Update Repo (#1)

* Replaced manifest files with double extention to '-' (techno-tim#41) Co-authored-by: Adrian Jones <[email protected]> * Fix .gitignore (techno-tim#40) For more details, see: https://stackoverflow.com/a/20652768 * feat(upgrades): Updated k3s, metalls, and kubevip and fixed bugs (techno-tim#46) * fix(kube-vip): Cleaning up; adding missing rbac api groups * replaced --no-deploy with --disable (techno-tim#49) According to https://rancher.com/docs/k3s/latest/en/installation/install-options/server-config/ > Kubernetes Components section the --disable <value> flag should be used as the --no-deploy is a deprecated option * Add linux-modules-extra-raspi package for Ubuntu 22.x on Raspberry. (techno-tim#50) * Add task for linux-modules-extra-raspi Ubuntu 22.x on Raspberry Pi needs the linux-modules-extra-raspi package for the vxlans kernel module. * Remove linux-modules-extra-reaspi package Not sure we want to do this but including it in the PR anyway for discussion. * Fix k3s manifest (techno-tim#53) * fix(k3s): Remove manifests and folders from bootstrapped cluster * chore(github): Updated issue template * Print fewer logs when removing manifests (techno-tim#55) * fix(ansible): Refactored ansible steps to now install metallb in post… (techno-tim#58) * fix(ansible): Refactored ansible steps to now install metallb in post task and verify * chore(lint): Fix yaml lint * fix(ansible): run task on one master * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): fix lint * fix(ansible): add wait * fix(ci): Fix Linting (techno-tim#61) * Execute Vagrant cluster in CI (techno-tim#57) * add ansible.posix module to requirements.yml (techno-tim#59) Co-authored-by: arch <arch@local> Co-authored-by: Techno Tim <[email protected]> * fix(ansible): added longer wait with todo * fix(ansible): Install services separate from config (techno-tim#63) * Pin GitHub Actions to SHA + Dependabot (techno-tim#62) * feat(repo): Add dependabot * fix(ci): clean up * fix(gh-actions): pin to sha * fix(lint): fixing yaml lint * feat(repo): Add dependabot * fix(vagrant): up retry count to 60 because gh actions are sloooooow * upgrade k3s to v1.24.4+k3s1 (techno-tim#64) * feat(k3s): Upgrade to v1.24.4+k3s1 * feat(metallb): updated to v0.13.5 * fix(ansible): use k3s kubectl * Test playbook using molecule (techno-tim#67) * Test cluster using molecule * Fix detection of first control node * Include --flannel-iface and --node-ip as k3s arguments * Store logs of k3s-init.service as GitHub job artifacts * fix(ansible): fixing permissions on tmp folder * Mitigate CI flakiness (techno-tim#70) * Increase SSH connection timeouts and retries * Make MetalLB timeouts configurable * Retry applying MetalLB CRs * Fix location of MetalLB CRs template * Make MetalLB wait logic more compact * Fix typo * retrigger 1 * retrigger 2 * retrigger 3 * retrigger 4 * retrigger 5 * add editorconfig and fix trailing whitespaces (techno-tim#68) Co-authored-by: Techno Tim <[email protected]> * fix(ansible): Fix group permissions on tmp folder (techno-tim#77) * Test single-node cluster (techno-tim#78) * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * Molecule: Add single_node scenario * Fix get_nodes test for the case of empty groups * Add support for API servers on IPv6 addresses (techno-tim#48) * Remove duplicate file for deletion * Add support for IPv6 clusters To correctly escape IPv6 addresses when ports are used, they must be wrapped in square brackets [1]. This patch adds support for that, using Ansible's ipwrap filter [2]. [1]: https://datatracker.ietf.org/doc/html/rfc4038#section-5.1 [2]: http:https://docs.ansible.com/ansible/latest/collections/ansible/utils/docsite/filters_ipaddr.html#wrapping-ipv6-addresses-in-brackets * Do not abort other molecule jobs on failure * Fix cache keys for Vagrant boxes * Molecule: Derive overrides.yml location from scenario dir # Conflicts: # molecule/default/molecule.yml # molecule/ipv6/molecule.yml * chore(docs): Updated with ansible collections install (techno-tim#89) * chore(docs): Fixing thanks section * chore(docs): Updated with collections command * fix(github): ignore readme updates (techno-tim#94) * Fix master node taints in multi node installs (techno-tim#93) * Taint master nodes if more than one node * Kick off fork workflow tests Co-authored-by: Techno Tim <[email protected]> * CI: Fix linting job for ansible-lint 6.6.0 (techno-tim#96) * CI: Fix linting job for ansible-lint 6.6.0 * Increase MetalLB timeout to mitigate CI flakiness * Drop support for CentOS, test Rocky and Debian in CI (techno-tim#92) * Test CentOS 7 in CI * Drop support for CentOS, test on Rocky and Debian * Fix reset playbook for Rocky Linux * Fix typo * Disable firewalld during testing Co-authored-by: Techno Tim <[email protected]> * fix master taint implementation - linting problems (techno-tim#95) * add virtual-ip to certificate SAN entries Adds the kube-vip IP as a Subject Alternative Name in the TLS cert. It is needed otherwise you cannot access the cluster. * fixes bug with master taints (#1) - improves taint logic * fixes typo * fixes formatting * fixes undefined group['node'] if missing from hosts.ini (#2) * fixes undefined group['node'] if missing from hosts.ini - improves application of master taint by centralizing code * improves molecule testing, fixes linting * hacking at linter problems, small tweaks - increases the metallb timeout error due to intermittent testing errors in GitHub actions * improves context by renaming taint variable - makes variable boolean * fix bug * removes linting hacks Co-authored-by: Ioannis Angelakopoulos <[email protected]> * Fix role order in reset playbook (techno-tim#104) * Fix download-boxes.sh if no boxes are present (techno-tim#106) In case of grep not matching any line, it would return an error code and thus stop the script. This patch sets "present_boxes" to an empty value in case any of the commands fail. * adds colors to molecule testing in GitHub action (techno-tim#109) * Add "collection" to the ansible-galaxy command as it will run without making changes if that collection argument is not provided. (techno-tim#113) * k3s, metallb, kube-vip updates (techno-tim#119) * feat(k3s): Updated to v1.24.6+k3s1 * feat(kube-vip): Update to v0.5.5 * feat(metal-lb): Update to v0.13.6 * fix(pip): Freeze requirements * fix(lint): Fixed ansible-lint * Removing accidental tear-down step that is clearly a typo (techno-tim#117) Co-authored-by: Techno Tim <[email protected]> * chore(deps): bump google-auth from 2.12.0 to 2.13.0 (techno-tim#122) Bumps [google-auth](https://github.com/googleapis/google-auth-library-python) from 2.12.0 to 2.13.0. - [Release notes](https://github.com/googleapis/google-auth-library-python/releases) - [Changelog](https://github.com/googleapis/google-auth-library-python/blob/main/CHANGELOG.md) - [Commits](googleapis/google-auth-library-python@v2.12.0...v2.13.0) --- updated-dependencies: - dependency-name: google-auth dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump oauthlib from 3.2.1 to 3.2.2 (techno-tim#123) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst) - [Commits](oauthlib/oauthlib@v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ruamel-yaml-clib from 0.2.6 to 0.2.7 (techno-tim#124) Bumps [ruamel-yaml-clib](https://sourceforge.net/p/ruamel-yaml-clib/code/ci/default/tree) from 0.2.6 to 0.2.7. --- updated-dependencies: - dependency-name: ruamel-yaml-clib dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump zipp from 3.9.0 to 3.10.0 (techno-tim#128) Bumps [zipp](https://github.com/jaraco/zipp) from 3.9.0 to 3.10.0. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/CHANGES.rst) - [Commits](jaraco/zipp@v3.9.0...v3.10.0) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Pre-commit hooks (techno-tim#125) * feat: pre-commit * empty * fix: requirements.txt * chore(deps): bump ansible-lint from 6.8.2 to 6.8.3 (techno-tim#129) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.2 to 6.8.3. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.2...v6.8.3) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansible-lint from 6.8.3 to 6.8.4 (techno-tim#130) Bumps [ansible-lint](https://github.com/ansible-community/ansible-lint) from 6.8.3 to 6.8.4. - [Release notes](https://github.com/ansible-community/ansible-lint/releases) - [Commits](ansible/ansible-lint@v6.8.3...v6.8.4) --- updated-dependencies: - dependency-name: ansible-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(ci): switching to self-hosted runners (techno-tim#133) * feat(ci): switching to self-hosted runners * feat(gh-actions-controller): added * feat(gh-actions-controller): added * Revert "feat(ci): switching to self-hosted runners (techno-tim#133)" (techno-tim#135) This reverts commit a840571. * chore(deps): bump pyrsistent from 0.18.1 to 0.19.2 (techno-tim#141) Bumps [pyrsistent](https://github.com/tobgu/pyrsistent) from 0.18.1 to 0.19.2. - [Release notes](https://github.com/tobgu/pyrsistent/releases) - [Changelog](https://github.com/tobgu/pyrsistent/blob/master/CHANGES.txt) - [Commits](https://github.com/tobgu/pyrsistent/commits) --- updated-dependencies: - dependency-name: pyrsistent dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(requirements.txt): Use pip-compile (techno-tim#148) * fix(requirements.txt): Use pip-compile * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * fix(lint): Remove anchors from molecule since they aren't yet supported via lint * GitHub Actions Fixes (techno-tim#150) * chore: ⚡ Multiple configuration changes (techno-tim#144) Added yaml stdout for better readability, optimize ssh connections, moved become to correct section * Adding additional reboot (optional) (techno-tim#139) * Create reboot.yml * Create reboot.sh * Updated the Playbook and Tasks Name Co-authored-by: Techno Tim <[email protected]> * Updates (techno-tim#151) * fix(gitignore): Add ansible logs * chore(metallb): Updated to 0.13.9 * chore(metallb): Updated to 1.24.7 * chore(python): Upddate dependencies * fix(metal-lb): set to 0.13.7 (latest released) * fix(requirements.txt): dedup and sort alpha * docs(README): Updated readme with fixes and context (techno-tim#154) * chore(dependencies): updated kube-vip to 0.5.6 (techno-tim#166) * Pre commit fixes (techno-tim#167) * chore(dependencies): updated kube-vip to 0.5.6 * fix(pre-commit): pin to hash * fix(pre-commit): added more hooks and fixed lint * fix(pre-commit): added pre-commit hook so we don't have to run it manually * fix(pre-commit): Added docs to readme * fix(pre-commit): added texthooks * fix(pre-commit): pin to hash * fix(pre-commit): added mor hooks and fixed lint * fix(lint): Fixing quotes * fix(ci): only run test if linting passes * fix(ci): convert to reusable workflows * fix(pr template): Reorder steps * fix(ci): remove self-hosted * chore(deps): bump pre-commit-hooks from 4.3.0 to 4.4.0 (techno-tim#168) Bumps [pre-commit-hooks](https://github.com/pre-commit/pre-commit-hooks) from 4.3.0 to 4.4.0. - [Release notes](https://github.com/pre-commit/pre-commit-hooks/releases) - [Changelog](https://github.com/pre-commit/pre-commit-hooks/blob/main/CHANGELOG.md) - [Commits](pre-commit/pre-commit-hooks@v4.3.0...v4.4.0) --- updated-dependencies: - dependency-name: pre-commit-hooks dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Techno Tim <[email protected]> * "command" module no longer supports "warn" argument (techno-tim#169) * "command" module no longer supports "warn" argument * correct indetation lint errors * fix: config warning callback_whitelist (techno-tim#170) Co-authored-by: Jan Jansen <[email protected]> * K3s 1 24 8 (techno-tim#171) * chore(dependencies): Updated actions * chore(dependencies): updated to k3s to v1.24.8+k3s1 and kube-vip to v0.5.7 * chore(deps): bump molecule from 4.0.3 to 4.0.4 (techno-tim#175) Bumps [molecule](https://github.com/ansible-community/molecule) from 4.0.3 to 4.0.4. - [Release notes](https://github.com/ansible-community/molecule/releases) - [Commits](ansible/molecule@v4.0.3...v4.0.4) --- updated-dependencies: - dependency-name: molecule dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ansible-core from 2.13.5 to 2.14.1 (techno-tim#176) Bumps [ansible-core](https://github.com/ansible/ansible) from 2.13.5 to 2.14.1. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](ansible/ansible@v2.13.5...v2.14.1) --- updated-dependencies: - dependency-name: ansible-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: SwaggaRitz <[email protected]> Co-authored-by: Adrian Jones <[email protected]> Co-authored-by: Simon Leiner <[email protected]> Co-authored-by: Techno Tim <[email protected]> Co-authored-by: slemmercs <[email protected]> Co-authored-by: Lance A. Brown <[email protected]> Co-authored-by: niki-on-github <[email protected]> Co-authored-by: arch <arch@local> Co-authored-by: Vitalij Dovhanyc <[email protected]> Co-authored-by: BMeach <[email protected]> Co-authored-by: Ioannis Angelakopoulos <[email protected]> Co-authored-by: Ioannis Angelakopoulos <[email protected]> Co-authored-by: ccoane <[email protected]> Co-authored-by: Irakli Nadareishvili <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: samerbahri98 <[email protected]> Co-authored-by: snoopy82481 <[email protected]> Co-authored-by: automationxpert <[email protected]> Co-authored-by: Sherif Metwally <[email protected]> Co-authored-by: theonejj <[email protected]> Co-authored-by: Jan Jansen <[email protected]>
doug-murray · Dec 9, 2022 · 8d986d5 · 8d986d5
1 parent 909d85e
commit 8d986d5
Show file tree

Hide file tree

Showing 75 changed files with 3,283 additions and 678 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -1,3 +1,17 @@
 ---
+exclude_paths:
+ # default paths
+ - '.cache/'
+ - '.github/'
+ - 'test/fixtures/formatting-before/'
+ - 'test/fixtures/formatting-prettier/'
+
+ # The "converge" and "reset" playbooks use import_playbook in
+ # conjunction with the "env" lookup plugin, which lets the
+ # syntax check of ansible-lint fail.
+ - 'molecule/**/converge.yml'
+ - 'molecule/**/prepare.yml'
+ - 'molecule/**/reset.yml'
+
 skip_list:
  - 'fqcn-builtins'
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,13 @@
+root = true
+[*]
+indent_style = space
+indent_size = 2
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+end_of_line = lf
+max_line_length = off
+[Makefile]
+indent_style = tab
+[*.go]
+indent_style = tab
diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md
@@ -26,7 +26,7 @@ Operating system:
 
 Hardware:
 
-### Variables Used:
+### Variables Used
 
 `all.yml`
 
@@ -52,7 +52,7 @@ metal_lb_controller_tag_version: ""
 metal_lb_ip_range: ""
 ```
 
-### Hosts 
+### Hosts
 
 `host.ini`
 
@@ -73,3 +73,5 @@ node
 
 ## Possible Solution
 <!--- Not obligatory, but suggest a fix/reason for the bug, -->
+
+- [ ] I've checked the [General Troubleshooting Guide](https://github.com/techno-tim/k3s-ansible/discussions/20)
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -11,4 +11,5 @@
 - [ ] Ran `site.yml` playbook
 - [ ] Ran `reset.yml` playbook
 - [ ] Did not add any unnecessary changes
+- [ ] Ran pre-commit install at least once before committing
 - [ ] 🚀
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+---
+version: 2
+updates:
+ - package-ecosystem: "pip"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ rebase-strategy: "auto"
+ ignore:
+ - dependency-name: "*"
+ update-types: ["version-update:semver-major"]
diff --git a/.github/download-boxes.sh b/.github/download-boxes.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# download-boxes.sh
+# Check all molecule.yml files for required Vagrant boxes and download the ones that are not
+# already present on the system.
+
+set -euo pipefail
+
+GIT_ROOT=$(git rev-parse --show-toplevel)
+PROVIDER=virtualbox
+
+# Read all boxes for all platforms from the "molecule.yml" files
+all_boxes=$(cat "${GIT_ROOT}"/molecule/*/molecule.yml |
+ yq -r '.platforms[].box' | # Read the "box" property of each node under "platforms"
+ grep --invert-match --regexp=--- | # Filter out file separators
+ sort |
+ uniq)
+
+# Read the boxes that are currently present on the system (for the current provider)
+present_boxes=$(
+ (vagrant box list |
+ grep "${PROVIDER}" | # Filter by boxes available for the current provider
+ awk '{print $1;}' | # The box name is the first word in each line
+ sort |
+ uniq) ||
+ echo "" # In case any of these commands fails, just use an empty list
+)
+
+# The boxes that we need to download are the ones present in $all_boxes, but not $present_boxes.
+download_boxes=$(comm -2 -3 <(echo "${all_boxes}") <(echo "${present_boxes}"))
+
+# Actually download the necessary boxes
+if [ -n "${download_boxes}" ]; then
+ echo "${download_boxes}" | while IFS= read -r box; do
+ vagrant box add --provider "${PROVIDER}" "${box}"
+ done
+fi
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,15 @@
+---
+name: "CI"
+on:
+ pull_request:
+ push:
+ branches:
+ - master
+ paths-ignore:
+ - '**/README.md'
+jobs:
+ lint:
+ uses: ./.github/workflows/lint.yml
+ test:
+ uses: ./.github/workflows/test.yml
+ needs: [lint]
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -1,31 +1,68 @@
 ---
-name: Lint
-'on':
- pull_request:
- push:
- branches:
- - master
-
+name: Linting
+on:
+ workflow_call:
 jobs:
-
- test:
- name: Lint
+ pre-commit-ci:
+ name: Pre-Commit
  runs-on: ubuntu-latest
+ env:
+ PYTHON_VERSION: "3.10"
 
  steps:
- - name: Check out the codebase.
- uses: actions/checkout@v2
+ - name: Check out the codebase
+ uses: actions/checkout@e2f20e631ae6d7dd3b768f56a5d2af784dd54791 # v3 2.5.0
+ with:
+ ref: ${{ github.event.pull_request.head.sha }}
+
+ - name: Set up Python ${{ env.PYTHON_VERSION }}
+ uses: actions/setup-python@75f3110429a8c05be0e1bf360334e4cced2b63fa # 2.3.3
+ with:
+ python-version: ${{ env.PYTHON_VERSION }}
+ cache: 'pip' # caching pip dependencies
+
+ - name: Cache pip
+ uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # 3.0.11
+ with:
+ path: ~/.cache/pip
+ key: ${{ runner.os }}-pip-${{ hashFiles('./requirements.txt') }}
+ restore-keys: |
+ ${{ runner.os }}-pip-
 
- - name: Set up Python 3.7.
- uses: actions/setup-python@v2
+ - name: Cache Ansible
+ uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # 3.0.11
  with:
- python-version: '3.x'
+ path: ~/.ansible/collections
+ key: ${{ runner.os }}-ansible-${{ hashFiles('collections/requirements.txt') }}
+ restore-keys: |
+ ${{ runner.os }}-ansible-
+
+ - name: Install dependencies
+ run: |
+ echo "::group::Upgrade pip"
+ python3 -m pip install --upgrade pip
+ echo "::endgroup::"
+
+ echo "::group::Install Python requirements from requirements.txt"
+ python3 -m pip install -r requirements.txt
+ echo "::endgroup::"
 
- - name: Install test dependencies.
- run: pip3 install yamllint ansible-lint ansible
+ echo "::group::Install Ansible role requirements from collections/requirements.yml"
+ ansible-galaxy install -r collections/requirements.yml
+ echo "::endgroup::"
 
- - name: Run yamllint.
- run: yamllint .
+ - name: Run pre-commit
+ uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507 # 3.0.0
 
- - name: Run ansible-lint.
- run: ansible-lint
+ ensure-pinned-actions:
+ name: Ensure SHA Pinned Actions
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@e2f20e631ae6d7dd3b768f56a5d2af784dd54791 # v3 2.5.0
+ - name: Ensure SHA pinned actions
+ uses: zgosalvez/github-actions-ensure-sha-pinned-actions@af2eb3226618e2494e3d9084f515ad6dcf16e229 # 2.0.1
+ with:
+ allowlist: |
+ aws-actions/
+ docker/login-action
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,91 @@
+---
+name: Test
+on:
+ workflow_call:
+jobs:
+ molecule:
+ name: Molecule
+ runs-on: macos-12
+ strategy:
+ matrix:
+ scenario:
+ - default
+ - ipv6
+ - single_node
+ fail-fast: false
+ env:
+ PYTHON_VERSION: "3.10"
+
+ steps:
+ - name: Check out the codebase
+ uses: actions/checkout@e2f20e631ae6d7dd3b768f56a5d2af784dd54791 # v3 2.5.0
+ with:
+ ref: ${{ github.event.pull_request.head.sha }}
+
+ - name: Configure VirtualBox
+ run: |-
+ sudo mkdir -p /etc/vbox
+ cat <<EOF | sudo tee -a /etc/vbox/networks.conf > /dev/null
+ * 192.168.30.0/24
+ * fdad:bad:ba55::/64
+ EOF
+
+ - name: Cache pip
+ uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # 3.0.11
+ with:
+ path: ~/.cache/pip
+ key: ${{ runner.os }}-pip-${{ hashFiles('./requirements.txt') }}
+ restore-keys: |
+ ${{ runner.os }}-pip-
+
+ - name: Cache Vagrant boxes
+ uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # 3.0.11
+ with:
+ path: |
+ ~/.vagrant.d/boxes
+ key: vagrant-boxes-${{ hashFiles('**/molecule.yml') }}
+ restore-keys: |
+ vagrant-boxes
+
+ - name: Download Vagrant boxes for all scenarios
+ # To save some cache space, all scenarios share the same cache key.
+ # On the other hand, this means that the cache contents should be
+ # the same across all scenarios. This step ensures that.
+ run: ./.github/download-boxes.sh
+
+ - name: Set up Python ${{ env.PYTHON_VERSION }}
+ uses: actions/setup-python@75f3110429a8c05be0e1bf360334e4cced2b63fa # 2.3.3
+ with:
+ python-version: ${{ env.PYTHON_VERSION }}
+ cache: 'pip' # caching pip dependencies
+
+ - name: Install dependencies
+ run: |
+ echo "::group::Upgrade pip"
+ python3 -m pip install --upgrade pip
+ echo "::endgroup::"
+
+ echo "::group::Install Python requirements from requirements.txt"
+ python3 -m pip install -r requirements.txt
+ echo "::endgroup::"
+
+ - name: Test with molecule
+ run: molecule test --scenario-name ${{ matrix.scenario }}
+ env:
+ ANSIBLE_K3S_LOG_DIR: ${{ runner.temp }}/logs/k3s-ansible/${{ matrix.scenario }}
+ ANSIBLE_SSH_RETRIES: 4
+ ANSIBLE_TIMEOUT: 60
+ PY_COLORS: 1
+ ANSIBLE_FORCE_COLOR: 1
+
+ - name: Upload log files
+ if: always() # do this even if a step before has failed
+ uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # 3.1.1
+ with:
+ name: logs
+ path: |
+ ${{ runner.temp }}/logs
+
+ - name: Delete old box versions
+ if: always() # do this even if a step before has failed
+ run: vagrant box prune --force
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
-.vagrant
+.env/
+*.log
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,35 @@
+---
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: 3298ddab3c13dd77d6ce1fc0baf97691430d84b0 # v4.3.0
+ hooks:
+ - id: requirements-txt-fixer
+ - id: sort-simple-yaml
+ - id: detect-private-key
+ - id: check-merge-conflict
+ - id: end-of-file-fixer
+ - id: mixed-line-ending
+ - id: trailing-whitespace
+ args: [--markdown-linebreak-ext=md]
+ - repo: https://github.com/adrienverge/yamllint.git
+ rev: 9cce2940414e9560ae4c8518ddaee2ac1863a4d2 # v1.28.0
+ hooks:
+ - id: yamllint
+ args: [-c=.yamllint]
+ - repo: https://github.com/ansible-community/ansible-lint.git
+ rev: a058554b9bcf88f12ad09ab9fb93b267a214368f # v6.8.6
+ hooks:
+ - id: ansible-lint
+ - repo: https://github.com/shellcheck-py/shellcheck-py
+ rev: 4c7c3dd7161ef39e984cb295e93a968236dc8e8a # v0.8.0.4
+ hooks:
+ - id: shellcheck
+ - repo: https://github.com/Lucas-C/pre-commit-hooks
+ rev: 04618e68aa2380828a36a23ff5f65a06ae8f59b9 # v1.3.1
+ hooks:
+ - id: remove-crlf
+ - id: remove-tabs
+ - repo: https://github.com/sirosen/texthooks
+ rev: 30d9af95631de0d7cff4e282bde9160d38bb0359 # 0.4.0
+ hooks:
+ - id: fix-smartquotes
diff --git a/LICENSE b/LICENSE
@@ -174,4 +174,4 @@
  incurred by, or claims asserted against, such Contributor by reason
  of your accepting any such warranty or additional liability.
 
- END OF TERMS AND CONDITIONS
+ END OF TERMS AND CONDITIONS