install.fairie/home/dot_local/share/ansible/.config/molecule/docker.create.yml
2023-07-16 01:40:26 -04:00

179 lines
9.4 KiB
YAML

---
# yamllint disable rule:line-length
- name: Update platforms
hosts: localhost
tasks:
- name: Filtering platforms list using the group defined in the MOLECULE_GROUP environment variable
set_fact:
molecule_yml: "{{ molecule_yml | combine({'platforms': (molecule_yml.platforms | selectattr('groups', 'contains', lookup('env', 'MOLECULE_GROUP')))}) }}"
when: ansible_env.MOLECULE_GROUP is defined
- name: Create
hosts: localhost
connection: local
gather_facts: false
no_log: '{{ molecule_no_log }}'
vars:
molecule_labels:
owner: molecule
tasks:
- name: Log into a Docker registry
community.docker.docker_login:
username: '{{ item.registry.credentials.username }}'
password: '{{ item.registry.credentials.password }}'
email: '{{ item.registry.credentials.email | default(omit) }}'
registry: '{{ item.registry.url }}'
docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
with_items: '{{ molecule_yml.platforms }}'
when:
- item.registry is defined
- item.registry.credentials is defined
- item.registry.credentials.username is defined
no_log: true
- name: Check presence of custom Dockerfiles
ansible.builtin.stat:
path: "{{ molecule_scenario_directory + '/' + (item.dockerfile | default( 'Dockerfile.j2')) }}"
loop: '{{ molecule_yml.platforms }}'
register: dockerfile_stats
- name: Create Dockerfiles from image names
ansible.builtin.template:
# when using embedded playbooks the dockerfile is alonside them
src: >-
{%- if dockerfile_stats.results[i].stat.exists -%}
{{ molecule_scenario_directory + '/' + (item.dockerfile | default( 'Dockerfile.j2')) }}
{%- else -%}
{{ playbook_dir + '/Dockerfile.j2' }}
{%- endif -%}
dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
mode: '0600'
loop: '{{ molecule_yml.platforms }}'
loop_control:
index_var: i
when: not item.pre_build_image | default(false)
register: platforms
- name: Discover local Docker images
community.docker.docker_image_info:
name: 'molecule_local/{{ item.item.name }}'
docker_host: "{{ item.item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
with_items: '{{ platforms.results }}'
when:
- not item.pre_build_image | default(false)
register: docker_images
- name: Build an Ansible compatible image (new) # noqa: no-handler
when:
- platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
- not item.item.pre_build_image | default(false)
community.docker.docker_image:
build:
path: '{{ molecule_ephemeral_directory }}'
dockerfile: '{{ item.invocation.module_args.dest }}'
pull: '{{ item.item.pull | default(true) }}'
network: '{{ item.item.network_mode | default(omit) }}'
args: '{{ item.item.buildargs | default(omit) }}'
name: 'molecule_local/{{ item.item.image }}'
docker_host: "{{ item.item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
force_source: '{{ item.item.force | default(true) }}'
source: build
with_items: '{{ platforms.results }}'
loop_control:
label: 'molecule_local/{{ item.item.image }}'
no_log: false
register: result
until: result is not failed
retries: 3
delay: 30
- name: Create docker network(s)
ansible.builtin.include_tasks: tasks/create_network.yml
with_items: '{{ molecule_yml.platforms | molecule_get_docker_networks(molecule_labels) }}'
loop_control:
label: '{{ item.name }}'
no_log: false
- name: Determine the CMD directives
ansible.builtin.set_fact:
command_directives_dict: >-
{{ command_directives_dict | default({}) |
combine({ item.name: item.command | default('bash -c "while true; do sleep 10000; done"') })
}}
with_items: '{{ molecule_yml.platforms }}'
when: item.override_command | default(true)
- name: Create molecule instance(s)
community.docker.docker_container:
name: '{{ item.name }}'
docker_host: "{{ item.docker_host | default(lookup('env', 'DOCKER_HOST') or 'unix://var/run/docker.sock') }}"
cacert_path: "{{ item.cacert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/ca.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
cert_path: "{{ item.cert_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
key_path: "{{ item.key_path | default((lookup('env', 'DOCKER_CERT_PATH') + '/key.pem') if lookup('env', 'DOCKER_CERT_PATH') else omit) }}"
tls_verify: "{{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}"
hostname: '{{ item.hostname | default(item.name) }}'
image: "{{ item.pre_build_image | default(false) | ternary('', 'molecule_local/') }}{{ item.image }}"
pull: '{{ item.pull | default(omit) }}'
memory: '{{ item.memory | default(omit) }}'
memory_swap: '{{ item.memory_swap | default(omit) }}'
state: started
recreate: false
log_driver: json-file
command: '{{ (command_directives_dict | default({}))[item.name] | default(omit) }}'
command_handling: "{{ item.command_handling | default('compatibility') }}"
user: '{{ item.user | default(omit) }}'
pid_mode: '{{ item.pid_mode | default(omit) }}'
privileged: '{{ item.privileged | default(omit) }}'
security_opts: '{{ item.security_opts | default(omit) }}'
devices: '{{ item.devices | default(omit) }}'
links: '{{ item.links | default(omit) }}'
volumes: '{{ item.volumes | default(omit) }}'
mounts: '{{ item.mounts | default(omit) }}'
tmpfs: '{{ item.tmpfs | default(omit) }}'
capabilities: '{{ item.capabilities | default(omit) }}'
sysctls: '{{ item.sysctls | default(omit) }}'
exposed_ports: '{{ item.exposed_ports | default(omit) }}'
published_ports: '{{ item.published_ports | default(omit) }}'
ulimits: '{{ item.ulimits | default(omit) }}'
networks: '{{ item.networks | default(omit) }}'
network_mode: '{{ item.network_mode | default(omit) }}'
networks_cli_compatible: '{{ item.networks_cli_compatible | default(true) }}'
purge_networks: '{{ item.purge_networks | default(omit) }}'
dns_servers: '{{ item.dns_servers | default(omit) }}'
etc_hosts: '{{ item.etc_hosts | default(omit) }}'
env: '{{ item.env | default(omit) }}'
restart_policy: '{{ item.restart_policy | default(omit) }}'
restart_retries: '{{ item.restart_retries | default(omit) }}'
tty: '{{ item.tty | default(omit) }}'
labels: '{{ molecule_labels | combine(item.labels | default({})) }}'
container_default_behavior: "{{ item.container_default_behavior | default('compatibility'
if ansible_version.full is version_compare('2.10', '>=') else omit) }}"
stop_signal: '{{ item.stop_signal | default(omit) }}'
kill_signal: '{{ item.kill_signal | default(omit) }}'
register: server
with_items: '{{ molecule_yml.platforms }}'
loop_control:
label: '{{ item.name }}'
no_log: false
async: 7200
poll: 0
- name: Wait for instance(s) creation to complete
ansible.builtin.async_status:
jid: '{{ item.ansible_job_id }}'
register: docker_jobs
until: docker_jobs.finished
retries: 300
with_items: '{{ server.results }}'