ansible-sshd/tests/tasks/setup.yml

---
- name: Ensure apt sources are up to date on debian systems
  ansible.builtin.apt:
    update_cache: true
  when:
    - ansible_facts['distribution'] == 'Debian'

- name: Determine if system is ostree and set flag
  when: not __sshd_is_ostree is defined
  block:
    - name: Check if system is ostree
      ansible.builtin.stat:
        path: /run/ostree-booted
      register: __ostree_booted_stat

    - name: Set flag to indicate system is ostree
      ansible.builtin.set_fact:
        __sshd_is_ostree: "{{ __ostree_booted_stat.stat.exists }}"

- name: Ensure test users exist on ostree systems
  ansible.builtin.shell: |
    if ! grep -q ^nobody /etc/passwd && grep -q ^nobody /usr/lib/passwd; then
      grep ^nobody /usr/lib/passwd >> /etc/passwd
    fi
    if ! grep -q ^nobody /etc/group && grep -q ^nobody /usr/lib/group; then
      grep ^nobody /usr/lib/group >> /etc/group
    fi
  when: __sshd_is_ostree | d(false)
  changed_when: true

- name: Make sure openssh is installed before creating backup
  ansible.builtin.package:
    name: openssh-server
    state: present
    use: "{{ (__sshd_is_ostree | d(false)) |
      ternary('ansible.posix.rhel_rpm_ostree', omit) }}"

- name: Make sure openssh has runtime directory on debian
  ansible.builtin.file:
    path: /run/sshd
    state: directory
    owner: root
    group: root
    mode: "0755"
  when:
    - ansible_facts['os_family'] == 'Debian'

- name: Define common variables
  ansible.builtin.set_fact:
    main_sshd_config: /etc/ssh/sshd_config
    main_sshd_config_name: sshd_config
    main_sshd_config_path: /etc/ssh/

- name: Define specific variables
  ansible.builtin.set_fact:
    main_sshd_config: /etc/ssh/sshd_config.d/00-ansible_system_role.conf
    main_sshd_config_name: 00-ansible_system_role.conf
    main_sshd_config_path: /etc/ssh/sshd_config.d/
  when:
    - (ansible_facts['os_family'] == 'RedHat' and ansible_facts['distribution_major_version']|int > 8) or
      (ansible_facts['distribution'] == 'Ubuntu' and ansible_facts['distribution_major_version']|int >= 22)
tests: Move setup tasks to separate file 2020-11-23 21:39:50 +01:00			`---`
feat: support for debian 12 2023-06-13 12:01:50 +02:00			`- name: Ensure apt sources are up to date on debian systems`
			`ansible.builtin.apt:`
			`update_cache: true`
			`when:`
			`- ansible_facts['distribution'] == 'Debian'`

feat: support for ostree systems Feature: Allow running and testing the role with ostree managed nodes. Reason: We have users who want to use the role to manage ostree systems. Result: Users can use the role to manage ostree managed nodes. Signed-off-by: Rich Megginson <rmeggins@redhat.com> 2023-11-17 14:44:54 +01:00			`- name: Determine if system is ostree and set flag`
			`when: not __sshd_is_ostree is defined`
			`block:`
			`- name: Check if system is ostree`
			`ansible.builtin.stat:`
			`path: /run/ostree-booted`
			`register: __ostree_booted_stat`

			`- name: Set flag to indicate system is ostree`
			`ansible.builtin.set_fact:`
			`__sshd_is_ostree: "{{ __ostree_booted_stat.stat.exists }}"`

			`- name: Ensure test users exist on ostree systems`
			`ansible.builtin.shell: \|`
			`if ! grep -q ^nobody /etc/passwd && grep -q ^nobody /usr/lib/passwd; then`
			`grep ^nobody /usr/lib/passwd >> /etc/passwd`
			`fi`
			`if ! grep -q ^nobody /etc/group && grep -q ^nobody /usr/lib/group; then`
			`grep ^nobody /usr/lib/group >> /etc/group`
			`fi`
			`when: __sshd_is_ostree \| d(false)`
			`changed_when: true`

tests: Move setup tasks to separate file 2020-11-23 21:39:50 +01:00			`- name: Make sure openssh is installed before creating backup`
Fix various linting issues 2022-06-03 12:22:17 +02:00			`ansible.builtin.package:`
tests: Move setup tasks to separate file 2020-11-23 21:39:50 +01:00			`name: openssh-server`
			`state: present`
feat: support for ostree systems Feature: Allow running and testing the role with ostree managed nodes. Reason: We have users who want to use the role to manage ostree systems. Result: Users can use the role to manage ostree managed nodes. Signed-off-by: Rich Megginson <rmeggins@redhat.com> 2023-11-17 14:44:54 +01:00			`use: "{{ (__sshd_is_ostree \| d(false)) \|`
			`ternary('ansible.posix.rhel_rpm_ostree', omit) }}"`
tests: Move setup tasks to separate file 2020-11-23 21:39:50 +01:00
			`- name: Make sure openssh has runtime directory on debian`
Fix various linting issues 2022-06-03 12:22:17 +02:00			`ansible.builtin.file:`
tests: Move setup tasks to separate file 2020-11-23 21:39:50 +01:00			`path: /run/sshd`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: "0755"`
			`when:`
			`- ansible_facts['os_family'] == 'Debian'`
Add support for RHEL 9 and adjust tests for it 2021-08-03 10:09:13 +02:00
			`- name: Define common variables`
Fix various linting issues 2022-06-03 12:22:17 +02:00			`ansible.builtin.set_fact:`
Add support for RHEL 9 and adjust tests for it 2021-08-03 10:09:13 +02:00			`main_sshd_config: /etc/ssh/sshd_config`
			`main_sshd_config_name: sshd_config`
			`main_sshd_config_path: /etc/ssh/`

			`- name: Define specific variables`
Fix various linting issues 2022-06-03 12:22:17 +02:00			`ansible.builtin.set_fact:`
Add support for RHEL 9 and adjust tests for it 2021-08-03 10:09:13 +02:00			`main_sshd_config: /etc/ssh/sshd_config.d/00-ansible_system_role.conf`
			`main_sshd_config_name: 00-ansible_system_role.conf`
			`main_sshd_config_path: /etc/ssh/sshd_config.d/`
Avoid unnecessary use of 'and' in 'when' conditions 2022-04-12 11:40:35 +02:00			`when:`
Add support for Ubuntu 22 with drop-in directory Signed-off-by: Jakub Jelen <jjelen@redhat.com> 2022-05-02 18:38:50 +02:00			`- (ansible_facts['os_family'] == 'RedHat' and ansible_facts['distribution_major_version']\|int > 8) or`
			`(ansible_facts['distribution'] == 'Ubuntu' and ansible_facts['distribution_major_version']\|int >= 22)`