AMW-250 Fix common_criteria_demo on Olympus

.github/workflows/ci.yml

@@ -17,7 +17,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v2
         with:
-          path: ansible_collections/middleware_automation/common_criteria-demo
+          path: /home/runner/work/common_criteria_demo/common_criteria_demo
 
       - name: Set up Python ${{ matrix.python_version }}
         uses: actions/setup-python@v1
@@ -27,17 +27,7 @@ jobs:
       - name: Install yamllint, ansible and molecule
         run: |
           python -m pip install --upgrade pip
-          pip install yamllint 'molecule[docker]~=3.5.2' ansible-core flake8 ansible-lint voluptuous
-
-      - name: Create default collection path
-        run: |
-          mkdir -p /home/runner/.ansible/collections/ansible_collections
-
-      - name: Install ansible-lint custom rules
-        uses: actions/checkout@v2
-        with:
-          repository: ansible-middleware/ansible-lint-custom-rules
-          path: ansible_collections/ansible-lint-custom-rules/
+          pip install yamllint 'molecule>=6.0.3' 'molecule-plugins[docker]>=23.5.3' ansible-core flake8 ansible-lint voluptuous
 
       - name: Run molecule test
         run: |
@@ -46,4 +36,3 @@ jobs:
         env:
           PY_COLORS: "1"
           ANSIBLE_FORCE_COLOR: "1"
-        working-directory: ./ansible_collections/middleware_automation/common_criteria-demo

molecule/tomcat/molecule.yml

@@ -7,22 +7,26 @@ driver:
   name: docker
 platforms:
   - name: instance
-    image: registry.access.redhat.com/ubi8/ubi-init:latest
+    image: registry.access.redhat.com/ubi9/ubi-init:latest
+    pre_build_image: true
     privileged: true
-    tmpfs:
-      - /run
-      - /tmp
     command: "/usr/sbin/init"
     port_bindings:
       - 8080:8080
     published_ports:
       - 0.0.0.0:8080:8080/TCP
 provisioner:
   name: ansible
+  env:
+    ANSIBLE_VERBOSITY: 3
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+    ssh_connection:
+      pipelining: false
   playbooks:
-    converge: converge.yml
     prepare: prepare.yml
-    verify: ../../playbooks/playbook_tomcat.yml
+    converge: ../../playbooks/playbook_tomcat.yml
     vars:
       ansible_distribution: 'RedHat'
   inventory:
@@ -32,8 +36,6 @@ verifier:
   name: ansible
 scenario:
   test_sequence:
-    - dependency
-    - lint
     - cleanup
     - destroy
     - syntax

molecule/tomcat/prepare.yml

@@ -1,21 +1,11 @@
 ---
 - name: Prepare
   hosts: all
-  vars_files:
-    - vars.yml
   tasks:
     - name: Display Ansible version
       debug:
         msg: "Ansible version is  {{ ansible_version.full }}"
 
     - name: Install required dependencies
       package:
-        name: sudo
-
-  pre_tasks:
-    - name: "Download latest Apache Tomcat zip file from {{ download_url }}."
-      get_url:
-        url: "{{ download_url }}"
-        dest: "{{ tomcat_zipfile }}"
-      when:
-        - download_url is defined
+        name: sudo

molecule/wildfly/molecule.yml

@@ -7,22 +7,26 @@ driver:
   name: docker
 platforms:
   - name: instance
-    image: registry.access.redhat.com/ubi8/ubi-init:latest
+    image: registry.access.redhat.com/ubi9/ubi-init:latest
+    pre_build_image: true
     privileged: true
-    tmpfs:
-      - /run
-      - /tmp
     command: "/usr/sbin/init"
     port_bindings:
       - 8080:8080
     published_ports:
       - 0.0.0.0:8080:8080/TCP
 provisioner:
   name: ansible
+  env:
+    ANSIBLE_VERBOSITY: 3
+  config_options:
+    defaults:
+      interpreter_python: auto_silent
+    ssh_connection:
+      pipelining: false
   playbooks:
-    converge: converge.yml
     prepare: prepare.yml
-    verify: ../../playbooks/playbook_wildfly.yml
+    converge: ../../playbooks/playbook_wildfly.yml
     vars:
       ansible_distribution: 'RedHat'
   inventory:
@@ -32,8 +36,6 @@ verifier:
   name: ansible
 scenario:
   test_sequence:
-    - dependency
-    - lint
     - cleanup
     - destroy
     - syntax

playbooks/playbook_tomcat.yml

@@ -1,12 +1,41 @@
 ---
 - name: "Validate Common Criteria recommendations on Tomcat installation"
   hosts: all
+  become: yes
+  become_user: root
   vars_files:
-    - ../molecule/tomcat/vars.yml
+    - vars.yml
+  collections:
+    - middleware_automation.jws
+    - middleware_automation.common_criteria
+  roles:
+    - jws
+    - jws_common_criteria
   tasks:
+    - name: "Ensure user {{ jws_user }} exists."
+      ansible.builtin.user:
+        name: "{{ jws_user }}"
+        groups: "{{ jws_group }}"
+        state: present
+
+    - name: "Ensure group {{ jws_group }} exists."
+      ansible.builtin.group:
+        name: "{{ jws_group }}"
+        state: present
+
+  pre_tasks:
+    - name: "Download latest Apache Tomcat zip file from {{ download_url }}."
+      get_url:
+        url: "{{ download_url }}"
+        dest: "{{ tomcat_zipfile }}"
+      when:
+        - download_url is defined
+      become: yes
+
+  post_tasks:
     - name: "Ensure Tomcat is started and listen to appropriate port"
       wait_for:
         host: "{{ override_tomcat_listen_http_bind_address }}"
         port: "{{ override_tomcat_listen_http_port | default(8080) }}"
       when:
-        - tomcat_systemd_enabled is defined
+        - tomcat_systemd_enabled is defined

playbooks/playbook_wildfly.yml

@@ -2,17 +2,22 @@
 - name: "Validate Common Criteria recommendations on Wildfly installation"
   hosts: all
   vars_files:
-    - ../molecule/wildfly/vars.yml
-  tasks:
-    - name: "Ensure user {{ wildfly_user }} exists."
-      group:
-        name: "{{ wildfly_group }}"
+    - vars.yml
 
-    - name: "Ensure group {{ wildfly_group }} exists."
-      user:
-        name: "{{ wildfly_user }}"
-        groups: "{{ wildfly_group }}"
-        state: present
+  collections:
+    - middleware_automation.wildfly
+    - middleware_automation.common_criteria
+  roles:
+    - wildfly_install
+    - wildfly_systemd
+    - wildfly_common_criteria
+
+  pre_tasks:
+    - name: Create directory for WildFly
+      ansible.builtin.file:
+        path: "{{ wildfly_home }}"
+        state: directory
+        mode: "0755"
 
     - package:
         name: "{{ item }}"
@@ -22,6 +27,18 @@
         - tar
         - java-1.8.0-openjdk
 
+  post_tasks:
+    - name: "Ensure user {{ wildfly_user }} exists."
+      ansible.builtin.user:
+        name: "{{ wildfly_user }}"
+        groups: "{{ wildfly_group }}"
+        state: present
+
+    - name: "Ensure group {{ wildfly_group }} exists."
+      ansible.builtin.group:
+        name: "{{ wildfly_group }}"
+        state: present
+
     - name: "Start server"
       command: "{{ wildfly_home }}/bin/standalone.sh"
       register: out
@@ -33,12 +50,11 @@
 
     - debug:
         msg: "{{ out }}"
-
-  post_tasks:
+
     - wait_for:
         port: 8080
 
     - name: "Checks that Wildfly server is running and accessible"
       get_url:
         url: http://localhost:8080/
-        dest: '/dev/null'
+        dest: '/dev/null'

playbooks/vars.yml

@@ -0,0 +1,23 @@
+---
+#tomcat vars
+jws_setup: true
+tomcat_version: 9.0.50
+download_url: https://archive.apache.org/dist/tomcat/tomcat-9/v{{ tomcat_version }}/bin/apache-tomcat-{{ tomcat_version }}.zip
+jws_install_dir: /opt
+tomcat_zipfile: "{{ jws_install_dir }}/tomcat.zip"
+jws_home: "{{ jws_install_dir }}/apache-tomcat-{{ tomcat_version }}"
+jws_java_version: 1.8.0
+jws_listen_http_bind_address: 127.0.0.1
+jws_listen_http_port: 8081
+
+#wildfly vars
+install_name: "{{ override_install_name | default('wildfly') }}"
+wildfly_user: "{{ install_name }}"
+wildfly_group: "{{ install_name }}"
+wildfly_config_base: standalone-ha.xml
+wildfly_version: '31.0.1.Final'
+wildfly_install_workdir: '/opt/wildfly/'
+wildfly_home: "{{ wildfly_install_workdir }}wildfly-{{ wildfly_version }}/"
+wildfly_java_home: '/usr/lib/jvm/jre-openjdk/'
+wildfly_java_version: 11
+wildfly_java_package_name: "java-{{ wildfly_java_version }}-openjdk-headless"