summaryrefslogtreecommitdiffstats
path: root/ansible_collections/community/mongodb/.github
diff options
context:
space:
mode:
Diffstat (limited to 'ansible_collections/community/mongodb/.github')
-rw-r--r--ansible_collections/community/mongodb/.github/CODEOWNERS10
-rw-r--r--ansible_collections/community/mongodb/.github/settings.yml89
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/ansible-test.yml295
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/documentation.yml85
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml310
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/publish_collection.yml58
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/stale.yml15
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/test-roles.yml104
-rw-r--r--ansible_collections/community/mongodb/.github/workflows/x509.yml145
9 files changed, 1111 insertions, 0 deletions
diff --git a/ansible_collections/community/mongodb/.github/CODEOWNERS b/ansible_collections/community/mongodb/.github/CODEOWNERS
new file mode 100644
index 00000000..9a8248a8
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/CODEOWNERS
@@ -0,0 +1,10 @@
+.github
+
+# Repo maintainers, and goverance team (like Anisble's @ansible-commit-external)
+#* @rrey @seuf @gundalow-collections/community-goverance-team
+
+# or possibly, we may want to define teams at the org level.
+# * @gundalow-collections/grafana-maintainers
+
+# Example of maintainer of just a single plugin
+#grafana/plugins/modules/grafana_plugin.py @someone-else
diff --git a/ansible_collections/community/mongodb/.github/settings.yml b/ansible_collections/community/mongodb/.github/settings.yml
new file mode 100644
index 00000000..b026fe10
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/settings.yml
@@ -0,0 +1,89 @@
+###
+# https://probot.github.io/apps/settings/
+#
+
+# DO NOT MODIFY
+# this is a copy of https://github.com/gundalow-collection/.github/blob/master/.github/settings.yml
+# Work around till https://github.com/probot/settings/pull/179 is merged
+
+
+
+repository:
+ # See https://developer.github.com/v3/repos/#edit for all available settings.
+ has_issues: true
+ has_wiki: false
+ has_pages: false
+ default_branch: master
+ allow_squash_merge: true
+ allow_merge_commit: false
+ allow_rebase_merge: true
+
+# Labels: define labels for Issues and Pull Requests
+labels:
+ - name: bug
+ color: fbca04
+ description: This issue/PR relates to a bug.
+ - name: feature
+ description: This issue/PR relates to a feature request.
+ color: 006b75
+ - name: migrated_from_ansible_ansible
+ color: 5319e7
+ description: This issue/PR was moved from gh/ansible/ansible
+
+branches:
+ - name: devel
+ # https://developer.github.com/v3/repos/branches/#update-branch-protection
+ # Branch Protection settings. Set to null to disable
+ protection:
+ # Required. Require at least one approving review on a pull request, before merging. Set to null to disable.
+ required_pull_request_reviews:
+ # The number of approvals required. (1-6)
+ required_approving_review_count: 1
+ # Dismiss approved reviews automatically when a new commit is pushed.
+ dismiss_stale_reviews: true
+ # Blocks merge until code owners have reviewed.
+ require_code_owner_reviews: true
+ # Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.
+ dismissal_restrictions:
+ users: []
+ teams: []
+ # Required. Require status checks to pass before merging. Set to null to disable
+ required_status_checks:
+ # Required. Require branches to be up to date before merging.
+ strict: true
+ # Required. The list of status checks to require in order to merge into this branch
+ contexts: []
+ # Required. Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable.
+ enforce_admins: true
+ # Required. Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable.
+ restrictions:
+ users: null
+ teams: null
+ - name: master
+ # https://developer.github.com/v3/repos/branches/#update-branch-protection
+ # Branch Protection settings. Set to null to disable
+ protection:
+ # Required. Require at least one approving review on a pull request, before merging. Set to null to disable.
+ required_pull_request_reviews:
+ # The number of approvals required. (1-6)
+ required_approving_review_count: 1
+ # Dismiss approved reviews automatically when a new commit is pushed.
+ dismiss_stale_reviews: true
+ # Blocks merge until code owners have reviewed.
+ require_code_owner_reviews: true
+ # Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories.
+ dismissal_restrictions:
+ users: []
+ teams: []
+ # Required. Require status checks to pass before merging. Set to null to disable
+ required_status_checks:
+ # Required. Require branches to be up to date before merging.
+ strict: true
+ # Required. The list of status checks to require in order to merge into this branch
+ contexts: []
+ # Required. Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable.
+ enforce_admins: true
+ # Required. Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable.
+ restrictions:
+ users: null
+ teams: null
diff --git a/ansible_collections/community/mongodb/.github/workflows/ansible-test.yml b/ansible_collections/community/mongodb/.github/workflows/ansible-test.yml
new file mode 100644
index 00000000..c9856e5b
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/ansible-test.yml
@@ -0,0 +1,295 @@
+name: CI
+on:
+ pull_request:
+ schedule:
+ - cron: "0 3 * * *"
+
+env:
+ mongodb_version_file: "./tests/integration/targets/setup_mongodb/defaults/main.yml"
+
+jobs:
+ sanity:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ strategy:
+ matrix:
+ ansible_version:
+ - devel
+ - stable-2.13
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v2
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python 3.9
+ uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: Install ansible-base (${{ matrix.ansible_version }})
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check
+
+ - name: Run sanity tests
+ run: ansible-test sanity --docker -v --color --python 3.9 --exclude docs/* --exclude tests/ansible-operator/
+
+ units:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ strategy:
+ matrix:
+ ansible_version:
+ - devel
+ - stable-2.13
+ steps:
+ - name: Check out code
+ uses: actions/checkout@v2
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python 3.9
+ uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: Install ansible-base (${{ matrix.ansible_version }})
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check
+
+ - name: Install mongodb
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: sudo apt-get install -y mongodb-org
+
+ - name: Install dateutil
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install python-dateutil
+
+ - name: Install python libs
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install mtools==1.6.4 pymongo==3.12.3 psutil coverage==4.5.4 pytest-xdist pytest-forked
+
+ - name: Start a replicaset with mtools (3 nodes, starting from port 27017, auth enabled, rs name = replset)
+ run: mlaunch --replicaset --auth
+ working-directory: /home/runner/work/
+
+ - name: Launch a single instance (no auth)
+ run: mlaunch --single --port 27999
+
+ - name: Run unit tests
+ run: ansible-test units -v --color --python 3.9 --coverage
+
+ - name: Generate coverage report.
+ run: ansible-test coverage xml -v --requirements --group-by command --group-by version
+
+ - uses: codecov/codecov-action@v1
+ with:
+ fail_ci_if_error: false
+
+ - name: Clean up mlaunch replicaset
+ run: mtools stop --auth-user user --auth-password password || true
+
+ integration_matrix:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ outputs:
+ matrix: ${{ steps.json-list.outputs.modules-to-test }}
+
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v2
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Generate module list
+ run: |
+ find tests/integration/targets -type d -maxdepth 1 -not -name 'setup*' -not -name 'master_tasks' | cut -d '/' -f4 | sort | awk NF | jq -sRc 'split("\n") | map(select(length > 0))' > int_test_modules.json
+
+ - name: Set output variable
+ id: json-list
+ run: |
+ output=$(cat int_test_modules.json)
+ echo "::set-output name=modules-to-test::$output"
+ echo "$output"
+
+ integration:
+ needs: integration_matrix
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ strategy:
+ matrix:
+ mongodb_version:
+ - "5.0"
+ - "6.0"
+ mongodb_module: ${{ fromJson(needs.integration_matrix.outputs.matrix) }}
+ versions:
+ #- python_version: "2.7"
+ # ansible_version: "stable-2.10"
+ # docker_image: "centos7"
+ #- python_version: "2.7"
+ # ansible_version: "stable-2.11"
+ # docker_image: "centos7"
+ - python_version: "3.6"
+ ansible_version: "stable-2.10"
+ docker_image: "ubuntu1804"
+ - python_version: "3.6"
+ ansible_version: "stable-2.11"
+ docker_image: "ubuntu1804"
+ - python_version: "3.8"
+ ansible_version: "stable-2.12"
+ docker_image: "default"
+ - python_version: "3.8"
+ ansible_version: "stable-2.13"
+ docker_image: "default"
+ # Fedora 33 should be possible after this is fixed
+ # https://jira.mongodb.org/browse/MONGOSH-941
+ #- python_version: "3.9"
+ # ansible_version: "devel"
+ # docker_image: "fedora33"
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v2
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python ${{ matrix.versions.python_version }}
+ uses: actions/setup-python@v4
+ with:
+ python-version: ${{ matrix.versions.python_version }}
+
+ - name: Install ansible-base (${{ matrix.versions.ansible_version }})
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install https://github.com/ansible/ansible/archive/${{ matrix.versions.ansible_version }}.tar.gz --disable-pip-version-check
+
+ - name: Install community.general
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: ansible-galaxy collection install 'community.general' -p ansible_collections/
+
+ - name: Install community.crypto
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: ansible-galaxy collection install community.crypto -p ansible_collections/
+
+ - name: Ensure MongoDB version is set to ${{ matrix.mongodb_version }}
+ run: "sed -i 's/^mongodb_version:.*/mongodb_version: \"${{ matrix.mongodb_version }}\"/g' ${{ env.mongodb_version_file }}"
+
+ - name: Run integration tests on Python ${{ matrix.versions.python_version }} | ${{ matrix.versions.docker_image }} | ${{ matrix.versions.ansible_version }} | ${{ matrix.mongodb_version }}
+ run: ansible-test integration --docker ${{ matrix.versions.docker_image }} -v --color --retry-on-error --python ${{ matrix.versions.python_version }} --continue-on-error --diff --coverage ${{ matrix.mongodb_module }}
+
+ - name: Upload Coverage data
+ run: tests/coverage.sh
+
+ integration_3123: # Run tests with pymongo 3.12.3 driver
+ needs: integration_matrix
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ strategy:
+ matrix:
+ mongodb_version:
+ - "5.0"
+ - "6.0"
+ mongodb_module: ${{ fromJson(needs.integration_matrix.outputs.matrix) }}
+ versions:
+ #- python_version: "2.7"
+ # ansible_version: "stable-2.10"
+ # docker_image: "centos7"
+ # - python_version: "2.7"
+ # ansible_version: "stable-2.11"
+ # docker_image: "centos7"
+ - python_version: "3.6"
+ ansible_version: "stable-2.10"
+ docker_image: "ubuntu1804"
+ - python_version: "3.6"
+ ansible_version: "stable-2.11"
+ docker_image: "ubuntu1804"
+ - python_version: "3.8"
+ ansible_version: "stable-2.12"
+ docker_image: "default"
+ - python_version: "3.8"
+ ansible_version: "stable-2.13"
+ docker_image: "default"
+ # Fedora 33 should be possible after this is fixed
+ # https://jira.mongodb.org/browse/MONGOSH-941
+ #- python_version: "3.9"
+ # ansible_version: "devel"
+ # docker_image: "fedora33"
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v2
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python ${{ matrix.versions.python_version }}
+ uses: actions/setup-python@v4
+ with:
+ python-version: ${{ matrix.versions.python_version }}
+
+ - name: Install ansible-base (${{ matrix.versions.ansible_version }})
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install https://github.com/ansible/ansible/archive/${{ matrix.versions.ansible_version }}.tar.gz --disable-pip-version-check
+
+ - name: Install community.general
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: ansible-galaxy collection install 'community.general' -p ansible_collections/
+
+ - name: Install community.crypto
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: ansible-galaxy collection install community.crypto -p ansible_collections/
+
+ - name: Set pymongo driver version to 3.12.3
+ run: sed -i 's/ - pymongo*/ - pymongo==3.12.3/g' tests/integration/targets/setup_mongodb/defaults/main.yml
+
+ - name: Ensure MongoDB version is set to ${{ matrix.mongodb_version }}
+ run: "sed -i 's/^mongodb_version:.*/mongodb_version: \"${{ matrix.mongodb_version }}\"/g' ${{ env.mongodb_version_file }}"
+
+ - name: Run integration tests on Python ${{ matrix.versions.python_version }} | ${{ matrix.versions.docker_image }} | ${{ matrix.versions.ansible_version }} | ${{ matrix.mongodb_version }}
+ run: ansible-test integration --docker ${{ matrix.versions.docker_image }} -v --color --retry-on-error --python ${{ matrix.versions.python_version }} --continue-on-error --diff --coverage ${{ matrix.mongodb_module }}
+
+ - name: Upload Coverage data
+ run: tests/coverage.sh
diff --git a/ansible_collections/community/mongodb/.github/workflows/documentation.yml b/ansible_collections/community/mongodb/.github/workflows/documentation.yml
new file mode 100644
index 00000000..769cafb9
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/documentation.yml
@@ -0,0 +1,85 @@
+name: documentation
+
+on:
+ push:
+ branches:
+ - master
+
+jobs:
+ publish:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ steps:
+
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python 3.9
+ uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: Install ansible-base (devel)
+ run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
+
+ - name: Build collection
+ run: ansible-galaxy collection build .
+
+ - name: Install collection
+ run: ansible-galaxy collection install community-mongodb-*.tar.gz
+
+ - name: Install ansible-doc-extractor
+ run: pip install wheel setuptools ansible-doc-extractor --upgrade
+
+ - name: Install rstdoc
+ run: pip install -v rstdoc
+
+ - name: Create docs dir
+ run: mkdir -p docs/{lookup,cache}
+
+ - name: Create rst files from modules
+ run: ansible-doc-extractor ./docs plugins/modules/mongodb_*.py
+
+ - name: Create rst files from lookup
+ run: ansible-doc-extractor ./docs/lookup plugins/lookup/mongodb*.py
+
+ - name: Create rst files from cache
+ run: ansible-doc-extractor ./docs/cache plugins/cache/mongodb*.py
+
+ - name: Create collection index document
+ run: |
+ echo "# MongoDB Ansible Collection Documentation" > docs/index.md
+ echo "## Modules" >> docs/index.md
+ find plugins/modules -type f -name 'mongodb_*.py' -exec bash -c 'echo "- [$(basename "{}" ".py")]($(basename {} .py).html)"' \; >> docs/index.md
+ echo "## Lookup" >> docs/index.md
+ find plugins/lookup -type f -name 'mongodb*.py' -exec bash -c 'echo "- [$(basename "{}" ".py")](lookup/$(basename {} .py).html)"' \; >> docs/index.md
+ echo "## Cache" >> docs/index.md
+ find plugins/cache -type f -name 'mongodb*.py' -exec bash -c 'echo "- [$(basename "{}" ".py")](cache/$(basename {} .py).html)"' \; >> docs/index.md
+
+ - name: Create module html documents from rst files
+ run: |
+ find ./docs -type f -name 'mongodb_*.rst' -maxdepth 1 -exec bash -c 'rstdoc {} "docs/$(basename "{}" ".rst").html" rst_html' \;
+
+ - name: Create lookup html documents from rst files
+ run: |
+ find ./docs/lookup -type f -name 'mongodb*.rst' -maxdepth 1 -exec bash -c 'rstdoc {} "docs/lookup/$(basename "{}" ".rst").html" rst_html' \;
+
+ - name: Create cache html documents from rst files
+ run: |
+ find ./docs/cache -type f -name 'mongodb*.rst' -maxdepth 1 -exec bash -c 'rstdoc {} "docs/cache/$(basename "{}" ".rst").html" rst_html' \;
+
+ - name: Remove intermediary rst docs
+ run: find docs/ -name '*.rst' -delete
+
+ - name: Deploy
+ if: success()
+ uses: crazy-max/ghaction-github-pages@v1
+ with:
+ target_branch: gh-pages
+ build_dir: ansible_collections/community/mongodb/docs
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml b/ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml
new file mode 100644
index 00000000..5c30b0cb
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml
@@ -0,0 +1,310 @@
+name: CI
+on:
+ pull_request:
+ schedule:
+ - cron: "0 3 * * *"
+
+jobs:
+ mongodb-cache:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ env:
+ ANSIBLE_CACHE_PLUGIN: "community.mongodb.mongodb"
+ ANSIBLE_CACHE_PLUGIN_CONNECTION: "mongodb://mongoadmin:secret@localhost:27017/cache?authSource=admin"
+ ANSIBLE_CACHE_PLUGIN_TIMEOUT: 0
+ strategy:
+ matrix:
+ versions:
+ - ansible_version: "stable-2.10"
+ python_version: "3.6"
+ - ansible_version: "stable-2.11"
+ python_version: "3.6"
+ - ansible_version: "stable-2.12"
+ python_version: "3.9"
+ - ansible_version: "stable-2.13"
+ python_version: "3.8"
+ - ansible_version: "devel"
+ python_version: "3.9"
+
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v3
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python ${{ matrix.versions.python_version }}
+ uses: actions/setup-python@v4
+ with:
+ python-version: ${{ matrix.versions.python_version }}
+
+ - name: Install ansible-base (${{ matrix.versions.ansible_version }})
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install https://github.com/ansible/ansible/archive/${{ matrix.versions.ansible_version }}.tar.gz --disable-pip-version-check
+
+ - name: Build the collection
+ run: ansible-galaxy collection build
+
+ - name: Rename the build artifact
+ run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz
+
+ - name: Install collection
+ run: ansible-galaxy collection install community-mongodb-*.tar.gz
+
+ - name: Create docker volume
+ run: docker volume create mongocache
+
+ - name: Run the mongodb cache inside a docker container
+ run:
+ docker run -d --name mongocache -e MONGO_INITDB_ROOT_USERNAME=mongoadmin
+ -e MONGO_INITDB_ROOT_PASSWORD=secret -p 27017:27017
+ -v mongocache:/data/db mongo:latest
+
+ - name: Install mongodb-org-shell
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: sudo apt-get install mongodb-org-shell
+
+ # https://github.community/t/set-output-truncates-multiline-strings/16852/5
+ - name: Run ansible without pymongo installed to generate the warning
+ id: no-pymongo
+ run: |
+ output=$(ansible localhost -m setup 2>&1)
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=nopymongo::$output"
+
+ - name: Test cache handling of missing pymongo
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: "The 'pymongo' python module is required for the mongodb fact cache"
+ actual: ${{ steps.no-pymongo.outputs.nopymongo }}
+ comparison: contains
+
+ - name: Install pymongo
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install pymongo==3.12.2
+
+ - name: Run ansible to generate the mongodb cache
+ run: ansible localhost -m setup
+
+ - name: Query mongo to see what we have in the cache
+ id: mongo1
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we have something that looks like a cache record
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ansible_processor_count
+ actual: ${{ steps.mongo1.outputs.mongo }}
+ comparison: contains
+
+ - name: Collection should not have a ttl index
+ id: mongo2
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we don't have an index called ttl
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ttl
+ actual: ${{ steps.mongo2.outputs.mongo }}
+ comparison: notContains
+
+ - name: Test that we have good output from getindexes
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: "_id_"
+ actual: ${{ steps.mongo2.outputs.mongo }}
+ comparison: contains
+
+ - name: Repeat the action to hit the cache again
+ run: ansible localhost -m setup
+
+ - name: Query mongo to see what we have in the cach3
+ id: mongo3
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we have something that looks like a cache record
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ansible_processor_count
+ actual: ${{ steps.mongo3.outputs.mongo }}
+ comparison: contains
+
+ - name: Collection should not have a ttl index
+ id: mongo4
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we don't have an index called ttl
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ttl
+ actual: ${{ steps.mongo4.outputs.mongo }}
+ comparison: notContains
+
+ - name: Test that we have good output from getindexes
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: "_id_"
+ actual: ${{ steps.mongo4.outputs.mongo }}
+ comparison: contains
+
+ - name: Run the action again with a modified timeout
+ env:
+ ANSIBLE_CACHE_PLUGIN_TIMEOUT: 3600
+ run: ansible localhost -m setup
+
+ - name: Query mongo to see what we have in the cache
+ id: mongo5
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we have something that looks like a cache record
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ansible_processor_count
+ actual: ${{ steps.mongo5.outputs.mongo }}
+ comparison: contains
+
+ - name: Collection should have a ttl index
+ id: mongo6
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we do have an index called ttl
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ttl
+ actual: ${{ steps.mongo6.outputs.mongo }}
+ comparison: contains
+
+ - name: Repeat the action
+ env:
+ ANSIBLE_CACHE_PLUGIN_TIMEOUT: 3600
+ run: ansible localhost -m setup
+
+ - name: Query mongo to see what we have in the cache
+ id: mongo7
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we have something that looks like a cache record
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ansible_processor_count
+ actual: ${{ steps.mongo7.outputs.mongo }}
+ comparison: contains
+
+ - name: Collection should have a ttl index
+ id: mongo8
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we do have an index called ttl
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ttl
+ actual: ${{ steps.mongo8.outputs.mongo }}
+ comparison: contains
+
+ - name: Set timeout back to zero
+ env:
+ ANSIBLE_CACHE_PLUGIN_TIMEOUT: 0
+ run: ansible localhost -m setup
+
+ - name: Query mongo to see what we have in the cache
+ id: mongo9
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we have something that looks like a cache record
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ansible_processor_count
+ actual: ${{ steps.mongo9.outputs.mongo }}
+ comparison: contains
+
+ - name: Collection should not have a ttl index
+ id: mongo10
+ run: |
+ output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()")
+ echo "$output"
+ output="${output//'%'/'%25'}"
+ output="${output//$'\n'/'%0A'}"
+ output="${output//$'\r'/'%0D'}"
+ echo "::set-output name=mongo::$output"
+
+ - name: Test that we don't have an index called ttl
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: ttl
+ actual: ${{ steps.mongo10.outputs.mongo }}
+ comparison: notContains
+
+ - name: Test that we have good output from getindexes
+ uses: nick-invision/assert-action@v1
+ with:
+ expected: "_id_"
+ actual: ${{ steps.mongo10.outputs.mongo }}
+ comparison: contains
diff --git a/ansible_collections/community/mongodb/.github/workflows/publish_collection.yml b/ansible_collections/community/mongodb/.github/workflows/publish_collection.yml
new file mode 100644
index 00000000..3e291f15
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/publish_collection.yml
@@ -0,0 +1,58 @@
+name: Build & Publish Collection
+on:
+ push:
+ branches:
+ - master
+
+jobs:
+ build_publish:
+
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v3
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python 3.9
+ uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: Install ansible-base (devel)
+ run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
+
+ - name: Build the collection
+ run: ansible-galaxy collection build
+
+ - name: Rename the build artifact
+ run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz
+
+ - name: Upload community-mongodb-latest.tar.gz as an artifact
+ uses: actions/upload-artifact@v1
+ with:
+ name: community-mongodb-latest
+ path: ansible_collections/community/mongodb/community-mongodb-latest.tar.gz
+
+ # Moving the tag leaves an orphan artifact. Just changing the artifact doesn't move the tag.
+ - name: Delete latest tag and release
+ uses: dev-drprasad/delete-tag-and-release@v0.1.2
+ with:
+ delete_release: true
+ tag_name: latest
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Upload files to release
+ uses: svenstaro/upload-release-action@v2
+ with:
+ repo_token: ${{ secrets.GITHUB_TOKEN }}
+ file: ansible_collections/community/mongodb/community-mongodb-latest.tar.gz
+ asset_name: community-mongodb-latest.tar.gz
+ body: "Development release"
+ tag: latest
+ overwrite: true
diff --git a/ansible_collections/community/mongodb/.github/workflows/stale.yml b/ansible_collections/community/mongodb/.github/workflows/stale.yml
new file mode 100644
index 00000000..da6d0845
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/stale.yml
@@ -0,0 +1,15 @@
+name: 'Close stale issues and PRs'
+on:
+ schedule:
+ - cron: '30 1 * * *'
+
+jobs:
+ stale:
+ runs-on: ubuntu-latest
+ steps:
+
+ - name: Close Stale Issues
+ uses: actions/stale@v6.0.1
+ with:
+ exempt-issue-labels: 'nostale,bug,help-wanted,feature,pinboard'
+ exempt-pr-labels: 'nostale,bug,help-wanted,feature'
diff --git a/ansible_collections/community/mongodb/.github/workflows/test-roles.yml b/ansible_collections/community/mongodb/.github/workflows/test-roles.yml
new file mode 100644
index 00000000..56858675
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/test-roles.yml
@@ -0,0 +1,104 @@
+name: CI_roles
+on:
+ pull_request:
+ schedule:
+ - cron: "0 6 * * *"
+
+jobs:
+
+ roles_matrix:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+ outputs:
+ matrix: ${{ steps.json-list.outputs.roles-to-test }}
+
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v3
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Generate module list
+ run: |
+ find roles -type d -maxdepth 1 -mindepth 1 | cut -d '/' -f2 | awk NF | jq -sRc 'split("\n") | map(select(length > 0))' > int_test_roles.json
+
+ - name: Set output variable
+ id: json-list
+ run: |
+ output=$(cat int_test_roles.json)
+ echo "::set-output name=roles-to-test::$output"
+ echo "$output"
+
+ roles:
+ runs-on: ubuntu-20.04
+ needs: roles_matrix
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb
+
+ strategy:
+ matrix:
+ python_version:
+ - "3.6"
+ mongodb_role: ${{ fromJson(needs.roles_matrix.outputs.matrix) }}
+
+ steps:
+ - name: Check out code
+ uses: actions/checkout@v3
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Set up Python ${{ matrix.test_scenario.python_version }}
+ uses: actions/setup-python@v4
+ with:
+ python-version: ${{ matrix.test_scenario.python_version }}
+
+ - name: Uninstall existing ansible
+ run: sudo apt remove ansible
+
+ - name: Ensure wheel is installed
+ run: pip install wheel
+
+ - name: Install requirements
+ run: |
+ export pyv=$(python -c 'from platform import python_version; print(python_version()[:3])')
+ pip install --requirement requirements-${pyv}.txt
+ - name: Add molecule location to path
+ run: echo "${HOME}/.local/bin" >> $GITHUB_PATH
+
+ - name: Build the collection
+ run: ansible-galaxy collection build
+
+ - name: Rename the build artifact
+ run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz
+
+ - name: Install collection
+ run: ansible-galaxy collection install community-mongodb-*.tar.gz
+
+ - name: Run molecule test for ${{ matrix.mongodb_role }}
+ run: molecule test
+ working-directory: ansible_collections/community/mongodb/roles/${{ matrix.mongodb_role }}
+
+ # I don't like this
+ - name: Run molecule tests for a few extra mongodb_install role scenarios
+ run: |
+ molecule test --scenario-name specific_mongodb_version && \
+ molecule test --scenario-name mongodb_hold_packages && \
+ molecule test --scenario-name mongodb_nohold_packages
+ if: ${{ matrix.mongodb_role == 'mongodb_install' }}
+ working-directory: ansible_collections/community/mongodb/roles/mongodb_install
+
+ - name: Run molecule tests for an extra mongodb_mongod scenario
+ run: |
+ molecule test --scenario-name custom_db_path && molecule test --scenario-name multiple_bind_ip
+ if: ${{ matrix.mongodb_role == 'mongodb_mongod' }}
+ working-directory: ansible_collections/community/mongodb/roles/mongodb_mongod
+
+ - name: Run molecule tests for an extra mongodb_config scenario
+ run: |
+ molecule test --scenario-name custom_db_path
+ if: ${{ matrix.mongodb_role == 'mongodb_config' }}
+ working-directory: ansible_collections/community/mongodb/roles/mongodb_config
diff --git a/ansible_collections/community/mongodb/.github/workflows/x509.yml b/ansible_collections/community/mongodb/.github/workflows/x509.yml
new file mode 100644
index 00000000..beb9ef25
--- /dev/null
+++ b/ansible_collections/community/mongodb/.github/workflows/x509.yml
@@ -0,0 +1,145 @@
+name: CI
+on:
+ pull_request:
+ schedule:
+ - cron: "0 3 * * *"
+
+jobs:
+ x509_membership_auth:
+ runs-on: ubuntu-20.04
+ defaults:
+ run:
+ working-directory: ansible_collections/community/mongodb/tests/ansible-operator
+ steps:
+
+ - name: Check out code
+ uses: actions/checkout@v3
+ with:
+ path: ansible_collections/community/mongodb
+
+ - name: Setup Minikube
+ uses: manusa/actions-setup-minikube@v2.7.1
+ with:
+ minikube version: 'v1.13.1'
+ kubernetes version: 'v1.19.2'
+ github token: ${{ secrets.GITHUB_TOKEN }}
+
+ - name: Install cert-manager
+ run: |
+ kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.1/cert-manager.yaml
+
+ - name: Generate certs
+ run: |
+ openssl genrsa -out ca.key 8192
+ openssl req -x509 -new -nodes -key ca.key -sha256 -subj "/CN=mongodb-cluster-ca.local" -days 36500 -reqexts v3_req -extensions v3_ca -out ca.crt
+
+ - name: Wait for a bit
+ run: sleep 60
+
+ - name: Register the certs with k8
+ run: |
+ kubectl create secret tls mongodb-cluster-ca-key-pair --key=ca.key --cert=ca.crt
+ kubectl apply -f ca-issuer.yaml
+
+ - name: make install
+ run: make install
+
+ - name: Create k8 namesapce
+ run: kubectl create ns ansible-operator-system
+
+ - name: use minikubes docker
+ run: eval $(minikube docker-env --shell sh)
+
+ - name: make docker-build
+ run: make docker-build IMG=test-mongodb-operator:latest
+
+ - name: make deploy
+ run: make deploy IMG=test-mongodb-operator:latest
+
+ - name: Wait for controller to be ready
+ run: kubectl wait --for=condition=available deployment/ansible-operator-controller-manager -n ansible-operator-system --timeout=60s
+
+ - name: Setup the k8 mongodb env
+ run: |
+ kubectl apply -f config/samples/mongodb_v1alpha1_mongodb.yaml
+ sleep 10
+ kubectl -n ansible-operator-system logs deployment.apps/ansible-operator-controller-manager -c manager
+
+ - name: Wait for a bit
+ run: sleep 60
+
+ - name: Install socat
+ run: |
+ sudo apt update
+ sudo apt install socat
+
+ - name: Forward the local port 27017 to k8
+ run: kubectl port-forward mongodb-sample-0 27017:27017 --address 0.0.0.0 &
+
+ - name: Copy the certs to the localhost
+ run: |
+ managerpod=$(kubectl get pods -n ansible-operator-system --no-headers | tr -s ' ' | cut -d ' ' -f 1)
+ kubectl cp ansible-operator-system/${managerpod}:/tmp/mongodb-sample.default/ca.crt ca.crt -c manager
+ kubectl cp ansible-operator-system/${managerpod}:/tmp/mongodb-sample.default/tls.key tls.key -c manager
+
+ - name: Run mongosh shell command to test x509 membership connectivity
+ run: |
+ kubectl -n ansible-operator-system exec -ti deployment.apps/ansible-operator-controller-manager -c manager -- \
+ /usr/bin/mongosh mongodb://mongodb-sample.default.svc.cluster.local \
+ --tls \
+ --tlsCAFile /tmp/mongodb-sample.default/ca.crt \
+ --tlsCertificateKeyFile /tmp/mongodb-sample.default/tls.key \
+ --authenticationMechanism MONGODB-X509 \
+ --authenticationDatabase '$external' \
+ --eval "db.adminCommand('listDatabases')"
+
+ - name: Run mongosh shell command to test x509 membership connectivity from localhost
+ run: |
+ /usr/bin/mongosh mongodb://127.0.0.1 \
+ --tls \
+ --tlsCAFile ca.crt \
+ --tlsCertificateKeyFile tls.key \
+ --tlsAllowInvalidHostnames \
+ --authenticationMechanism MONGODB-X509 \
+ --authenticationDatabase '$external' \
+ --eval "db.adminCommand('listDatabases')"
+
+ - name: Set up Python 3.9
+ uses: actions/setup-python@v4
+ with:
+ python-version: "3.9"
+
+ - name: Install ansible-base devel
+ uses: nick-invision/retry@v2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check
+
+ - name: Build the collection
+ run: ansible-galaxy collection build
+ working-directory: ansible_collections/community/mongodb
+
+ - name: Rename the build artifact
+ run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz
+ working-directory: ansible_collections/community/mongodb
+
+ - name: Install collection
+ run: ansible-galaxy collection install community-mongodb-*.tar.gz
+ working-directory: ansible_collections/community/mongodb
+
+ - name: Install pymongo
+ uses: nick-invision/retry@v2.8.2
+ with:
+ timeout_minutes: 3
+ max_attempts: 3
+ command: pip install pymongo==3.12.2
+
+ - name: Run mongodb_user module with membership auth
+ run: ansible localhost -m community.mongodb.mongodb_user -a "login_host=localhost login_port=27017 login_database='$external' database='admin' password='secret' ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 name="test" state=present connection_options='tlsAllowInvalidHostnames=true'"
+
+ - name: Run mongodb_info module with membership auth
+ run: ansible localhost -m community.mongodb.mongodb_info -a "login_host=localhost login_port=27017 login_database='$external' ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 connection_options='tlsAllowInvalidHostnames=true'"
+
+ - name: Run mongodb_parameter module with membership auth
+ run: ansible localhost -m community.mongodb.mongodb_parameter -a "login_host=localhost login_port=27017 login_database='$external' param=syncdelay value=60 param_type=int ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 connection_options='tlsAllowInvalidHostnames=true'"