fix2

Dockerfile

@@ -6,19 +6,13 @@ RUN apt-get update && apt-get install -y \
     curl \
     docker.io \
     docker-compose \
+    sshpass \
     && rm -rf /var/lib/apt/lists/*
 
-# Устанавливаем Ansible, Molecule и Ansible Vault
-RUN pip install --no-cache-dir ansible ansible-vault molecule docker molecule-docker
+RUN pip3 install --no-cache-dir ansible ansible-lint ansible-vault molecule docker molecule-docker
 
 # Устанавливаем Docker CLI
 RUN curl -fsSL https://get.docker.com | sh
 
-# Устанавливаем рабочую директорию
-WORKDIR /workspace
-
-# Устанавливаем роль из Ansible Galaxy (пример: geerlingguy.nginx)
-#RUN ansible-galaxy role install geerlingguy.nginx
-
-# Указываем команду по умолчанию
-CMD ["molecule", "--version"]
+WORKDIR /ansible
+ENTRYPOINT ["/bin/bash"]

Makefile

@@ -53,38 +53,23 @@ logs:
 	docker compose logs --tail=100 -f $(c)
 
 shell:
-	docker compose exec ansible-molecule bash
+	docker compose exec ansible bash
 
 
-# Создание новой роли с помощью Molecule
-create:
-	docker compose run --rm ansible-molecule sh -c "ansible-galaxy role init $(ROLE_NAME) && cd $(ROLE_NAME) && molecule init scenario
-	#docker compose run --rm ansible-molecule sh -c "molecule create"
+.PHONY: test lint vault deploy
 
-# Запуск тестов Molecule
-test:
-	docker compose run --rm ansible-molecule sh -c "molecule test"
-	#docker compose run --rm ansible-molecule sh -c "molecule --help"
+test:  ## Запуск тестов с molecule
+	docker compose run --rm ansible bash -c "molecule test"
 
-# Установка зависимостей из requirements.yml
-dependencies:
-	docker compose run --rm ansible-molecule sh -c "ansible-galaxy role install -r /workspace/requirements.yml"
+lint:  ## Проверка кода с ansible-lint
+	docker compose run --rm ansible sh -c "ansible-lint roles/role"
 
-# Шифрование файла с помощью Ansible Vault
-encrypt:
-	docker compose run --rm ansible-molecule sh -c "ansible-vault encrypt --vault-password-file /workspace/$(VAULT_PASSWORD_FILE) /workspace/role/$(FILE)"
+vault:  ## Шифрование/дешифрование с ansible-vault
+	docker compose run --rm ansible sh -c "ansible-vault edit --vault-password-file vault-password.txt vars/secrets.yml"
 
-# Расшифровка файла с помощью Ansible Vault
-decrypt:
-	docker compose run --rm ansible-molecule sh -c "ansible-vault decrypt --vault-password-file /workspace/$(VAULT_PASSWORD_FILE) /workspace/role/$(FILE)"
-
-# Просмотр зашифрованного файла
-view:
-	docker compose run --rm ansible-molecule sh -c "ansible-vault view --vault-password-file /workspace/$(VAULT_PASSWORD_FILE) /workspace/role/$(FILE)"
-
-# Запуск роли на реальных серверах
-deploy:
-	docker compose run --rm ansible-molecule sh -c "ansible-playbook -i $(INVENTORY) $(PLAYBOOK) --vault-password-file /workspace/$(VAULT_PASSWORD_FILE)"
+deploy: test  ## Деплой на реальные машины, если тест прошел успешно
+	@echo "Deploying roles to production..."
+	docker compose run --rm ansible sh -c "ansible-playbook -i inventory/production deploy.yml --vault-password-file vault-password.txt"
 
 ####################################################################################################
 # Работа с Git

ansible_role/molecule/default/Dockerfile.j2

@@ -1,13 +0,0 @@
-# Molecule managed
-
-{% if item.registry is defined %}
-FROM {{ item.registry.url }}/{{ item.image }}
-{% else %}
-FROM {{ item.image }}
-{% endif %}
-
-{% if item.dockerfile is defined %}
-{% for line in item.dockerfile %}
-{{ line }}
-{% endfor %}
-{% endif %}

ansible_role/molecule/default/INSTALL.rst

@@ -1,8 +0,0 @@
-Installation
-============
-
-To install Molecule, run the following command:
-
-.. code-block:: bash
-
-    pip install molecule docker

ansible_role/molecule/default/create.yml

@@ -1,11 +0,0 @@
----
-- name: Create
-  hosts: localhost
-  connection: local
-  tasks:
-    - name: Create molecule instance(s)
-      molecule_docker:
-        platform: "{{ item }}"
-      with_items: "{{ molecule_yml.platforms }}"
-      loop_control:
-        label: "{{ item.name }}"

ansible_role/molecule/default/destroy.yml

@@ -1,12 +0,0 @@
----
-- name: Destroy
-  hosts: localhost
-  connection: local
-  tasks:
-    - name: Destroy molecule instance(s)
-      molecule_docker:
-        platform: "{{ item }}"
-        state: absent
-      with_items: "{{ molecule_yml.platforms }}"
-      loop_control:
-        label: "{{ item.name }}"

ansible_role/molecule/default/inventory/hosts

@@ -1,2 +0,0 @@
-[all]
-instance ansible_connection=docker

ansible_role/molecule/default/molecule.yml

@@ -1,17 +0,0 @@
----
-dependency:
-  name: galaxy
-driver:
-  name: docker
-platforms:
-  - name: instance
-    image: geerlingguy/docker-ubuntu2004-ansible:latest
-    pre_build_image: true
-provisioner:
-  name: ansible
-  inventory:
-    host_vars:
-      instance:
-        ansible_connection: docker
-verifier:
-  name: ansible

ansible_role/molecule/default/prepare.yml

@@ -1,4 +0,0 @@
----
-- name: Prepare
-  hosts: all
-  tasks: []

ansible_role/molecule/default/tests/test_default.py

@@ -1,13 +0,0 @@
-import os
-import testinfra.utils.ansible_runner
-
-testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
-
-
-def test_hosts_file(host):
-    f = host.file('/etc/hosts')
-
-    assert f.exists
-    assert f.user == 'root'
-    assert f.group == 'root'

ansible_role/molecule/default/verify.yml

@@ -1,4 +0,0 @@
----
-- name: Verify
-  hosts: all
-  tasks: []

ansible_role/plybook.yaml

@@ -1,6 +0,0 @@
----
-- name: Apply my_ansible_role to servers
-  hosts: all  # Используем все хосты из инвентори
-  become: yes  # Повышаем привилегии (sudo)
-  roles:
-    - role: my_ansible_role  # Указываем имя вашей роли

docker-compose.yaml

@@ -1,16 +1,9 @@
 services:
-  ansible-molecule:
-    build:
-      context: .
-      dockerfile: Dockerfile
-    container_name: ansible-molecule
+  ansible:
+    build: .
+    container_name: ansible
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - ./ansible_role:/workspace/role  # Монтируем роль
-      - ./inventory:/workspace/inventory  # Монтируем инвентори
-      - ./ansible.cfg:/etc/ansible/ansible.cfg  # Монтируем конфиг Ansible
-      - ./vault_password_file:/workspace/vault_password_file  # Монтируем файл с паролем для Vault
-      - ./requirements.yaml:/workspace/requirements.yml  # Монтируем файл с зависимостями
-    working_dir: /workspace/role
-    command: >
-      sh -c "ansible-galaxy role install -r /workspace/requirements.yml && molecule test"
+      - .:/ansible
+    environment:
+      - ANSIBLE_VAULT_PASSWORD_FILE=/ansible/vault-password.txt
+    tty: true

inventory/hosts

@@ -1,6 +0,0 @@
-[webservers]
-server1 ansible_host=192.168.1.10 ansible_user=ubuntu
-server2 ansible_host=192.168.1.11 ansible_user=ubuntu
-
-[dbservers]
-server3 ansible_host=192.168.1.12 ansible_user=ubuntu

molecule/default/converge.yml

@@ -2,4 +2,4 @@
 - name: Converge
   hosts: all
   roles:
-    - role: my_new_role
+    - role: role

molecule/default/molecule.yml

@@ -0,0 +1,16 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+platforms:
+  - name: instance
+    image: "geerlingguy/docker-ubuntu2004-ansible:latest"
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  lint:
+    name: ansible-lint
+verifier:
+  name: ansible

roles/role/deploy.yaml

@@ -0,0 +1,6 @@
+---
+- name: Deploy roles
+  hosts: production
+  become: true
+  roles:
+    - role

roles/role/tasks/main.yaml

@@ -0,0 +1,4 @@
+---
+- name: Example task
+  debug:
+    msg: "Hello, Ansible!"