From f75f7af53da286650e1362ca5e7c3b67bc4047b3 Mon Sep 17 00:00:00 2001
From: Paul Smith <paul.j.smith@ucl.ac.uk>
Date: Tue, 24 Oct 2023 16:56:02 +0100
Subject: [PATCH] Prepare for first release (#16)

- use flat variable names rather than nested
- rename `docker_service_file_dir` to `docker_service_directory` (to be
consistent with `mirsg.postgresql` naming)
- remove `include` statement for service config - it's deprecated and
removed in RedHat 9
- remove the dockerfiles in `molecule/centos7` and `molecule/rocky8` -
instead specify the `dockerfile` path in the `molecule.yml` files
- use `ansible.builtin.yum_repository` rather than a raw command
---
 README.md                      | 23 +++++++++++------------
 defaults/main.yml              | 20 +++++++++++---------
 handlers/main.yml              |  4 ++--
 molecule/centos7/Dockerfile.j2 |  1 -
 molecule/centos7/molecule.yml  | 10 +---------
 molecule/rocky8/Dockerfile.j2  |  1 -
 molecule/rocky8/molecule.yml   | 10 +---------
 tasks/main.yml                 | 24 +++++++++++++++++-------
 templates/docker.conf.j2       |  3 +++
 templates/docker.service.j2    |  5 -----
 10 files changed, 46 insertions(+), 55 deletions(-)
 delete mode 120000 molecule/centos7/Dockerfile.j2
 delete mode 120000 molecule/rocky8/Dockerfile.j2
 create mode 100644 templates/docker.conf.j2
 delete mode 100644 templates/docker.service.j2

diff --git a/README.md b/README.md
index 99cf35b..ee0141e 100644
--- a/README.md
+++ b/README.md
@@ -1,19 +1,18 @@
 # mirsg.docker
 
-This role is for installing [docker-ce](https://docs.docker.com/engine/install/) on CentOS7 or RockyLinux8.
+This role is for installing [docker-ce](https://docs.docker.com/engine/install/) on CentOS 7 or Rocky Linux 8.
 
 ## Role Variables
 
-All variables are nested in the `docker` dictionary. See [defaults/main.yml](defaults/main.yml).
-
-| Name               | Description                                                                                             |
-| ------------------ | ------------------------------------------------------------------------------------------------------- |
-| `owner`            | The OS user that will have ownership of the Docker service file and directory. Defaults to `root`       |
-| `group`            | The OS group that will have ownership of the Docker service file and directory. Defaults to `root`      |
-| `service_file_dir` | The path to the Docker service. Defaults to `/etc/systemd/system/docker.service.d`                      |
-| `service_name`     | The name of the Docker service. Defaults to `docker`                                                    |
-| `repo_url`         | The url of the Docker repository. Defaults to `https://download.docker.com/linux/centos/docker-ce.repo` |
-| `yum_package`      | The name of the Docker package. Defaults to `docker`                                                    |
+| Name                       | Description                                                                                          |
+| -------------------------- | ---------------------------------------------------------------------------------------------------- |
+| `docker_owner`             | The OS user that will have ownership of the Docker service file and directory. Defaults to `root`    |
+| `docker_group`             | The OS group that will have ownership of the Docker service file and directory. Defaults to `root`   |
+| `docker_service_directory` | The path to the Docker service. Defaults to `/etc/systemd/system/docker.service.d`                   |
+| `docker_service_name`      | The name of the Docker service. Defaults to `docker`                                                 |
+| `docker_rpm_gpg_key_url`   | The url of the Docker repository GPG key. Defaults to `https://download.docker.com/linux/centos/gpg` |
+| `docker_repo_baseurl`      | URL to the directory containing the repodata. Defaults to `https://download.docker.com/linux/centos` |
+| `docker_yum_package`       | The name of the Docker package. Defaults to `docker`                                                 |
 
 ## Installation
 
@@ -22,7 +21,7 @@ Include in a requirements.yml file as follows:
 ```yaml
 roles:
   - src: https://github.com/UCL-MIRSG/ansible-role-docker.git
-    version: vx.x.x
+    version: x.y.z
     name: mirsg.docker
 ```
 
diff --git a/defaults/main.yml b/defaults/main.yml
index 984ce8e..951fc35 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,9 +1,11 @@
-docker:
-  owner: "root"
-  group: "root"
-  config_dir: "/etc/docker"
-  daemon_conf_file: "/etc/docker/daemon.json"
-  service_file_dir: "/etc/systemd/system/docker.service.d"
-  service_name: "docker"
-  repo_url: "https://download.docker.com/linux/centos/docker-ce.repo"
-  yum_package: "docker"
+---
+# defaults for mirsg.docker
+docker_owner: "root"
+docker_group: "root"
+docker_config_dir: "/etc/docker"
+docker_daemon_conf_file: "/etc/docker/daemon.json"
+docker_service_directory: "/etc/systemd/system/docker.service.d"
+docker_service_name: "docker"
+docker_rpm_gpg_key_url: "https://download.docker.com/linux/centos/gpg"
+docker_repo_baseurl: "https://download.docker.com/linux/centos/$releasever/$basearch/stable"
+docker_yum_package: "docker"
diff --git a/handlers/main.yml b/handlers/main.yml
index d5c8fa1..f82d132 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,10 +1,10 @@
 ---
 - name: Restart docker
   ansible.builtin.service:
-    name: "{{ docker.service_name }}"
+    name: "{{ docker_service_name }}"
     state: restarted
 
 - name: Reload docker
   ansible.builtin.service:
-    name: "{{ docker.service_name }}"
+    name: "{{ docker_service_name }}"
     state: reloaded
diff --git a/molecule/centos7/Dockerfile.j2 b/molecule/centos7/Dockerfile.j2
deleted file mode 120000
index 0e9184b..0000000
--- a/molecule/centos7/Dockerfile.j2
+++ /dev/null
@@ -1 +0,0 @@
-../resources/Dockerfile.j2
\ No newline at end of file
diff --git a/molecule/centos7/molecule.yml b/molecule/centos7/molecule.yml
index a85c728..47fe1fc 100644
--- a/molecule/centos7/molecule.yml
+++ b/molecule/centos7/molecule.yml
@@ -5,18 +5,10 @@ dependency:
 driver:
   name: docker
 
-scenario:
-  name: centos7
-  test_sequence:
-    - destroy
-    - syntax
-    - create
-    - converge
-    - destroy
-
 platforms:
   - name: instance
     image: centos:7
+    dockerfile: ../resources/Dockerfile.j2
     command: ""
     cgroupns_mode: host
     privileged: true
diff --git a/molecule/rocky8/Dockerfile.j2 b/molecule/rocky8/Dockerfile.j2
deleted file mode 120000
index 0e9184b..0000000
--- a/molecule/rocky8/Dockerfile.j2
+++ /dev/null
@@ -1 +0,0 @@
-../resources/Dockerfile.j2
\ No newline at end of file
diff --git a/molecule/rocky8/molecule.yml b/molecule/rocky8/molecule.yml
index 32495a7..d487086 100644
--- a/molecule/rocky8/molecule.yml
+++ b/molecule/rocky8/molecule.yml
@@ -5,18 +5,10 @@ dependency:
 driver:
   name: docker
 
-scenario:
-  name: rocky8
-  test_sequence:
-    - destroy
-    - syntax
-    - create
-    - converge
-    - destroy
-
 platforms:
   - name: instance
     image: rockylinux:8
+    dockerfile: ../resources/Dockerfile.j2
     command: ""
     cgroupns_mode: host
     privileged: true
diff --git a/tasks/main.yml b/tasks/main.yml
index ff97ecc..d98509c 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -14,10 +14,20 @@
     state: installed
   when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "7"
 
+- name: Import docker rpm key
+  ansible.builtin.rpm_key:
+    state: present
+    key: "{{ docker_rpm_gpg_key_url }}"
+
 - name: Add Docker repository
-  ansible.builtin.command: "yum-config-manager --add-repo={{ docker.repo_url }}"
-  args:
-    creates: /etc/yum.repos.d/docker.repo
+  ansible.builtin.yum_repository:
+    name: docker
+    description: Docker repo
+    file: docker-ce
+    baseurl: "{{ docker_repo_baseurl }}"
+    gpgcheck: true
+    gpgkey:
+      - "{{ docker_rpm_gpg_key_url }}"
 
 - name: Ensure docker is installed
   ansible.builtin.yum:
@@ -32,7 +42,7 @@
 
 - name: Ensure docker service directory exists
   ansible.builtin.file:
-    path: "{{ docker.service_file_dir }}"
+    path: "{{ docker_service_directory }}"
     owner: "root"
     group: "root"
     state: directory
@@ -40,8 +50,8 @@
 
 - name: Set custom docker service configuration
   ansible.builtin.template:
-    src: docker.service.j2
-    dest: "{{ docker.service_file_dir }}/docker.conf"
+    src: docker.conf.j2
+    dest: "{{ docker_service_directory }}/docker.conf"
     owner: "root"
     group: "root"
     mode: "0644"
@@ -52,6 +62,6 @@
 
 - name: Ensure docker daemon is running
   ansible.builtin.service:
-    name: "{{ docker.service_name }}"
+    name: "{{ docker_service_name }}"
     state: started
     enabled: true
diff --git a/templates/docker.conf.j2 b/templates/docker.conf.j2
new file mode 100644
index 0000000..5bf1607
--- /dev/null
+++ b/templates/docker.conf.j2
@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd
diff --git a/templates/docker.service.j2 b/templates/docker.service.j2
deleted file mode 100644
index 04c3d0e..0000000
--- a/templates/docker.service.j2
+++ /dev/null
@@ -1,5 +0,0 @@
-.include /lib/systemd/system/{{ docker.service_name }}.service
-
-[Service]
-ExecStart=
-ExecStart=/usr/bin/dockerd