: /etc/mongos.yaml mongos_config_verbosity: 2 diff --git a/molecule/hold/converge.yml b/molecule/hold/converge.yml new file mode 100644 index 0000000..705b1f8 --- /dev/null +++ b/molecule/hold/converge.yml @@ -0,0 +1,40 @@ +--- +- name: Deploy mongodb mongos servers + hosts: mongos + become: true + roles: + - nephelaiio.mongos + pre_tasks: + - name: Query package versions + ansible.builtin.shell: + cmd: "apt-cache madison {{ item }} | awk -F'|' '{ print $2 }'" + loop: "{{ mongos_package_name }}" + register: _mongos_package_query + changed_when: false + + - name: Initialize package versions + ansible.builtin.set_fact: + mongos_package_name: [] + + - name: Verify target package versions + ansible.builtin.fail: + msg: "{{ _package }} has no installation candidate: {{ item }}" + vars: + _stdout: "{{ item.stdout_lines }}" + _package: "{{ item.item }}" + loop_control: + label: "{{ item.item }}" + loop: "{{ _mongos_package_query.results }}" + when: _stdout | length == 0 + + - name: Set target package versions + ansible.builtin.set_fact: + mongos_package_name: "{{ mongos_package_name + [_package] }}" + vars: + _stdout: "{{ item.stdout_lines }}" + _multiple: "{{ _stdout | length > 1 }}" + _version: "{{ _stdout[0] if not _multiple else _stdout[1] }}" + _package: "{{ item.item }}={{ _version | trim }}" + loop_control: + label: "{{ item.item }}" + loop: "{{ _mongos_package_query.results }}" diff --git a/molecule/hold/molecule.yml b/molecule/hold/molecule.yml new file mode 100644 index 0000000..e85674f --- /dev/null +++ b/molecule/hold/molecule.yml @@ -0,0 +1,64 @@ +--- +dependency: + name: galaxy + options: + role-file: requirements.yml + requirements-file: requirements.yml +driver: + name: docker +platforms: + - name: mongos-hold-mongos01 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2004}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - mongos + - name: mongos-hold-mongos02 + image: "geerlingguy/docker-${MOLECULE_DOCKER_IMAGE:-ubuntu2004}-ansible:latest" + command: ${MOLECULE_DOCKER_COMMAND:-""} + cgroupns_mode: host + privileged: true + pre_build_image: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + tmpfs: + - /tmp + - /opt + groups: + - mongos +provisioner: + name: ansible + inventory: + hosts: + all: + vars: + mongos_service_name: mongos + mongos_service_manage: false + mongos_service_restart: false + mongos_replicaset_config_name: config + mongos_replicaset_shard_name: shard + mongodb_shell: mongosh + mongos_package_name: + - mongodb-org-server + - mongodb-org-mongos + - mongodb-mongosh + - pkg-config +scenario: + converge_sequence: + - converge + test_sequence: + - destroy + - dependency + - create + - prepare + - converge + - verify +verifier: + name: ansible diff --git a/molecule/hold/prepare.yml b/molecule/hold/prepare.yml new file mode 100644 index 0000000..5d6e440 --- /dev/null +++ b/molecule/hold/prepare.yml @@ -0,0 +1,12 @@ +--- +- name: Prepare mongos servers + hosts: mongos + become: true + roles: + - nephelaiio.mongodb_repo + pre_tasks: + - name: Update apt package cache + ansible.builtin.apt: + update_cache: yes + when: ansible_os_family == 'Debian' + changed_when: false diff --git a/molecule/hold/verify.yml b/molecule/hold/verify.yml new file mode 100644 index 0000000..2dd1222 --- /dev/null +++ b/molecule/hold/verify.yml @@ -0,0 +1,40 @@ +--- +- name: Verify mongos deployment + hosts: mongos + become: true + tasks: + - name: Query package versions + ansible.builtin.shell: + cmd: "apt-cache madison {{ item }} | awk -F'|' '{ print $2 }'" + loop: "{{ mongos_package_name }}" + register: _mongos_package_query + changed_when: false + + - name: Initialize package versions + ansible.builtin.set_fact: + mongos_package_name: [] + + - name: Set target package versions + ansible.builtin.set_fact: + mongos_package_name: "{{ mongos_package_name + [_package] }}" + vars: + _stdout: "{{ item.stdout_lines }}" + _multiple: "{{ _stdout | length > 1 }}" + _version: "{{ _stdout[0] if not _multiple else _stdout[1] }}" + _package: "{{ item.item }}={{ _version | trim }}" + loop_control: + label: "{{ item.item }}" + loop: "{{ _mongos_package_query.results }}" + + - name: Gather package facts + ansible.builtin.package_facts: + + - name: Verify package versions + ansible.builtin.fail: + msg: "Expected installed version for package {{ _package }} to be {{ _version }}, found {{ _installed }}" + vars: + _package: "{{ item.split('=') | first }}" + _version: "{{ item.split('=') | last }}" + _installed: "{{ (packages[_package] | default([{'version': 'None'}]))[0].version }}" + loop: "{{ mongos_package_name }}" + when: _package not in packages or _version != _installed diff --git a/tasks/lock.yml b/tasks/lock.yml new file mode 100644 index 0000000..5f5b4ca --- /dev/null +++ b/tasks/lock.yml @@ -0,0 +1,12 @@ +--- +- name: Configure apt package holds + ansible.builtin.dpkg_selections: + name: "{{ item.split('=') | first }}" + selection: "{{ _lock_state }}" + vars: + _version_regex: ".*=.*" + _package_versions: "{{ [mongos_package_name] | flatten | map('regex_search', _version_regex) }}" + _package_holds: "{{ _package_versions | select('string') }}" + loop: "{{ _package_holds }}" + when: ansible_os_family == "Debian" + changed_when: false diff --git a/tasks/main.yml b/tasks/main.yml index 22c5b86..968d5a5 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,4 +1,9 @@ --- +- name: Release apt package holds + ansible.builtin.include_tasks: lock.yml + vars: + _lock_state: hold + - name: Install packages ansible.builtin.package: name: "{{ mongos_package_name }}" @@ -22,13 +27,9 @@ register: _mongos_query changed_when: false -- name: Verify configuration cluster members - ansible.builtin.fail: - msg: "Configuration cluster member set cannot be empty" - when: mongos_replicaset_config_members | length == 0 - - name: Include configuration tasks ansible.builtin.include_tasks: config.yml + when: mongos_replicaset_config_members | length > 0 - name: Create systemd configuration ansible.builtin.template: @@ -66,3 +67,9 @@ - name: Include service tasks ansible.builtin.include_tasks: service.yml + when: mongos_service_manage + +- name: Configure apt package holds + ansible.builtin.include_tasks: lock.yml + vars: + _lock_state: install