From c696c57a5e461afbf8248b24872987cbe55a7a2f Mon Sep 17 00:00:00 2001 From: Luciano Giacchetta Date: Tue, 10 Mar 2026 17:47:11 -0300 Subject: [PATCH] feat: implement molecule to test role --- .gitea/workflows/update-traefik-version.yml | 58 +++++++++++++++++++++ molecule/default/converge.yml | 6 +++ molecule/default/molecule.yml | 26 +++++++++ molecule/default/verify.yml | 23 ++++++++ 4 files changed, 113 insertions(+) create mode 100644 .gitea/workflows/update-traefik-version.yml create mode 100644 molecule/default/converge.yml create mode 100644 molecule/default/molecule.yml create mode 100644 molecule/default/verify.yml diff --git a/.gitea/workflows/update-traefik-version.yml b/.gitea/workflows/update-traefik-version.yml new file mode 100644 index 0000000..8b13654 --- /dev/null +++ b/.gitea/workflows/update-traefik-version.yml @@ -0,0 +1,58 @@ +#SPDX-License-Identifier: GPL-3.0-only +--- +name: Update Traefik Version + +on: + schedule: + - cron: '0 6 * * 1' # Every Monday at 06:00 UTC + workflow_dispatch: + +jobs: + update-version: + runs-on: fedora-latest + steps: + - name: Checkout + uses: actions/checkout@v6 + with: + path: ansible_role_proxy + + - name: Check versions + id: check + working-directory: ansible_role_proxy + run: | + LATEST=$(curl -sf https://api.github.com/repos/traefik/traefik/releases/latest | jq -r '.tag_name') + CURRENT=$(grep "^traefik_version:" defaults/main.yml | sed "s/traefik_version: '//;s/'//") + echo "latest=$LATEST" >> "$GITHUB_OUTPUT" + if [ "$LATEST" = "$CURRENT" ]; then + echo "needs_update=false" >> "$GITHUB_OUTPUT" + echo "Already on latest: $CURRENT" + else + echo "needs_update=true" >> "$GITHUB_OUTPUT" + echo "Update available: $CURRENT -> $LATEST" + fi + + - name: Install Molecule + if: steps.check.outputs.needs_update == 'true' + run: pip install ansible molecule molecule-plugins[podman] + + - name: Update traefik_version + if: steps.check.outputs.needs_update == 'true' + working-directory: ansible_role_proxy + run: | + sed -i "s/^traefik_version: '.*'$/traefik_version: '${{ steps.check.outputs.latest }}'/" defaults/main.yml + + - name: Run Molecule tests + if: steps.check.outputs.needs_update == 'true' + working-directory: ansible_role_proxy + run: molecule test + + # - name: Commit and push + # if: steps.check.outputs.needs_update == 'true' + # working-directory: ansible_role_proxy + # run: | + # git config user.name "giabot" + # git config user.email "bot@mail.gianet.us" + # git remote set-url origin "https://giabot:${{ secrets.GITEA_TOKEN }}@gianet.us/engineering/ansible_role_reverse.git" + # git add defaults/main.yml + # git commit -m "patch: update traefik_version to ${{ steps.check.outputs.latest }}" + # git push origin main diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml new file mode 100644 index 0000000..d51929c --- /dev/null +++ b/molecule/default/converge.yml @@ -0,0 +1,6 @@ +#SPDX-License-Identifier: GPL-3.0-only +--- +- name: Converge + hosts: all + roles: + - role: ansible_role_proxy diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml new file mode 100644 index 0000000..a83c399 --- /dev/null +++ b/molecule/default/molecule.yml @@ -0,0 +1,26 @@ +#SPDX-License-Identifier: GPL-3.0-only +--- +dependency: + name: galaxy + +driver: + name: podman + +platforms: + - name: instance + image: ghcr.io/geerlingguy/docker-debian12-ansible:latest + pre_build_image: true + privileged: true + systemd: always + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:rw + cgroupns_mode: host + +provisioner: + name: ansible + playbooks: + converge: converge.yml + verify: verify.yml + +verifier: + name: ansible diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml new file mode 100644 index 0000000..947b7f0 --- /dev/null +++ b/molecule/default/verify.yml @@ -0,0 +1,23 @@ +#SPDX-License-Identifier: GPL-3.0-only +--- +- name: Verify + hosts: all + tasks: + - name: Check traefik binary + ansible.builtin.stat: + path: /opt/traefik/traefik + register: traefik_binary + + - name: Assert traefik binary is executable + ansible.builtin.assert: + that: + - traefik_binary.stat.exists + - traefik_binary.stat.executable + + - name: Gather service facts + ansible.builtin.service_facts: + + - name: Assert traefik service is present + ansible.builtin.assert: + that: + - "'traefik.service' in ansible_facts.services"