84 lines
3.5 KiB
YAML
84 lines
3.5 KiB
YAML
---
|
|
- name: Verify
|
|
hosts: all
|
|
gather_facts: false
|
|
tasks:
|
|
- name: Ensure https://localhost returns 200
|
|
ansible.builtin.uri:
|
|
url: https://localhost
|
|
validate_certs: false
|
|
return_content: true
|
|
register: get_localhost
|
|
|
|
- name: Assert caddy responded on https://localhost
|
|
ansible.builtin.assert:
|
|
that: "(get_localhost.server | split(', '))[0] == 'Caddy'"
|
|
- name: Assert nginx responded on https://localhost
|
|
ansible.builtin.assert:
|
|
that: "(get_localhost.server | split(', '))[1].startswith('nginx')"
|
|
|
|
- name: Get /opt/nginx directory info
|
|
ansible.builtin.stat:
|
|
path: /opt/nginx
|
|
register: opt_nginx_stat
|
|
- name: Assert /opt/nginx doesn't exist
|
|
ansible.builtin.assert:
|
|
that: not opt_nginx_stat.stat.exists
|
|
msg: /opt/nginx should not have been created but it was
|
|
|
|
- name: Get host passwd nginx user
|
|
ansible.builtin.getent:
|
|
database: passwd
|
|
key: nginx
|
|
fail_key: false
|
|
- name: Assert nginx user does not exist
|
|
ansible.builtin.assert:
|
|
that: getent_passwd.nginx == None
|
|
msg: "nginx user should not exist but it does ({{ getent_passwd }})"
|
|
|
|
- name: Get nginx container info
|
|
community.docker.docker_container_info:
|
|
name: nginx
|
|
register: container_out
|
|
|
|
- name: Assert container port 80 forwarded to host 28001
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "container_out.container.HostConfig.PortBindings['80/tcp'] is defined"
|
|
- "container_out.container.HostConfig.PortBindings['80/tcp'][0].HostPort == '28001'"
|
|
msg: "Container port 80 not correctly forwarded to host port. Port bindings output was {{ container_out.container.HostConfig.PortBindings }}"
|
|
|
|
- name: Assert container user not set
|
|
ansible.builtin.assert:
|
|
that: container_out.container.Config.User == ""
|
|
|
|
- name: Get container image info
|
|
community.docker.docker_image_info:
|
|
name: "{{ container_out.container.Image }}"
|
|
register: container_image_out
|
|
- name: Assert nginx image not built locally
|
|
assert:
|
|
that: container_image_out.images[0].RepoTags[0] == 'nginx:latest'
|
|
msg: "Nginx image tag incorrect. It should have been nginx:latest but it was {{ container_image_out.images[0].RepoTags }}"
|
|
|
|
- name: Get docker host info
|
|
community.docker.docker_host_info:
|
|
volumes: true
|
|
register: docker_host_out
|
|
- name: Assert all containers are running
|
|
ansible.builtin.assert:
|
|
that: docker_host_out.host_info.Containers == docker_host_out.host_info.ContainersRunning
|
|
msg: There should have been {{ docker_host_out.host_info.Containers }} containers running but there were {{ docker_host_out.host_info.ContainersRunning }}
|
|
- name: Assert no extra containers were created
|
|
ansible.builtin.assert:
|
|
that: docker_host_out.host_info.Containers == 1
|
|
msg: There should have been 1 container created but there were {{ docker_host_out.host_info.Containers }}
|
|
- name: Assert no extra images were pulled
|
|
ansible.builtin.assert:
|
|
that: docker_host_out.host_info.Images == 1
|
|
msg: There should have been 1 image present but there were {{ docker_host_out.host_info.Images }}
|
|
- name: Assert no volumes were created
|
|
ansible.builtin.assert:
|
|
that: docker_host_out.volumes | length == 0
|
|
msg: There should have been no volumes present but there were {{ docker_host_out.volumes | length }}
|