update

feat(ci): add ubuntu 24.04 in test workflow

.ansible-lint

@@ -2,44 +2,45 @@
 exclude_paths:
   - molecule/
   - .pre-commit-config.yaml
+  - .github/
 
 parseable: true
 
 use_default_rules: true
 
 enable_list:
-  command-shell:  # Specific to use of command and shell modules
+  # Specific to use of command and shell modules
   - command-instead-of-module
   - command-instead-of-shell
   - deprecated-command-syntax
   - inline-env-var
   - no-changed-when
   - risky-shell-pipe
-  core:  # Related to internal implementation of the linter
+  # Related to internal implementation of the linter
   - internal-error
   - load-failure
   - parser-error
   - syntax-check
-  deprecations:  # Indicate use of features that are removed from Ansible
+  # Indicate use of features that are removed from Ansible
   - deprecated-bare-vars
   - deprecated-command-syntax
   - deprecated-local-action
   - deprecated-module
   - no-jinja-when
   - role-name
-  formatting:  # Related to code-style
+  # Related to code-style
   - no-jinja-nesting
   - no-tabs
   - playbook-extension
   - risky-octal
   - var-spacing
   - yaml
-  idempotency:  # Possible indication that consequent runs would produce different results
+  # Possible indication that consequent runs would produce different results
   - git-latest
   - hg-latest
   - no-changed-when
   - package-latest
-  idiom:  # Anti-pattern detected, likely to cause undesired behavior
+  # Anti-pattern detected, likely to cause undesired behavior
   - command-instead-of-module
   - command-instead-of-shell
   - empty-string-compare
@@ -50,17 +51,15 @@ enable_list:
   - no-relative-paths
   - unnamed-task
   - var-naming
-  metadata:  # Invalid metadata, likely related to galaxy, collections or roles
+  # Invalid metadata, likely related to galaxy, collections or roles
   - meta-incorrect
   - meta-no-tags
   - meta-video-links
   - role-name
-  unpredictability:
   - ignore-errors
   - partial-become
-  unskippable:
   - syntax-check
-  yaml:  # External linter which will also produce its own rule codes.
+  # External linter which will also produce its own rule codes.
   - yaml
 
 warn_list:
@@ -70,5 +69,6 @@ warn_list:
 
 skip_list:
   - role-name  # BUG
+  - name[casing]
 
 verbosity: 1

.github/workflows/galaxy.yml

@@ -10,6 +10,7 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: galaxy
-        uses: robertdebock/galaxy-action@1.1.1
+        uses: robertdebock/galaxy-action@1.2.1
         with:
           galaxy_api_key: ${{ secrets.galaxy_api_key }}
+          git_branch: main

.github/workflows/molecule.yml

@@ -1,50 +1,82 @@
 ---
 name: Ansible Molecule
-
 on: # yamllint disable-line rule:truthy
   push:
     tags_ignore:
       - '*'
   pull_request:
-
 jobs:
+  setup:
+    name: Setup scenarios matrix
+    runs-on: ubuntu-22.04
+    outputs:
+      scenarios: ${{ steps.matrix.outputs.scenarios }}
+    steps:
+      - uses: actions/checkout@v3
+      - id: matrix
+        run: |
+          JSON="["
+
+          for s in $(find molecule -mindepth 1 -maxdepth 1 -type d -exec basename "{}" \;); do
+            JSON="${JSON}\"${s}\","
+          done
+
+          JSON="${JSON%?}"
+          JSON="$JSON]"
+
+          echo "::set-output name=scenarios::$(echo $JSON)"
   lint:
-    runs-on: ubuntu-20.04
+    name: Lint
+    needs:
+      - setup
+    runs-on: ubuntu-22.04
     steps:
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           path: "${{ github.repository }}"
-      - name: molecule
-        uses: robertdebock/molecule-action@2.6.17
+      - name: Run ansible lint
+        uses: ansible/ansible-lint-action@main
         with:
-          command: lint
-
+          path: "."
   test:
+    name: Scenario "${{ matrix.scenario }}" on ${{ matrix.config.image }}:${{ matrix.config.tag }}
     needs:
       - lint
+      - setup
     runs-on: ubuntu-20.04
     strategy:
       fail-fast: false
       matrix:
+        scenario: ${{ fromJson(needs.setup.outputs.scenarios) }}
         config:
           - image: "amazonlinux"
             tag: "latest"
-          - image: "fedora"
-            tag: "28"
+          - name: "redhat"
+            image: "registry.access.redhat.com/ubi8/ubi"
+            tag: "latest"
+          - image: "debian"
+            tag: "12"
           - image: "debian"
             tag: "11"
           - image: "debian"
             tag: "10"
           - image: "ubuntu"
-            tag: "20.04"
+            tag: "22.04"
+          - image: ubuntu
+            tag: "24.04"
     steps:
       - name: checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           path: "${{ github.repository }}"
       - name: molecule
-        uses: robertdebock/molecule-action@2.6.17
+        uses: gofrolist/molecule-action@v2
         with:
+          # molecule_options: --debug
+          molecule_command: test
+          molecule_args: --scenario-name ${{ matrix.scenario }} -d docker
+          molecule_working_dir: "${{ github.repository }}"
+        env:
           image: ${{ matrix.config.image }}
           tag: ${{ matrix.config.tag }}

README.md

@@ -1,24 +1,15 @@
 # Ansible role - motd
-[![Maintainer](https://img.shields.io/badge/maintained%20by-claranet-e00000?style=flat-square)](https://www.claranet.fr/)
-[![License](https://img.shields.io/github/license/claranet/ansible-role-motd?style=flat-square)](LICENSE)
-[![Release](https://img.shields.io/github/v/release/claranet/ansible-role-motd?style=flat-square)](https://github.com/claranet/ansible-role-motd/releases)
-[![Status](https://img.shields.io/github/workflow/status/claranet/ansible-role-motd/Ansible%20Molecule?style=flat-square&label=tests)](https://github.com/claranet/ansible-role-motd/actions?query=workflow%3A%22Ansible+Molecule%22)
-[![Ansible version](https://img.shields.io/badge/ansible-%3E%3D2.9-black.svg?style=flat-square&logo=ansible)](https://github.com/ansible/ansible)
-[![Ansible Galaxy](https://img.shields.io/badge/ansible-galaxy-black.svg?style=flat-square&logo=ansible)](https://galaxy.ansible.com/claranet/motd)
 
+Install and configure dynamic MOTD
 
-> :star: Star us on GitHub — it motivates us a lot!
-
-Install and configure dynamic MOTD and SSH banner
-
-This role uses [https://github.com/claranet/motd](https://github.com/claranet/motd) by default to get the banner and the MOTD
+This role uses [https://gitea.tips-of-mine.com/Tips-Of-Mine/motd](https://gitea.tips-of-mine.com/Tips-Of-Mine/motd) by default to get the MOTD
 
 ```
 System info:
-  Hostname·········: claranet_motd_ubuntu-20.04
+  Hostname·········: tips-of-mine_motd_ubuntu-20.04
   Distro···········: Ubuntu 20.04.3 LTS
   Kernel···········: Linux 5.10.47-linuxkit
-  Uptime···········: up 2 days, 23 hours, 18 minutes
+  Uptime···········: up 12 days, 23 hours, 18 minutes
   Load·············: 1.33 (1m), 0.43 (5m), 0.20 (15m)
   Processes········: 13 (root), 3 (user), 16 (total)
   CPU··············: Intel(R) Core(TM) i7-8569U CPU @ 2.80GHz (4 vCPU)
@@ -35,12 +26,12 @@ Ansible:
 
 ## :warning: Requirements
 
-Ansible >= 2.9
+Ansible >= 2.10
 
 ## :zap: Installation
 
 ```bash
-ansible-galaxy install claranet.motd
+ansible-galaxy install tips-of-mine.motd
 ```
 
 ## :gear: Role variables
@@ -48,12 +39,7 @@ ansible-galaxy install claranet.motd
 Variable                     | Default value                                                          | Description
 -----------------------------|------------------------------------------------------------------------|----------------------------------------------------------------
 motd_disable_default_motd    | true                                                                   | Disable system default MOTD (/etc/motd)
-motd_banner_template         | https://raw.githubusercontent.com/claranet/motd/master/banner          | SSH banner template<br>Can be a URL, a local template or `null`
-motd_banner_template_prepend | ""                                                                     | Prepend raw content to `motd_banner_template`
-motd_banner_template_append  | ""                                                                     | Append raw content to `motd_banner_template`
-motd_banner_template_username| {{ motd_template_username }}                                           | Used when `motd_banner_template` is an URL
-motd_banner_template_password| {{ motd_template_password }}                                           | Used when `motd_banner_template` is an URL
-motd_template                | https://raw.githubusercontent.com/claranet/motd/master/scripts/00-basic| Dynmaic MOTD template<br>Can be a URL or a local template
+motd_template                | https://gitea.tips-of-mine.com/Tips-Of-Mine/motd/scripts/00-basic      | Dynmaic MOTD template<br>Can be a URL or a local template
 motd_template_prepend        | ""                                                                     | Prepend raw content to `motd_template`
 motd_template_append         | See [defaults/main.yml](defaults/main.yml)                             | Append raw content to `motd_template`
 motd_template_username       | ""                                                                     | Used when `motd_template` is an URL
@@ -65,7 +51,7 @@ motd_template_password       | ""
 ---
 - hosts: all
   roles:
-    - role: claranet.motd
+    - role: tips-of-mine.motd
       motd_template: "{{ playbook_dir }}/templates/dynmotd.j2"
 ```
 

defaults/main.yml

@@ -1,6 +1,6 @@
 ---
 motd_disable_default_motd: true
-motd_template: https://raw.githubusercontent.com/claranet/motd/master/scripts/00-basic
+motd_template: https://gitea.tips-of-mine.com/Tips-Of-Mine/motd/master/scripts/00-basic
 motd_template_prepend: ""
 motd_template_append: |
 

handlers/main.yml

@@ -1,4 +1,4 @@
 - name: Restart sshd
-  service:
+  ansible.builtin.service:
     name: sshd
     state: restarted

meta/main.yml

@@ -7,7 +7,7 @@ galaxy_info:
 
   license: "MPL2"
 
-  min_ansible_version: 2.9
+  min_ansible_version: "2.10"
 
   galaxy_tags: ['claranet', 'motd', 'system', 'dynmotd', 'dynamic']
 

molecule/default/Dockerfile.j2

@@ -14,8 +14,11 @@ ENV {{ var }} {{ value }}
 {% endfor %}
 {% endif %}
 
-RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python3 sudo bash ca-certificates iproute2 systemd && apt-get clean; \
-    elif [ $(command -v yum) ]; then yum install -y python3 sudo bash iproute systemd firewalld initscripts; \
-    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 && zypper clean -a; \
-    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
-    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 && xbps-remove -O; fi
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python3 sudo bash ca-certificates iproute2 systemd wget && apt-get clean; \
+    elif [ $(command -v yum) ]; then yum install -y python3 sudo bash iproute systemd initscripts wget; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml iproute2 wget && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates wget; \
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates iproute2 wget && xbps-remove -O; fi
+
+RUN wget -O /usr/bin/systemctl https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/master/files/docker/systemctl3.py && \
+    chmod +x /usr/bin/systemctl

molecule/default/converge.yml

@@ -6,11 +6,11 @@
 
   pre_tasks:
     - name: "Update APT cache"
-      apt:
+      ansible.builtin.apt:
         update_cache: true
       when:
         - ansible_pkg_mgr == "apt"
 
     - name: Install sshd
-      package:
+      ansible.builtin.package:
         name: openssh-server

molecule/default/molecule.yml

@@ -1,12 +1,15 @@
 ---
 dependency:
-  name: galaxy
+  name: shell
+  command: python3 -m pip install pytest-testinfra
 
 driver:
   name: docker
 
 platforms:
-  - name: claranet_motd_${image:-debian}-${tag:-latest}
+  # On "${name:-${image:-debian}", the last brace does not miss, it works like that...
+  # The env var should be used when the image variable refers to a full registry path like registry.access.redhat.com/ubi8/ubi
+  - name: claranet_motd_${name:-${image:-debian}-${tag:-latest}-${scenario:-default}
     image: ${image:-debian}:${tag:-latest}
     privileged: true
     tty: true
@@ -24,13 +27,14 @@ provisioner:
   name: ansible
   env:
     ANSIBLE_FORCE_COLOR: "true"
+    ANSIBLE_LOAD_CALLBACK_PLUGINS: "true"
+    ANSIBLE_STDOUT_CALLBACK: "ansible.posix.debug"
+    ANSIBLE_CALLBACKS_ENABLED: "ansible.posix.profile_tasks"
   options:
     v: true
 
 verifier:
   name: testinfra
-  lint:
-    name: flake8
   options:
     verbose: true
     s: true

tasks/configure_motd.yml

@@ -1,19 +0,0 @@
----
-- name: configure_motd | Apply template {{ motd_template }} on {{ _motd_file_path }}
-  copy:
-    content: "{{ motd_template_prepend + _motd_template_content + motd_template_append }}"
-    dest: "{{ _motd_file_path }}"
-    owner: root
-    group: root
-    mode: '0755'
-  tags:
-    - molecule-idempotence-notest
-
-- name: configure_motd | Add pam_exec {{ _motd_file_path }} in pam
-  lineinfile:
-    path: "{{ item }}"
-    line: session optional pam_exec.so type=open_session stdout {{ _motd_file_path }}
-  loop:
-    - "{{ _motd_pam_login_file_path }}"
-    - "{{ _motd_pam_sshd_file_path }}"
-...

tasks/disable_default_motd.yml

@@ -1,18 +1,18 @@
 ---
 - name: disable_default_motd | Get stats of {{ _motd_sshd_config_file_path }}
-  stat:
+  ansible.builtin.stat:
     path: "{{ _motd_sshd_config_file_path }}"
   register: _motd_sshd_config_file_stat
 
 - name: disable_default_motd | Ensure PrintMotd is set to "no" in {{ _motd_sshd_config_file_path }}
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ _motd_sshd_config_file_path }}"
     regexp: "^PrintMotd "
     line: PrintMotd no
   when: _motd_sshd_config_file_stat.stat.exists
 
 - name: disable_default_motd | Comment out pam_motd in pam
-  replace:
+  ansible.builtin.replace:
     path: "{{ item }}"
     regexp: '^(session\s+optional\s+pam_motd.so\s+.*)'
     replace: '# \1'

tasks/main.yml

@@ -1,7 +1,23 @@
 ---
-- name: include_tasks disable_default_motd.yml if motd_disable_default_motd is True
-  include_tasks: disable_default_motd.yml
+- name: Include disable_default_motd.yml if motd_disable_default_motd is True
+  ansible.builtin.include_tasks: disable_default_motd.yml
   when: motd_disable_default_motd|bool
 
-- include_tasks: configure_motd.yml
+- name: "Configure_motd | Apply template {{ motd_template + ' in ' + _motd_file_path }}"
+  ansible.builtin.copy:
+    content: "{{ motd_template_prepend + _motd_template_content + motd_template_append }}"
+    dest: "{{ _motd_file_path }}"
+    owner: root
+    group: root
+    mode: '0755'
+  tags:
+    - molecule-idempotence-notest
+
+- name: Configure_motd | Add in pam pam_exec {{ _motd_file_path }}
+  ansible.builtin.lineinfile:
+    path: "{{ item }}"
+    line: session optional pam_exec.so type=open_session stdout {{ _motd_file_path }}
+  loop:
+    - "{{ _motd_pam_login_file_path }}"
+    - "{{ _motd_pam_sshd_file_path }}"
 ...