Home Explore Help
Sign In
logic855
/
sensu-ansible
mirror of https://github.com/sensu/sensu-ansible.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 8651fb2756
Branches Tags
sensu-ansible
/
molecule
/
default
/
verify.yml

verify.yml 2.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. ---
    2. 

  2. # This is an example playbook to execute inspec tests.
    3. 

  3. # Tests need distributed to the appropriate ansible host/groups
    4. 

  4. # prior to execution by `inspec exec`.
    5. 

  5. 

  6. - name: Verify
    7. 

  7.   hosts: all
    8. 

  8.   become: true
    9. 

  9.   vars:
    10. 

  10.     inspec_download_source_dir: /usr/local/src
    11. 

  11.     inspec_package_name: "{{ inspec_download_url.split('/')[-1] }}"
    12. 

  12.     inspec_bin: /opt/inspec/bin/inspec
    13. 

  13.     inspec_test_directory: "/tmp/molecule/inspec"
    14. 

  14.   tasks:
    15. 

  15.     - name: Install system dependencies for Inspec
    16. 

  16.       package:
    17. 

  17.         name: "{{ item }}"
    18. 

  18.         state: present
    19. 

  19.       with_items:
    20. 

  20.         - lsof
    21. 

  21.         - iproute
    22. 

  22.         - net-tools
    23. 

  23. 

  24.     - name: Download Inspec
    25. 

  25.       get_url:
    26. 

  26.         url: "{{ inspec_download_url }}"
    27. 

  27.         dest: "{{ inspec_download_source_dir }}"
    28. 

  28.         sha256sum: "{{ inspec_download_sha256sum }}"
    29. 

  29.         mode: 0755
    30. 

  30.       register: inspec_download
    31. 

  31. 

  32.     - name: Install Inspec
    33. 

  33.       yum:
    34. 

  34.         name: "{{ inspec_download.dest }}"
    35. 

  35.         state: latest
    36. 

  36.       when: ansible_pkg_mgr == 'yum'
    37. 

  37. 

  38.     - name: Install Inspec
    39. 

  39.       dnf:
    40. 

  40.         name: "{{ inspec_download.dest }}"
    41. 

  41.         state: latest
    42. 

  42.       when: ansible_pkg_mgr == 'dnf'
    43. 

  43. 

  44.     - name: Install Inspec
    45. 

  45.       apt:
    46. 

  46.         deb: "{{ inspec_download.dest }}"
    47. 

  47.         state: present
    48. 

  48.       when: ansible_pkg_mgr == 'apt'
    49. 

  49. 

  50.     - name: Create Molecule directory for test files
    51. 

  51.       file:
    52. 

  52.         path: "{{ inspec_test_directory }}"
    53. 

  53.         state: directory
    54. 

  54. 

  55.     - name: Copy Inspec tests to remote
    56. 

  56.       copy:
    57. 

  57.         src: "{{ item }}"
    58. 

  58.         dest: "{{ inspec_test_directory }}/{{ item | basename }}"
    59. 

  59.       with_fileglob:
    60. 

  60.         - "{{ playbook_dir }}/tests/test_*.rb"
    61. 

  61. 

  62.     - name: Register test files
    63. 

  63.       shell: "ls {{ inspec_test_directory }}/test_*.rb"
    64. 

  64.       register: test_files
    65. 

  65. 

  66.     - name: Execute Inspec tests
    67. 

  67.       command: "{{ inspec_bin }} exec {{ item }} --no-color --reporter progress"
    68. 

  68.       register: test_results
    69. 

  69.       with_items: "{{ test_files.stdout_lines }}"
    70. 

  70.       ignore_errors: true
    71. 

  71. 

  72.     - name: Display details about the Inspec results
    73. 

  73.       debug:
    74. 

  74.         msg: "{{ item.stdout_lines }}"
    75. 

  75.       with_items: "{{ test_results.results }}"
    76. 

  76. 

  77.     - name: Fail when tests fail
    78. 

  78.       fail:
    79. 

  79.         msg: "Inspec failed to validate"
    80. 

  80.       when: item.rc != 0
    81. 

  81.       with_items: "{{ test_results.results }}"
    82.