feat: Add Ansible/Jinja2/Collections validation (#747)

alessfg · alessfg · commit a6712e391ab1 · 2024-07-23T17:22:36.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,7 @@ FEATURES:
 
 - Add support for installing NGINX Open Source on Alpine Linux 3.20.
 - Add support for installing NGINX Agent on Ubuntu noble.
+- Add validation tasks to check the Ansible version, the Jinja2 version, and whether the required Ansible collections for this role are installed.
 - Bump the Ansible `community.general` collection to `9.2.0`, `community.crypto` collection to `2.21.1` and `community.docker` collection to `3.11.0`.
 
 DOCUMENTATION:
diff --git a/tasks/validate/validate.yml b/tasks/validate/validate.yml
@@ -1,34 +1,100 @@
 ---
-- name: Check whether you are using a supported NGINX distribution
+- name: Verify you are using a supported Ansible version on your Ansible host
   ansible.builtin.assert:
-    that:
-      - ansible_facts['distribution'] | lower in nginx_distributions.keys() | list
-      - (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string)
-      - ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures']
-    success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
-    fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
-  when:
-    - nginx_enable | bool
-    - (nginx_install_from == "nginx_repository" or nginx_type == "plus")
+    that: ansible_version['full'] is version('2.16', '>=')
+    success_msg: Ansible {{ ansible_version['full'] }} is supported.
+    fail_msg: Ansible {{ ansible_version['full'] }} has reached End of Life (EoL). Please upgrade to a supported Ansible release. Check the README for more details.
+  delegate_to: localhost
   ignore_errors: true # noqa ignore-errors
 
-- name: Check that 'nginx_setup' is an allowed value
+- name: Extract the version of Jinja2 installed on your Ansible host
+  ansible.builtin.command: ansible --version
+  register: jinja2_version
+  changed_when: false
+  delegate_to: localhost
+  become: false
+
+- name: Verify that you are using a supported Jinja2 version on your Ansible host
+  ansible.builtin.assert:
+    that: (jinja2_version['stdout'] | regex_search('jinja version = ([\\d.]+)', '\\1') | first) is version('3.1', '>=')
+    success_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is supported.
+    fail_msg: Jinja2 {{ jinja2_version['stdout'] | regex_search('jinja version = ([\d.]+)', '\1') | first }} is not supported. Please upgrade to Jinja2 3.1. Check the README for more details.
+  delegate_to: localhost
+  become: false
+
+- name: Extract the list of Ansible collections installed on your Ansible host
+  ansible.builtin.command: ansible-galaxy collection list
+  register: collection_list
+  changed_when: false
+  delegate_to: localhost
+  become: false
+
+- name: Verify that the 'community.general' Ansible collection is installed on your Ansible host
+  ansible.builtin.assert:
+    that: collection_list is search('community.general')
+    success_msg: The 'community.general' Ansible collection is installed.
+    fail_msg: The 'community.general' Ansible collection is not installed. Please install the 'community.general' Ansible collection. Check the README for more details.
+  changed_when: false
+  delegate_to: localhost
+  become: false
+
+- name: Verify that the 'ansible.posix' Ansible collection is installed on your Ansible host
+  ansible.builtin.assert:
+    that: lookup('community.general.collection_version', 'ansible.posix') != 'none'
+    success_msg: The 'ansible.posix' Ansible collection is installed.
+    fail_msg: The 'ansible.posix' Ansible collection is not installed. Please install the 'ansible.posix' Ansible collection. Check the README for more details.
+  delegate_to: localhost
+  become: false
+  when: nginx_selinux | bool
+
+- name: Verify that the 'community.crypto' Ansible collection is installed on your Ansible host
+  ansible.builtin.assert:
+    that: lookup('community.general.collection_version', 'community.crypto') != 'none'
+    success_msg: The 'community.crypto' Ansible collection is installed.
+    fail_msg: The 'community.crypto' Ansible collection is not installed. Please install the 'community.crypto' Ansible collection. Check the README for more details.
+  delegate_to: localhost
+  become: false
+  when: nginx_type == 'plus'
+
+- name: Verify that 'nginx_setup' parameter is a valid value
   ansible.builtin.assert:
     that: nginx_setup in nginx_setup_vars
-    fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not allowed. The allowed values are [{{ nginx_setup_vars | join(', ') }}].
+    success_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is valid.
+    fail_msg: The value you used for 'nginx_setup', {{ nginx_setup }}, is not valid. The valid values are [{{ nginx_setup_vars | join(', ') }}].
+  delegate_to: localhost
+  become: false
   when: nginx_enable | bool
   ignore_errors: true # noqa ignore-errors
 
-- name: Check that 'nginx_branch' is an allowed value
+- name: Verify that 'nginx_branch' parameter is a valid value
   ansible.builtin.assert:
     that: nginx_branch in nginx_branch_vars
-    fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The allowed values are [{{ nginx_branch_vars | join(', ') }}].
+    success_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is valid.
+    fail_msg: The value you used for 'nginx_branch', {{ nginx_branch }}, is not allowed. The valid values are [{{ nginx_branch_vars | join(', ') }}].
+  delegate_to: localhost
+  become: false
   when: nginx_enable | bool
   ignore_errors: true # noqa ignore-errors
 
-- name: Check that 'nginx_install_from' is an allowed value
+- name: Verify that 'nginx_install_from' parameter is a valid value
   ansible.builtin.assert:
     that: nginx_install_from in nginx_install_from_vars
-    fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not allowed. The allowed values are [{{ nginx_install_from_vars | join(', ') }}].
+    success_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }} is valid.
+    fail_msg: The value you used for 'nginx_install_from', {{ nginx_install_from }}, is not valid. The valid values are [{{ nginx_install_from_vars | join(', ') }}].
+  delegate_to: localhost
+  become: false
   when: nginx_enable | bool
   ignore_errors: true # noqa ignore-errors
+
+- name: Verify whether you are using a supported NGINX distribution
+  ansible.builtin.assert:
+    that:
+      - ansible_facts['distribution'] | lower in nginx_distributions.keys() | list
+      - (ansible_facts['distribution_version'] | regex_search('\\d{1,2}\\.\\d{2}') | float in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | map('float') if ansible_facts['distribution'] | lower in ['alpine', 'ubuntu'] else ansible_facts['distribution_major_version'] in nginx_distributions[ansible_facts['distribution'] | lower]['versions'] | string)
+      - ansible_facts['architecture'] in nginx_distributions[ansible_facts['distribution'] | lower]['architectures']
+    success_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
+    fail_msg: Your distribution, {{ nginx_distributions[ansible_facts['distribution'] | lower]['name'] }} {{ ansible_facts['distribution_version'] }} ({{ ansible_facts['architecture'] }}), is not supported by NGINX {{ (nginx_type == 'opensource') | ternary('Open Source', 'Plus') }}.
+  when:
+    - nginx_enable | bool
+    - (nginx_install_from == "nginx_repository" or nginx_type == "plus")
+  ignore_errors: true # noqa ignore-errors
