adding first tests for ansible_nagios4_server_config and ubuntu 1604 …

…support

ansible.cfg

@@ -0,0 +1,18 @@
+# config file for ansible -- http://ansible.com/
+# ==============================================
+
+# nearly all parameters can be overridden in ansible-playbook
+# or with command line flags. ansible will read ANSIBLE_CONFIG,
+# ansible.cfg in the current working directory, .ansible.cfg in
+# the home directory or /etc/ansible/ansible.cfg, whichever it
+# finds first
+
+[defaults]
+roles_path = ../:/etc/ansible/roles:~/.ansible/roles
+host_key_checking = False
+
+retry_files_enabled = False
+callback_whitelist = profile_tasks
+
+[ssh_connection]
+pipelining = False

molecule/default/Dockerfile.j2

@@ -0,0 +1,24 @@
+# Molecule managed
+
+FROM {{ item.image }}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python2-dnf bash && dnf clean all; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; fi
+
+RUN if [ $(command -v dnf) ]; then dnf -y update && dnf clean all; fi
+
+RUN if [ $(command -v dnf) ]; then dnf -y install systemd hostname && dnf clean all && \
+(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+rm -f /lib/systemd/system/multi-user.target.wants/*;\
+rm -f /etc/systemd/system/*.wants/*;\
+rm -f /lib/systemd/system/local-fs.target.wants/*; \
+rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+rm -f /lib/systemd/system/basic.target.wants/*;\
+rm -f /lib/systemd/system/anaconda.target.wants/*; fi
+
+# VOLUME [ "/sys/fs/cgroup" ]
+# CMD ["/usr/sbin/init"]

molecule/default/INSTALL.rst

@@ -0,0 +1,16 @@
+*******
+Install
+*******
+
+Requirements
+============
+
+* Docker Engine
+* docker-py
+
+Install
+=======
+
+.. code-block:: bash
+
+  $ sudo pip install docker-py

molecule/default/create.yml

@@ -0,0 +1,59 @@
+---
+- name: Create
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
+  vars:
+    molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
+    molecule_ephemeral_directory: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}"
+    molecule_scenario_directory: "{{ lookup('env', 'MOLECULE_SCENARIO_DIRECTORY') }}"
+    molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
+  tasks:
+    - name: Create Dockerfiles from image names
+      template:
+        src: "{{ molecule_scenario_directory }}/Dockerfile.j2"
+        dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
+      with_items: "{{ molecule_yml.platforms }}"
+      register: platforms
+
+    - name: Discover local Docker images
+      docker_image_facts:
+        name: "molecule_local/{{ item.item.name }}"
+      with_items: "{{ platforms.results }}"
+      register: docker_images
+
+    - name: Build an Ansible compatible image
+      docker_image:
+        path: "{{ molecule_ephemeral_directory }}"
+        name: "molecule_local/{{ item.item.image }}"
+        dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}"
+        force: "{{ item.item.force | default(true) }}"
+      with_items: "{{ platforms.results }}"
+      when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
+
+    - name: Create molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        hostname: "{{ item.name }}"
+        image: "molecule_local/{{ item.image }}"
+        state: started
+        recreate: false
+        log_driver: syslog
+        command: "{{ item.command | default('bash -c \"while true; do sleep 10000; done\"') }}"
+        privileged: "{{ item.privileged | default(omit) }}"
+        volumes: "{{ item.volumes | default(omit) }}"
+        capabilities: "{{ item.capabilities | default(omit) }}"
+        ports: "{{ item.exposed_ports | default(omit) }}"
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) creation to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: docker_jobs
+      until: docker_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"

molecule/default/destroy.yml

@@ -0,0 +1,27 @@
+---
+- name: Destroy
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
+  vars:
+    molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
+    molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
+  tasks:
+    - name: Destroy molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        state: absent
+        force_kill: "{{ item.force_kill | default(true) }}"
+      register: server
+      with_items: "{{ molecule_yml.platforms }}"
+      async: 7200
+      poll: 0
+
+    - name: Wait for instance(s) deletion to complete
+      async_status:
+        jid: "{{ item.ansible_job_id }}"
+      register: docker_jobs
+      until: docker_jobs.finished
+      retries: 300
+      with_items: "{{ server.results }}"

molecule/default/molecule.yml

@@ -0,0 +1,75 @@
+---
+dependency:
+  name: galaxy
+  options:
+    ignore-certs: True
+    ignore-errors: True
+    role-file: requirements.yml
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+
+  - name: ansible_test-01
+    image: paulfantom/ubuntu-molecule:16.04
+    #privileged: True
+    command: /sbin/init
+    capabilities:
+      - SYS_ADMIN    
+    volumes:
+      - "/sys/fs/cgroup:/sys/fs/cgroup:ro"        
+    groups:
+      - group1
+
+  - name: ansible_test-01_2
+    image: paulfantom/ubuntu-molecule:18.04
+    #privileged: True
+    command: /sbin/init
+    capabilities:
+      - SYS_ADMIN    
+    volumes:
+      - "/sys/fs/cgroup:/sys/fs/cgroup:ro"        
+    groups:
+      - group1
+
+  - name: ansible_test-02
+    image: ubuntu:trusty     
+    groups:
+      - groupold
+
+  - name: ansible_test-03
+    image: centos/systemd
+    command: /sbin/init
+    capabilities:
+      - SYS_ADMIN
+    volumes:
+      - "/sys/fs/cgroup:/sys/fs/cgroup:ro"
+    #privileged: True
+    groups:
+      - group1
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      callback_whitelist: profile_tasks
+  inventory:
+    group_vars:
+      master:
+        burpsrcext: "zip"
+        burp_version: "master"
+        burp_remove_clients:
+          - name: client_to_remove
+          - name: other_client_to_remove
+        burp_server_port_per_operation_bool: true
+  lint:
+    name: ansible-lint
+
+scenario:
+  name: default
+
+verifier:
+  name: testinfra
+  lint:
+    name: flake8

molecule/default/playbook.yml

@@ -0,0 +1,6 @@
+---
+- name: Converge
+  hosts: all
+  roles:
+    - role: ansible-role-nagios
+    - role: ansible_nagios4_server_config

molecule/default/prepare.yml

@@ -0,0 +1,5 @@
+---
+- name: Prepare
+  hosts: all
+  gather_facts: false
+  tasks: []

molecule/default/requirements.yml

@@ -0,0 +1,4 @@
+# from GitHub, overriding the name and specifying a specific tag
+- src: https://github.com/CoffeeITWorks/ansible-role-nagios.git
+  version: master
+  name: ansible-role-nagios

molecule/default/tests/test_default.py

@@ -0,0 +1,14 @@
+import os
+
+import testinfra.utils.ansible_runner
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+
+
+def test_hosts_file(host):
+    f = host.file('/etc/hosts')
+
+    assert f.exists
+    assert f.user == 'root'
+    assert f.group == 'root'

requirements.yml

@@ -0,0 +1,4 @@
+# from GitHub, overriding the name and specifying a specific tag
+- src: https://github.com/CoffeeITWorks/ansible-role-nagios.git
+  version: master
+  name: ansible-role-nagios

run_local_molecule.sh

@@ -0,0 +1,7 @@
+# https://molecule.readthedocs.io/en/latest/examples.html#docker
+docker run --rm -it --privileged=True \
+    -v "$(pwd)":/tmp/$(basename "${PWD}"):ro \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -w /tmp/$(basename "${PWD}") \
+    retr0h/molecule:latest \
+    sudo molecule converge

run_local_molecule_basic.sh

@@ -0,0 +1,26 @@
+# https://molecule.readthedocs.io/en/latest/examples.html#docker
+# https://hub.docker.com/r/fminzoni/molecule/
+# install docker (sudo pip install docker) / if some error appears try with docker-py
+# install ansible
+# run from repository role
+docker run --rm -it --privileged=True \
+    -v "$(pwd)":/tmp/$(basename "${PWD}"):ro \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -w /tmp/$(basename "${PWD}") \
+    retr0h/molecule:latest \
+    sudo molecule --debug syntax
+
+docker run --rm -it --privileged=True \
+    -v "$(pwd)":/tmp/$(basename "${PWD}"):ro \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -w /tmp/$(basename "${PWD}") \
+    retr0h/molecule:latest \
+    sudo molecule --debug create
+
+
+docker run --rm -it --privileged=True \
+    -v "$(pwd)":/tmp/$(basename "${PWD}"):ro \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -w /tmp/$(basename "${PWD}") \
+    retr0h/molecule:latest \
+    sudo molecule converge

run_local_molecule_destroy.sh

@@ -0,0 +1,10 @@
+# https://molecule.readthedocs.io/en/latest/examples.html#docker
+docker run --rm -it --privileged=True \
+    -v "$(pwd)":/tmp/$(basename "${PWD}"):ro \
+    -v /var/run/docker.sock:/var/run/docker.sock \
+    -w /tmp/$(basename "${PWD}") \
+    retr0h/molecule:latest \
+    sudo molecule destroy
+
+
+rm -rf molecule/default/.molecule/

tasks/multi_os.yml

@@ -9,3 +9,9 @@
     - "../vars/{{ ansible_distribution }}.yml"
     - "../vars/{{ ansible_os_family }}.yml"
     - "../vars/defaults.yml"
+
+- name: Include Distribution version specific variables for major_version
+  with_first_found: 
+    - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+    - "../vars/{{ ansible_os_family }}.yml"
+    - "../vars/defaults.yml"

vars/RedHat.yml

@@ -28,14 +28,14 @@ nagios_packages:
 
 sudoers_file: '/etc/sudoers'
 
-nagios_etc: '/etc/nagios'
-nagios_config_cfg_dir: "{{ nagios_etc }}/objects"
+nagios_etc: '/usr/local/nagios/etc'
+nagios_config_cfg_dir: "{{ nagios_etc }}/conf.d"
+nagios_plugins_dir: '/usr/lib/nagios/plugins/'
 
-# --- still requires work:
-nagios_version: 3
-nagios_service: nagios3
-nagios_config_file: /etc/nagios/nagios.cfg
-nagios_cgi_file: /etc/nagios/cgi.cfg
+nagios_version: 4
+nagios_service: nagios
+nagios_config_file: "{{ nagios_etc }}/nagios.cfg"
+nagios_cgi_file: "{{ nagios_etc }}/cgi.cfg"
 nsca_config_file: /etc/nsca.cfg
 nsca_service: nsca
 

vars/Ubuntu-18.yml

@@ -0,0 +1,15 @@
+---
+
+nagios_packages:
+  - nsca
+  - python-passlib  # Required for the htpasswd Ansible module
+  - nagios-nrpe-plugin
+  - libswitch-perl
+  - rrdtool
+  - librrds-perl
+  - libwww-perl
+  - libjson-perl
+  - nagios-plugins-extra
+  - nagios-plugins-contrib
+  - nagios-plugin-check-multi
+  - libsys-statistics-linux-perl # For check_linux_stats.pl

vars/Ubuntu.yml

@@ -10,7 +10,6 @@ nagios_packages:
   - libswitch-perl
   - rrdtool
   - librrds-perl
-  - php5-gd
   - libwww-perl
   - libjson-perl
   - nagios-plugins-extra
@@ -30,6 +29,5 @@ nagios_config_file: "{{ nagios_etc }}/nagios.cfg"
 nagios_cgi_file: "{{ nagios_etc }}/cgi.cfg"
 nsca_config_file: /etc/nsca.cfg
 nsca_service: nsca
-npcd_service: npcd
 
 nagios_config_command_file: /usr/local/nagios/var/rw/nagios.cmd