From d5050318cdb05e7825c2ab95d68c63b745c91ff1 Mon Sep 17 00:00:00 2001
From: "felix.niederwanger@suse.com" <phoenix>
Date: Wed, 24 Mar 2021 16:51:51 +0100
Subject: [PATCH] Add GitHub Actions

Add GitHub Actions as CI.
---
 .github/workflows/CI.yml               | 42 ++++++++++++++++++++++++++
 .gitignore                             |  2 ++
 handlers/main.yml                      |  2 +-
 molecule/default/converge.yml          | 25 +++++++++++++++
 molecule/default/molecule.yml          | 30 ++++++++++++++++++
 molecule/default/tests/test_default.py | 17 +++++++++++
 tasks/firewall.yml                     |  2 +-
 tasks/main.yml                         |  2 +-
 8 files changed, 119 insertions(+), 3 deletions(-)
 create mode 100644 .github/workflows/CI.yml
 create mode 100644 .gitignore
 create mode 100644 molecule/default/converge.yml
 create mode 100644 molecule/default/molecule.yml
 create mode 100755 molecule/default/tests/test_default.py

diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml
new file mode 100644
index 0000000..0e5316a
--- /dev/null
+++ b/.github/workflows/CI.yml
@@ -0,0 +1,42 @@
+---
+name: Test deployment
+'on':
+  pull_request:
+  push:
+  schedule:
+    # Run every Wednesday at 01:42
+    - cron: "42 1 * * 3"
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out codebase
+        uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+      - name: Install dependencies
+        run: pip3 install yamllint
+      - name: Lint repository
+        run: yamllint .
+
+  molecule:
+    name: Molecule
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the codebase
+        uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+      - name: Install dependencies
+        run: pip3 install ansible molecule[docker] docker pytest testinfra
+      - name: Run Molecule
+        run: molecule test
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b77a956
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+# Python cache
+__pycache__
diff --git a/handlers/main.yml b/handlers/main.yml
index 5d2b2df..f4db53e 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,7 +3,7 @@
 
 
 - name: restart pureftpd
-  service:
+  systemd:
     name: "{{pureftpd_service}}"
     state: restarted
 
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
new file mode 100644
index 0000000..497f036
--- /dev/null
+++ b/molecule/default/converge.yml
@@ -0,0 +1,25 @@
+---
+- name: Converge
+  hosts: all
+  tasks:
+    - name: "Include geekoops-pureftpd"
+      include_role:
+        name: "geekoops-pureftpd"
+    ## Setup test enviroment
+    # Test file 1 is accessible (0754), test file 2 not (0750)
+    - name: Deploy test file
+      copy:
+        content: |
+          Happy test file
+        dest: "{{ftp_dir}}/testfile.txt"
+        group: "root"
+        owner: "root"
+        mode: 0754
+    - name: Deploy secrets test file
+      copy:
+        content: |
+          Password: 12345
+        dest: "{{ftp_dir}}/secrets.txt"
+        group: "root"
+        owner: "root"
+        mode: 0750
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
new file mode 100644
index 0000000..c6b8641
--- /dev/null
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,30 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+platforms:
+  - name: leap15_2
+    image: grisu48/leap-ansible
+    pre_build_image: true
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    capabilities:
+      - SYS_ADMIN
+    privileged: true
+    tmpfs:
+      - /run
+      - /tmp
+provisioner:
+  name: ansible
+  inventory:
+    host_vars:
+      leap15_2:
+        ftp_dir: "/srv/ftp"
+verifier:
+  name: testinfra
+  lint:
+    name: flake8
+lint: |
+  set -e
+  yamllint .
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
new file mode 100755
index 0000000..2bb3140
--- /dev/null
+++ b/molecule/default/tests/test_default.py
@@ -0,0 +1,17 @@
+#!/usr/bin/python3
+# -*- coding: utf-8 -*-
+
+
+import testinfra.utils.ansible_runner
+import os
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
+ 
+def test_ftp(host):
+	cmd = host.run("curl -v ftp://127.0.0.1/testfile.txt")
+	assert cmd.succeeded
+	assert "Happy test file" in cmd.stdout
+	cmd = host.run("curl -v ftp://127.0.0.1/secrets.txt")
+	assert cmd.failed
+	assert "550" in cmd.stderr
+
diff --git a/tasks/firewall.yml b/tasks/firewall.yml
index 01a7237..abf1bfa 100644
--- a/tasks/firewall.yml
+++ b/tasks/firewall.yml
@@ -1,7 +1,7 @@
 ---
 # Configure firewall
 
-- name: Ensure ftp service is enabled
+- name: Ensure ftp is enabled in firewall
   firewalld:
     zone: "{{firewall_zone}}"
     service: ftp
diff --git a/tasks/main.yml b/tasks/main.yml
index e8b567d..eb91048 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -20,7 +20,7 @@
     group: root
     mode: 0744
   notify: restart pureftpd
-- name: Ensure PureFTPd service is enabled
+- name: Ensure PureFTPd service is started and enabled
   systemd:
     name: "{{pureftpd_service}}"
     state: started