Skip to content

Commit

Permalink
feat: Add Ansible/Jinja2/Collections validation (#747)
Browse files Browse the repository at this point in the history
  • Loading branch information
alessfg committed Jul 23, 2024
1 parent 7a1b331 commit a6712e3
Show file tree
Hide file tree
Showing 2 changed files with 83 additions and 16 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ FEATURES:

- Add support for installing NGINX Open Source on Alpine Linux 3.20.
- Add support for installing NGINX Agent on Ubuntu noble.
- Add validation tasks to check the Ansible version, the Jinja2 version, and whether the required Ansible collections for this role are installed.
- Bump the Ansible `community.general` collection to `9.2.0`, `community.crypto` collection to `2.21.1` and `community.docker` collection to `3.11.0`.

DOCUMENTATION:
Expand Down
98 changes: 82 additions & 16 deletions tasks/validate/validate.yml
Original file line number Diff line number Diff line change
@@ -1,34 +1,100 @@
---
- name: Check whether you are using a supported NGINX distribution
- name: Verify you are using a supported Ansible version on your Ansible host
ansible.builtin.assert:
that:
- ansible_facts['distribution'] | lower in nginx_distributions.keys() | list
- (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string)
- ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures']
success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
when:
- nginx_enable | bool
- (nginx_install_from == "nginx_repository" or nginx_type == "plus")
that: ansible_version['full'] is version('2.16', '>=')
success_msg: Ansible {{ ansible_version['full'] }} is supported.
fail_msg: Ansible {{ ansible_version['full'] }} has reached End of Life (EoL). Please upgrade to a supported Ansible release. Check the README for more details.
delegate_to: localhost
ignore_errors: true # noqa ignore-errors

- name: Check that 'nginx_setup' is an allowed value
- name: Extract the version of Jinja2 installed on your Ansible host
ansible.builtin.command: ansible --version
register: jinja2_version
changed_when: false
delegate_to: localhost
become: false

- name: Verify that you are using a supported Jinja2 version on your Ansible host
ansible.builtin.assert:
that: (jinja2_version['stdout'] | regex_search('jinja version = ([\\d.]+)', '\\1') | first) is version('3.1', '>=')
success_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is supported.
fail_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is not supported. Please upgrade to Jinja2 3.1. Check the README for more details.
delegate_to: localhost
become: false

- name: Extract the list of Ansible collections installed on your Ansible host
ansible.builtin.command: ansible-galaxy collection list
register: collection_list
changed_when: false
delegate_to: localhost
become: false

- name: Verify that the 'community.general' Ansible collection is installed on your Ansible host
ansible.builtin.assert:
that: collection_list is search('community.general')
success_msg: The 'community.general' Ansible collection is installed.
fail_msg: The 'community.general' Ansible collection is not installed. Please install the 'community.general' Ansible collection. Check the README for more details.
changed_when: false
delegate_to: localhost
become: false

- name: Verify that the 'ansible.posix' Ansible collection is installed on your Ansible host
ansible.builtin.assert:
that: lookup('community.general.collection_version', 'ansible.posix') != 'none'
success_msg: The 'ansible.posix' Ansible collection is installed.
fail_msg: The 'ansible.posix' Ansible collection is not installed. Please install the 'ansible.posix' Ansible collection. Check the README for more details.
delegate_to: localhost
become: false
when: nginx_selinux | bool

- name: Verify that the 'community.crypto' Ansible collection is installed on your Ansible host
ansible.builtin.assert:
that: lookup('community.general.collection_version', 'community.crypto') != 'none'
success_msg: The 'community.crypto' Ansible collection is installed.
fail_msg: The 'community.crypto' Ansible collection is not installed. Please install the 'community.crypto' Ansible collection. Check the README for more details.
delegate_to: localhost
become: false
when: nginx_type == 'plus'

- name: Verify that 'nginx_setup' parameter is a valid value
ansible.builtin.assert:
that: nginx_setup in nginx_setup_vars
fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not allowed. The allowed values are [{{ nginx_setup_vars | join(', ') }}].
success_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is valid.
fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not valid. The valid values are [{{ nginx_setup_vars | join(', ') }}].
delegate_to: localhost
become: false
when: nginx_enable | bool
ignore_errors: true # noqa ignore-errors

- name: Check that 'nginx_branch' is an allowed value
- name: Verify that 'nginx_branch' parameter is a valid value
ansible.builtin.assert:
that: nginx_branch in nginx_branch_vars
fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The allowed values are [{{ nginx_branch_vars | join(', ') }}].
success_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is valid.
fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The valid values are [{{ nginx_branch_vars | join(', ') }}].
delegate_to: localhost
become: false
when: nginx_enable | bool
ignore_errors: true # noqa ignore-errors

- name: Check that 'nginx_install_from' is an allowed value
- name: Verify that 'nginx_install_from' parameter is a valid value
ansible.builtin.assert:
that: nginx_install_from in nginx_install_from_vars
fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not allowed. The allowed values are [{{ nginx_install_from_vars | join(', ') }}].
success_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }} is valid.
fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not valid. The valid values are [{{ nginx_install_from_vars | join(', ') }}].
delegate_to: localhost
become: false
when: nginx_enable | bool
ignore_errors: true # noqa ignore-errors

- name: Verify whether you are using a supported NGINX distribution
ansible.builtin.assert:
that:
- ansible_facts['distribution'] | lower in nginx_distributions.keys() | list
- (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string)
- ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures']
success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
when:
- nginx_enable | bool
- (nginx_install_from == "nginx_repository" or nginx_type == "plus")
ignore_errors: true # noqa ignore-errors

0 comments on commit a6712e3

Please # to comment.