From b507b53121a12227461e4bdf343538597718c7f0 Mon Sep 17 00:00:00 2001 From: Eugene Zamriy Date: Thu, 14 Dec 2023 01:33:07 +0300 Subject: [PATCH] Adds koji_db_server role --- CHANGELOG.rst | 8 ++++ README.md | 1 + changelogs/.plugin-cache.yaml | 6 ++- changelogs/changelog.yaml | 7 +++ galaxy.yml | 5 ++- molecule/koji_db_server/converge.yml | 16 +++++++ molecule/koji_db_server/molecule.yml | 17 ++++++++ molecule/koji_db_server/verify.yml | 21 +++++++++ roles/koji_db_server/README.md | 32 ++++++++++++++ roles/koji_db_server/defaults/main.yml | 6 +++ roles/koji_db_server/meta/argument_specs.yml | 34 +++++++++++++++ roles/koji_db_server/meta/main.yml | 16 +++++++ roles/koji_db_server/tasks/main.yml | 46 ++++++++++++++++++++ 13 files changed, 212 insertions(+), 3 deletions(-) create mode 100644 molecule/koji_db_server/converge.yml create mode 100644 molecule/koji_db_server/molecule.yml create mode 100644 molecule/koji_db_server/verify.yml create mode 100644 roles/koji_db_server/README.md create mode 100644 roles/koji_db_server/defaults/main.yml create mode 100644 roles/koji_db_server/meta/argument_specs.yml create mode 100644 roles/koji_db_server/meta/main.yml create mode 100644 roles/koji_db_server/tasks/main.yml diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 0d5267b..1500262 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,14 @@ msvsphere.ci Release Notes .. contents:: Topics +v0.1.3 +====== + +New Roles +--------- + +- msvsphere.ci.koji_db_server - A role that configures a PostgreSQL server for Koji. + v0.1.2 ====== diff --git a/README.md b/README.md index b295d30..ee6a3b5 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ The MSVSphere OS CI/CD collection. ## Roles +* [koji_db_server](roles/koji_db_server/README.md) * [koji_server_ca](roles/koji_server_ca/README.md) * [koji_tools](roles/koji_tools/README.md) * [postgresql_server](roles/postgresql_server/README.md) diff --git a/changelogs/.plugin-cache.yaml b/changelogs/.plugin-cache.yaml index d9b67b0..aa6b1d4 100644 --- a/changelogs/.plugin-cache.yaml +++ b/changelogs/.plugin-cache.yaml @@ -1,5 +1,9 @@ objects: role: + koji_db_server: + description: A role that configures a PostgreSQL server for Koji. + name: koji_db_server + version_added: 0.1.3 koji_server_ca: description: A role that creates a Koji server CA and issues an HTTPS certificate. name: koji_server_ca @@ -28,4 +32,4 @@ plugins: strategy: {} test: {} vars: {} -version: 0.1.2 +version: 0.1.3 diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 3bb1343..a8f870e 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -25,3 +25,10 @@ releases: name: koji_server_ca namespace: null release_date: '2023-12-13' + 0.1.3: + objects: + role: + - description: A role that configures a PostgreSQL server for Koji. + name: koji_db_server + namespace: null + release_date: '2023-12-14' diff --git a/galaxy.yml b/galaxy.yml index 1b8e5a5..6b6f56d 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,6 +1,6 @@ namespace: msvsphere name: ci -version: 0.1.2 +version: 0.1.3 readme: README.md authors: - Eugene Zamriy @@ -9,7 +9,8 @@ license_file: LICENSE tags: - linux - msvsphere -dependencies: {} +dependencies: + 'community.postgresql': '*' repository: https://git.inferitos.ru/msvsphere/ansible-msvsphere.ci homepage: https://git.inferitos.ru/msvsphere/ansible-msvsphere.ci issues: https://git.inferitos.ru/msvsphere/ansible-msvsphere.ci/issues diff --git a/molecule/koji_db_server/converge.yml b/molecule/koji_db_server/converge.yml new file mode 100644 index 0000000..e8fdc51 --- /dev/null +++ b/molecule/koji_db_server/converge.yml @@ -0,0 +1,16 @@ +--- +- name: Converge + hosts: all + gather_facts: true + become: true + + tasks: + - name: Setup and configure PostgreSQL server + ansible.builtin.include_role: + name: postgresql_server + rolespec_validate: true + + - name: Test koji_db_server role + ansible.builtin.include_role: + name: msvsphere.ci.koji_db_server + rolespec_validate: true diff --git a/molecule/koji_db_server/molecule.yml b/molecule/koji_db_server/molecule.yml new file mode 100644 index 0000000..45bc770 --- /dev/null +++ b/molecule/koji_db_server/molecule.yml @@ -0,0 +1,17 @@ +--- +driver: + name: vagrant + +platforms: + - name: msvsphere-9 + box: msvsphere/9 + memory: 1024 + cpus: 1 + +provisioner: + name: ansible + inventory: + group_vars: + all: + koji_db_server_password: 'MsVsPhErE-32167' + koji_db_server_ip: '127.0.0.1' diff --git a/molecule/koji_db_server/verify.yml b/molecule/koji_db_server/verify.yml new file mode 100644 index 0000000..730c208 --- /dev/null +++ b/molecule/koji_db_server/verify.yml @@ -0,0 +1,21 @@ +--- +- name: Verify + hosts: all + become: true + + tasks: + - name: Check Koji database connection + ansible.builtin.command: + argv: + - psql + - -t + - --csv + - -c + - "SELECT 'exists' FROM pg_database WHERE datname='koji'" + - "postgresql://koji:{{ koji_db_server_password }}@127.0.0.1:5432/koji" + register: psql_cmd + + - name: Verify Koji database connection status + ansible.builtin.assert: + that: | + psql_cmd.rc == 0 and psql_cmd.stdout == 'exists' diff --git a/roles/koji_db_server/README.md b/roles/koji_db_server/README.md new file mode 100644 index 0000000..8d41944 --- /dev/null +++ b/roles/koji_db_server/README.md @@ -0,0 +1,32 @@ +# msvsphere.ci.koji_db_server + +An Ansible role that configures a PostgreSQL server for Koji. + +## Variables + +| Variable | Default value | Type | Description | Required | +| -------- | ------------- | ---- | ----------- | -------- | +| koji_db_server_db_name | "koji" | string | Koji database name. | no | +| koji_db_server_user | "koji" | string | Koji database user name. | no | +| koji_db_server_password | | string | Koji database user password. | yes | +| koji_db_server_ip | | string | Koji (koji-hub/koji-web) server IP address. | yes | +| koji_db_server_password_encryption | "scram-sha-256" | string | Password encryption algorithm. | no | + +## Example playbook + +```yaml +--- +- hosts: all + roles: + - role: msvsphere.ci.koji_db_server + koji_db_server_password: 'PASSWORD' + koji_db_server_ip: '127.0.0.1' +``` + +## License + +MIT. + +## Authors + +* [Eugene Zamriy](mailto:ezamriy@msvsphere-os.ru) diff --git a/roles/koji_db_server/defaults/main.yml b/roles/koji_db_server/defaults/main.yml new file mode 100644 index 0000000..2b1ca25 --- /dev/null +++ b/roles/koji_db_server/defaults/main.yml @@ -0,0 +1,6 @@ +--- +koji_db_server_db_name: 'koji' +koji_db_server_user: 'koji' +koji_db_server_password: +koji_db_server_ip: +koji_db_server_password_encryption: 'scram-sha-256' diff --git a/roles/koji_db_server/meta/argument_specs.yml b/roles/koji_db_server/meta/argument_specs.yml new file mode 100644 index 0000000..d5cb57b --- /dev/null +++ b/roles/koji_db_server/meta/argument_specs.yml @@ -0,0 +1,34 @@ +--- +argument_specs: + main: + short_description: A role that configures a PostgreSQL server for Koji. + author: Eugene Zamriy + version_added: '0.1.3' + options: + koji_db_server_db_name: + description: Koji database name. + default: 'koji' + type: 'str' + required: false + + koji_db_server_user: + description: Koji database user name. + default: 'koji' + type: 'str' + required: false + + koji_db_server_password: + description: Koji database user password. + type: 'str' + required: true + + koji_db_server_ip: + description: Koji (koji-hub/koji-web) server IP address. + type: 'str' + required: true + + koji_db_server_password_encryption: + description: Password encryption algorithm. + default: 'scram-sha-256' + type: 'str' + required: false diff --git a/roles/koji_db_server/meta/main.yml b/roles/koji_db_server/meta/main.yml new file mode 100644 index 0000000..cc957d6 --- /dev/null +++ b/roles/koji_db_server/meta/main.yml @@ -0,0 +1,16 @@ +--- +galaxy_info: + author: Eugene Zamriy + description: A role that configures a PostgreSQL server for Koji. + company: Softline PJSC + license: MIT + min_ansible_version: 2.13 + platforms: + - name: EL + versions: + - "9" + galaxy_tags: + - postgresql + - koji + +dependencies: [] diff --git a/roles/koji_db_server/tasks/main.yml b/roles/koji_db_server/tasks/main.yml new file mode 100644 index 0000000..5930897 --- /dev/null +++ b/roles/koji_db_server/tasks/main.yml @@ -0,0 +1,46 @@ +--- +- name: Check if required variables are defined + ansible.builtin.fail: + msg: "{{ item }} is not defined or empty" + when: | + (vars[item] is undefined) + or (vars[item] is none) + or (vars[item] | trim | length == 0) + with_items: + - koji_db_server_db_name + - koji_db_server_user + - koji_db_server_password + - koji_db_server_ip + - koji_db_server_password_encryption + +# Required for community.postgresql.postgresql_db module +- name: Install dependencies + ansible.builtin.dnf: + name: python3-psycopg2 + state: installed + +- name: Create Koji database + community.postgresql.postgresql_db: + name: "{{ koji_db_server_db_name }}" + become: true + become_user: postgres + +- name: Create Koji database user + community.postgresql.postgresql_user: + db: "{{ koji_db_server_db_name }}" + name: "{{ koji_db_server_user }}" + password: "{{ koji_db_server_password }}" + environment: + PGOPTIONS: "-c password_encryption={{ koji_db_server_password_encryption }}" + become: true + become_user: postgres + +- name: Allow requests from Koji server + community.postgresql.postgresql_pg_hba: + dest: /var/lib/pgsql/data/pg_hba.conf + contype: host + databases: "{{ koji_db_server_db_name }}" + users: "{{ koji_db_server_user }}" + address: "{{ koji_db_server_ip }}/32" + method: "{{ koji_db_server_password_encryption }}" + notify: restart postgresql