diff --git a/.github/workflows/general.yml b/.github/workflows/general.yml index abf9d1e..be3a003 100644 --- a/.github/workflows/general.yml +++ b/.github/workflows/general.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - name: Role linting - uses: actionhippie/ansible-later@v2 + uses: actionhippie/ansible-later@v3 testing: runs-on: ubuntu-latest diff --git a/.later.yml b/.later.yml index 07e8dc4..1d2a51d 100644 --- a/.later.yml +++ b/.later.yml @@ -4,4 +4,8 @@ rules: - molecule/ubuntu/tests - README.md +yamllint: + document-end: + present: True + ... diff --git a/defaults/main.yml b/defaults/main.yml index 86888ef..7c460cc 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,4 +1,3 @@ -# Standards: 1.2 --- # @var grafana_installation:description: Select installation method, could be native or docker grafana_installation: native diff --git a/flake.lock b/flake.lock index 526cd37..28755a1 100644 --- a/flake.lock +++ b/flake.lock @@ -2,15 +2,15 @@ "nodes": { "devshell": { "inputs": { - "nixpkgs": "nixpkgs", - "systems": "systems" + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1692793255, - "narHash": "sha256-yVyj0AE280JkccDHuG1XO9oGxN6bW8ksr/xttXcXzK0=", + "lastModified": 1705332421, + "narHash": "sha256-USpGLPme1IuqG78JNqSaRabilwkCyHmVWY0M9vYyqEA=", "owner": "numtide", "repo": "devshell", - "rev": "2aa26972b951bc05c3632d4e5ae683cb6771a7c6", + "rev": "83cb93d6d063ad290beee669f4badf9914cc16ec", "type": "github" }, "original": { @@ -22,11 +22,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -40,11 +40,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1690933134, - "narHash": "sha256-ab989mN63fQZBFrkk4Q8bYxQCktuHmBIBqUG1jl6/FQ=", + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "59cf3f1447cfc75087e7273b04b31e689a8599fb", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", "type": "github" }, "original": { @@ -53,15 +53,33 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "inputs": { "systems": "systems_2" }, "locked": { - "lastModified": 1685518550, - "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", "owner": "numtide", "repo": "flake-utils", - "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", "type": "github" }, "original": { @@ -78,11 +96,11 @@ ] }, "locked": { - "lastModified": 1660459072, - "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", + "lastModified": 1703887061, + "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", "type": "github" }, "original": { @@ -93,11 +111,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1677383253, - "narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=", + "lastModified": 1704161960, + "narHash": "sha256-QGua89Pmq+FBAro8NriTuoO/wNaUtugt29/qqA8zeeM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9952d6bc395f5841262b006fbace8dd7e143b634", + "rev": "63143ac2c9186be6d9da6035fa22620018c85932", "type": "github" }, "original": { @@ -110,11 +128,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1690881714, - "narHash": "sha256-h/nXluEqdiQHs1oSgkOOWF+j8gcJMWhwnZ9PFabN6q0=", + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9e1960bc196baf6881340d53dccb203a951745a2", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", "type": "github" }, "original": { @@ -127,27 +145,27 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1685801374, - "narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=", + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c37ca420157f4abc31e26f436c1145f8951ff373", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1693377291, - "narHash": "sha256-vYGY9bnqEeIncNarDZYhm6KdLKgXMS+HA2mTRaWEc80=", + "lastModified": 1706913249, + "narHash": "sha256-x3M7iV++CsvRXI1fpyFPduGELUckZEhSv0XWnUopAG8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e7f38be3775bab9659575f192ece011c033655f0", + "rev": "e92b6015881907e698782c77641aa49298330223", "type": "github" }, "original": { @@ -159,11 +177,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1689261696, - "narHash": "sha256-LzfUtFs9MQRvIoQ3MfgSuipBVMXslMPH/vZ+nM40LkA=", + "lastModified": 1704842529, + "narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "df1eee2aa65052a18121ed4971081576b25d6b5c", + "rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5", "type": "github" }, "original": { @@ -176,17 +194,17 @@ "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "gitignore": "gitignore", "nixpkgs": "nixpkgs_3", "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1692274144, - "narHash": "sha256-BxTQuRUANQ81u8DJznQyPmRsg63t4Yc+0kcyq6OLz8s=", + "lastModified": 1706424699, + "narHash": "sha256-Q3RBuOpZNH2eFA1e+IHgZLAOqDD9SKhJ/sszrL8bQD4=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "7e3517c03d46159fdbf8c0e5c97f82d5d4b0c8fa", + "rev": "7c54e08a689b53c8a1e5d70169f2ec9e2a68ffaf", "type": "github" }, "original": { diff --git a/handlers/main.yml b/handlers/main.yml index 21e2931..02e4f35 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,7 +1,6 @@ -# Standards: 1.2 --- - name: Restart grafana - systemd: + ansible.builtin.systemd: name: "{{ 'grafana-server' if grafana_installation == 'native' else 'grafana' }}" state: restarted daemon_reload: yes diff --git a/meta/main.yml b/meta/main.yml index 260bdf8..fe5c7e3 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,4 +1,3 @@ -# Standards: 1.2 --- # @meta author:value: [Thomas Boerger](https://github.com/tboerger) # @meta description: > @@ -28,7 +27,6 @@ galaxy_info: platforms: - name: Ubuntu versions: - - bionic - focal - jammy galaxy_tags: diff --git a/meta/requirements.yml b/meta/requirements.yml new file mode 100644 index 0000000..6986038 --- /dev/null +++ b/meta/requirements.yml @@ -0,0 +1,7 @@ +--- +collections: + - community.docker + +roles: [] + +... diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 4dba348..bfadd78 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -1,4 +1,3 @@ -# Standards: 1.2 --- - name: Converge hosts: all diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 50ea20a..38352d3 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -1,4 +1,3 @@ -# Standards: 1.2 --- dependency: name: galaxy @@ -41,21 +40,6 @@ platforms: - /sys/fs/cgroup:/sys/fs/cgroup:rw environment: container: docker - - name: grafana-ubuntu-18 - image: docker.io/geerlingguy/docker-ubuntu1804-ansible:latest - hostname: ubuntu - privileged: True - pre_build_image: True - override_command: False - cgroupns_mode: host - tmpfs: - - /tmp - - /run - - /run/lock - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - environment: - container: docker provisioner: name: ansible diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml index b62373a..2b6e8c7 100644 --- a/molecule/default/prepare.yml +++ b/molecule/default/prepare.yml @@ -1,26 +1,51 @@ -# Standards: 1.2 --- - name: Prepare hosts: all gather_facts: False tasks: + - name: Stat apt dir + register: aptdir + ansible.builtin.stat: + path: /var/lib/apt + - name: Wait for aptlock - shell: while fuser /var/lib/apt/lists/lock >/dev/null 2>&1; do echo 'Waiting for apt list lock.' && sleep 10; done + when: aptdir.stat.exists changed_when: False + ansible.builtin.shell: + cmd: while fuser /var/lib/apt/lists/lock >/dev/null 2>&1; do echo 'Waiting for apt list lock.' && sleep 10; done - name: Update package cache - apt: + when: aptdir.stat.exists + ansible.builtin.apt: update_cache: True - - name: Install gpg dependency - apt: - name: python3-gpg + - name: Install test dependencies + when: aptdir.stat.exists + loop: + - python3-gpg + - curl + ansible.builtin.apt: + name: "{{ item }}" state: present - - name: Install curl dependency - apt: - name: curl - state: present + - name: Create man dirs + changed_when: False + loop: + - /usr/share/man/man1 + - /usr/share/man/man2 + - /usr/share/man/man3 + - /usr/share/man/man4 + - /usr/share/man/man5 + - /usr/share/man/man6 + - /usr/share/man/man7 + - /usr/share/man/man8 + - /usr/share/man/man9 + ansible.builtin.file: + path: "{{ item }}" + owner: root + group: root + mode: u=rwx,g=rx,o=rx + state: directory ... diff --git a/molecule/requirements.yml b/molecule/requirements.yml index 89d85f0..6986038 100644 --- a/molecule/requirements.yml +++ b/molecule/requirements.yml @@ -1,6 +1,7 @@ -# Standards: 1.2 --- -collections: [] +collections: + - community.docker + roles: [] ... diff --git a/tasks/main.yml b/tasks/main.yml index a10d6ca..d810056 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,9 +1,8 @@ -# Standards: 1.2 --- - name: Remove legacy key when: - grafana_installation == 'native' - apt_key: + ansible.builtin.apt_key: id: 4E40DDF6D76E284A4A6780E48C8C34C524098CB6 state: absent tags: @@ -12,7 +11,7 @@ - name: Remove legacy repo when: - grafana_installation == 'native' - apt_repository: + ansible.builtin.apt_repository: repo: "deb https://packages.grafana.com/oss/deb {{ grafana_repo_release }} main" filename: grafana update_cache: False @@ -23,7 +22,7 @@ - name: Download repo key when: - grafana_installation == 'native' - shell: + ansible.builtin.shell: cmd: "curl -sSL 'https://packages.grafana.com/gpg.key' | gpg --dearmor --output {{ grafana_keyring }}" creates: "{{ grafana_keyring }}" tags: @@ -32,7 +31,7 @@ - name: Add apt repository when: - grafana_installation == 'native' - apt_repository: + ansible.builtin.apt_repository: repo: "deb [signed-by={{ grafana_keyring }}] https://packages.grafana.com/oss/deb {{ grafana_repo_release }} main" filename: grafana update_cache: True @@ -45,7 +44,7 @@ - grafana_installation == 'native' loop: - grafana - package: + ansible.builtin.package: name: "{{ item }}" state: present tags: @@ -53,7 +52,7 @@ - name: Create required directories loop: "{{ grafana_default_folders + grafana_extra_folders }}" - file: + ansible.builtin.file: path: "{{ item }}" owner: "{{ 'grafana' if grafana_installation == 'native' else '472' }}" group: root @@ -65,7 +64,7 @@ - name: Write providers config notify: - Restart grafana - template: + ansible.builtin.template: src: providers.j2 dest: /etc/grafana/provisioning/dashboards/default.yml owner: "{{ 'grafana' if grafana_installation == 'native' else '472' }}" @@ -77,7 +76,7 @@ - name: Write datasources config notify: - Restart grafana - template: + ansible.builtin.template: src: datasources.j2 dest: /etc/grafana/provisioning/datasources/default.yml owner: "{{ 'grafana' if grafana_installation == 'native' else '472' }}" @@ -89,7 +88,7 @@ - name: Write default config notify: - Restart grafana - template: + ansible.builtin.template: src: default.j2 dest: "/etc/default/{{ 'grafana-server' if grafana_installation == 'native' else 'grafana' }}" owner: root @@ -101,7 +100,7 @@ - name: Write general config notify: - Restart grafana - template: + ansible.builtin.template: src: config.j2 dest: /etc/grafana/grafana.ini owner: root @@ -113,7 +112,7 @@ - name: Write ldap config notify: - Restart grafana - template: + ansible.builtin.template: src: ldap.j2 dest: /etc/grafana/ldap.ini owner: root @@ -127,7 +126,7 @@ - grafana_installation == 'native' register: grafana_plugins_list changed_when: False - command: grafana-cli plugins ls + ansible.builtin.command: grafana-cli plugins ls tags: - grafana @@ -140,7 +139,7 @@ - item.state | default('present') == 'present' notify: - Restart grafana - command: "grafana-cli plugins install {{ item.name | default(item) }}" + ansible.builtin.command: "grafana-cli plugins install {{ item.name | default(item) }}" tags: - grafana @@ -153,7 +152,7 @@ - item.state | default('present') == 'absent' notify: - Restart grafana - command: "grafana-cli plugins remove {{ item.name | default(item) }}" + ansible.builtin.command: "grafana-cli plugins remove {{ item.name | default(item) }}" tags: - grafana @@ -162,7 +161,7 @@ - grafana_installation == 'docker' notify: - Restart grafana - template: + ansible.builtin.template: src: service.j2 dest: /etc/systemd/system/grafana.service owner: root @@ -175,7 +174,7 @@ when: - grafana_installation == 'docker' - grafana_pull_image - docker_image: + community.docker.docker_image: name: "{{ grafana_image }}" source: pull tags: @@ -185,13 +184,13 @@ when: - grafana_installation == 'docker' - grafana_network | default(False) - docker_network: + community.docker.docker_network: name: '{{ grafana_network }}' tags: - grafana - name: Start grafana service - systemd: + ansible.builtin.systemd: name: "{{ 'grafana-server' if grafana_installation == 'native' else 'grafana' }}" state: started daemon_reload: yes @@ -201,7 +200,7 @@ - grafana - name: Force handler flush - meta: flush_handlers + ansible.builtin.meta: flush_handlers tags: - grafana @@ -214,7 +213,7 @@ until: result.status == 200 retries: 60 delay: 5 - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000/healthz' if grafana_installation == 'native' else 'https://'+grafana_domain+'/healthz' }}" status_code: 200 tags: @@ -224,7 +223,7 @@ register: grafana_existing_users when: - grafana_manage_admins - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000' if grafana_installation == 'native' else 'https://'+grafana_domain }}/api/users" user: "{{ grafana_username }}" password: "{{ grafana_password }}" @@ -240,7 +239,7 @@ - grafana_manage_admins - item != grafana_username - item not in grafana_admins - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000' if grafana_installation == 'native' else 'https://'+grafana_domain }}/api/admin/users/{{ grafana_existing_users.json | selectattr('login', 'equalto', item) | map(attribute='id') | first }}/permissions" user: "{{ grafana_username }}" password: "{{ grafana_password }}" @@ -256,7 +255,7 @@ when: - grafana_manage_admins - ((grafana_existing_users.json | selectattr('login', 'equalto', item)) | list) | length != 0 - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000' if grafana_installation == 'native' else 'https://'+grafana_domain }}/api/admin/users/{{ grafana_existing_users.json | selectattr('login', 'equalto', item) | map(attribute='id') | first }}/permissions" user: "{{ grafana_username }}" password: "{{ grafana_password }}" @@ -271,7 +270,7 @@ register: grafana_existing_orgs when: - grafana_manage_orgs - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000' if grafana_installation == 'native' else 'https://'+grafana_domain }}/api/orgs" user: "{{ grafana_username }}" password: "{{ grafana_password }}" @@ -286,7 +285,7 @@ when: - grafana_manage_orgs - ((grafana_existing_orgs.json | selectattr('name', 'equalto', item)) | list) | length == 0 - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000' if grafana_installation == 'native' else 'https://'+grafana_domain }}/api/orgs" user: "{{ grafana_username }}" password: "{{ grafana_password }}" @@ -301,7 +300,7 @@ - grafana - name: Update default org - uri: + ansible.builtin.uri: url: "{{ 'http://localhost:3000' if grafana_installation == 'native' else 'https://'+grafana_domain }}/api/orgs/1" user: "{{ grafana_username }}" password: "{{ grafana_password }}"