v10.0.0 (#162)

* remove support for Fedora 35 / add support for Fedora 36 * remove Fedora 34 + add Fedora 36 to Molecule test * fix Jinja2 spacing * fix Jinja2 spacing * improve the task key order to: name, when, tags, block * handlers/main.yml: names should start with an uppercase letter * tasks/main.yml: names should start with an uppercase letter * add .yamllint * add Github release action to push new release to Ansible Galaxy * add Molecule setup for openSUSE 15.4 * molecule/kvm-single-server: add verify.yml / enable verifier * update CHANGELOG
githubixx · Sep 27, 2022 · 3821005 · 3821005
1 parent fad7b1d
commit 3821005
Show file tree

Hide file tree

Showing 14 changed files with 180 additions and 47 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,39 @@
+---
+# This workflow requires a GALAXY_API_KEY secret present in the GitHub
+# repository or organization.
+#
+# See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy
+# See: https://github.com/ansible/galaxy/issues/46
+
+name: Release
+on:
+  push:
+    tags:
+      - '*'
+
+defaults:
+  run:
+    working-directory: 'githubixx.ansible_role_wireguard'
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v2
+        with:
+          path: 'githubixx.ansible_role_wireguard'
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+
+      - name: Install Ansible.
+        run: pip3 install ansible-core
+
+      - name: Trigger a new import on Galaxy.
+        run: >-
+          ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }}
+          $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2)
diff --git a/.yamllint b/.yamllint
@@ -0,0 +1,9 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 150
+    level: warning
+
+  comments-indentation: disable
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,18 @@ SPDX-License-Identifier: GPL-3.0-or-later
 
 # Changelog
 
+## 10.0.0
+
+- remove Fedora 34 + add Fedora 36 to Molecule test
+- remove support for Fedora 35 / add support for Fedora 36
+- add Molecule setup for openSUSE 15.4
+- add Github release action to push new release to Ansible Galaxy
+- add `.yamllint`
+- `tasks/main.yml`: names should start with an uppercase letter
+- `handlers/main.yml`: names should start with an uppercase letter
+- improve the task key order to: name, when, tags, block
+- fix Jinja2 spacing
+
 ## 9.3.0
 
 - add support for Ubuntu 22.04 (Jammy Jellyfish)

diff --git a/handlers/main.yml b/handlers/main.yml
@@ -2,7 +2,7 @@
 # Copyright (C) 2018-2022 Robert Wimmer
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-- name: restart wireguard
+- name: Restart wireguard
   ansible.builtin.service:
     name: "wg-quick@{{ wireguard_interface }}"
     state: "{{ item }}"
@@ -15,13 +15,13 @@
     - wireguard_service_enabled == "yes"
   listen: "reconfigure wireguard"
 
-- name: syncconf wireguard
+- name: Syncconf wireguard
   ansible.builtin.shell: |
     set -o errexit
     set -o pipefail
     set -o nounset
-    systemctl is-active wg-quick@{{ wireguard_interface|quote }} || systemctl start wg-quick@{{ wireguard_interface|quote }}
-    wg syncconf {{ wireguard_interface|quote }} <(wg-quick strip /etc/wireguard/{{ wireguard_interface|quote }}.conf)
+    systemctl is-active wg-quick@{{ wireguard_interface | quote }} || systemctl start wg-quick@{{ wireguard_interface | quote }}
+    wg syncconf {{ wireguard_interface | quote }} <(wg-quick strip /etc/wireguard/{{ wireguard_interface | quote }}.conf)
     exit 0
   args:
     executable: "/bin/bash"

diff --git a/meta/main.yml b/meta/main.yml
@@ -1,3 +1,4 @@
+---
 # Copyright (C) 2018-2022 Robert Wimmer
 # SPDX-License-Identifier: GPL-3.0-or-later
 
@@ -25,8 +26,8 @@ galaxy_info:
         - "8"
     - name: Fedora
       versions:
-        - "34"
         - "35"
+        - "36"
     - name: opensuse
       versions:
         - "15.3"

diff --git a/molecule/kvm-single-server/molecule.yml b/molecule/kvm-single-server/molecule.yml
@@ -93,4 +93,3 @@ scenario:
 
 verifier:
   name: ansible
-  enabled: false
diff --git a/molecule/kvm-single-server/verify.yml b/molecule/kvm-single-server/verify.yml
@@ -0,0 +1,33 @@
+---
+# Copyright (C) 2022 Robert Wimmer
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: Verify setup
+  hosts: all
+  vars:
+    hosts_count: "{{ groups['vpn'] | length }}"
+  tasks:
+    - name: Count WireGuard interfaces
+      ansible.builtin.shell: |
+        set -o errexit
+        set -o pipefail
+        set -o nounset
+        wg | grep "peer: " | wc -l
+        exit 0
+      args:
+        executable: "/bin/bash"
+      register: wireguard__interfaces_count
+      changed_when: false
+
+    - name: Print WireGuard interface count
+      ansible.builtin.debug:
+        var: wireguard__interfaces_count.stdout
+
+    - name: Print hosts count in vpn group
+      ansible.builtin.debug:
+        var: hosts_count
+
+    - name: There should be as much WireGuard interfaces as hosts in vpn group minus one
+      ansible.builtin.assert:
+        that:
+          - "hosts_count|int -1 == wireguard__interfaces_count.stdout|int"
diff --git a/molecule/kvm/molecule.yml b/molecule/kvm/molecule.yml
@@ -11,13 +11,12 @@ driver:
   provider:
     name: libvirt
     type: libvirt
-    options:
-      memory: 192
-      cpus: 2
 
 platforms:
   - name: test-wg-ubuntu2004
     box: generic/ubuntu2004
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -28,6 +27,8 @@ platforms:
       - ubuntu
   - name: test-wg-ubuntu1804
     box: generic/ubuntu1804
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -38,6 +39,8 @@ platforms:
       - ubuntu
   - name: test-wg-debian10
     box: generic/debian10
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -46,8 +49,10 @@ platforms:
     groups:
       - vpn
       - debian
-  - name: test-wg-fedora34
-    box: generic/fedora34
+  - name: test-wg-fedora36
+    box: generic/fedora36
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -58,6 +63,8 @@ platforms:
       - fedora
   - name: test-wg-centos7
     box: generic/centos7
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -68,6 +75,8 @@ platforms:
       - el7
   - name: test-wg-arch
     box: archlinux/archlinux
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -78,6 +87,8 @@ platforms:
       - archlinux
   - name: test-wg-debian11
     box: generic/debian11
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -88,6 +99,8 @@ platforms:
       - debian
   - name: test-wg-rocky8
     box: generic/rocky8
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -98,6 +111,8 @@ platforms:
       - el8
   - name: test-wg-alma8
     box: generic/alma8
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -108,6 +123,8 @@ platforms:
       - el8
   - name: test-wg-centos7-kernel-plus
     box: generic/centos7
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -118,6 +135,8 @@ platforms:
       - el7
   - name: test-wg-opensuse-leap-15-3
     box: opensuse/Leap-15.3.x86_64
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -128,6 +147,8 @@ platforms:
       - opensuse
   - name: test-wg-fedora35
     box: generic/fedora35
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -138,6 +159,8 @@ platforms:
       - fedora
   - name: test-wg-rocky8-dkms
     box: generic/rocky8
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -148,7 +171,9 @@ platforms:
       - el8
       - el8dkms
   - name: test-wg-ubuntu2204
-    box: alvistack/ubuntu-22.04
+    box: generic/ubuntu2004
+    memory: 1024
+    cpus: 2
     interfaces:
       - auto_config: true
         network_name: private_network
@@ -157,7 +182,18 @@ platforms:
     groups:
       - vpn
       - ubuntu
-
+  - name: test-wg-opensuse-leap-15-4
+    box: opensuse/Leap-15.4.x86_64
+    memory: 1024
+    cpus: 2
+    interfaces:
+      - auto_config: true
+        network_name: private_network
+        type: static
+        ip: 192.168.10.150
+    groups:
+      - vpn
+      - opensuse
 
 provisioner:
   name: ansible
@@ -185,7 +221,7 @@ provisioner:
         wireguard_persistent_keepalive: "30"
         wireguard_endpoint: "192.168.10.30"
         ansible_python_interpreter: "/usr/bin/python"
-      test-wg-fedora34:
+      test-wg-fedora36:
         wireguard_address: "10.10.10.40/24"
         wireguard_port: 51820
         wireguard_persistent_keepalive: "30"
@@ -246,6 +282,11 @@ provisioner:
         wireguard_port: 51820
         wireguard_persistent_keepalive: "30"
         wireguard_endpoint: "192.168.10.140"
+      test-wg-opensuse-leap-15-4:
+        wireguard_address: "10.10.10.150/24"
+        wireguard_port: 51820
+        wireguard_persistent_keepalive: "30"
+        wireguard_endpoint: "192.168.10.150"
 
 scenario:
   name: kvm