From 1fd76ca1aac77a65b68f6a489d515487e8badf49 Mon Sep 17 00:00:00 2001
From: Teodoro Cook <teodoro.cook@gmail.com>
Date: Wed, 20 Mar 2024 13:56:10 -0600
Subject: [PATCH] Add verification tasks for custom configuration (#15)

---
 handlers/main.yml               |  4 +---
 molecule/common/verify.yml      |  4 ++--
 molecule/configure/molecule.yml |  4 +++-
 molecule/configure/verify.yml   | 39 +++++++++++++++++++++++++++++++++
 tasks/configure.yml             | 25 +++++++++++----------
 tasks/vars.yml                  |  4 ++--
 templates/postgresql.conf.j2    |  1 -
 7 files changed, 61 insertions(+), 20 deletions(-)
 create mode 100644 molecule/configure/verify.yml

diff --git a/handlers/main.yml b/handlers/main.yml
index 7b33dc4..128df09 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -17,6 +17,4 @@
     name: "{{ _postgresql_service_name }}"
     state: "restarted"
   when: postgresql_service_state == 'started'
-  listen:
-    - postgresql_restart
-    - daemon_reload
+  listen: postgresql_restart
diff --git a/molecule/common/verify.yml b/molecule/common/verify.yml
index 59a3625..edef4f8 100644
--- a/molecule/common/verify.yml
+++ b/molecule/common/verify.yml
@@ -94,7 +94,7 @@
           - "databases"
           - "roles"
       become: true
-      become_user: postgres
+      become_user: "{{ _postgresql_user }}"
       register: postgresql_info
 
     - name: Verify requested databases
@@ -139,7 +139,7 @@
         db: postgres
         query: 'SHOW data_checksums'
       become: true
-      become_user: postgres
+      become_user: "{{ _postgresql_user }}"
       register: postgresql_checksums
 
     - name: Verify data checksum
diff --git a/molecule/configure/molecule.yml b/molecule/configure/molecule.yml
index 85b094a..049bfdb 100644
--- a/molecule/configure/molecule.yml
+++ b/molecule/configure/molecule.yml
@@ -23,7 +23,6 @@ provisioner:
   playbooks:
     prepare: ../common/prepare.yml
     converge: ../common/converge.yml
-    verify: ../common/verify.yml
     side_effect: ../common/converge.yml
   config_options:
     defaults:
@@ -33,6 +32,9 @@ provisioner:
       all:
         vars:
           postgresql_nolog: false
+          postgresql_conf_max_conns: 600
+          postgresql_conf_ansible: |
+            max_connections = {{ postgresql_conf_max_conns }}
 verifier:
   name: ansible
 scenario:
diff --git a/molecule/configure/verify.yml b/molecule/configure/verify.yml
new file mode 100644
index 0000000..7a2ac68
--- /dev/null
+++ b/molecule/configure/verify.yml
@@ -0,0 +1,39 @@
+---
+- ansible.builtin.import_playbook: ../common/verify.yml
+
+- name: Verify configuration
+  hosts: all
+  gather_facts: true
+  become: true
+  tasks:
+    - name: Import role defaults
+      ansible.builtin.include_role:
+        name: nephelaiio.postgresql
+        tasks_from: vars.yml
+
+    - name: Stat Ansible configuration file
+      ansible.builtin.stat:
+        path: "{{ _postgresql_conf_ansible }}"
+      register: _ansible_conf_query
+
+    - name: Verify Ansible configuration file
+      ansible.builtin.assert:
+        that: _ansible_conf_query.stat.exists
+
+    - name: Query PostgreSQL settings
+      community.postgresql.postgresql_query:
+        db: postgres
+        query: 'SELECT name,setting from pg_settings'
+      become: true
+      become_user: "{{ _postgresql_user }}"
+      register: _postgresql_settings
+
+    - name: Check PostgreSQL settings
+      ansible.builtin.assert:
+        that: (_max_connections | int) == (postgresql_conf_max_conns | int)
+        fail_msg: "Expected max_connections = {{ postgresql_conf_max_conns }}, found {{ _max_connections }}"
+        success_msg: "max_connections = {{ _max_connections }}"
+      vars:
+        _settings: "{{ _postgresql_settings.query_result  }}"
+        _max_connections_setting: "{{ _settings | selectattr('name', 'equalto', 'max_connections') | first }}"
+        _max_connections: "{{ _max_connections_setting.setting }}"
diff --git a/tasks/configure.yml b/tasks/configure.yml
index 87d30f9..82318a8 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -41,19 +41,22 @@
     state: directory
     mode: 0700
 
-- name: Initialize PostgreSQL database
-  ansible.builtin.command:
-    cmd: "{{ _postgresql_bindir }}/initdb -D {{ _postgresql_datadir }}"
-    creates: "{{ _postgresql_datadir }}/PG_VERSION"
-  become: true
-  become_user: "{{ _postgresql_user }}"
+- name: Manage PostgreSQL initialization
   when: _postgresql_initdb | bool
+  block:
+    - name: Initialize PostgreSQL database
+      ansible.builtin.command:
+        cmd: "{{ _postgresql_bindir }}/initdb -D {{ _postgresql_datadir }}"
+        creates: "{{ _postgresql_datadir }}/PG_VERSION"
+      become: true
+      become_user: "{{ _postgresql_user }}"
+      when: _postgresql_initdb | bool
 
-- name: Enable PostgreSQL checksums
-  ansible.builtin.command:
-    cmd: "{{ _postgresql_bindir }}/pg_checksums -D {{ _postgresql_datadir }} --enable"
-  when: _postgresql_checksum_enable | bool
-  changed_when: false
+    - name: Enable PostgreSQL checksums
+      ansible.builtin.command:
+        cmd: "{{ _postgresql_bindir }}/pg_checksums -D {{ _postgresql_datadir }} --enable"
+      when: _postgresql_checksum_enable | bool
+      changed_when: false
 
 - name: Create PostgreSQL include directory
   ansible.builtin.file:
diff --git a/tasks/vars.yml b/tasks/vars.yml
index 68d3e86..8c7eab2 100644
--- a/tasks/vars.yml
+++ b/tasks/vars.yml
@@ -8,9 +8,9 @@
     _postgresql_service_name: "{{ postgresql_service_name | default(_default_service) }}"
     _postgresql_user: "{{ postgresql_user }}"
     _postgresql_group: "{{ postgresql_group }}"
-    _postgresql_bindir: "{{ __postgresql_bindir | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _postgresql_confdir: "{{ _conf_confdir }}"
     _postgresql_datadir: "{{ _conf_datadir }}"
+    _postgresql_bindir: "{{ _conf_bindir }}"
     _postgresql_socketdir: "{{ _conf_socketdir }}"
     _postgresql_initdb: "{{ postgresql_initdb }}"
     _postgresql_auth_method: "{{ _auth_method }}"
@@ -18,7 +18,6 @@
     _postgresql_conf_include: "{{ _conf_include }}"
     _postgresql_conf_main: "{{ _conf_main }}"
     _postgresql_conf_hba: "{{ _conf_datadir }}/pg_hba.conf"
-    _postgresql_conf_ident: "{{ _conf_datadir }}/pg_ident.conf"
     _postgresql_conf_ansible: "{{ _conf_include }}/{{ __postgresql_conf_ansible }}"
     _postgresql_conf_pgaudit: "{{ _conf_include }}/{{ __postgresql_conf_pgaudit }}"
     _postgresql_conf_pgcron: "{{ _conf_include }}/{{ __postgresql_conf_pgcron }}"
@@ -30,6 +29,7 @@
     _default_service: "{{ __postgresql_service_name | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _conf_confdir: "{{ _conf_main | dirname }}"
     _conf_datadir: "{{ __postgresql_datadir | nephelaiio.plugins.sorted_get(_conf_search) }}"
+    _conf_bindir: "{{ __postgresql_bindir | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _conf_socketdir: "{{ __postgresql_socketdir | nephelaiio.plugins.sorted_get(_conf_search) }}"
     _conf_search: "{{ __postgresql_os_search }}"
     _conf_main: "{{ __postgresql_conf_main | nephelaiio.plugins.sorted_get(_conf_search) }}"
diff --git a/templates/postgresql.conf.j2 b/templates/postgresql.conf.j2
index 827bcc1..82ab3b1 100644
--- a/templates/postgresql.conf.j2
+++ b/templates/postgresql.conf.j2
@@ -7,4 +7,3 @@ listen_addresses = '*'
 data_directory = '{{ _postgresql_datadir }}'
 unix_socket_directories = '{{ _postgresql_socketdir }}, /tmp'
 hba_file = '{{ _postgresql_conf_hba }}'
-ident_file = '{{ _postgresql_conf_ident }}'