chain collection should depend on secure_apt role

.github/workflows/pr-check-version-chain.yml

@@ -0,0 +1,12 @@
+name: check chain collection Galaxy version
+
+on:
+  pull_request:
+    paths:
+      - 'chain/**'
+
+jobs:
+  check-version:
+    uses: ./.github/workflows/reusable-check-version.yml
+    with:
+      collection-name: chain

.github/workflows/pr-check-version-common.yml

@@ -0,0 +1,12 @@
+name: check common collection Galaxy version
+
+on:
+  pull_request:
+    paths:
+      - 'common/**'
+
+jobs:
+  check-version:
+    uses: ./.github/workflows/reusable-check-version.yml
+    with:
+      collection-name: common

.github/workflows/pr-node-backup.yml

@@ -3,7 +3,7 @@ name: check PR (node_backup)
 on:
   pull_request:
     paths:
-      - roles/node_backup/**
+      - chain/roles/node_backup/**
       - .github/**
 
 jobs:
@@ -15,4 +15,5 @@ jobs:
     uses: ./.github/workflows/reusable-molecule.yml
     with:
       role-name: node
+      collection-name: chain
       molecule-driver: ${{ matrix.molecule-driver }}

.github/workflows/pr-node.yml

@@ -3,7 +3,7 @@ name: check PR (node)
 on:
   pull_request:
     paths:
-      - roles/node/**
+      - chain/roles/node/**
       - .github/**
 
 jobs:
@@ -15,4 +15,5 @@ jobs:
     uses: ./.github/workflows/reusable-molecule.yml
     with:
       role-name: node
+      collection-name: chain
       molecule-driver: ${{ matrix.molecule-driver }}

.github/workflows/pr-ws-health-exporter.yml

@@ -3,7 +3,7 @@ name: check PR (ws_health_exporter)
 on:
   pull_request:
     paths:
-      - roles/ws_health_exporter/**
+      - chain/roles/ws_health_exporter/**
       - .github/**
 
 jobs:
@@ -15,4 +15,5 @@ jobs:
     uses: ./.github/workflows/reusable-molecule.yml
     with:
       role-name: ws_health_exporter
+      collection-name: chain
       molecule-driver: ${{ matrix.molecule-driver }}

.github/workflows/branch-main.yml → .github/workflows/release-chain.yml

@@ -1,9 +1,11 @@
-name: main branch
+name: release chain collection
 
 on:
   push:
     branches:
       - main
+    paths:
+      - 'chain/**'
 
 jobs:
   run-molecule-tests:
@@ -17,15 +19,19 @@ jobs:
     uses: ./.github/workflows/reusable-molecule.yml
     with:
       role-name: ${{ matrix.role-names }}
+      collection-name: chain
       molecule-driver: ${{ matrix.molecule-drivers }}
       ansible-version: ${{ matrix.ansible-versions }}
   check-version:
     uses: ./.github/workflows/reusable-check-version.yml
     with:
       compare-versions: false
+      collection-name: chain
   deploy-galaxy:
     needs: [run-molecule-tests, check-version]
     uses: ./.github/workflows/reusable-galaxy-deploy.yml
+    with:
+      collection-name: chain
     secrets:
       api-token: ${{ secrets.GALAXY_API_KEY }}
   create-git-tag:
@@ -45,6 +51,6 @@ jobs:
             github.rest.git.createRef({
                 owner: context.repo.owner,
                 repo: context.repo.repo,
-                ref: `refs/tags/${CURRENT_GALAXY_VERSION}`,
+                ref: `refs/tags/${CURRENT_GALAXY_VERSION}-chain`,
                 sha: context.sha
             })

.github/workflows/release-common.yml

@@ -0,0 +1,57 @@
+name: release common collection
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'common/**'
+
+jobs:
+#  run-molecule-tests:
+#    strategy:
+#      fail-fast: false
+#      matrix:
+#        role-names: []
+#        molecule-drivers: [docker, lxd]
+#        # We test the latest version and minimum supported version
+#        ansible-versions: [5.0.1, 8.4.0]
+#    uses: ./.github/workflows/reusable-molecule.yml
+#    with:
+#      role-name: ${{ matrix.role-names }}
+#      collection-name: common
+#      molecule-driver: ${{ matrix.molecule-drivers }}
+#      ansible-version: ${{ matrix.ansible-versions }}
+  check-version:
+    uses: ./.github/workflows/reusable-check-version.yml
+    with:
+      compare-versions: false
+      collection-name: common
+  deploy-galaxy:
+#    needs: [run-molecule-tests, check-version]
+    needs: [check-version]
+    uses: ./.github/workflows/reusable-galaxy-deploy.yml
+    with:
+      collection-name: common
+    secrets:
+      api-token: ${{ secrets.GALAXY_API_KEY }}
+  create-git-tag:
+    runs-on: ubuntu-22.04
+    needs: [deploy-galaxy, check-version]
+    env:
+      CURRENT_GALAXY_VERSION: ${{ needs.check-version.outputs.current-galaxy-version }}
+    steps:
+      - name: Print tag version
+        run: |
+          echo "Tag version: ${CURRENT_GALAXY_VERSION}"
+      - name: Create Tag
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const {CURRENT_GALAXY_VERSION} = process.env
+            github.rest.git.createRef({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                ref: `refs/tags/${CURRENT_GALAXY_VERSION}-common`,
+                sha: context.sha
+            })

.github/workflows/reusable-check-version.yml

@@ -5,6 +5,9 @@ on:
         required: false
         type: boolean
         default: true
+      collection-name:
+        required: true
+        type: string
     outputs:
       current-galaxy-version:
         description: "Current Galaxy version"
@@ -30,7 +33,7 @@ jobs:
       - name: Check the current version
         id: check-current-version
         run: |
-          CURRENT_GALAXY_VERSION=$(cat ${GITHUB_REPOSITORY}/galaxy.yml | yq -r '.version' | tr -d '\n')
+          CURRENT_GALAXY_VERSION=$(cat ${GITHUB_REPOSITORY}/${{ inputs.collection-name }}/galaxy.yml | yq -r '.version' | tr -d '\n')
           echo "Current Galaxy version: ${CURRENT_GALAXY_VERSION}"
           if [ "$CURRENT_GALAXY_VERSION" != 'null' ]
           then
@@ -40,18 +43,18 @@ jobs:
       - name: Check the version in the main branch
         if: ${{ inputs.compare-versions }}
         run: |
-          MAIN_GALAXY_VERSION=$(cat main/${GITHUB_REPOSITORY}/galaxy.yml | yq -r '.version' | tr -d '\n')
-          echo "Galaxy version in the main branch: ${MAIN_GALAXY_VERSION}"
+          MAIN_GALAXY_VERSION=$(cat main/${GITHUB_REPOSITORY}/${{ inputs.collection-name }}/galaxy.yml | yq -r '.version' | tr -d '\n')
+          echo "Galaxy version in main branch: ${MAIN_GALAXY_VERSION}"
           echo "MAIN_GALAXY_VERSION=${MAIN_GALAXY_VERSION}" >> "${GITHUB_ENV}"
       - name: Validate the current version
         if: ${{ ! env.CURRENT_GALAXY_VERSION }}
         uses: actions/github-script@v6
         with:
           script: |
-            core.setFailed('Your Galaxy version is absent or empty!')
+            core.setFailed('Your Galaxy version of the ${{ inputs.collection-name }} collection is absent or empty!')
       - name: Compare versions
         if: ${{ inputs.compare-versions && env.MAIN_GALAXY_VERSION >= env.CURRENT_GALAXY_VERSION }}
         uses: actions/github-script@v6
         with:
           script: |
-            core.setFailed('Your Galaxy version is lower than the version in the main branch or equal. Please bump your version!')
+            core.setFailed('Your Galaxy version of the ${{ inputs.collection-name }} collection is lower than the version in the main branch or equal. Please bump your version!')

.github/workflows/reusable-galaxy-deploy.yml

@@ -5,6 +5,9 @@ on:
         required: false
         type: string
         default: 8.4.0
+      collection-name:
+        required: true
+        type: string
     secrets:
       api-token:
         required: true
@@ -27,14 +30,14 @@ jobs:
       - name: Print Ansible version
         run: ansible --version
       - name: Build collection
-        run: ansible-galaxy collection build "${{ github.repository }}"
+        run: ansible-galaxy collection build "${{ github.repository }}/${{ inputs.collection-name }}"
       - name: Save API token
         run: echo '${{ secrets.api-token }}' > api-token
-      - name: Publish  collection
+      - name: Publish collection
         run: |
-          GALAXY_NAMESPACE=$(cat ${GITHUB_REPOSITORY}/galaxy.yml | yq -r '.namespace' | tr -d '\n')
-          GALAXY_NAME=$(cat ${GITHUB_REPOSITORY}/galaxy.yml | yq -r '.name' | tr -d '\n')
-          VERSION=$(cat ${GITHUB_REPOSITORY}/galaxy.yml | yq -r '.version' | tr -d '\n')
+          GALAXY_NAMESPACE=$(cat ${GITHUB_REPOSITORY}/${{ inputs.collection-name }}/galaxy.yml | yq -r '.namespace' | tr -d '\n')
+          GALAXY_NAME=$(cat ${GITHUB_REPOSITORY}/${{ inputs.collection-name }}/galaxy.yml | yq -r '.name' | tr -d '\n')
+          VERSION=$(cat ${GITHUB_REPOSITORY}/${{ inputs.collection-name }}/galaxy.yml | yq -r '.version' | tr -d '\n')
           ansible-galaxy collection publish  ${GALAXY_NAMESPACE}-${GALAXY_NAME}-${VERSION}.tar.gz  --api-key="$(cat api-token | tr -d '\n')"
       - name: Remove API token
         run: rm -v api-token

.github/workflows/reusable-molecule.yml

@@ -4,6 +4,9 @@ on:
       role-name:
         required: true
         type: string
+      collection-name:
+        required: true
+        type: string
       molecule-driver:
         required: true
         type: string
@@ -39,4 +42,4 @@ jobs:
           channel: latest/stable
       - name: Run molecule tests
         run: molecule test --all
-        working-directory: "${{ github.repository }}/roles/${{ inputs.role-name }}"
+        working-directory: "${{ github.repository }}/${{ inputs.collection-name }}/roles/${{ inputs.role-name }}"

.gitignore

@@ -1,12 +1,9 @@
 .*.swp
-.terraform
-plan.out
-*.tfstate.backup
 /*json
 /*key
 *private.key
 *service-account-key.json
 *.private_key_encrypted
-.idea
 /ansible/collections
-venv
+venv
+.idea

README.md

@@ -1,27 +1,8 @@
-# Ansible Collection - paritytech.chain_operations
+# Parity Ansible Collections
 
-## Install Ansible collections
+Ansible Galaxy:
+- https://galaxy.ansible.com/ui/namespaces/paritytech/
 
-Create `requirements.yml` file in your playbook repository (or add to the existing file):
-```yaml
-collections:
-  - name: https://github.com/paritytech/ansible-galaxy.git
-    type: git
-    version: main
-```
-
-If you want to install collections in the project space, you have to run:
-```commandline
-mkdir collections
-ansible-galaxy collection install -f -r requirements.yml -p ./collections
-```
-
-If you want to install collections in the global space (`~/.ansible/collections`),
-you have to run:
-```commandline
-ansible-galaxy collection install -f -r requirements.yml
-```
-
-## Roles
-
-Node role - [README](./roles/node/README.md) 
+README:
+- chain: https://github.com/paritytech/ansible-galaxy/tree/main/chain/README.md
+- common: https://github.com/paritytech/ansible-galaxy/tree/main/common/README.md

chain/README.md

@@ -0,0 +1,21 @@
+# Parity Ansible Collections
+
+This collection is designed to be used with any modern Debian Linux derivatives.
+
+## Install Ansible collections
+
+Install the collection manually:
+```
+ansible-galaxy collection install paritytech.chain
+```
+You can report bugs or feature requests at:
+- https://github.com/paritytech/ansible-galaxy
+
+## Roles
+
+### chain
+key_inject - [README](chain/roles/key_inject/README.md)  
+node - [README](chain/roles/node/README.md)  
+node_backup - [README](chain/roles/node_backup/README.md)  
+state_exporter - [README](chain/roles/state_exporter/README.md)  
+ws_health_exporter - [README](chain/roles/ws_health_exporter/README.md)

galaxy.yml → chain/galaxy.yml

@@ -8,7 +8,7 @@ namespace: paritytech
 name: chain
 
 # The version of the collection. Must be compatible with semantic versioning
-version: 1.6.0
+version: 1.7.0
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: README.md
@@ -39,23 +39,23 @@ tags: []
 # collection label 'namespace.name'. The value is a version range
 # L(specifiers,https://python-semanticversion.readthedocs.io/en/latest/#requirement-specification). Multiple version
 # range specifiers can be set and are separated by ','
-dependencies: {}
+dependencies:
+  paritytech.common: ">=1.0.3"
 
 # The URL of the originating SCM repository
-repository: "https://github.com/paritytech/ansible-galaxy.git"
+repository: https://github.com/paritytech/ansible-galaxy.git
 
 # The URL to any online docs
-documentation: http://docs.example.com
+documentation: https://github.com/paritytech/ansible-galaxy
 
 # The URL to the homepage of the collection/project
-homepage: http://example.com
+homepage: https://parity.io
 
 # The URL to the collection issue tracker
-issues: http://example.com/issue/tracker
+issues: https://github.com/paritytech/ansible-galaxy/issues
 
 # A list of file glob-like patterns used to filter any files or directories that should not be included in the build
 # artifact. A pattern is matched from the relative path of the file or directory of the collection directory. This
 # uses 'fnmatch' to match the files or directories. Some directories and files like 'galaxy.yml', '*.pyc', '*.retry',
 # and '.git' are always filtered
 build_ignore: []
-