Initial molecule thanks to @bbaassssiiee in rh8

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2023-03-20 15:15:49 +00:00 · 2023-03-20 15:15:49 +00:00 · dadbeaa84e
commit dadbeaa84e
parent 30abc4b9d0
9 changed files with 205 additions and 0 deletions
--- a/molecule/default/converge.yml
+++ b/molecule/default/converge.yml
@ -0,0 +1,27 @@
+---
+# This is a playbook to test the tasks.
+- name: Converge
+  hosts: all
+  gather_facts: true
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+    ansible_user: root
+    system_is_container: true
+    rhel9cis_selinux_disable: true
+    rhel9cis_rule_5_3_4: false
+    rhel9cis_rule_1_1_10: false
+    rhel9cis_firewall: "none"
+    rhel9cis_rule_4_1_1_1: false
+    rhel9cis_rule_4_1_1_2: false
+    rhel9cis_rule_4_1_1_3: false
+    rhel9cis_rule_4_1_1_4: false
+    rhel9cis_rule_4_2_1_2: false
+    rhel9cis_rule_4_2_1_4: false
+    rhel9cis_rule_5_1_1: false
+
+  pre_tasks:
+  tasks:
+    - name: "Include tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
--- a/molecule/default/molecule.yml
+++ b/molecule/default/molecule.yml
@ -0,0 +1,34 @@
+---
+# Molecule configuration
+# https://molecule.readthedocs.io/en/latest/
+
+driver:
+  name: docker
+
+platforms:
+  - name: ubi9
+    image: registry.access.redhat.com/ubi9/ubi-init
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    command: "/usr/sbin/init"
+    capabilities:
+      - SYS_ADMIN
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      callbacks_enabled: profile_tasks, timer
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+  flake8
+
+verifier:
+  name: ansible
+
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
@ -0,0 +1,13 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+
+  tasks:
+    - name: "Include verify tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+        tasks_from: verify
--- a/molecule/localhost/converge.yml
+++ b/molecule/localhost/converge.yml
@ -0,0 +1,18 @@
+---
+# This is a playbook to test the tasks.
+- name: Converge
+  hosts: all
+  become: true
+  gather_facts: true
+
+  vars:
+    ansible_user: "{{ lookup('env', 'USER') }}"
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+    rhel9cis_rule_5_3_4: false
+
+  pre_tasks:
+  tasks:
+    - name: "Include tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+
--- a/molecule/localhost/molecule.yml
+++ b/molecule/localhost/molecule.yml
@ -0,0 +1,30 @@
+---
+# Molecule configuration
+# https://molecule.readthedocs.io/en/latest/
+
+driver:
+  name: delegated
+  options:
+    managed: false
+    ansible_connection_options:
+      ansible_connection: local
+platforms:
+  - name: localhost
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      stdout_callback: yaml
+      callbacks_enabled: profile_tasks, timer
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+  flake8
+
+verifier:
+  name: ansible
+
--- a/molecule/localhost/verify.yml
+++ b/molecule/localhost/verify.yml
@ -0,0 +1,14 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+  become: true
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+
+  tasks:
+    - name: "Include verify tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+        tasks_from: verify
--- a/molecule/wsl/converge.yml
+++ b/molecule/wsl/converge.yml
@ -0,0 +1,27 @@
+---
+# This is a playbook to test the tasks.
+- name: Converge
+  hosts: all
+  become: true
+  gather_facts: true
+
+  vars:
+    ansible_user: "{{ lookup('env', 'USER') }}"
+    system_is_container: true
+    rhel8cis_selinux_disable: true
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+    rhel8cis_rule_5_3_4: false
+    rhel8cis_rule_1_1_10: false
+    rhel8cis_rsyslog_ansiblemanaged: false
+    rhel8cis_rule_3_4_1_3: false
+    rhel8cis_rule_3_4_1_4: false
+    rhel8cis_rule_4_2_1_2: false
+    rhel8cis_rule_4_2_1_4: false
+    rhel8cis_rule_5_1_1: false
+
+  pre_tasks:
+  tasks:
+    - name: "Include tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+
--- a/molecule/wsl/molecule.yml
+++ b/molecule/wsl/molecule.yml
@ -0,0 +1,29 @@
+---
+# Molecule configuration
+# https://molecule.readthedocs.io/en/latest/
+
+driver:
+  name: delegated
+  options:
+    managed: false
+    ansible_connection_options:
+      ansible_connection: local
+platforms:
+  - name: localhost
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      callbacks_enabled: profile_tasks, timer
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+  flake8
+
+verifier:
+  name: ansible
+
--- a/molecule/wsl/verify.yml
+++ b/molecule/wsl/verify.yml
@ -0,0 +1,13 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+
+  tasks:
+    - name: "Include verify tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+        tasks_from: verify