diff options
Diffstat (limited to 'ansible_collections/community/mongodb/.github')
9 files changed, 1111 insertions, 0 deletions
diff --git a/ansible_collections/community/mongodb/.github/CODEOWNERS b/ansible_collections/community/mongodb/.github/CODEOWNERS new file mode 100644 index 00000000..9a8248a8 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/CODEOWNERS @@ -0,0 +1,10 @@ +.github + +# Repo maintainers, and goverance team (like Anisble's @ansible-commit-external) +#* @rrey @seuf @gundalow-collections/community-goverance-team + +# or possibly, we may want to define teams at the org level. +# * @gundalow-collections/grafana-maintainers + +# Example of maintainer of just a single plugin +#grafana/plugins/modules/grafana_plugin.py @someone-else diff --git a/ansible_collections/community/mongodb/.github/settings.yml b/ansible_collections/community/mongodb/.github/settings.yml new file mode 100644 index 00000000..b026fe10 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/settings.yml @@ -0,0 +1,89 @@ +### +# https://probot.github.io/apps/settings/ +# + +# DO NOT MODIFY +# this is a copy of https://github.com/gundalow-collection/.github/blob/master/.github/settings.yml +# Work around till https://github.com/probot/settings/pull/179 is merged + + + +repository: + # See https://developer.github.com/v3/repos/#edit for all available settings. + has_issues: true + has_wiki: false + has_pages: false + default_branch: master + allow_squash_merge: true + allow_merge_commit: false + allow_rebase_merge: true + +# Labels: define labels for Issues and Pull Requests +labels: + - name: bug + color: fbca04 + description: This issue/PR relates to a bug. + - name: feature + description: This issue/PR relates to a feature request. + color: 006b75 + - name: migrated_from_ansible_ansible + color: 5319e7 + description: This issue/PR was moved from gh/ansible/ansible + +branches: + - name: devel + # https://developer.github.com/v3/repos/branches/#update-branch-protection + # Branch Protection settings. Set to null to disable + protection: + # Required. Require at least one approving review on a pull request, before merging. Set to null to disable. + required_pull_request_reviews: + # The number of approvals required. (1-6) + required_approving_review_count: 1 + # Dismiss approved reviews automatically when a new commit is pushed. + dismiss_stale_reviews: true + # Blocks merge until code owners have reviewed. + require_code_owner_reviews: true + # Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories. + dismissal_restrictions: + users: [] + teams: [] + # Required. Require status checks to pass before merging. Set to null to disable + required_status_checks: + # Required. Require branches to be up to date before merging. + strict: true + # Required. The list of status checks to require in order to merge into this branch + contexts: [] + # Required. Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable. + enforce_admins: true + # Required. Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable. + restrictions: + users: null + teams: null + - name: master + # https://developer.github.com/v3/repos/branches/#update-branch-protection + # Branch Protection settings. Set to null to disable + protection: + # Required. Require at least one approving review on a pull request, before merging. Set to null to disable. + required_pull_request_reviews: + # The number of approvals required. (1-6) + required_approving_review_count: 1 + # Dismiss approved reviews automatically when a new commit is pushed. + dismiss_stale_reviews: true + # Blocks merge until code owners have reviewed. + require_code_owner_reviews: true + # Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories. + dismissal_restrictions: + users: [] + teams: [] + # Required. Require status checks to pass before merging. Set to null to disable + required_status_checks: + # Required. Require branches to be up to date before merging. + strict: true + # Required. The list of status checks to require in order to merge into this branch + contexts: [] + # Required. Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable. + enforce_admins: true + # Required. Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable. + restrictions: + users: null + teams: null diff --git a/ansible_collections/community/mongodb/.github/workflows/ansible-test.yml b/ansible_collections/community/mongodb/.github/workflows/ansible-test.yml new file mode 100644 index 00000000..c9856e5b --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/ansible-test.yml @@ -0,0 +1,295 @@ +name: CI +on: + pull_request: + schedule: + - cron: "0 3 * * *" + +env: + mongodb_version_file: "./tests/integration/targets/setup_mongodb/defaults/main.yml" + +jobs: + sanity: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + strategy: + matrix: + ansible_version: + - devel + - stable-2.13 + steps: + + - name: Check out code + uses: actions/checkout@v2 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python 3.9 + uses: actions/setup-python@v4 + with: + python-version: 3.9 + + - name: Install ansible-base (${{ matrix.ansible_version }}) + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check + + - name: Run sanity tests + run: ansible-test sanity --docker -v --color --python 3.9 --exclude docs/* --exclude tests/ansible-operator/ + + units: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + strategy: + matrix: + ansible_version: + - devel + - stable-2.13 + steps: + - name: Check out code + uses: actions/checkout@v2 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python 3.9 + uses: actions/setup-python@v4 + with: + python-version: 3.9 + + - name: Install ansible-base (${{ matrix.ansible_version }}) + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible_version }}.tar.gz --disable-pip-version-check + + - name: Install mongodb + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: sudo apt-get install -y mongodb-org + + - name: Install dateutil + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install python-dateutil + + - name: Install python libs + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install mtools==1.6.4 pymongo==3.12.3 psutil coverage==4.5.4 pytest-xdist pytest-forked + + - name: Start a replicaset with mtools (3 nodes, starting from port 27017, auth enabled, rs name = replset) + run: mlaunch --replicaset --auth + working-directory: /home/runner/work/ + + - name: Launch a single instance (no auth) + run: mlaunch --single --port 27999 + + - name: Run unit tests + run: ansible-test units -v --color --python 3.9 --coverage + + - name: Generate coverage report. + run: ansible-test coverage xml -v --requirements --group-by command --group-by version + + - uses: codecov/codecov-action@v1 + with: + fail_ci_if_error: false + + - name: Clean up mlaunch replicaset + run: mtools stop --auth-user user --auth-password password || true + + integration_matrix: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + outputs: + matrix: ${{ steps.json-list.outputs.modules-to-test }} + + steps: + + - name: Check out code + uses: actions/checkout@v2 + with: + path: ansible_collections/community/mongodb + + - name: Generate module list + run: | + find tests/integration/targets -type d -maxdepth 1 -not -name 'setup*' -not -name 'master_tasks' | cut -d '/' -f4 | sort | awk NF | jq -sRc 'split("\n") | map(select(length > 0))' > int_test_modules.json + + - name: Set output variable + id: json-list + run: | + output=$(cat int_test_modules.json) + echo "::set-output name=modules-to-test::$output" + echo "$output" + + integration: + needs: integration_matrix + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + strategy: + matrix: + mongodb_version: + - "5.0" + - "6.0" + mongodb_module: ${{ fromJson(needs.integration_matrix.outputs.matrix) }} + versions: + #- python_version: "2.7" + # ansible_version: "stable-2.10" + # docker_image: "centos7" + #- python_version: "2.7" + # ansible_version: "stable-2.11" + # docker_image: "centos7" + - python_version: "3.6" + ansible_version: "stable-2.10" + docker_image: "ubuntu1804" + - python_version: "3.6" + ansible_version: "stable-2.11" + docker_image: "ubuntu1804" + - python_version: "3.8" + ansible_version: "stable-2.12" + docker_image: "default" + - python_version: "3.8" + ansible_version: "stable-2.13" + docker_image: "default" + # Fedora 33 should be possible after this is fixed + # https://jira.mongodb.org/browse/MONGOSH-941 + #- python_version: "3.9" + # ansible_version: "devel" + # docker_image: "fedora33" + steps: + + - name: Check out code + uses: actions/checkout@v2 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python ${{ matrix.versions.python_version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.versions.python_version }} + + - name: Install ansible-base (${{ matrix.versions.ansible_version }}) + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install https://github.com/ansible/ansible/archive/${{ matrix.versions.ansible_version }}.tar.gz --disable-pip-version-check + + - name: Install community.general + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: ansible-galaxy collection install 'community.general' -p ansible_collections/ + + - name: Install community.crypto + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: ansible-galaxy collection install community.crypto -p ansible_collections/ + + - name: Ensure MongoDB version is set to ${{ matrix.mongodb_version }} + run: "sed -i 's/^mongodb_version:.*/mongodb_version: \"${{ matrix.mongodb_version }}\"/g' ${{ env.mongodb_version_file }}" + + - name: Run integration tests on Python ${{ matrix.versions.python_version }} | ${{ matrix.versions.docker_image }} | ${{ matrix.versions.ansible_version }} | ${{ matrix.mongodb_version }} + run: ansible-test integration --docker ${{ matrix.versions.docker_image }} -v --color --retry-on-error --python ${{ matrix.versions.python_version }} --continue-on-error --diff --coverage ${{ matrix.mongodb_module }} + + - name: Upload Coverage data + run: tests/coverage.sh + + integration_3123: # Run tests with pymongo 3.12.3 driver + needs: integration_matrix + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + strategy: + matrix: + mongodb_version: + - "5.0" + - "6.0" + mongodb_module: ${{ fromJson(needs.integration_matrix.outputs.matrix) }} + versions: + #- python_version: "2.7" + # ansible_version: "stable-2.10" + # docker_image: "centos7" + # - python_version: "2.7" + # ansible_version: "stable-2.11" + # docker_image: "centos7" + - python_version: "3.6" + ansible_version: "stable-2.10" + docker_image: "ubuntu1804" + - python_version: "3.6" + ansible_version: "stable-2.11" + docker_image: "ubuntu1804" + - python_version: "3.8" + ansible_version: "stable-2.12" + docker_image: "default" + - python_version: "3.8" + ansible_version: "stable-2.13" + docker_image: "default" + # Fedora 33 should be possible after this is fixed + # https://jira.mongodb.org/browse/MONGOSH-941 + #- python_version: "3.9" + # ansible_version: "devel" + # docker_image: "fedora33" + steps: + + - name: Check out code + uses: actions/checkout@v2 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python ${{ matrix.versions.python_version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.versions.python_version }} + + - name: Install ansible-base (${{ matrix.versions.ansible_version }}) + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install https://github.com/ansible/ansible/archive/${{ matrix.versions.ansible_version }}.tar.gz --disable-pip-version-check + + - name: Install community.general + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: ansible-galaxy collection install 'community.general' -p ansible_collections/ + + - name: Install community.crypto + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: ansible-galaxy collection install community.crypto -p ansible_collections/ + + - name: Set pymongo driver version to 3.12.3 + run: sed -i 's/ - pymongo*/ - pymongo==3.12.3/g' tests/integration/targets/setup_mongodb/defaults/main.yml + + - name: Ensure MongoDB version is set to ${{ matrix.mongodb_version }} + run: "sed -i 's/^mongodb_version:.*/mongodb_version: \"${{ matrix.mongodb_version }}\"/g' ${{ env.mongodb_version_file }}" + + - name: Run integration tests on Python ${{ matrix.versions.python_version }} | ${{ matrix.versions.docker_image }} | ${{ matrix.versions.ansible_version }} | ${{ matrix.mongodb_version }} + run: ansible-test integration --docker ${{ matrix.versions.docker_image }} -v --color --retry-on-error --python ${{ matrix.versions.python_version }} --continue-on-error --diff --coverage ${{ matrix.mongodb_module }} + + - name: Upload Coverage data + run: tests/coverage.sh diff --git a/ansible_collections/community/mongodb/.github/workflows/documentation.yml b/ansible_collections/community/mongodb/.github/workflows/documentation.yml new file mode 100644 index 00000000..769cafb9 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/documentation.yml @@ -0,0 +1,85 @@ +name: documentation + +on: + push: + branches: + - master + +jobs: + publish: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + steps: + + - name: Checkout + uses: actions/checkout@v3 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python 3.9 + uses: actions/setup-python@v4 + with: + python-version: 3.9 + + - name: Install ansible-base (devel) + run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check + + - name: Build collection + run: ansible-galaxy collection build . + + - name: Install collection + run: ansible-galaxy collection install community-mongodb-*.tar.gz + + - name: Install ansible-doc-extractor + run: pip install wheel setuptools ansible-doc-extractor --upgrade + + - name: Install rstdoc + run: pip install -v rstdoc + + - name: Create docs dir + run: mkdir -p docs/{lookup,cache} + + - name: Create rst files from modules + run: ansible-doc-extractor ./docs plugins/modules/mongodb_*.py + + - name: Create rst files from lookup + run: ansible-doc-extractor ./docs/lookup plugins/lookup/mongodb*.py + + - name: Create rst files from cache + run: ansible-doc-extractor ./docs/cache plugins/cache/mongodb*.py + + - name: Create collection index document + run: | + echo "# MongoDB Ansible Collection Documentation" > docs/index.md + echo "## Modules" >> docs/index.md + find plugins/modules -type f -name 'mongodb_*.py' -exec bash -c 'echo "- [$(basename "{}" ".py")]($(basename {} .py).html)"' \; >> docs/index.md + echo "## Lookup" >> docs/index.md + find plugins/lookup -type f -name 'mongodb*.py' -exec bash -c 'echo "- [$(basename "{}" ".py")](lookup/$(basename {} .py).html)"' \; >> docs/index.md + echo "## Cache" >> docs/index.md + find plugins/cache -type f -name 'mongodb*.py' -exec bash -c 'echo "- [$(basename "{}" ".py")](cache/$(basename {} .py).html)"' \; >> docs/index.md + + - name: Create module html documents from rst files + run: | + find ./docs -type f -name 'mongodb_*.rst' -maxdepth 1 -exec bash -c 'rstdoc {} "docs/$(basename "{}" ".rst").html" rst_html' \; + + - name: Create lookup html documents from rst files + run: | + find ./docs/lookup -type f -name 'mongodb*.rst' -maxdepth 1 -exec bash -c 'rstdoc {} "docs/lookup/$(basename "{}" ".rst").html" rst_html' \; + + - name: Create cache html documents from rst files + run: | + find ./docs/cache -type f -name 'mongodb*.rst' -maxdepth 1 -exec bash -c 'rstdoc {} "docs/cache/$(basename "{}" ".rst").html" rst_html' \; + + - name: Remove intermediary rst docs + run: find docs/ -name '*.rst' -delete + + - name: Deploy + if: success() + uses: crazy-max/ghaction-github-pages@v1 + with: + target_branch: gh-pages + build_dir: ansible_collections/community/mongodb/docs + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml b/ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml new file mode 100644 index 00000000..5c30b0cb --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/mongodb-cache.yml @@ -0,0 +1,310 @@ +name: CI +on: + pull_request: + schedule: + - cron: "0 3 * * *" + +jobs: + mongodb-cache: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + env: + ANSIBLE_CACHE_PLUGIN: "community.mongodb.mongodb" + ANSIBLE_CACHE_PLUGIN_CONNECTION: "mongodb://mongoadmin:secret@localhost:27017/cache?authSource=admin" + ANSIBLE_CACHE_PLUGIN_TIMEOUT: 0 + strategy: + matrix: + versions: + - ansible_version: "stable-2.10" + python_version: "3.6" + - ansible_version: "stable-2.11" + python_version: "3.6" + - ansible_version: "stable-2.12" + python_version: "3.9" + - ansible_version: "stable-2.13" + python_version: "3.8" + - ansible_version: "devel" + python_version: "3.9" + + steps: + + - name: Check out code + uses: actions/checkout@v3 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python ${{ matrix.versions.python_version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.versions.python_version }} + + - name: Install ansible-base (${{ matrix.versions.ansible_version }}) + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install https://github.com/ansible/ansible/archive/${{ matrix.versions.ansible_version }}.tar.gz --disable-pip-version-check + + - name: Build the collection + run: ansible-galaxy collection build + + - name: Rename the build artifact + run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz + + - name: Install collection + run: ansible-galaxy collection install community-mongodb-*.tar.gz + + - name: Create docker volume + run: docker volume create mongocache + + - name: Run the mongodb cache inside a docker container + run: + docker run -d --name mongocache -e MONGO_INITDB_ROOT_USERNAME=mongoadmin + -e MONGO_INITDB_ROOT_PASSWORD=secret -p 27017:27017 + -v mongocache:/data/db mongo:latest + + - name: Install mongodb-org-shell + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: sudo apt-get install mongodb-org-shell + + # https://github.community/t/set-output-truncates-multiline-strings/16852/5 + - name: Run ansible without pymongo installed to generate the warning + id: no-pymongo + run: | + output=$(ansible localhost -m setup 2>&1) + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=nopymongo::$output" + + - name: Test cache handling of missing pymongo + uses: nick-invision/assert-action@v1 + with: + expected: "The 'pymongo' python module is required for the mongodb fact cache" + actual: ${{ steps.no-pymongo.outputs.nopymongo }} + comparison: contains + + - name: Install pymongo + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install pymongo==3.12.2 + + - name: Run ansible to generate the mongodb cache + run: ansible localhost -m setup + + - name: Query mongo to see what we have in the cache + id: mongo1 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we have something that looks like a cache record + uses: nick-invision/assert-action@v1 + with: + expected: ansible_processor_count + actual: ${{ steps.mongo1.outputs.mongo }} + comparison: contains + + - name: Collection should not have a ttl index + id: mongo2 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we don't have an index called ttl + uses: nick-invision/assert-action@v1 + with: + expected: ttl + actual: ${{ steps.mongo2.outputs.mongo }} + comparison: notContains + + - name: Test that we have good output from getindexes + uses: nick-invision/assert-action@v1 + with: + expected: "_id_" + actual: ${{ steps.mongo2.outputs.mongo }} + comparison: contains + + - name: Repeat the action to hit the cache again + run: ansible localhost -m setup + + - name: Query mongo to see what we have in the cach3 + id: mongo3 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we have something that looks like a cache record + uses: nick-invision/assert-action@v1 + with: + expected: ansible_processor_count + actual: ${{ steps.mongo3.outputs.mongo }} + comparison: contains + + - name: Collection should not have a ttl index + id: mongo4 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we don't have an index called ttl + uses: nick-invision/assert-action@v1 + with: + expected: ttl + actual: ${{ steps.mongo4.outputs.mongo }} + comparison: notContains + + - name: Test that we have good output from getindexes + uses: nick-invision/assert-action@v1 + with: + expected: "_id_" + actual: ${{ steps.mongo4.outputs.mongo }} + comparison: contains + + - name: Run the action again with a modified timeout + env: + ANSIBLE_CACHE_PLUGIN_TIMEOUT: 3600 + run: ansible localhost -m setup + + - name: Query mongo to see what we have in the cache + id: mongo5 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we have something that looks like a cache record + uses: nick-invision/assert-action@v1 + with: + expected: ansible_processor_count + actual: ${{ steps.mongo5.outputs.mongo }} + comparison: contains + + - name: Collection should have a ttl index + id: mongo6 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we do have an index called ttl + uses: nick-invision/assert-action@v1 + with: + expected: ttl + actual: ${{ steps.mongo6.outputs.mongo }} + comparison: contains + + - name: Repeat the action + env: + ANSIBLE_CACHE_PLUGIN_TIMEOUT: 3600 + run: ansible localhost -m setup + + - name: Query mongo to see what we have in the cache + id: mongo7 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we have something that looks like a cache record + uses: nick-invision/assert-action@v1 + with: + expected: ansible_processor_count + actual: ${{ steps.mongo7.outputs.mongo }} + comparison: contains + + - name: Collection should have a ttl index + id: mongo8 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we do have an index called ttl + uses: nick-invision/assert-action@v1 + with: + expected: ttl + actual: ${{ steps.mongo8.outputs.mongo }} + comparison: contains + + - name: Set timeout back to zero + env: + ANSIBLE_CACHE_PLUGIN_TIMEOUT: 0 + run: ansible localhost -m setup + + - name: Query mongo to see what we have in the cache + id: mongo9 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.find()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we have something that looks like a cache record + uses: nick-invision/assert-action@v1 + with: + expected: ansible_processor_count + actual: ${{ steps.mongo9.outputs.mongo }} + comparison: contains + + - name: Collection should not have a ttl index + id: mongo10 + run: | + output=$(mongo cache --authenticationDatabase admin -u mongoadmin -p secret --eval "db.cache.getIndexes()") + echo "$output" + output="${output//'%'/'%25'}" + output="${output//$'\n'/'%0A'}" + output="${output//$'\r'/'%0D'}" + echo "::set-output name=mongo::$output" + + - name: Test that we don't have an index called ttl + uses: nick-invision/assert-action@v1 + with: + expected: ttl + actual: ${{ steps.mongo10.outputs.mongo }} + comparison: notContains + + - name: Test that we have good output from getindexes + uses: nick-invision/assert-action@v1 + with: + expected: "_id_" + actual: ${{ steps.mongo10.outputs.mongo }} + comparison: contains diff --git a/ansible_collections/community/mongodb/.github/workflows/publish_collection.yml b/ansible_collections/community/mongodb/.github/workflows/publish_collection.yml new file mode 100644 index 00000000..3e291f15 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/publish_collection.yml @@ -0,0 +1,58 @@ +name: Build & Publish Collection +on: + push: + branches: + - master + +jobs: + build_publish: + + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + steps: + + - name: Check out code + uses: actions/checkout@v3 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python 3.9 + uses: actions/setup-python@v4 + with: + python-version: 3.9 + + - name: Install ansible-base (devel) + run: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check + + - name: Build the collection + run: ansible-galaxy collection build + + - name: Rename the build artifact + run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz + + - name: Upload community-mongodb-latest.tar.gz as an artifact + uses: actions/upload-artifact@v1 + with: + name: community-mongodb-latest + path: ansible_collections/community/mongodb/community-mongodb-latest.tar.gz + + # Moving the tag leaves an orphan artifact. Just changing the artifact doesn't move the tag. + - name: Delete latest tag and release + uses: dev-drprasad/delete-tag-and-release@v0.1.2 + with: + delete_release: true + tag_name: latest + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload files to release + uses: svenstaro/upload-release-action@v2 + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: ansible_collections/community/mongodb/community-mongodb-latest.tar.gz + asset_name: community-mongodb-latest.tar.gz + body: "Development release" + tag: latest + overwrite: true diff --git a/ansible_collections/community/mongodb/.github/workflows/stale.yml b/ansible_collections/community/mongodb/.github/workflows/stale.yml new file mode 100644 index 00000000..da6d0845 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/stale.yml @@ -0,0 +1,15 @@ +name: 'Close stale issues and PRs' +on: + schedule: + - cron: '30 1 * * *' + +jobs: + stale: + runs-on: ubuntu-latest + steps: + + - name: Close Stale Issues + uses: actions/stale@v6.0.1 + with: + exempt-issue-labels: 'nostale,bug,help-wanted,feature,pinboard' + exempt-pr-labels: 'nostale,bug,help-wanted,feature' diff --git a/ansible_collections/community/mongodb/.github/workflows/test-roles.yml b/ansible_collections/community/mongodb/.github/workflows/test-roles.yml new file mode 100644 index 00000000..56858675 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/test-roles.yml @@ -0,0 +1,104 @@ +name: CI_roles +on: + pull_request: + schedule: + - cron: "0 6 * * *" + +jobs: + + roles_matrix: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb + outputs: + matrix: ${{ steps.json-list.outputs.roles-to-test }} + + steps: + + - name: Check out code + uses: actions/checkout@v3 + with: + path: ansible_collections/community/mongodb + + - name: Generate module list + run: | + find roles -type d -maxdepth 1 -mindepth 1 | cut -d '/' -f2 | awk NF | jq -sRc 'split("\n") | map(select(length > 0))' > int_test_roles.json + + - name: Set output variable + id: json-list + run: | + output=$(cat int_test_roles.json) + echo "::set-output name=roles-to-test::$output" + echo "$output" + + roles: + runs-on: ubuntu-20.04 + needs: roles_matrix + defaults: + run: + working-directory: ansible_collections/community/mongodb + + strategy: + matrix: + python_version: + - "3.6" + mongodb_role: ${{ fromJson(needs.roles_matrix.outputs.matrix) }} + + steps: + - name: Check out code + uses: actions/checkout@v3 + with: + path: ansible_collections/community/mongodb + + - name: Set up Python ${{ matrix.test_scenario.python_version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.test_scenario.python_version }} + + - name: Uninstall existing ansible + run: sudo apt remove ansible + + - name: Ensure wheel is installed + run: pip install wheel + + - name: Install requirements + run: | + export pyv=$(python -c 'from platform import python_version; print(python_version()[:3])') + pip install --requirement requirements-${pyv}.txt + - name: Add molecule location to path + run: echo "${HOME}/.local/bin" >> $GITHUB_PATH + + - name: Build the collection + run: ansible-galaxy collection build + + - name: Rename the build artifact + run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz + + - name: Install collection + run: ansible-galaxy collection install community-mongodb-*.tar.gz + + - name: Run molecule test for ${{ matrix.mongodb_role }} + run: molecule test + working-directory: ansible_collections/community/mongodb/roles/${{ matrix.mongodb_role }} + + # I don't like this + - name: Run molecule tests for a few extra mongodb_install role scenarios + run: | + molecule test --scenario-name specific_mongodb_version && \ + molecule test --scenario-name mongodb_hold_packages && \ + molecule test --scenario-name mongodb_nohold_packages + if: ${{ matrix.mongodb_role == 'mongodb_install' }} + working-directory: ansible_collections/community/mongodb/roles/mongodb_install + + - name: Run molecule tests for an extra mongodb_mongod scenario + run: | + molecule test --scenario-name custom_db_path && molecule test --scenario-name multiple_bind_ip + if: ${{ matrix.mongodb_role == 'mongodb_mongod' }} + working-directory: ansible_collections/community/mongodb/roles/mongodb_mongod + + - name: Run molecule tests for an extra mongodb_config scenario + run: | + molecule test --scenario-name custom_db_path + if: ${{ matrix.mongodb_role == 'mongodb_config' }} + working-directory: ansible_collections/community/mongodb/roles/mongodb_config diff --git a/ansible_collections/community/mongodb/.github/workflows/x509.yml b/ansible_collections/community/mongodb/.github/workflows/x509.yml new file mode 100644 index 00000000..beb9ef25 --- /dev/null +++ b/ansible_collections/community/mongodb/.github/workflows/x509.yml @@ -0,0 +1,145 @@ +name: CI +on: + pull_request: + schedule: + - cron: "0 3 * * *" + +jobs: + x509_membership_auth: + runs-on: ubuntu-20.04 + defaults: + run: + working-directory: ansible_collections/community/mongodb/tests/ansible-operator + steps: + + - name: Check out code + uses: actions/checkout@v3 + with: + path: ansible_collections/community/mongodb + + - name: Setup Minikube + uses: manusa/actions-setup-minikube@v2.7.1 + with: + minikube version: 'v1.13.1' + kubernetes version: 'v1.19.2' + github token: ${{ secrets.GITHUB_TOKEN }} + + - name: Install cert-manager + run: | + kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.1/cert-manager.yaml + + - name: Generate certs + run: | + openssl genrsa -out ca.key 8192 + openssl req -x509 -new -nodes -key ca.key -sha256 -subj "/CN=mongodb-cluster-ca.local" -days 36500 -reqexts v3_req -extensions v3_ca -out ca.crt + + - name: Wait for a bit + run: sleep 60 + + - name: Register the certs with k8 + run: | + kubectl create secret tls mongodb-cluster-ca-key-pair --key=ca.key --cert=ca.crt + kubectl apply -f ca-issuer.yaml + + - name: make install + run: make install + + - name: Create k8 namesapce + run: kubectl create ns ansible-operator-system + + - name: use minikubes docker + run: eval $(minikube docker-env --shell sh) + + - name: make docker-build + run: make docker-build IMG=test-mongodb-operator:latest + + - name: make deploy + run: make deploy IMG=test-mongodb-operator:latest + + - name: Wait for controller to be ready + run: kubectl wait --for=condition=available deployment/ansible-operator-controller-manager -n ansible-operator-system --timeout=60s + + - name: Setup the k8 mongodb env + run: | + kubectl apply -f config/samples/mongodb_v1alpha1_mongodb.yaml + sleep 10 + kubectl -n ansible-operator-system logs deployment.apps/ansible-operator-controller-manager -c manager + + - name: Wait for a bit + run: sleep 60 + + - name: Install socat + run: | + sudo apt update + sudo apt install socat + + - name: Forward the local port 27017 to k8 + run: kubectl port-forward mongodb-sample-0 27017:27017 --address 0.0.0.0 & + + - name: Copy the certs to the localhost + run: | + managerpod=$(kubectl get pods -n ansible-operator-system --no-headers | tr -s ' ' | cut -d ' ' -f 1) + kubectl cp ansible-operator-system/${managerpod}:/tmp/mongodb-sample.default/ca.crt ca.crt -c manager + kubectl cp ansible-operator-system/${managerpod}:/tmp/mongodb-sample.default/tls.key tls.key -c manager + + - name: Run mongosh shell command to test x509 membership connectivity + run: | + kubectl -n ansible-operator-system exec -ti deployment.apps/ansible-operator-controller-manager -c manager -- \ + /usr/bin/mongosh mongodb://mongodb-sample.default.svc.cluster.local \ + --tls \ + --tlsCAFile /tmp/mongodb-sample.default/ca.crt \ + --tlsCertificateKeyFile /tmp/mongodb-sample.default/tls.key \ + --authenticationMechanism MONGODB-X509 \ + --authenticationDatabase '$external' \ + --eval "db.adminCommand('listDatabases')" + + - name: Run mongosh shell command to test x509 membership connectivity from localhost + run: | + /usr/bin/mongosh mongodb://127.0.0.1 \ + --tls \ + --tlsCAFile ca.crt \ + --tlsCertificateKeyFile tls.key \ + --tlsAllowInvalidHostnames \ + --authenticationMechanism MONGODB-X509 \ + --authenticationDatabase '$external' \ + --eval "db.adminCommand('listDatabases')" + + - name: Set up Python 3.9 + uses: actions/setup-python@v4 + with: + python-version: "3.9" + + - name: Install ansible-base devel + uses: nick-invision/retry@v2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check + + - name: Build the collection + run: ansible-galaxy collection build + working-directory: ansible_collections/community/mongodb + + - name: Rename the build artifact + run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz + working-directory: ansible_collections/community/mongodb + + - name: Install collection + run: ansible-galaxy collection install community-mongodb-*.tar.gz + working-directory: ansible_collections/community/mongodb + + - name: Install pymongo + uses: nick-invision/retry@v2.8.2 + with: + timeout_minutes: 3 + max_attempts: 3 + command: pip install pymongo==3.12.2 + + - name: Run mongodb_user module with membership auth + run: ansible localhost -m community.mongodb.mongodb_user -a "login_host=localhost login_port=27017 login_database='$external' database='admin' password='secret' ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 name="test" state=present connection_options='tlsAllowInvalidHostnames=true'" + + - name: Run mongodb_info module with membership auth + run: ansible localhost -m community.mongodb.mongodb_info -a "login_host=localhost login_port=27017 login_database='$external' ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 connection_options='tlsAllowInvalidHostnames=true'" + + - name: Run mongodb_parameter module with membership auth + run: ansible localhost -m community.mongodb.mongodb_parameter -a "login_host=localhost login_port=27017 login_database='$external' param=syncdelay value=60 param_type=int ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 connection_options='tlsAllowInvalidHostnames=true'" |