ericsysmin's DevOps Blog

In this post I will cover how to test Ansible roles against multiple distributions while using Molecule on Travis-CI. First of course you’d need access to Travis-CI, and a GitHub repo. But I am going to skip those details and assume you’ve already figured that part out. Hint: /git-root/.travis.yml

I am going to cover two scenarios: an existing Ansible role, and a new Ansible role. Both have a few different steps.

Getting Started

What is Molecule?

Molecule is a testing tool with support of multiple instances, roles, including dependent roles, and able to deploy against multiple operating systems, distributions, and virtualization providers including cloud platforms. It also provides you with the ability to use test frameworks to verify end results. Molecule also lets you test multiple test scenarios such as different configurations of the role.

First steps you’re going to need to install Molecule. For futures sake, I am not going to duplicate the how too, nor the steps as that can always change. Instead I am going to reference the molecule documentation.

https://molecule.readthedocs.io/en/stable/installation.html

So, on that page they cover how to install molecule and it’s required dependencies. If you have issues just find #ansible-molecule on Freenode IRC and people will help you.

You’ll also need to install docker. I’m also not going to show you how to install docker, it has changed a few times, and for the same of not screwing your environment up too much I’ll direct you to Docker’s official guide. You can find the steps for that located here:

https://docs.docker.com/install/

Existing Ansible Role

When we are using an existing Ansible role, it’s fairly safe to assume you have a “test” directory. We can essentially toss that one out, by toss it, delete it, move it, or convert it. It’s non-sense and doesn’t do much more but run the role locally. Who wants to test by editing your existing current host? Not me! We have better things like Docker to do that.

So, after Molecule, and Docker are installed, we can go ahead and work on getting Molecule setup on our existing role.

1. Navigate to your role’s root
   
   1	$ cd path/to/my/role

2. In your role directory we need to initialize a new Molecule scenario.
   
   1	$ molecule init scenario --role-name <role-name>

3. This will create a new folder named molecule in your roles root directory. In that folder you will have the following.
   
   1 2 3 4 5 6 7 8

   molecule/   default/     tests/       test_default.py     Dockerfile.j2     INSTALL.rst     molecule.yml     playbook.yml

   
   These files are the default files created by molecule at the writing of this post. You can find out what each of these do at the Molecule documentation website. https://molecule.readthedocs.io/en/stable/ You can customize any of these to perform specific python testinfra, and other tests against your system.

Creating a New Role with Molecule Init

If you are starting from scratch and are creating a new role. The process to create the role is a bit easier. You’ll likely want to use these steps instead of the older ansible-galaxy init role_name process. Ansible Galaxy init process still creates the old tests which run locally, and don’t provide all of the lint tests, and other tests we’d want to make sure ran to verify quality of our role.

1. To create the role we will run
   
   1	$ molecule init role -r role_name

2. This will create the following directory tree in your roles root directory.
   
   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20

   defaults/   main.yml handlers/   main.yml meta/   main.yml molecule/   default/     tests/       test_default.py     Dockerfile.j2     INSTALL.rst     molecule.yml     playbook.yml tasks/   main.yml vars/   main.yml .yamllint README.md

   
   These files are the default files created by molecule at the writing of this post. You can find out what each of these do at the Molecule documentation website. https://molecule.readthedocs.io/en/stable/ You can customize any of these to perform specific python testinfra, and other tests against your system.
3. After this step you would work on your role and the tasks, vars, and other items needed. Once done creating the role, proceed to Configuring Molecule & Travis-CI for Multiple Distribution Testing.

Configuring Molecule & Travis-CI for Multiple Distribution Testing

1. First file we want to edit is the molecule.yml  file. This file provides settings and configuration to Molecule when it runs. Initially the file will look like this
   
   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

   --- dependency:   name: galaxy driver:   name: docker lint:   name: yamllint platforms:   - name: instance     image: centos:7 provisioner:   name: ansible   lint:     name: ansible-lint verifier:   name: testinfra   lint:     name: flake8

   
   By default Molecule will want to run your tests on CentOS 7 docker image. Yes you can add additional platforms here which would sequentially test on them. But the more listed the longer the test. These are not ran asynchronously. We want faster tests so we want to run asynchronously. We are going to change this file so that we can provide some values via Travis-CI. This is what it will look like.
   
   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

   --- dependency:   name: galaxy driver:   name: docker lint:   name: yamllint platforms:   - name: instance     image: ${MOLECULE_DISTRO:-centos:7} provisioner:   name: ansible   lint:     name: ansible-lint verifier:   name: testinfra   lint:     name: flake8

   
   Adding the ${MOLECULE_DISTRO:-centos:7} allows us to specify as a var to molecule which docker image should be used in the testing process. :-centos:7 allows us to specify a default of centos:7 as the image. Without this then any situation without a MOLECULE_DISTRO  var would return an error.
2. We will sometimes also want to edit the playbook.yml file located in the molecule/default/ directory. By default it will look like a plain role declaration as so.
   
   1 2 3 4 5

   --- - name: Converge   hosts: all   roles:     - role: my_role_name

   
   However, we may want to use some parameters, and we can do that as well.
   
   1 2 3 4 5 6 7 8

   --- - name: Converge   hosts: all   roles:     - role: my-role       parameter1: value       parameter2: value       ...

   
   You can also have different playbook.yml files within the same scenario, or even multiple scenarios, but we can save that for another day.
3. Next we will need to configure the Travis-CI configuration file. Basically since this file didn’t already exist you can use mine. Just make sure you replace my_role_name with the name of your role
   
   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34

   --- language: python services:   - docker   before_install:   - sudo apt-get -qq update   env:   global:     - ROLE_NAME: my_role_name   matrix:     - MOLECULE_DISTRO: centos:7     - MOLECULE_DISTRO: fedora:27     - MOLECULE_DISTRO: fedora:28     - MOLECULE_DISTRO: ubuntu-upstart:trusty     - MOLECULE_DISTRO: ubuntu:xenial     - MOLECULE_DISTRO: ubuntu:bionic     - MOLECULE_DISTRO: debian:jessie     - MOLECULE_DISTRO: debian:stretch   install:   - pip install testinfra molecule docker   before_script:   - cd ../   - mv ansible-role-$ROLE_NAME avinetworks.$ROLE_NAME   - cd avinetworks.$ROLE_NAME   script:   - molecule test   notifications:   webhooks: https://galaxy.ansible.com/api/v1/notifications/

   
   So, what this file will do is on Travis-CI create 8 different executions, each one with a different distribution and version using docker images of each. Then execute those in parallel. Each one will get a copy of the role, and execute the molecule tests against it.
4. Once your role is properly added and repository enabled on Travis-CI you should end up seeing multiple build jobs for the build. Here’s a screenshot from an existing role I’ve built before.
   
5. That’s it! You’re now finished! You’ve successfully configured molecule to test against multiple distributions.