Add: molecule for testing

.github/workflows/ci.yml

@@ -0,0 +1,81 @@
+---
+name: CI
+
+'on':
+  pull_request:
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: "0 7 * * 0"
+
+defaults:
+  run:
+    working-directory: 'AliMehraji.users'
+
+jobs:
+
+  yaml_lint:
+    name: Yaml Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+        with:
+          path: 'AliMehraji.users'
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Install test dependencies.
+        run: pip3 install yamllint
+
+      - name: Lint code.
+        run: |
+          yamllint .
+
+  ansible_lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint@main
+
+  molecule:
+    name: Molecule
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        distro:
+          - rockylinux9
+          - ubuntu2404
+          - ubuntu2204
+          - debian12
+          - debian11
+          - fedora40
+
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+        with:
+          path: 'AliMehraji.users'
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.x'
+
+      - name: Install test dependencies.
+        run: pip3 install -r requirements.txt
+
+      - name: Run Molecule tests.
+        run: molecule test
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          MOLECULE_DISTRO: ${{ matrix.distro }}
+
+...

.github/workflows/release.yml

@@ -7,7 +7,7 @@ name: Release
 
 defaults:
   run:
-    working-directory: 'alimehraji.usersrole'
+    working-directory: 'AliMehraji.users'
 
 jobs:
 
@@ -18,7 +18,7 @@ jobs:
       - name: Check out the codebase.
         uses: actions/checkout@v4
         with:
-          path: 'alimehraji.usersrole'
+          path: 'AliMehraji.users'
 
       - name: Set up Python 3.
         uses: actions/setup-python@v5

defaults/main.yml

@@ -1,106 +1,106 @@
 ---
 
 # List of the groups to manage
-users_groups: []
+# users_groups: []
 
 # Example:
-# users_groups:
-#   # Example 1: Simple group with only the name specified
-#   - name: developers
+users_groups:
+  # Example 1: Simple group with only the name specified
+  - name: developers
 
-#   # Example 2: Group with a specific GID
-#   - name: admins
-#     gid: 1001
+  # Example 2: Group with a specific GID
+  - name: admins
+    gid: 1007
 
-#   # Example 3: System group (typically has lower GID numbers)
-#   - name: systemgroup
-#     system: true
+  # Example 3: System group (typically has lower GID numbers)
+  - name: systemgroup
+    system: true
 
-#   # Example 4: Local group (non-system, typically for local use)
-#   - name: localgroup
-#     local: true
+  # Example 4: Local group (non-system, typically for local use)
+  # - name: localgroup
+  #   local: true
 
-#   # Example 5: Group with custom GID and defined as a non-system local group
-#   - name: customgroup
-#     gid: 2001
-#     system: false
-#     local: true
+  # Example 5: Group with custom GID and defined as a non-system local group
+  # - name: customgroup
+  #   gid: 2001
+  #   system: false
+  #   local: true
 
-#   # Example 6: Another system group with explicit GID
-#   - name: sysadmins
-#     gid: 1002
-#     system: true
+  # Example 6: Another system group with explicit GID
+  - name: sysadmins
+    gid: 1008
+    system: true
 
-#   # Example 7: Group with all attributes defined
-#   - name: fullgroup
-#     gid: 3001
-#     system: false
-#     local: true
+  # Example 7: Group with all attributes defined
+  # - name: fullgroup
+  #   gid: 3001
+  #   system: false
+  #   local: true
 
-#   # Example 8: Group without specifying optional attributes (uses defaults)
-#   - name: guest
+  # Example 8: Group without specifying optional attributes (uses defaults)
+  - name: guest
 
 
 # List of the users to manage
-users_users: []
+# users_users: []
 
 # Examples:
 
-# users_users:
-#   # Example 1: Simple user with only the name specified
-#   - name: alice
-
-#   # Example 2: User with a specified password
-#   - name: bob
-#     password: 'securepassword'  # Replace 'securepassword' with the actual password
-
-#   # Example 3: User with a specified shell and comment
-#   - name: charlie
-#     shell: /bin/zsh
-#     comment: "Charlie Developer"
-
-#   # Example 4: User with a specific UID and home directory
-#   - name: dave
-#     uid: 1500
-#     home: /home/dave_custom
-
-#   # Example 5: User with an expiration date
-#   - name: eve
-#     expires: "2025-12-31"
-
-#   # Example 6: User assigned to a primary group and additional groups
-#   - name: frank
-#     group: developers
-#     groups: "docker,git"
-#     sudoer: true  # This user will be added to the sudoer group if defined
-
-#   # Example 7: User with SSH public key and custom SSH options
-#   - name: grace
-#     ssh_key: |
-#       ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3...
-#     ssh_key_options:
-#       - no-port-forwarding
-#       - no-agent-forwarding
-#     ssh_comment: "[email protected]"
-
-#   # Example 8: System user with no home directory
-#   - name: systemuser
-#     system: true
-#     create_home: false
-
-#   # Example 9: User with a custom password update policy and non-unique UID
-#   - name: heidi
-#     password: 'anothersecurepassword'
-#     update_password: "on_create"
-#     non_unique: true
-
-#   # Example 10: User with creation of home directory and specific UID
-#   - name: judy
-#     uid: 2001
-#     create_home: true
-#     shell: /bin/bash
-#     comment: "Judy User"
-#     sudoer: true
+users_users:
+  # Example 1: Simple user with only the name specified
+  - name: alice
+
+  # Example 2: User with a specified password
+  - name: bob
+    password: 'securepassword'  # Replace 'securepassword' with the actual password
+
+  # Example 3: User with a specified shell and comment
+  - name: charlie
+    shell: /bin/zsh
+    comment: "Charlie Developer"
+
+  # Example 4: User with a specific UID and home directory
+  - name: dave
+    uid: 1500
+    home: /home/dave_custom
+
+  # Example 5: User with an expiration date
+  # - name: eve
+  #   expires: "2025-12-31"
+
+  # Example 6: User assigned to a primary group and additional groups
+  # - name: frank
+  #   group: developers
+  #   groups: "docker,git"
+  #   sudoer: true  # This user will be added to the sudoer group if defined
+
+  # Example 7: User with SSH public key and custom SSH options
+  - name: grace
+    ssh_key: |
+      ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3...
+    ssh_key_options:
+      - no-port-forwarding
+      - no-agent-forwarding
+    ssh_comment: "[email protected]"
+
+  # Example 8: System user with no home directory
+  - name: systemuser
+    system: true
+    create_home: false
+
+  # Example 9: User with a custom password update policy and non-unique UID
+  - name: heidi
+    password: 'anothersecurepassword'
+    update_password: "on_create"
+    non_unique: true
+
+  # Example 10: User with creation of home directory and specific UID
+  - name: judy
+    uid: 2001
+    create_home: true
+    shell: /bin/bash
+    comment: "Judy User"
+    sudoer: true
 
 #   # Example 11: User with all possible attributes defined
 #   - name: kate

meta/argument_specs.yml

@@ -83,7 +83,7 @@ argument_specs:
               - If false, user is not sudoer.
           append:
             type: bool
-            default: true
+            default: false
             description:
               - If true, add the user to the groups specified in groups.
               - If false, add the user to the groups specified in groups and remove from all others.

molecule/default/converge.yml

@@ -0,0 +1,14 @@
+---
+- name: Converge
+  hosts: all
+  become: true
+
+  pre_tasks:
+    - name: Update apt cache.
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 600
+      when: ansible_os_family == 'Debian'
+
+  roles:
+    - role: AliMehraji.users

molecule/default/molecule.yml

@@ -0,0 +1,22 @@
+---
+role_name_check: 1
+dependency:
+  name: galaxy
+  options:
+    ignore-errors: true
+    requirements-file: requirements.yml
+driver:
+  name: docker
+platforms:
+  - name: instance
+    image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux9}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-converge.yml}

requirements.txt

@@ -2,11 +2,15 @@ ansible
 ansible-lint
 yamllint
 
+# Needed for Molecule test scenarios
+molecule
+molecule-plugins[docker]
+docker
+
 # Needed for jinja2 json_query templating
 jmespath
 # Needed for ansible.utils.validate module
 jsonschema==4.23.0
 
 aar-doc==2.0.0
 ssh-keygen
-

tasks/create.yml

@@ -24,7 +24,7 @@
     expires: "{{ item.expires | default(omit) }}"
     group: "{{ item.group | default(omit) }}"
     groups: "{{ (item.groups | default('') + (',' + users_user_sudoer_group if item.sudoer is defined and item.sudoer else '')) | trim or omit }}"
-    append: "{{ item.append | default(true) | bool }}"
+    append: "{{ item.append | default(false) | bool }}"
     create_home: "{{ item.create_home | default(true) | bool }}"
     update_password: "{{ item.update_password | default('always') }}"
     non_unique: "{{ item.non_unique | default(omit) | bool }}"