evrardjp · Salvoxia · Jan 24, 2025 · Jan 24, 2025 · Jan 24, 2025 · Jan 24, 2025
diff --git a/.github/workflows/molecule.yml b/.github/workflows/molecule.yml
@@ -1,19 +1,114 @@
 ---
-name: Molecule Test
-on: [push, pull_request]
+name: CI
+'on':
+  workflow_dispatch:
+  pull_request:
+  push:
+    paths-ignore:
+      - 'README.md'
+  schedule:
+    - cron: '00 12 10 * *'
+
 jobs:
-  build:
+  lint:
+    name: Lint
     runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install test dependencies
+        run: pip3 install yamllint
+
+      - name: Install ansible test dependencies
+        run: ansible-galaxy install -r molecule/test_requirements.yml --force
+
+      - name: Run Yamllint
+        run: |
+          yamllint .
+
+      - name: Run ansible-lint
+        uses: ansible/[email protected]
+  molecule:
+    name: Molecule
+    runs-on: ubuntu-latest
+    needs: lint
     strategy:
-      max-parallel: 2
+      fail-fast: false
       matrix:
-        ansible: ["2.10", "latest"]
+        distro:
+          - centos8
+          - debian10
+          - debian11
+          - debian12
+          - ubuntu2204
+          - ubuntu2404
+
     steps:
-      - uses: actions/checkout@v2
-      - name: Install dependencies
-        run: |
-          sudo apt remove ansible
-          sudo apt install tox
-      - name: Test with molecule using tox
-        run: |
-          sudo -H -E tox -e ansible-${{ matrix.ansible }}
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Install test dependencies (CentOS 8 / Debian 10 / Rockylinux 9).
+        run: pip3 install ansible==9.13.0 molecule molecule-docker yamllint ansible-lint docker netaddr dnspython
+        if: matrix.distro == 'centos8' || matrix.distro == 'debian10' || matrix.distro == 'rockylinux9'
+
+      - name: Install test dependencies.
+        run: pip3 install ansible molecule molecule-docker yamllint ansible-lint docker netaddr dnspython
+        if: matrix.distro != 'centos8' && matrix.distro != 'debian10'  && matrix.distro != 'rockylinux9'
+
+      - name: Install ansible test dependencies
+        run: ansible-galaxy install -r molecule/test_requirements.yml --force
+
+      - name: Run Molecule Default test
+        run: molecule test
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
+
+      - name: Run Molecule Masked Keepalived Test
+        run: molecule test --scenario-name masked-keepalived
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
+
+      - name: Run Molecule Reconfigure Keepalived Test
+        run: molecule test --scenario-name reconfigure-keepalived
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
+
+      - name: Run Molecule Install from Source Test
+        run: molecule test --scenario-name install-from-source
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
+
+      - name: Run Molecule Uninstall from Source Test
+        run: molecule test --scenario-name uninstall-from-source
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
+
+      - name: Run Molecule Switch from Package Manager to Source Installation Test
+        run: molecule test --scenario-name switch-from-pkgmgr-to-source
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
+
+      - name: Run Molecule Switch from Source Installation to Package Manager Test
+        run: molecule test --scenario-name switch-from-source-to-pkgmgr
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_IMAGE: ${{ matrix.distro }}
diff --git a/.github/workflows/monthly.yml b/.github/workflows/monthly.yml
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 *.retry
 *.log
 .vagrant/
+.vscode/
diff --git a/.yamllint b/.yamllint
@@ -15,7 +15,8 @@ rules:
   commas:
     max-spaces-after: -1
     level: error
-  comments: disable
+  comments:
+    min-spaces-from-content: 1
   comments-indentation: disable
   document-start: disable
   empty-lines:
@@ -31,5 +32,9 @@ rules:
     type: unix
   trailing-spaces: disable
   truthy: disable
+  octal-values:
+    forbid-explicit-octal: true
+    forbid-implicit-octal: true
 ignore:
-  .tox/
+  - .tox/
+  - tests
diff --git a/README.md b/README.md
@@ -38,6 +38,67 @@ An example of a notification script is also given, in the files folder.
 
 Antoher good source of informations is the official keepalived [GIT repo](https://github.com/acassen/keepalived) where you can find a fully commented [keepalived.conf](https://github.com/acassen/keepalived/blob/master/doc/keepalived.conf.SYNOPSIS). Also various official samples are [provided](https://github.com/acassen/keepalived/tree/master/doc/samples).
 
+Installation from source
+------------------------
+
+If your package manager only provides an outdated version of Keepalived, this role is able to compile and install Keepalived from source.  
+
+The role supports the following scenarios:
+  - Compile and install Keepalived from a Git repository with a specific source tag
+  - Uninstall Keepalived after installed from source
+  - Switch from installation by a package manager to installation from source
+  - Switch from installation from source to installation by a package manager
+  - Switch from one installed version from source to a different version
+
+The follwing role variables control installation from source:
+```yaml
+# Flag indicating whether to compile and install Keepalived from source instead of a package manager
+keepalived_install_from_source: false
+# Git source repository to use when installing Keepalived from source
+keepalived_source_repository: https://github.com/acassen/keepalived.git
+# The Git tag to compile when installing Keepalived from source
+keepalived_source_tag: v2.3.2
+# Configure options
+keepalived_source_configure_options:
+    - --includedir=${prefix}/include
+    - --mandir=${prefix}/share/man
+    - --infodir=${prefix}/share/info
+    - --sysconfdir=/etc
+    - --localstatedir=/var
+    - --disable-option-checking
+    - --disable-silent-rules
+    - --runstatedir=/run
+    - --disable-maintainer-mode
+    - --disable-dependency-tracking
+    - --enable-snmp
+    - --enable-sha1
+    - --enable-snmp-rfcv2
+    - --enable-snmp-rfcv3
+    - --enable-dbus
+    - --enable-json
+    - --enable-bfd
+    - --enable-regex
+```
+The installation prefix is generated dynamically using `keepalived_source_tag`.
+
+In addition, the following variable control the build dependencies on a distribution level:
+```yaml
+keepalived_build_dep_packages:
+  - git
+  - autoconf
+  - curl 
+  - gcc 
+  - libssl-dev 
+  - libnl-3-dev 
+  - libnl-genl-3-dev 
+  - libsnmp-dev
+  - libsystemd-dev
+  - libmnl-dev
+  - libipset-dev
+  - libnfnetlink-dev
+  - libnl-route-3-dev
+```
+
 Dependencies
 ------------
 

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -22,30 +22,57 @@ keepalived_selinux_compile_rules:
   - keepalived_ping
   - keepalived_setpgid
 
-#keepalived_package_state: "latest"
-keepalived_package_state: "{{ ( (keepalived_use_latest_stable | default(true)) | bool) | ternary('latest','present') }}"
+# keepalived_package_state: "latest"
+keepalived_package_state: "{{ ((keepalived_use_latest_stable | default(true)) | bool) | ternary('latest', 'present') }}"
+
+# Flag indicating whether to compile and install Keepalived from source instead of a package manager
+keepalived_install_from_source: false
+# Git source repository to use when installing Keepalived from source
+keepalived_source_repository: https://github.com/acassen/keepalived.git
+# The Git tag to compile when installing Keepalived from source
+keepalived_source_tag: v2.3.2
+# Configure options
+keepalived_source_configure_options:
+    - --includedir=${prefix}/include
+    - --mandir=${prefix}/share/man
+    - --infodir=${prefix}/share/info
+    - --sysconfdir=/etc
+    - --localstatedir=/var
+    - --disable-option-checking
+    - --disable-silent-rules
+    - --runstatedir=/run
+    - --disable-maintainer-mode
+    - --disable-dependency-tracking
+    - --enable-snmp
+    - --enable-sha1
+    - --enable-snmp-rfcv2
+    - --enable-snmp-rfcv3
+    - --enable-dbus
+    - --enable-json
+    - --enable-bfd
+    - --enable-regex
 
 # Keepalived scripts can be defined that trigger notification scripts.
 # Examples have been provided below and in the tests directory.
 # keepalived_scripts:
-  #haproxy_check_script:
+  # haproxy_check_script:
     # check_script: "/etc/keepalived/haproxy_check.sh"
     # ##if a src_check_script is defined, it will be uploaded from src_check_script
     # ##on the deploy host to the check_script location. If the check_script needs
     # ##parameters, you can define the location under dest_check_script.
     # src_check_script: "{{ playbook_dir }}/../scripts/keepalived_haproxy_check.sh"
-  #haproxy_check_script:
+  # haproxy_check_script:
     # Here is an example with a command instead of a script.
     # Add src_check_script if you want to run a script instead of a command
-    #check_script: "killall -0 haproxy"
+    # check_script: "killall -0 haproxy"
 keepalived_scripts: {}
 
 # Keepalived scripts may rely upon additional packages.
 keepalived_scripts_packages: []
 
-#This is the expiration time of your package manager cache.
-#When expired, this role will require to update the package manger cache.
-#This variable will be removed when the ansible upstream bugs will be fixed.
+# This is the expiration time of your package manager cache.
+# When expired, this role will require to update the package manger cache.
+# This variable will be removed when the ansible upstream bugs will be fixed.
 cache_timeout: 600
 
 keepalived_instances: {}
@@ -64,7 +91,7 @@ keepalived_sysctl_tcp_retries: 8
 # This list of strings will appear in the global_defs section of the
 # keepalived configuration file.
 # Example:
-#keepalived_global_defs:
+# keepalived_global_defs:
 #  - enable_script_security
 
 # Whether to add systemd overrides for keepalived:
@@ -84,6 +111,6 @@ keepalived_daemon_options_file_path: "{{ _keepalived_daemon_options_file_path }}
 # Overriding keepalived daemon extra arguments, which will be applied inside of
 # the keepalived_daemon_options_file_path variable.
 # Example:
-#keepalived_daemon_default_options_overrides:
+# keepalived_daemon_default_options_overrides:
 #  - "DAEMON_ARGS='--snmp'"
 keepalived_daemon_default_options_overrides: []
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -13,19 +13,21 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-- name: restart keepalived
+- name: Restart keepalived
   ansible.builtin.service:
     name: "{{ keepalived_service_name }}"
     state: "restarted"
   register: _servicerestart
-  when:
-    - _servicestart is not changed
 
-- name: reload keepalived
+- name: Reload keepalived
   ansible.builtin.service:
     name: "{{ keepalived_service_name }}"
     state: "reloaded"
   register: _servicereload
   when:
     - _servicestart is not changed
     - _servicerestart is not defined
+
+- name: Systemctl daemon-reload
+  ansible.builtin.systemd:
+    daemon_reload: true
diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -43,14 +43,25 @@
     ansible.builtin.debug:
       var: ansible_interfaces
 
+  - name: Show ansible facts
+    ansible.builtin.debug:
+      var: ansible_facts
+
   - name: Define vrrp nic
     ansible.builtin.set_fact:
-      vrrp_nic: "{{ ((ansible_interfaces | reject('equalto','lo')) | difference([ansible_default_ipv4.interface]))[0] | string }}"
+      vrrp_nic: "{{ ((ansible_interfaces | reject('equalto', 'lo')) | difference([ansible_default_ipv4.interface])) | sort | first | string }}"
 
   - name: Include keepalived vars
-    ansible.builtin.include_vars:
-      file: ../../tests/keepalived_haproxy_combined_example.yml
+    ansible.builtin.set_fact:
+      keepalived_instances:
+        internal:
+          interface: "{{ vrrp_nic }}"
+          state: "{{ (groups['all'].index(inventory_hostname) == 0) | ternary('MASTER', 'BACKUP') }}"
+          virtual_router_id: 42
+          priority: "{{ (groups['all'] | length - groups['all'].index(inventory_hostname)) * 250 // (groups['all'] | length) }}"
+          vips:
+            - "192.168.33.2/24 dev {{ vrrp_nic }}"
 
   - name: Include ansible-keepalived
     ansible.builtin.include_role:
-      name: ansible-keepalived
+      name: evrardjp.keepalived
diff --git a/molecule/default/prepare.yml → molecule/default/dependency.yml b/molecule/default/prepare.yml → molecule/default/dependency.yml