Initial molecule WIP

molecule/mgt/Dockerfile.j2

@@ -0,0 +1 @@
+../generic_files/Dockerfile.j2

molecule/mgt/INSTALL.rst

@@ -0,0 +1,26 @@
+*******
+Docker driver installation guide
+*******
+
+Requirements
+============
+
+* General molecule dependencies (see https://molecule.readthedocs.io/en/latest/installation.html)
+* Docker Engine
+* docker-py
+* docker
+
+Install
+=======
+
+Ansible < 2.6
+
+.. code-block:: bash
+
+    $ sudo pip install docker-py
+
+Ansible >= 2.6
+
+.. code-block:: bash
+
+    $ sudo pip install docker

molecule/mgt/molecule.yml

@@ -0,0 +1,76 @@
+---
+driver:
+  name: docker
+lint:
+  name: yamllint
+platforms:
+  - name: ${MOLECULE_SCENARIO_NAME}-cds
+    hostname: ${MOLECULE_SCENARIO_NAME}-cds
+    image: debian:stretch
+    networks:
+      - name: ${MOLECULE_SCENARIO_NAME}-borg
+  - name: ${MOLECULE_SCENARIO_NAME}-cub
+    hostname: ${MOLECULE_SCENARIO_NAME}-cub
+    image: ubuntu:bionic
+    networks:
+      - name: ${MOLECULE_SCENARIO_NAME}-borg
+  - name: ${MOLECULE_SCENARIO_NAME}-sds
+    hostname: ${MOLECULE_SCENARIO_NAME}-sds
+    image: debian:stretch
+    networks:
+      - name: ${MOLECULE_SCENARIO_NAME}-borg
+    groups:
+      - borgbackup_servers
+  - name: ${MOLECULE_SCENARIO_NAME}-mds
+    hostname: ${MOLECULE_SCENARIO_NAME}-mds
+    image: debian:stretch
+    networks:
+      - name: ${MOLECULE_SCENARIO_NAME}-borg
+    groups:
+      - borgbackup_management
+provisioner:
+  name: ansible
+  inventory:
+    group_vars:
+      all:
+        borgbackup_appendonly: true
+        borgbackup_servers:
+          - fqdn: ${MOLECULE_SCENARIO_NAME}-sds
+            user: borgds
+            type: normal
+            home: /var/backup/
+            pool: repos
+            options: ""
+        borgbackup_retention:
+          hourly: 12
+          daily: 7
+          weekly: 4
+          monthly: 6
+          yearly: 1
+        borgbackup_include:
+          - "/etc"
+          - "/root"
+          - "/var/log"
+          - "/home"
+        borgbackup_management_station: ${MOLECULE_SCENARIO_NAME}-mds
+      borgbackup_servers:
+        borgbackup_required: false
+      borgbackup_management:
+        borgbackup_management_user: root
+        borgbackup_management_sshkey: |
+          ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXM5MuTbKbciopdHP314g0b72O5xaCf+4mt97bLPBwmW8UpOebWMkE+jYKET2B9fiOkyU9aWq+Tx7tfo31avN0nRf/VsxNupLcH605KdYOmw+EPjVDFLRXZb3j0AGDJM9YCd/KrwJlf8Tu4sXq0RhRNmqRBsBMjevpKCioQLzWJ1oCs1TLWxTS4nN7Jwy+Ou2gJEB7jKj907pFiCIPWRU4LLHlwE7DjunBr4THgE2Sj0tWkiYDKKoH++Rm62wVYL0oTLOJrQuqu52FEniPDgTnZwhy7b5MAHF5f2BscBorQxEkToWOVfX14Mzf+HC/arT2IPoE1Iv2XdWoiGiaWnyr
+    host_vars:
+      ${MOLECULE_SCENARIO_NAME}-cds:
+        borgbackup_passphrase: soo6Uabiex
+      ${MOLECULE_SCENARIO_NAME}-cub:
+        borgbackup_passphrase: iousheafqj
+      ${MOLECULE_SCENARIO_NAME}-mds:
+        borgbackup_passphrase: Zuequei1ro
+  lint:
+    name: ansible-lint
+scenario:
+  name: mgt
+verifier:
+  name: goss
+  lint:
+    name: yamllint

molecule/mgt/playbook.yml

@@ -0,0 +1 @@
+../generic_files/playbook.yml

molecule/mgt/prepare.yml

@@ -0,0 +1 @@
+../generic_files/prepare.yml

molecule/mgt/restore.sh.j2

@@ -0,0 +1 @@
+../generic_files/restore.sh.j2

molecule/mgt/side_effect.yml

@@ -0,0 +1 @@
+../restore/side_effect.yml

molecule/mgt/tests/test_all.yml

@@ -0,0 +1 @@
+../../generic_files/tests/test_all.yml

molecule/mgt/tests/test_client.yml

@@ -0,0 +1 @@
+../../generic_files/tests/test_client.yml

molecule/mgt/tests/test_client_restore.yml

@@ -0,0 +1 @@
+../../generic_files/tests/test_client_restore.yml

molecule/mgt/tests/test_mgt.yml

@@ -0,0 +1,16 @@
+# Molecule managed
+
+---
+file:
+  /root/prune.sh:
+    exists: true
+    owner: root
+    group: root
+    mode: "0700"
+    contains:
+{% for host in groups.all|difference(groups.borgbackup_servers) %}
+      - "Host: {{ host }}"
+      - "export BORG_PASSPHRASE={{ borgbackup_passphrase }}"
+      - ":/var/backup/repos/{{ host }}"
+{% endfor %}
+      - "/usr/local/bin/borg prune"

molecule/mgt/tests/test_server.yml

@@ -0,0 +1 @@
+../../generic_files/tests/test_server.yml

molecule/mgt/verify.yml

@@ -0,0 +1,200 @@
+---
+# This is an example playbook to execute goss tests.
+# Tests need distributed to the appropriate ansible host/groups
+# prior to execution by `goss validate`.
+
+- name: Verify all
+  hosts: all
+  become: true
+  vars:
+    goss_version: v0.3.2
+    goss_arch: amd64
+    goss_dst: /usr/local/bin/goss
+    goss_sha256sum: 2f6727375db2ea0f81bee36e2c5be78ab5ab8d5981f632f761b25e4003e190ec
+    goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+    goss_test_directory: /tmp
+    goss_format: documentation
+  tasks:
+    - name: Download and install Goss
+      get_url:
+        url: "{{ goss_url }}"
+        dest: "{{ goss_dst }}"
+        sha256sum: "{{ goss_sha256sum }}"
+        mode: 0755
+      register: download_goss
+      until: download_goss is succeeded
+      retries: 3
+
+    - name: Copy Goss tests to remote
+      template:
+        src: "{{ item }}"
+        dest: "{{ goss_test_directory }}/{{ item | basename }}"
+      with_fileglob:
+        - "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}/test_all.yml"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_all.yml"
+      register: test_files
+
+    - name: Execute Goss tests
+      command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"
+
+- name: Verify mgt
+  hosts: borgbackup_management
+  become: true
+  vars:
+    goss_version: v0.3.2
+    goss_arch: amd64
+    goss_dst: /usr/local/bin/goss
+    goss_sha256sum: 2f6727375db2ea0f81bee36e2c5be78ab5ab8d5981f632f761b25e4003e190ec
+    goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+    goss_test_directory: /tmp
+    goss_format: documentation
+  tasks:
+    - name: Download and install Goss
+      get_url:
+        url: "{{ goss_url }}"
+        dest: "{{ goss_dst }}"
+        sha256sum: "{{ goss_sha256sum }}"
+        mode: 0755
+      register: download_goss
+      until: download_goss is succeeded
+      retries: 3
+
+    - name: Copy Goss tests to remote
+      template:
+        src: "{{ item }}"
+        dest: "{{ goss_test_directory }}/{{ item | basename }}"
+      with_fileglob:
+        - "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}/test_mgt.yml"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_mgt.yml"
+      register: test_files
+
+    - name: Execute Goss tests
+      command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"
+
+- name: Verify clients
+  hosts: all:!borgbackup_servers
+  become: true
+  vars:
+    goss_version: v0.3.2
+    goss_arch: amd64
+    goss_dst: /usr/local/bin/goss
+    goss_sha256sum: 2f6727375db2ea0f81bee36e2c5be78ab5ab8d5981f632f761b25e4003e190ec
+    goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+    goss_test_directory: /tmp
+    goss_format: documentation
+  tasks:
+    - name: Download and install Goss
+      get_url:
+        url: "{{ goss_url }}"
+        dest: "{{ goss_dst }}"
+        sha256sum: "{{ goss_sha256sum }}"
+        mode: 0755
+      register: download_goss
+      until: download_goss is succeeded
+      retries: 3
+
+    - name: Copy Goss tests to remote
+      template:
+        src: "{{ item }}"
+        dest: "{{ goss_test_directory }}/{{ item | basename }}"
+      with_fileglob:
+        - "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}/test_client*.yml"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_client*.yml"
+      register: test_files
+
+    - name: Execute Goss tests
+      command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"
+
+- name: Verify backup servers
+  hosts: borgbackup_servers
+  become: true
+  vars:
+    goss_version: v0.3.2
+    goss_arch: amd64
+    goss_dst: /usr/local/bin/goss
+    goss_sha256sum: 2f6727375db2ea0f81bee36e2c5be78ab5ab8d5981f632f761b25e4003e190ec
+    goss_url: "https://github.com/aelsabbahy/goss/releases/download/{{ goss_version }}/goss-linux-{{ goss_arch }}"
+    goss_test_directory: /tmp
+    goss_format: documentation
+  tasks:
+    - name: Download and install Goss
+      get_url:
+        url: "{{ goss_url }}"
+        dest: "{{ goss_dst }}"
+        sha256sum: "{{ goss_sha256sum }}"
+        mode: 0755
+      register: download_goss
+      until: download_goss is succeeded
+      retries: 3
+
+    - name: Copy Goss tests to remote
+      template:
+        src: "{{ item }}"
+        dest: "{{ goss_test_directory }}/{{ item | basename }}"
+      with_fileglob:
+        - "{{ lookup('env', 'MOLECULE_VERIFIER_TEST_DIRECTORY') }}/test_server*.yml"
+
+    - name: Register test files
+      shell: "ls {{ goss_test_directory }}/test_server*.yml"
+      register: test_files
+
+    - name: Execute Goss tests
+      command: "{{ goss_dst }} -g {{ item }} validate --format {{ goss_format }}"
+      register: test_results
+      with_items: "{{ test_files.stdout_lines }}"
+
+    - name: Display details about the Goss results
+      debug:
+        msg: "{{ item.stdout_lines }}"
+      with_items: "{{ test_results.results }}"
+
+    - name: Fail when tests fail
+      fail:
+        msg: "Goss failed to validate"
+      when: item.rc != 0
+      with_items: "{{ test_results.results }}"