Adding molecule unit tests

roles/graylog/handlers/main.yml

@@ -4,3 +4,4 @@
     project_src: "{{ graylog_data_dir }}"
     state: present
     recreate: always
+  when: not (molecule_test_mode | default(false))

roles/graylog/molecule/default/converge.yml

@@ -0,0 +1,8 @@
+---
+- name: Converge
+  hosts: localhost
+  gather_facts: false
+  vars_files:
+    - ../../../molecule/shared/vars.yml
+  roles:
+    - role: graylog

roles/graylog/molecule/default/molecule.yml

@@ -0,0 +1,23 @@
+---
+dependency:
+  name: galaxy
+  options:
+    requirements-file: requirements.yml
+driver:
+  name: delegated
+  options:
+    managed: false
+    ansible_connection_options:
+      ansible_connection: local
+platforms:
+  - name: localhost
+    groups:
+      - sovereign
+provisioner:
+  name: ansible
+  inventory:
+    host_vars:
+      localhost:
+        ansible_connection: local
+verifier:
+  name: ansible

roles/graylog/molecule/default/verify.yml

@@ -0,0 +1,96 @@
+---
+- name: Verify graylog role
+  hosts: localhost
+  gather_facts: false
+  vars:
+    graylog_data_dir: /tmp/sovereign_test/graylog
+
+  tasks:
+    - name: Check graylog data directory exists
+      ansible.builtin.stat:
+        path: /tmp/sovereign_test/graylog
+      register: data_dir_stat
+
+    - name: Assert graylog data directory is present
+      ansible.builtin.assert:
+        that: data_dir_stat.stat.isdir
+        fail_msg: "Data directory /tmp/sovereign_test/graylog was not created"
+
+    - name: Check graylog data subdirectory exists
+      ansible.builtin.stat:
+        path: /tmp/sovereign_test/graylog/data
+      register: data_subdir_stat
+
+    - name: Assert graylog data subdirectory is present
+      ansible.builtin.assert:
+        that: data_subdir_stat.stat.isdir
+        fail_msg: "Directory /tmp/sovereign_test/graylog/data was not created"
+
+    - name: Check graylog config directory exists
+      ansible.builtin.stat:
+        path: /tmp/sovereign_test/graylog/config
+      register: config_dir_stat
+
+    - name: Assert graylog config directory is present
+      ansible.builtin.assert:
+        that: config_dir_stat.stat.isdir
+        fail_msg: "Directory /tmp/sovereign_test/graylog/config was not created"
+
+    - name: Check graylog opensearch directory exists
+      ansible.builtin.stat:
+        path: /tmp/sovereign_test/graylog/opensearch
+      register: opensearch_dir_stat
+
+    - name: Assert graylog opensearch directory is present
+      ansible.builtin.assert:
+        that: opensearch_dir_stat.stat.isdir
+        fail_msg: "Directory /tmp/sovereign_test/graylog/opensearch was not created"
+
+    - name: Check docker-compose.yml exists
+      ansible.builtin.stat:
+        path: /tmp/sovereign_test/graylog/docker-compose.yml
+      register: compose_stat
+
+    - name: Assert docker-compose.yml was rendered
+      ansible.builtin.assert:
+        that: compose_stat.stat.exists
+        fail_msg: "docker-compose.yml was not rendered for graylog"
+
+    - name: Read docker-compose.yml
+      ansible.builtin.slurp:
+        src: /tmp/sovereign_test/graylog/docker-compose.yml
+      register: compose_raw
+
+    - name: Set compose content fact
+      ansible.builtin.set_fact:
+        compose: "{{ compose_raw.content | b64decode }}"
+
+    - name: Assert graylog image reference in compose
+      ansible.builtin.assert:
+        that: "'graylog/graylog:6.0' in compose"
+        fail_msg: "Expected image 'graylog/graylog:6.0' not found in docker-compose.yml"
+
+    - name: Assert graylog host rule in compose
+      ansible.builtin.assert:
+        that: "'Host(`logs.test.example.com`)' in compose"
+        fail_msg: "Expected Host rule for logs.test.example.com not found in docker-compose.yml"
+
+    - name: Assert GELF logging address in compose
+      ansible.builtin.assert:
+        that: "'udp://127.0.0.1:12201' in compose"
+        fail_msg: "Expected GELF address udp://127.0.0.1:12201 not found in docker-compose.yml"
+
+    - name: Assert sovereign network is external in compose
+      ansible.builtin.assert:
+        that: "'external: true' in compose"
+        fail_msg: "Expected 'external: true' not found in docker-compose.yml"
+
+    - name: Assert graylog password secret in compose
+      ansible.builtin.assert:
+        that: "'test_graylog_secret_min_16_chars' in compose"
+        fail_msg: "Expected graylog_password_secret 'test_graylog_secret_min_16_chars' not found in docker-compose.yml"
+
+    - name: Assert graylog root password sha2 in compose
+      ansible.builtin.assert:
+        that: "'test_sha256_placeholder' in compose"
+        fail_msg: "Expected graylog_root_password_sha2 'test_sha256_placeholder' not found in docker-compose.yml"

roles/graylog/tasks/main.yml

@@ -16,6 +16,7 @@
     owner: "1000"
     group: "1000"
     mode: '0775'
+  when: not (molecule_test_mode | default(false))
 
 - name: Set vm.max_map_count for OpenSearch
   ansible.posix.sysctl:
@@ -23,6 +24,7 @@
     value: '262144'
     state: present
     sysctl_set: true
+  when: not (molecule_test_mode | default(false))
 
 - name: Deploy Graylog docker-compose
   ansible.builtin.template:
@@ -35,6 +37,7 @@
   community.docker.docker_compose_v2:
     project_src: "{{ graylog_data_dir }}"
     state: present
+  when: not (molecule_test_mode | default(false))
 
 - name: Wait for Graylog to be ready
   ansible.builtin.uri:
@@ -48,3 +51,4 @@
   until: result.status == 200
   retries: 30
   delay: 10
+  when: not (molecule_test_mode | default(false))