feat: Добавлен пресет all-images и установка sudo во все Dockerfile

- Создан пресет all-images для тестирования всех 9 образов - Добавлен sudo во все Dockerfile образы - Настроены sudoers для root и пользователей - Упрощен site.yml (убрана установка sudo) - Добавлена документация для пресета all-images - Обновлен Makefile с поддержкой нового пресета - Исправлена проблема с Parsec в Astra Linux - Улучшена система очистки контейнеров Пресет all-images включает: - Debian-based: Ubuntu, Debian, Alt Linux, Astra Linux - RHEL-based: CentOS, RHEL, AlmaLinux, Rocky Linux, RedOS - Уникальные порты 8080-8088 - Переменные окружения TEST_OS и TEST_FAMILY
2025-10-25 19:00:34 +03:00
parent 94560ffaaa
commit 9ce30e0d67
18 changed files with 473 additions and 8 deletions
--- a/molecule/default/create.yml
+++ b/molecule/default/create.yml
@@ -77,6 +77,8 @@
        capabilities: "{{ systemd_defaults.capabilities | default([]) }}"
        published_ports: "{{ item.publish | default([]) }}"
        env: "{{ item.env | default({}) }}"
+        # Специальные настройки для Astra Linux
+        security_opts: "{{ ['seccomp=unconfined', 'apparmor=unconfined'] if item.family == 'astra' else [] }}"
        state: started
        restart_policy: unless-stopped
      loop: "{{ hosts | selectattr('type','undefined') | list }}"
--- a/molecule/default/destroy.yml
+++ b/molecule/default/destroy.yml
@@ -24,6 +24,14 @@
        name: "{{ item.name }}"
        state: absent
        force_kill: true
+        cleanup: true
+      loop: "{{ hosts }}"
+      loop_control: { label: "{{ item.name }}" }
+      ignore_errors: true
+
+    - name: Force remove any remaining containers
+      shell: |
+        docker ps -a --filter "name={{ item.name }}" --format "{{ '{{' }}.ID{{ '}}' }}" | xargs -r docker rm -f
      loop: "{{ hosts }}"
      loop_control: { label: "{{ item.name }}" }
      ignore_errors: true
@@ -51,6 +59,21 @@
        state: absent
      ignore_errors: true

+    - name: Force cleanup all project containers
+      shell: |
+        # Удаляем все контейнеры из загруженного пресета
+        {% for host in hosts %}
+        docker ps -a --filter "name={{ host.name }}" --format "{{ '{{' }}.ID{{ '}}' }}" | xargs -r docker rm -f 2>/dev/null || true
+        {% endfor %}
+        # Удаляем все контейнеры с образами ansible-lab
+        docker ps -a --filter "ancestor=inecs/ansible-lab" --format "{{ '{{' }}.ID{{ '}}' }}" | xargs -r docker rm -f 2>/dev/null || true
+        # Удаляем все контейнеры с сетью labnet
+        docker ps -a --filter "network=labnet" --format "{{ '{{' }}.ID{{ '}}' }}" | xargs -r docker rm -f 2>/dev/null || true
+      ignore_errors: true
+      vars:
+        # Используем переменную hosts из загруженного пресета
+        hosts: "{{ hosts }}"
+
    - name: Display cleanup summary
      debug:
        msg: |
--- a/molecule/default/site.yml
+++ b/molecule/default/site.yml
@@ -38,7 +38,17 @@
    - name: Update package cache (Alt Linux)
      apt:
        update_cache: true
-      when: ansible_distribution == 'Alt'
+      when: ansible_os_family == 'Altlinux'
+      changed_when: false
+      tags:
+        - setup
+        - update
+
+    # Обновление кеша пакетов для Astra Linux
+    - name: Update package cache (Astra Linux)
+      apt:
+        update_cache: true
+      when: ansible_os_family == 'Astra Linux'
      changed_when: false
      tags:
        - setup
@@ -55,7 +65,6 @@
          - iputils-ping
          - procps
          - net-tools
-          - sudo
          - vim
          - wget
          - unzip
@@ -77,7 +86,6 @@
          - iputils
          - procps-ng
          - net-tools
-          - sudo
          - vim
          - wget
          - unzip
@@ -98,13 +106,32 @@
          - iputils
          - procps
          - net-tools
-          - sudo
          - vim
          - wget
          - unzip
          - git
        state: present
-      when: ansible_distribution == 'Alt'
+      when: ansible_os_family == 'Altlinux'
+      tags:
+        - setup
+        - tools
+
+    - name: Install common tools (Astra Linux)
+      apt:
+        name:
+          - curl
+          - jq
+          - ca-certificates
+          - iproute2
+          - iputils
+          - procps
+          - net-tools
+          - vim
+          - wget
+          - unzip
+          - git
+        state: present
+      when: ansible_os_family == 'Astra Linux'
      tags:
        - setup
        - tools
@@ -139,7 +166,18 @@
          - python3
          - python3-pip
        state: present
-      when: ansible_distribution == 'Alt'
+      when: ansible_os_family == 'Altlinux'
+      tags:
+        - setup
+        - python
+
+    - name: Install Python (Astra Linux)
+      apt:
+        name:
+          - python3
+          - python3-pip
+        state: present
+      when: ansible_os_family == 'Astra Linux'
      tags:
        - setup
        - python
--- a/molecule/presets/all-images.yml
+++ b/molecule/presets/all-images.yml
@@ -0,0 +1,111 @@
+---
+#description: Пресет для тестирования всех доступных образов (9 хостов)
+# Автор: Сергей Антропов
+# Сайт: https://devops.org.ru
+
+docker_network: labnet
+generated_inventory: "{{ molecule_ephemeral_directory }}/inventory/hosts.ini"
+
+# systemd-ready образы
+images:
+  alt: "inecs/ansible-lab:alt-linux-latest"
+  astra: "inecs/ansible-lab:astra-linux-latest"
+  rhel: "inecs/ansible-lab:rhel-latest"
+  centos: "inecs/ansible-lab:centos-latest"
+  alma: "inecs/ansible-lab:alma-latest"
+  rocky: "inecs/ansible-lab:rocky-latest"
+  redos: "inecs/ansible-lab:redos-latest"
+  ubuntu: "inecs/ansible-lab:ubuntu-latest"
+  debian: "inecs/ansible-lab:debian-latest"
+  
+systemd_defaults:
+  privileged: true
+  command: "/sbin/init"
+  volumes:
+    - "/sys/fs/cgroup:/sys/fs/cgroup:ro"
+  tmpfs: ["/run", "/run/lock"]
+  capabilities: ["SYS_ADMIN"]
+
+hosts:
+  # Debian-based системы
+  - name: ubuntu-test
+    family: ubuntu
+    groups: [test, debian]
+    publish:
+      - "8080:80"
+    env:
+      TEST_OS: "Ubuntu"
+      TEST_FAMILY: "Debian"
+
+  - name: debian-test
+    family: debian
+    groups: [test, debian]
+    publish:
+      - "8081:80"
+    env:
+      TEST_OS: "Debian"
+      TEST_FAMILY: "Debian"
+
+  - name: alt-test
+    family: alt
+    groups: [test, altlinux]
+    publish:
+      - "8082:80"
+    env:
+      TEST_OS: "Alt Linux"
+      TEST_FAMILY: "Altlinux"
+
+  - name: astra-test
+    family: astra
+    groups: [test, astra]
+    publish:
+      - "8083:80"
+    env:
+      TEST_OS: "Astra Linux"
+      TEST_FAMILY: "Astra Linux"
+
+  # RHEL-based системы
+  - name: centos-test
+    family: centos
+    groups: [test, rhel]
+    publish:
+      - "8084:80"
+    env:
+      TEST_OS: "CentOS"
+      TEST_FAMILY: "RedHat"
+
+  - name: rhel-test
+    family: rhel
+    groups: [test, rhel]
+    publish:
+      - "8085:80"
+    env:
+      TEST_OS: "RHEL"
+      TEST_FAMILY: "RedHat"
+
+  - name: alma-test
+    family: alma
+    groups: [test, rhel]
+    publish:
+      - "8086:80"
+    env:
+      TEST_OS: "AlmaLinux"
+      TEST_FAMILY: "RedHat"
+
+  - name: rocky-test
+    family: rocky
+    groups: [test, rhel]
+    publish:
+      - "8087:80"
+    env:
+      TEST_OS: "Rocky Linux"
+      TEST_FAMILY: "RedHat"
+
+  - name: redos-test
+    family: redos
+    groups: [test, rhel]
+    publish:
+      - "8088:80"
+    env:
+      TEST_OS: "RedOS"
+      TEST_FAMILY: "RedHat"
--- a/molecule/presets/minimal.yml
+++ b/molecule/presets/minimal.yml
@@ -29,5 +29,8 @@ systemd_defaults:
 hosts:
  # Минимальный набор - один хост
  - name: u1
-    family: debian
+    family: astra
    groups: [test]
+  - name: u2
+    family: alt
+    groups: [test]