forked from nginxinc/ansible-role-nginx
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add Ansible/Jinja2/Collections validation (nginxinc#747)
- Loading branch information
Showing
2 changed files
with
83 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,34 +1,100 @@ | ||
| --- | ||
| - name: Check whether you are using a supported NGINX distribution | ||
| - name: Verify you are using a supported Ansible version on your Ansible host | ||
| ansible.builtin.assert: | ||
| that: | ||
| - ansible_facts['distribution'] | lower in nginx_distributions.keys() | list | ||
| - (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string) | ||
| - ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures'] | ||
| success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. | ||
| fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. | ||
| when: | ||
| - nginx_enable | bool | ||
| - (nginx_install_from == "nginx_repository" or nginx_type == "plus") | ||
| that: ansible_version['full'] is version('2.16', '>=') | ||
| success_msg: Ansible {{ ansible_version['full'] }} is supported. | ||
| fail_msg: Ansible {{ ansible_version['full'] }} has reached End of Life (EoL). Please upgrade to a supported Ansible release. Check the README for more details. | ||
| delegate_to: localhost | ||
| ignore_errors: true # noqa ignore-errors | ||
|
|
||
| - name: Check that 'nginx_setup' is an allowed value | ||
| - name: Extract the version of Jinja2 installed on your Ansible host | ||
| ansible.builtin.command: ansible --version | ||
| register: jinja2_version | ||
| changed_when: false | ||
| delegate_to: localhost | ||
| become: false | ||
|
|
||
| - name: Verify that you are using a supported Jinja2 version on your Ansible host | ||
| ansible.builtin.assert: | ||
| that: (jinja2_version['stdout'] | regex_search('jinja version = ([\\d.]+)', '\\1') | first) is version('3.1', '>=') | ||
| success_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is supported. | ||
| fail_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is not supported. Please upgrade to Jinja2 3.1. Check the README for more details. | ||
| delegate_to: localhost | ||
| become: false | ||
|
|
||
| - name: Extract the list of Ansible collections installed on your Ansible host | ||
| ansible.builtin.command: ansible-galaxy collection list | ||
| register: collection_list | ||
| changed_when: false | ||
| delegate_to: localhost | ||
| become: false | ||
|
|
||
| - name: Verify that the 'community.general' Ansible collection is installed on your Ansible host | ||
| ansible.builtin.assert: | ||
| that: collection_list is search('community.general') | ||
| success_msg: The 'community.general' Ansible collection is installed. | ||
| fail_msg: The 'community.general' Ansible collection is not installed. Please install the 'community.general' Ansible collection. Check the README for more details. | ||
| changed_when: false | ||
| delegate_to: localhost | ||
| become: false | ||
|
|
||
| - name: Verify that the 'ansible.posix' Ansible collection is installed on your Ansible host | ||
| ansible.builtin.assert: | ||
| that: lookup('community.general.collection_version', 'ansible.posix') != 'none' | ||
| success_msg: The 'ansible.posix' Ansible collection is installed. | ||
| fail_msg: The 'ansible.posix' Ansible collection is not installed. Please install the 'ansible.posix' Ansible collection. Check the README for more details. | ||
| delegate_to: localhost | ||
| become: false | ||
| when: nginx_selinux | bool | ||
|
|
||
| - name: Verify that the 'community.crypto' Ansible collection is installed on your Ansible host | ||
| ansible.builtin.assert: | ||
| that: lookup('community.general.collection_version', 'community.crypto') != 'none' | ||
| success_msg: The 'community.crypto' Ansible collection is installed. | ||
| fail_msg: The 'community.crypto' Ansible collection is not installed. Please install the 'community.crypto' Ansible collection. Check the README for more details. | ||
| delegate_to: localhost | ||
| become: false | ||
| when: nginx_type == 'plus' | ||
|
|
||
| - name: Verify that 'nginx_setup' parameter is a valid value | ||
| ansible.builtin.assert: | ||
| that: nginx_setup in nginx_setup_vars | ||
| fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not allowed. The allowed values are [{{ nginx_setup_vars | join(', ') }}]. | ||
| success_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is valid. | ||
| fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not valid. The valid values are [{{ nginx_setup_vars | join(', ') }}]. | ||
| delegate_to: localhost | ||
| become: false | ||
| when: nginx_enable | bool | ||
| ignore_errors: true # noqa ignore-errors | ||
|
|
||
| - name: Check that 'nginx_branch' is an allowed value | ||
| - name: Verify that 'nginx_branch' parameter is a valid value | ||
| ansible.builtin.assert: | ||
| that: nginx_branch in nginx_branch_vars | ||
| fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The allowed values are [{{ nginx_branch_vars | join(', ') }}]. | ||
| success_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is valid. | ||
| fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The valid values are [{{ nginx_branch_vars | join(', ') }}]. | ||
| delegate_to: localhost | ||
| become: false | ||
| when: nginx_enable | bool | ||
| ignore_errors: true # noqa ignore-errors | ||
|
|
||
| - name: Check that 'nginx_install_from' is an allowed value | ||
| - name: Verify that 'nginx_install_from' parameter is a valid value | ||
| ansible.builtin.assert: | ||
| that: nginx_install_from in nginx_install_from_vars | ||
| fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not allowed. The allowed values are [{{ nginx_install_from_vars | join(', ') }}]. | ||
| success_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }} is valid. | ||
| fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not valid. The valid values are [{{ nginx_install_from_vars | join(', ') }}]. | ||
| delegate_to: localhost | ||
| become: false | ||
| when: nginx_enable | bool | ||
| ignore_errors: true # noqa ignore-errors | ||
|
|
||
| - name: Verify whether you are using a supported NGINX distribution | ||
| ansible.builtin.assert: | ||
| that: | ||
| - ansible_facts['distribution'] | lower in nginx_distributions.keys() | list | ||
| - (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string) | ||
| - ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures'] | ||
| success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. | ||
| fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. | ||
| when: | ||
| - nginx_enable | bool | ||
| - (nginx_install_from == "nginx_repository" or nginx_type == "plus") | ||
| ignore_errors: true # noqa ignore-errors |