Fix Arch container, Fix Breaking Change to 'tailscale status' (#59)

* Update dependabot.yml * Fixing pipfile nonsense * Fix Arch tests and add Tailscale version to printout * Tasks correctly fail when tailscale up doesn't work * Correctly verifies state with new status output Fixes #43 * Put no_log true back on the command which can reveal authkeys
artis3n · Nov 7, 2020 · 795afd4 · 795afd4
1 parent 84ceb43
commit 795afd4
Show file tree

Hide file tree

Showing 13 changed files with 161 additions and 65 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -23,9 +23,22 @@ A clear and concise description of what you expected to happen.
 **Screenshots**
 If applicable, add screenshots to help explain your problem.
 
-**Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - All relevant software versions [e.g. ansible 2.9.7]
+**Target (please complete the following information):**
+ - OS: [e.g. Ubuntu]
+ - Ansible version:
+ - `artis3n.tailscale` version:
+ - Tailscale version (set `verbose` to true):
+
+Output of `tailscale status` during role execution (set `verbose` to true):
+
+```bash
+ok: [instance] => {
+        "tailscale_status": {
+            ...
+        }
+    }
+
+```
 
 **Additional context**
 Add any other context about the problem here.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -4,9 +4,9 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "weekly"
 
   - package-ecosystem: "pip"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "monthly"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -23,7 +23,7 @@ jobs:
           - geerlingguy/docker-debian10-ansible:latest
           - geerlingguy/docker-debian9-ansible:latest
           - geerlingguy/docker-fedora31-ansible:latest
-          - artis3n/docker-arch-ansible:latest
+          - ghcr.io/artis3n/docker-arch-ansible:latest
       fail-fast: false
 
     steps:

diff --git a/Pipfile.lock b/Pipfile.lock
diff --git a/README.md b/README.md
@@ -60,6 +60,13 @@ Use the `tailscale_auth_key` variable instead.
 In the future, this parameter will be replaced with a map of supported command-line arguments.
 Since Tailscale is still undergoing rapid development, we are holding off on creating such an argument map until features are more stable.
 
+### verbose
+
+**Default**: `false`
+
+Whether to output additional information during role execution.
+Helpful for debugging and collecting information to submit in a GitHub issue on this repository.
+
 ## Dependencies
 
 None
@@ -132,6 +139,25 @@ Pass arbitrary command-line arguments:
           3537
 ```
 
+Get verbose output:
+
+```yaml
+- name: Servers
+  hosts: all
+  roles:
+    - role: artis3n.tailscale
+      vars:
+        # Fake example encrypted by ansible-vault
+        tailscale_auth_key: !vault |
+          $ANSIBLE_VAULT;1.2;AES256;tailscale
+          32616238303134343065613038383933333733383765653166346564363332343761653761646363
+          6637666565626333333664363739613366363461313063640a613330393062323161636235383936
+          37373734653036613133613533376139383138613164323661386362376335316364653037353631
+          6539646561373535610a643334396234396332376431326565383432626232383131303131363362
+          3537
+        verbose: true
+```
+
 ## License
 
 MIT

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -41,3 +41,7 @@ dnf_yum_dependencies:
 
 dnf_repos:
   Fedora: https://pkgs.tailscale.com/{{ release_stability | lower }}/fedora/tailscale.repo
+
+arch_dependencies:
+  - glibc
+  - go
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -5,8 +5,15 @@
   command: tailscale status
   register: handlers_tailscale_status
 
+- name: Debug Tailscale Status
+  listen: Confirm Tailscale is Connected
+  debug:
+    var: handlers_tailscale_status
+  when: verbose | bool
+
 - name: Assert Tailscale is Connected
   listen: Confirm Tailscale is Connected
   assert:
     that:
       - handlers_tailscale_status.stdout | length != 0
+      - handlers_tailscale_status.stdout is not match('\[L\+V9o\]')
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -13,3 +13,4 @@
             62366639653431623836313965626534643961323862623833626430303236353835353438366161
             3238373235646164300a366231373362616330616565383033623034373366306130646166613231
             36373738623939313136653031643038336262653533383234326435303533383932
+        verbose: true
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -11,7 +11,7 @@ platforms:
   - name: instance
     image: ${MOLECULE_DISTRO:-geerlingguy/docker-ubuntu2004-ansible:latest}
     # Needed for systemd
-    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    command: ${MOLECULE_DOCKER_COMMAND:-/lib/systemd/systemd}
     volumes:
       - /sys/fs/cgroup:/sys/fs/cgroup:ro
     privileged: true

diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
@@ -11,4 +11,5 @@
   - name: Assertions
     assert:
       that:
-        - tailscale_status.stdout | length != 0
+        - '"linux" in tailscale_status.stdout'
+        - '"L+V9o" not in tailscale_status.stdout'
diff --git a/tasks/arch.yml b/tasks/arch.yml
@@ -1,5 +1,12 @@
 ---
 
+- name: Arch | Install Dependencies
+  become: yes
+  pacman:
+    name: '{{ arch_dependencies }}'
+    update_cache: yes
+    state: present
+
 - name: Arch | Ensure non-root user
   become: yes
   user:

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,13 +1,19 @@
 ---
 - name: Tailscale Auth Key Required
   fail:
-    msg: "You must include a Node Authorization auth key. Set a `tailscale_auth_key` ansible-vault encrypted variable. You can create this key from: https://login.tailscale.com/admin/authkeys" # noqa 204
+    msg: >
+      You must include a Node Authorization auth key.
+      Set a `tailscale_auth_key` ansible-vault encrypted variable.
+      You can create this key from: https://login.tailscale.com/admin/authkeys"
   when: tailscale_auth_key is not defined
 
 - name: Unstable Warning
   # Print an error message to the console but proceed anyway
   fail:
-    msg: Installing Tailscale from the unstable branch. This is bleeding edge and may have issues. Be warned.
+    msg: >
+      Installing Tailscale from the unstable branch.
+      This is bleeding edge and may have issues.
+      Be warned.
   when: release_stability | lower == 'unstable'
   ignore_errors: yes
 
@@ -43,6 +49,22 @@
   changed_when: false
   register: tailscale_status
 
+- name: Tailscale Status
+  debug:
+    var: tailscale_status
+  when: verbose | bool
+
+- name: Record Tailscale Version
+  command: tailscale version
+  changed_when: false
+  register: tailscale_version
+  when: verbose | bool
+
+- name: Tailscale Version
+  debug:
+    msg: "{{ tailscale_version.stdout.split('\n') }}"
+  when: verbose | bool
+
 - name: Bring Tailscale Up
   become: yes
   # The command module cannot use | ; &
@@ -51,5 +73,7 @@
   # Since the auth key is included in this task, we do not want to log output
   no_log: true
   register: tailscale_start
-  when: tailscale_status.stdout | length == 0
+  when: >
+    tailscale_status.stdout | length == 0
+    or tailscale_status.stdout is match('\[L\+V9o\]')
   notify: Confirm Tailscale is Connected
diff --git a/vars/main.yml b/vars/main.yml
@@ -1,2 +1,5 @@
 ---
 # vars file for artis3n.tailscale
+
+# Whether to output debug information during role execution
+verbose: false