diff --git a/CHANGELOG.md b/CHANGELOG.md index 40c242b3a..5ff728923 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ FEATURES: - Add support for installing NGINX Open Source on Alpine Linux 3.20. - Add support for installing NGINX Agent on Ubuntu noble. +- Add validation tasks to check the Ansible version, the Jinja2 version, and whether the required Ansible collections for this role are installed. - Bump the Ansible `community.general` collection to `9.2.0`, `community.crypto` collection to `2.21.1` and `community.docker` collection to `3.11.0`. DOCUMENTATION: diff --git a/tasks/validate/validate.yml b/tasks/validate/validate.yml index 4866d609d..2571cd4c2 100644 --- a/tasks/validate/validate.yml +++ b/tasks/validate/validate.yml @@ -1,34 +1,100 @@ --- -- name: Check whether you are using a supported NGINX distribution +- name: Verify you are using a supported Ansible version on your Ansible host ansible.builtin.assert: - that: - - ansible_facts['distribution'] | lower in nginx_distributions.keys() | list - - (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string) - - ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures'] - success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. - fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. - when: - - nginx_enable | bool - - (nginx_install_from == "nginx_repository" or nginx_type == "plus") + that: ansible_version['full'] is version('2.16', '>=') + success_msg: Ansible {{ ansible_version['full'] }} is supported. + fail_msg: Ansible {{ ansible_version['full'] }} has reached End of Life (EoL). Please upgrade to a supported Ansible release. Check the README for more details. + delegate_to: localhost ignore_errors: true # noqa ignore-errors -- name: Check that 'nginx_setup' is an allowed value +- name: Extract the version of Jinja2 installed on your Ansible host + ansible.builtin.command: ansible --version + register: jinja2_version + changed_when: false + delegate_to: localhost + become: false + +- name: Verify that you are using a supported Jinja2 version on your Ansible host + ansible.builtin.assert: + that: (jinja2_version['stdout'] | regex_search('jinja version = ([\\d.]+)', '\\1') | first) is version('3.1', '>=') + success_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is supported. + fail_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is not supported. Please upgrade to Jinja2 3.1. Check the README for more details. + delegate_to: localhost + become: false + +- name: Extract the list of Ansible collections installed on your Ansible host + ansible.builtin.command: ansible-galaxy collection list + register: collection_list + changed_when: false + delegate_to: localhost + become: false + +- name: Verify that the 'community.general' Ansible collection is installed on your Ansible host + ansible.builtin.assert: + that: collection_list is search('community.general') + success_msg: The 'community.general' Ansible collection is installed. + fail_msg: The 'community.general' Ansible collection is not installed. Please install the 'community.general' Ansible collection. Check the README for more details. + changed_when: false + delegate_to: localhost + become: false + +- name: Verify that the 'ansible.posix' Ansible collection is installed on your Ansible host + ansible.builtin.assert: + that: lookup('community.general.collection_version', 'ansible.posix') != 'none' + success_msg: The 'ansible.posix' Ansible collection is installed. + fail_msg: The 'ansible.posix' Ansible collection is not installed. Please install the 'ansible.posix' Ansible collection. Check the README for more details. + delegate_to: localhost + become: false + when: nginx_selinux | bool + +- name: Verify that the 'community.crypto' Ansible collection is installed on your Ansible host + ansible.builtin.assert: + that: lookup('community.general.collection_version', 'community.crypto') != 'none' + success_msg: The 'community.crypto' Ansible collection is installed. + fail_msg: The 'community.crypto' Ansible collection is not installed. Please install the 'community.crypto' Ansible collection. Check the README for more details. + delegate_to: localhost + become: false + when: nginx_type == 'plus' + +- name: Verify that 'nginx_setup' parameter is a valid value ansible.builtin.assert: that: nginx_setup in nginx_setup_vars - fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not allowed. The allowed values are [{{ nginx_setup_vars | join(', ') }}]. + success_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is valid. + fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not valid. The valid values are [{{ nginx_setup_vars | join(', ') }}]. + delegate_to: localhost + become: false when: nginx_enable | bool ignore_errors: true # noqa ignore-errors -- name: Check that 'nginx_branch' is an allowed value +- name: Verify that 'nginx_branch' parameter is a valid value ansible.builtin.assert: that: nginx_branch in nginx_branch_vars - fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The allowed values are [{{ nginx_branch_vars | join(', ') }}]. + success_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is valid. + fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The valid values are [{{ nginx_branch_vars | join(', ') }}]. + delegate_to: localhost + become: false when: nginx_enable | bool ignore_errors: true # noqa ignore-errors -- name: Check that 'nginx_install_from' is an allowed value +- name: Verify that 'nginx_install_from' parameter is a valid value ansible.builtin.assert: that: nginx_install_from in nginx_install_from_vars - fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not allowed. The allowed values are [{{ nginx_install_from_vars | join(', ') }}]. + success_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }} is valid. + fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not valid. The valid values are [{{ nginx_install_from_vars | join(', ') }}]. + delegate_to: localhost + become: false when: nginx_enable | bool ignore_errors: true # noqa ignore-errors + +- name: Verify whether you are using a supported NGINX distribution + ansible.builtin.assert: + that: + - ansible_facts['distribution'] | lower in nginx_distributions.keys() | list + - (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string) + - ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures'] + success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. + fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}. + when: + - nginx_enable | bool + - (nginx_install_from == "nginx_repository" or nginx_type == "plus") + ignore_errors: true # noqa ignore-errors