Merge pull request #33 from singleplatform-eng/singleplatform_additions

Colin Hoglund · web-flow · commit ce41d52595ec · 2016-11-09T22:37:04.000-05:00
singleplatform additions
diff --git a/.travis.yml b/.travis.yml
@@ -1,9 +1,27 @@
+---
+sudo: required
 language: python
-python:
-  - "2.7"
+python: "2.7"
+
 install:
-  - "pip install ansible"
+  - pip install ansible
+
+  # Add ansible.cfg to pick up roles path.
+  - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg"
+
 script:
-  - cd tests
-  - ansible-playbook --connection=local --limit=localhost --inventory-file=hosts all.yml
+  # Syntax Check
+  - ansible-playbook -i localhost, tests/test.yml --syntax-check
+
+  # Run test.yml
+  - ansible-playbook -i localhost, --connection=local --sudo tests/test.yml
+
+  # Run the role/playbook again, checking to make sure it's idempotent.
+  - >
+    ansible-playbook -i localhost, --connection=local --sudo tests/test.yml
+    | grep -q 'changed=0.*failed=0'
+    && (echo 'Idempotence test: pass' && exit 0)
+    || (echo 'Idempotence test: fail' && exit 1)
 
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
-[![Build Status](https://travis-ci.org/mivok/ansible-users.png)](https://travis-ci.org/mivok/ansible-users)
+[![Build Status](https://travis-ci.org/singleplatform-eng/ansible-users.svg?branch=master)](https://travis-ci.org/singleplatform-eng/ansible-users)
 
-# Users role
+# ansible-users
 
 Role to manage users on a system.
 
@@ -33,6 +33,7 @@ The following attributes are required for each user:
 * password - If a hash is provided then that will be used, but otherwise the
   account will be locked
 * groups - a list of supplementary groups for the user.
+* profile - a string block for setting custom shell profiles
 * ssh-key - This should be a list of ssh keys for the user. Each ssh key
   should be included directly and should have no newlines.
 
@@ -50,9 +51,14 @@ Example:
         name: Foo Barrington
         groups: ['wheel','systemd-journal']
         uid: 1001
+        profile: |
+          alias ll='ls -lah'
         ssh_key:
           - "ssh-rsa AAAAA.... foo@machine"
           - "ssh-rsa AAAAB.... foo2@machine"
+    groups_to_create:
+      - name: developers
+        gid: 10000
     users_deleted:
       - username: bar
         name: Bar User
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -13,4 +13,10 @@ users_create_homedirs: true
 # Lists of users to create and delete
 users: []
 users_deleted: []
+
+# List of groups to create
+# Example:
+#   groups_to_create:
+#     - name: developers
+#       gid: 10000
 groups_to_create: []
diff --git a/meta/main.yml b/meta/main.yml
@@ -1,36 +1,37 @@
 ---
 galaxy_info:
-  author: Mark Harrison
+  author: Mark Harrison (Modified by SinglePlatform Engineering)
   description: User creation role
   license: MIT
   min_ansible_version: 1.3
   platforms:
-  - name: EL
-    versions:
-    - all
-  - name: GenericUNIX
-    versions:
-    - all
-    - any
-  - name: Fedora
-    versions:
-    - all
-  - name: opensuse
-    versions:
-    - all
-  - name: Ubuntu
-    versions:
-    - all
-  - name: SLES
-    versions:
-    - all
-  - name: GenericLinux
-    versions:
-    - all
-    - any
-  - name: Debian
-    versions:
-    - all
-  categories:
-  - system
+    - name: EL
+      versions:
+        - all
+    - name: GenericUNIX
+      versions:
+        - all
+        - any
+    - name: Fedora
+      versions:
+        - all
+    - name: opensuse
+      versions:
+        - all
+    - name: Ubuntu
+      versions:
+        - all
+    - name: SLES
+      versions:
+        - all
+    - name: GenericLinux
+      versions:
+        - all
+        - any
+    - name: Debian
+      versions:
+        - all
+  galaxy_tags:
+    - system
+
 dependencies: []
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,43 +1,56 @@
 ---
 - name: Creating groups
-  group: name="{{item}}"
-  with_items: groups_to_create
+  group: name="{{item.name}}" gid="{{item.gid | default(omit)}}"
+  with_items: "{{groups_to_create}}"
   tags: ['users','groups','configuration']
 
 - name: Per-user group creation
   group: name="{{item.username}}"
          gid="{{item.gid if item.gid is defined else item.uid}}"
   with_items: users
+  with_items: "{{users}}"
   when: users_create_per_user_group
   tags: ['users','configuration']
 
 - name: User creation
-  user: name="{{item.username}}"
-        group="{{item.username if users_create_per_user_group
-            else users_group}}"
-        groups="{{item.groups | join(',')}}"
-        shell={{item.shell if item.shell is defined else users_default_shell}}
-        password="{{item.password if item.password is defined else '!'}}"
-        comment="{{item.name if item.name is defined else ''}}"
-        uid="{{item.uid}}"
-        createhome="{{'yes' if users_create_homedirs else 'no'}}"
-  with_items: users
+  user:
+    name: "{{item.username}}"
+    group: "{{item.username if users_create_per_user_group else users_group}}"
+    # empty string removes user from all secondary groups
+    groups: "{{item.groups | join(',') if 'groups' in item else ''}}"
+    shell: "{{item.shell if item.shell is defined else users_default_shell}}"
+    password: "{{item.password if item.password is defined else '!'}}"
+    comment: "{{item.name if item.name is defined else ''}}"
+    uid: "{{item.uid}}"
+    createhome: "{{'yes' if users_create_homedirs else 'no'}}"
+  with_items: "{{users}}"
   tags: ['users','configuration']
 
 - name: SSH keys
   authorized_key: user="{{item.0.username}}" key="{{item.1}}"
   with_subelements:
-    - users
+    - "{{users}}"
     - ssh_key
   tags: ['users','configuration']
 
+- name: Setup user profiles
+  blockinfile:
+    block: "{{item.profile}}"
+    dest: "/home/{{item.username}}/.profile"
+    owner: "{{item.username}}"
+    group: "{{item.username}}"
+    mode: 0644
+    create: true
+  when: users_create_homedirs and item.profile is defined
+  with_items: "{{users}}"
+
 - name: Deleted user removal
   user: name="{{item.username}}" state=absent
-  with_items: users_deleted
+  with_items: "{{users_deleted}}"
   tags: ['users','configuration']
 
 - name: Deleted per-user group removal
   group: name="{{item.username}}" state=absent
-  with_items: users_deleted
+  with_items: "{{users_deleted}}"
   when: users_create_per_user_group
   tags: ['users','configuration']
diff --git a/tests/test.yml b/tests/test.yml
@@ -0,0 +1,19 @@
+---
+
+- hosts: localhost
+  remote_user: root
+  vars:
+    users:
+      - name: Ansible Test User
+        username: ansibletestuser
+        uid: 2222
+        groups: [users, bin]
+        shell: /bin/sh
+        profile: |
+          alias ll='ls -lah'
+          alias cp='cp -iv'
+        ssh_key:
+          - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVpUJQCOaPg3p5xro9e+1fkGRWNOGrrExiKMqTE91Fwu349bxfMnMzRS0PAERouR9EEL+Ee4Yzhav/uNc35eCtXzACtluXnAncMrQj6pM3IqASynhvXTygHljmcMbBSDQtLrTZeW+YzIcOgk5UM1yBi26WoUYva2aCr9IRvKdYreAK08OiMdZedpOye0ZdvIYJGcyITwc6YMmrAhP7jZlrk/mDEkf2a4eBp+475o7MJtaC9npqYkToM8vqvx5AGEKqXt7/f1/paOY7KsR+VGPQy6k2RkXjWBsXPesZ3d3XLZHE60wAk0EsuJO8A25+uWSB6ILQeRSYYmGea/WIf6kd noone@throwaway.example.com"
+
+  roles:
+    - ansible-users
