From dadbeaa84efe439899f6a2edb8170a995dfb82ee Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 20 Mar 2023 15:15:49 +0000
Subject: [PATCH] Initial molecule thanks to @bbaassssiiee in rh8

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 molecule/default/converge.yml   | 27 ++++++++++++++++++++++++++
 molecule/default/molecule.yml   | 34 +++++++++++++++++++++++++++++++++
 molecule/default/verify.yml     | 13 +++++++++++++
 molecule/localhost/converge.yml | 18 +++++++++++++++++
 molecule/localhost/molecule.yml | 30 +++++++++++++++++++++++++++++
 molecule/localhost/verify.yml   | 14 ++++++++++++++
 molecule/wsl/converge.yml       | 27 ++++++++++++++++++++++++++
 molecule/wsl/molecule.yml       | 29 ++++++++++++++++++++++++++++
 molecule/wsl/verify.yml         | 13 +++++++++++++
 9 files changed, 205 insertions(+)
 create mode 100644 molecule/default/converge.yml
 create mode 100644 molecule/default/molecule.yml
 create mode 100644 molecule/default/verify.yml
 create mode 100644 molecule/localhost/converge.yml
 create mode 100644 molecule/localhost/molecule.yml
 create mode 100644 molecule/localhost/verify.yml
 create mode 100644 molecule/wsl/converge.yml
 create mode 100644 molecule/wsl/molecule.yml
 create mode 100644 molecule/wsl/verify.yml

diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
new file mode 100644
index 0000000..d558e80
--- /dev/null
+++ b/molecule/default/converge.yml
@@ -0,0 +1,27 @@
+---
+# This is a playbook to test the tasks.
+- name: Converge
+  hosts: all
+  gather_facts: true
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+    ansible_user: root
+    system_is_container: true
+    rhel9cis_selinux_disable: true
+    rhel9cis_rule_5_3_4: false
+    rhel9cis_rule_1_1_10: false
+    rhel9cis_firewall: "none"
+    rhel9cis_rule_4_1_1_1: false
+    rhel9cis_rule_4_1_1_2: false
+    rhel9cis_rule_4_1_1_3: false
+    rhel9cis_rule_4_1_1_4: false
+    rhel9cis_rule_4_2_1_2: false
+    rhel9cis_rule_4_2_1_4: false
+    rhel9cis_rule_5_1_1: false
+
+  pre_tasks:
+  tasks:
+    - name: "Include tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
new file mode 100644
index 0000000..55a6274
--- /dev/null
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,34 @@
+---
+# Molecule configuration
+# https://molecule.readthedocs.io/en/latest/
+
+driver:
+  name: docker
+
+platforms:
+  - name: ubi9
+    image: registry.access.redhat.com/ubi9/ubi-init
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: true
+    command: "/usr/sbin/init"
+    capabilities:
+      - SYS_ADMIN
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      callbacks_enabled: profile_tasks, timer
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+  flake8
+
+verifier:
+  name: ansible
+
diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
new file mode 100644
index 0000000..5c57ab4
--- /dev/null
+++ b/molecule/default/verify.yml
@@ -0,0 +1,13 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+
+  tasks:
+    - name: "Include verify tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+        tasks_from: verify
diff --git a/molecule/localhost/converge.yml b/molecule/localhost/converge.yml
new file mode 100644
index 0000000..6dadcfc
--- /dev/null
+++ b/molecule/localhost/converge.yml
@@ -0,0 +1,18 @@
+---
+# This is a playbook to test the tasks.
+- name: Converge
+  hosts: all
+  become: true
+  gather_facts: true
+
+  vars:
+    ansible_user: "{{ lookup('env', 'USER') }}"
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+    rhel9cis_rule_5_3_4: false
+
+  pre_tasks:
+  tasks:
+    - name: "Include tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+
diff --git a/molecule/localhost/molecule.yml b/molecule/localhost/molecule.yml
new file mode 100644
index 0000000..9454705
--- /dev/null
+++ b/molecule/localhost/molecule.yml
@@ -0,0 +1,30 @@
+---
+# Molecule configuration
+# https://molecule.readthedocs.io/en/latest/
+
+driver:
+  name: delegated
+  options:
+    managed: false
+    ansible_connection_options:
+      ansible_connection: local
+platforms:
+  - name: localhost
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      stdout_callback: yaml
+      callbacks_enabled: profile_tasks, timer
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+  flake8
+
+verifier:
+  name: ansible
+
diff --git a/molecule/localhost/verify.yml b/molecule/localhost/verify.yml
new file mode 100644
index 0000000..58afa46
--- /dev/null
+++ b/molecule/localhost/verify.yml
@@ -0,0 +1,14 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+  become: true
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+
+  tasks:
+    - name: "Include verify tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+        tasks_from: verify
diff --git a/molecule/wsl/converge.yml b/molecule/wsl/converge.yml
new file mode 100644
index 0000000..0f5f3e6
--- /dev/null
+++ b/molecule/wsl/converge.yml
@@ -0,0 +1,27 @@
+---
+# This is a playbook to test the tasks.
+- name: Converge
+  hosts: all
+  become: true
+  gather_facts: true
+
+  vars:
+    ansible_user: "{{ lookup('env', 'USER') }}"
+    system_is_container: true
+    rhel8cis_selinux_disable: true
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+    rhel8cis_rule_5_3_4: false
+    rhel8cis_rule_1_1_10: false
+    rhel8cis_rsyslog_ansiblemanaged: false
+    rhel8cis_rule_3_4_1_3: false
+    rhel8cis_rule_3_4_1_4: false
+    rhel8cis_rule_4_2_1_2: false
+    rhel8cis_rule_4_2_1_4: false
+    rhel8cis_rule_5_1_1: false
+
+  pre_tasks:
+  tasks:
+    - name: "Include tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+
diff --git a/molecule/wsl/molecule.yml b/molecule/wsl/molecule.yml
new file mode 100644
index 0000000..9360997
--- /dev/null
+++ b/molecule/wsl/molecule.yml
@@ -0,0 +1,29 @@
+---
+# Molecule configuration
+# https://molecule.readthedocs.io/en/latest/
+
+driver:
+  name: delegated
+  options:
+    managed: false
+    ansible_connection_options:
+      ansible_connection: local
+platforms:
+  - name: localhost
+
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+      callbacks_enabled: profile_tasks, timer
+
+lint: |
+  set -e
+  yamllint .
+  ansible-lint
+  flake8
+
+verifier:
+  name: ansible
+
diff --git a/molecule/wsl/verify.yml b/molecule/wsl/verify.yml
new file mode 100644
index 0000000..5c57ab4
--- /dev/null
+++ b/molecule/wsl/verify.yml
@@ -0,0 +1,13 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+
+  vars:
+    role_name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+
+  tasks:
+    - name: "Include verify tasks"
+      ansible.builtin.include_role:
+        name: "{{ role_name }}"
+        tasks_from: verify