Vendor Galaxy Roles and Collections

ansible_collections/community/sops/tests/integration/targets/setup_sops/meta/main.yml

@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+dependencies:
+  - setup_pkg_mgr

ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/install.yml

@@ -0,0 +1,80 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: Show some basic system info
+  debug:
+    msg: |
+      Architecture: {{ ansible_architecture }}
+      OS family: {{ ansible_os_family }}
+      Distribution: {{ ansible_distribution }}
+      Distribution version: {{ ansible_distribution_version }}
+
+- name: Install SOPS on localhost
+  include_role:
+    name: community.sops.install
+  vars:
+    sops_install_on_localhost: true
+    sops_version: '{{ override_sops_version | default("latest") }}'
+    sops_github_token: "{{ github_token | default('') | string }}"
+
+- name: Install age on localhost
+  include_role:
+    name: community.sops._install_age
+  vars:
+    sops_install_on_localhost: true
+
+- name: Get temporary filename for SOPS test GPG key
+  ansible.builtin.tempfile:
+    prefix: sops-functional-tests-key.
+    suffix: .asc
+  register: _tempfile
+  delegate_to: localhost
+
+- name: Download SOPS test GPG key on localhost
+  get_url:
+    headers:
+      Accept: application/vnd.github+json
+      Authorization: "{{ ('Bearer ' ~ github_token) if github_token is defined and github_token else '' }}"
+    url: https://raw.githubusercontent.com/getsops/sops/master/pgp/sops_functional_tests_key.asc
+    dest: "{{ _tempfile.path }}"
+    force: true
+  delegate_to: localhost
+
+- name: Import SOPS test GPG key on localhost
+  command: gpg --import {{ _tempfile.path | ansible.builtin.quote }}
+  failed_when: false
+  delegate_to: localhost
+
+# ---------------------------------------------------------------------------
+
+- name: Install SOPS on remote
+  include_role:
+    name: community.sops.install
+  vars:
+    sops_version: '{{ override_sops_version | default("latest") }}'
+    sops_github_token: "{{ github_token | default('') | string }}"
+
+- name: Install age on remote
+  include_role:
+    name: community.sops._install_age
+
+- name: Get temporary filename for SOPS test GPG key
+  ansible.builtin.tempfile:
+    prefix: sops-functional-tests-key.
+    suffix: .asc
+  register: _tempfile
+
+- name: Download SOPS test GPG key on remote
+  get_url:
+    headers:
+      Accept: application/vnd.github+json
+      Authorization: "{{ ('Bearer ' ~ github_token) if github_token is defined and github_token else '' }}"
+    url: https://raw.githubusercontent.com/getsops/sops/master/pgp/sops_functional_tests_key.asc
+    dest: "{{ _tempfile.path }}"
+    force: true
+
+- name: Import SOPS test GPG key on remote
+  command: gpg --import {{ _tempfile.path | ansible.builtin.quote }}
+  failed_when: false

ansible_collections/community/sops/tests/integration/targets/setup_sops/tasks/main.yml

@@ -0,0 +1,80 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: Show some basic system info
+  debug:
+    msg: |
+      Architecture: {{ ansible_architecture }}
+      OS family: {{ ansible_os_family }}
+      Distribution: {{ ansible_distribution }}
+      Distribution version: {{ ansible_distribution_version }}
+
+- name: Test whether sops is installed
+  command: sops --help
+  failed_when: false
+  changed_when: false
+  register: sops_help_command
+
+- name: Install sops
+  include_tasks: install.yml
+  when: sops_help_command.rc != 0
+
+- name: Skip sops installation
+  when: sops_help_command.rc == 0
+  block:
+    - name: Test whether age is installed
+      command: age --version
+      failed_when: false
+      changed_when: false
+      register: age_version_command
+
+    - name: Set results
+      set_fact:
+        sops_installed: true
+        age_installed: '{{ age_version_command.rc == 0 }}'
+
+- name: Determine SOPS versions
+  when: sops_version_remote is not defined or sops_version_controller is not defined
+  block:
+    - name: Determine SOPS version on remote
+      command: sops --version --disable-version-check
+      changed_when: false
+      ignore_errors: true
+      register: sops_version_remote_tmp
+
+    - name: Determine SOPS version on remote, try 2
+      command: sops --version
+      changed_when: false
+      register: sops_version_remote_tmp_2
+      when: sops_version_remote_tmp is failed
+
+    - name: Determine SOPS version on controller
+      command: sops --version --disable-version-check
+      delegate_to: localhost
+      changed_when: false
+      ignore_errors: true
+      register: sops_version_controller_tmp
+
+    - name: Determine SOPS version on controller, try 2
+      command: sops --version {{ '--disable-version-check' if sops_version_controller_tmp is not defined else '' }}
+      delegate_to: localhost
+      changed_when: false
+      register: sops_version_controller_tmp_2
+      when: sops_version_controller_tmp is failed
+
+    - name: Set versions
+      set_fact:
+        sops_version_remote: >-
+          {{
+            (sops_version_remote_tmp_2 if sops_version_remote_tmp is failed else sops_version_remote_tmp).stdout_lines[0]
+            | regex_replace(".*sops ([0-9]+\.[0-9]+\.[0-9]+).*", "\1")
+            | trim
+          }}
+        sops_version_controller: >-
+          {{
+            (sops_version_controller_tmp_2 if sops_version_controller_tmp is failed else sops_version_controller_tmp).stdout_lines[0]
+            | regex_replace(".*sops ([0-9]+\.[0-9]+\.[0-9]+).*", "\1")
+            | trim
+          }}