ansible/webarch-kimai
1
0
Fork 0
mirror of https://git.coop/webarch/kimai.git synced 2024-05-07 02:54:51 +00:00
Code Issues Projects Releases Wiki Activity

Updates for ansible-lint

Browse Source
This commit is contained in:
Chris Croome
2023-06-14 19:36:52 +01:00
parent eae7fd314e
commit b89bc889e0
9 changed files with 112 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.ansible-lint
View File

@@ -1,7 +1,15 @@
# Copyright 2019-2023 Chris Croome
#
# This file is part of the Webarchitects Kimai Ansible role.
#
# The Webarchitects Kimai Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
#
# The Webarchitects Kimai Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with the Webarchitects Kimai Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
# https://docs.ansible.com/ansible-lint/rules/default_rules.html
skip_list:
# Lines should be no longer than 160 chars
- "204"
- key-order[task]
- name[template]
# vim: syntax=yaml
...

30
.pre-commit-config.yaml Normal file
View File

@@ -0,0 +1,30 @@
# Copyright 2019-2023 Chris Croome
#
# This file is part of the Webarchitects Kimai Ansible role.
#
# The Webarchitects Kimai Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
#
# The Webarchitects Kimai Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with the Webarchitects Kimai Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
# https://yamllint.readthedocs.io/en/stable/integration.html
# https://github.com/adrienverge/yamllint/tags
repos:
- repo: https://github.com/adrienverge/yamllint.git
rev: v1.32.0
hooks:
- id: yamllint
name: YAML Lint
- repo: https://github.com/ansible/ansible-lint.git
rev: v6.17.1
hooks:
- id: ansible-lint
name: Ansible Lint
language: python
additional_dependencies:
# https://github.com/kellyjonbrazil/jc/releases
- jc==1.23.2
# https://github.com/jmespath/jmespath.py/tags
- jmespath==1.0.1
...

9
.yamllint
View File

@@ -1,3 +1,12 @@
# Copyright 2019-2023 Chris Croome
#
# This file is part of the Webarchitects Kimai Ansible role.
#
# The Webarchitects Kimai Ansible role is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
#
# The Webarchitects Kimai Ansible role is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with the Webarchitects Kimai Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
extends: default
yaml-files:

18
meta/main.yml
View File

@@ -2,19 +2,19 @@
galaxy_info:
role_name: kimai
author: Chris Croome
description: Ansible role for installing Kimai
namespace: chriscroome
description: An Ansible role for installing Kimai
company: Webarchitects Co-operative
license: license (GPLv3)
min_ansible_version: 2.4
license: GNU General Public License v3.0 (GPLv3)
min_ansible_version: "2.14.3"
platforms:
- name: debian
- name: Debian
versions:
- buster
- stretch
- name: ubuntu
- bookworm
- bullseye
- name: Ubuntu
versions:
- bionic
- xenial
- jammy
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to

56
tasks/install.yml
View File

@@ -3,22 +3,23 @@
block:
- name: Private directory present
file:
ansible.builtin.file:
path: "{{ kimai_private }}"
state: directory
owner: "{{ kimai_user }}"
group: "{{ kimai_group | default(kimai_user) }}"
mode: 0700
mode: "0700"
- name: GitHub GPG key present
copy:
ansible.builtin.copy:
src: files/github.asc
dest: "{{ kimai_private }}/github.asc"
mode: "0600"
become: true
become_user: "{{ kimai_user }}"
- name: GitHub GPG public key imported
command: "gpg --import {{ kimai_private }}/github.asc"
ansible.builtin.command: "gpg --import {{ kimai_private }}/github.asc"
register: kimai_gpg_import
changed_when: '"not changed" not in kimai_gpg_import.stderr'
check_mode: false
@@ -26,19 +27,20 @@
become_user: "{{ kimai_user }}"
- name: Add Kimai console to PATH in ~/.bashrc
lineinfile:
ansible.builtin.lineinfile:
path: "{{ kimai_home }}/.bashrc"
line: 'export PATH="{{ kimai_docroot | dirname }}/bin:${HOME}/bin:${PATH}"'
regexp: '^export PATH='
create: true
mode: "0600"
- name: DocumentRoot public directory absent
file:
ansible.builtin.file:
path: "{{ kimai_docroot }}"
state: absent
- name: Kimai git repo present
git:
ansible.builtin.git:
repo: https://github.com/kevinpapst/kimai2.git
dest: "{{ kimai_docroot | dirname }}"
version: "{{ kimai_version }}"
@@ -51,7 +53,7 @@
become_user: "{{ kimai_user }}"
- name: Composer install
composer:
community.general.composer:
command: install
working_dir: "{{ kimai_docroot | dirname }}"
optimize_autoloader: true
@@ -60,64 +62,68 @@
become_user: "{{ kimai_user }}"
- name: Kimai app secret present
shell: "pwgen -n 75 1 > {{ kimai_docroot | dirname }}/app_secret.txt"
ansible.builtin.shell: "pwgen -n 75 1 > {{ kimai_docroot | dirname }}/app_secret.txt"
args:
creates: "{{ kimai_docroot | dirname }}/app_secret.txt"
become: true
become_user: "{{ kimai_user }}"
- name: Slurp a base64 encoded version of the app secret
slurp:
ansible.builtin.slurp:
src: "{{ kimai_docroot | dirname }}/app_secret.txt"
register: kimai_app_secret_b64encoded
- name: Decode and set a fact based on the app secret file contents
set_fact:
ansible.builtin.set_fact:
kimai_app_secret: "{{ kimai_app_secret_b64encoded['content'] | b64decode | trim }}"
- name: .env present
template:
- name: The .env file is present
ansible.builtin.template:
src: templates/env.j2
dest: "{{ kimai_docroot | dirname }}/.env"
owner: "{{ kimai_user }}"
group: "{{ kimai_group | default(kimai_user) }}"
mode: 0640
mode: "0640"
- name: local.yaml present
template:
- name: The local.yaml file is present
ansible.builtin.template:
src: local.yaml.j2
dest: "{{ kimai_docroot | dirname }}/config/packages/local.yaml"
owner: "{{ kimai_user }}"
group: "{{ kimai_group | default(kimai_user) }}"
mode: 0640
mode: "0640"
- name: Install Kimai
command: bin/console --no-ansi -n kimai:install
ansible.builtin.command: bin/console --no-ansi -n kimai:install
args:
chdir: "{{ kimai_docroot | dirname }}"
register: kimai_install
become: true
become_user: "{{ kimai_user }}"
changed_when: true
register: kimai_install
- name: Create the admin super user
block:
- name: "Random password for {{ kimai_admin_user }} generated"
command: pwgen -n 20 1
- name: "Random password generated for {{ kimai_admin_user }}"
ansible.builtin.command: pwgen -n 20 1
check_mode: false
changed_when: false
register: kimai_admin_pwgen
- name: Set a fact for kimai_admin_password
set_fact:
ansible.builtin.set_fact:
kimai_admin_password: "{{ kimai_admin_pwgen.stdout | trim | quote }}"
- name: Create admin user account
command: "bin/console --no-ansi -n kimai:create-user {{ kimai_admin_user | quote }} {{ kimai_admin_email | quote }} ROLE_SUPER_ADMIN {{ kimai_admin_password }}"
ansible.builtin.command: "bin/console --no-ansi -n kimai:create-user {{ kimai_admin_user | quote }} {{ kimai_admin_email | quote }} ROLE_SUPER_ADMIN {{ kimai_admin_password }}"
args:
chdir: "{{ kimai_docroot | dirname }}"
changed_when: true
register: kimai_create_user
- name: "Password notification email sent to {{ kimai_admin_email }}"
mail:
community.general.mail:
from: "{{ kimai_notify_from | default('Webarchitects') }} <root@{{ inventory_hostname }}>"
to: "{{ kimai_admin_email }}"
subject: "[{{ kimai_notify_subject_tag | default('webarchitects') }}] Kimai admin login for {{ kimai_url }}"
@@ -134,7 +140,7 @@
- kimai
- name: Update the kimai_installed variable
include_tasks: version.yml
ansible.builtin.include_tasks: version.yml
tags:
- kimai

8
tasks/latest.yml
View File

@@ -3,7 +3,7 @@
block:
- name: Check the latest version of Kimai
uri:
ansible.builtin.uri:
url: https://github.com/kevinpapst/kimai2/releases/latest
method: HEAD
status_code: 302
@@ -12,7 +12,7 @@
register: kimai_latest_headers
- name: Debug Kimai latest URI
debug:
ansible.builtin.debug:
msg:
- "Location: {{ kimai_latest_headers.location }}"
- "Path: {{ kimai_latest_headers.location | urlsplit('path') }}"
@@ -20,11 +20,11 @@
verbosity: 1
- name: Set a fact for the latest version of Kimai
set_fact:
ansible.builtin.set_fact:
kimai_latest: "{{ kimai_latest_headers.location | urlsplit('path') | basename }}"
- name: Warn if kimai_version is not equal to kimai_latest
debug:
ansible.builtin.debug:
msg:
- "The kimai_version variable is set to {{ kimai_version }}"
- "The kimai_latest variable is set to {{ kimai_latest }}"

20
tasks/main.yml
View File

@@ -3,7 +3,7 @@
block:
- name: Required packages present
apt:
ansible.builtin.apt:
pkg:
- git
- gnupg
@@ -12,7 +12,7 @@
# TODO Additional checks on the following variables could be added
- name: Check that all the variables needed are defined
assert:
ansible.builtin.assert:
that:
- kimai_version is defined
- kimai_app_env is defined
@@ -33,33 +33,33 @@
- kimai_user_registration is defined
- name: "Populate the getent_passwd array for {{ inventory_hostname }}"
getent:
ansible.builtin.getent:
database: passwd
split: ':'
- name: "Fail if the {{ kimai_user }} user account doesn't exist"
fail:
- name: "Fail if the user account doesn't exist for {{ kimai_user }} "
ansible.builtin.fail:
msg: "The {{ kimai_user }} user account doesn't exist on {{ inventory_hostname }}"
when: kimai_user not in getent_passwd
- name: Check the installed version of Kimai
include_tasks: version.yml
ansible.builtin.include_tasks: version.yml
- name: Install Kimai
include_tasks: install.yml
ansible.builtin.include_tasks: install.yml
when: kimai_installed is not defined
- name: "Upgrade Kimai when {{ kimai_installed }} is less than {{ kimai_version }}"
include_tasks: upgrade.yml
ansible.builtin.include_tasks: upgrade.yml
when:
- ( kimai_version is defined ) and ( kimai_installed is defined )
- ( kimai_installed is version(kimai_version, '<') )
- name: Check the latest version of Kimai
include_tasks: latest.yml
ansible.builtin.include_tasks: latest.yml
- name: A update is available
debug:
ansible.builtin.debug:
msg: "Kimai version {{ kimai_installed }} is installed and the latest version available is {{ kimai_latest }}, update the kimai_version variable to upgrade"
when:
- ( kimai_latest is defined ) and ( kimai_installed is defined )

9
tasks/upgrade.yml
View File

@@ -3,7 +3,7 @@
block:
- name: "Kimai git repo updated to version {{ kimai_version }}"
git:
ansible.builtin.git:
repo: https://github.com/kevinpapst/kimai2.git
dest: "{{ kimai_docroot | dirname }}"
version: "{{ kimai_version }}"
@@ -16,7 +16,7 @@
become_user: "{{ kimai_user }}"
- name: Composer install
composer:
community.general.composer:
command: install
working_dir: "{{ kimai_docroot | dirname }}"
optimize_autoloader: true
@@ -25,14 +25,15 @@
become_user: "{{ kimai_user }}"
- name: "Update Kimai from version {{ kimai_installed }} to version {{ kimai_version }}"
command: bin/console --no-ansi -n kimai:update
ansible.builtin.command: bin/console --no-ansi -n kimai:update
args:
chdir: "{{ kimai_docroot | dirname }}"
become: true
become_user: "{{ kimai_user }}"
changed_when: true
- name: Check the installed version of Kimai
include_tasks: version.yml
ansible.builtin.include_tasks: version.yml
tags:
- kimai

6
tasks/version.yml
View File

@@ -3,7 +3,7 @@
block:
- name: "Stat {{ kimai_docroot | dirname }}/bin/console"
stat:
ansible.builtin.stat:
path: "{{ kimai_docroot | dirname }}/bin/console"
register: kimai_console
@@ -11,7 +11,7 @@
block:
- name: Check which version of Kimai is installed
command: bin/console --no-ansi -n kimai:version --short
ansible.builtin.command: bin/console --no-ansi -n kimai:version --short
args:
chdir: "{{ kimai_docroot | dirname }}"
check_mode: false
@@ -22,7 +22,7 @@
become_user: "{{ kimai_user }}"
- name: Set a variable for the installed version of Kimai
set_fact:
ansible.builtin.set_fact:
kimai_installed: "{{ kimai_install_check.stdout | trim }}"
when: ( kimai_install_check is defined ) and ( kimai_install_check.rc == 0 )