Merge pull request #715 from manala/alloy/init

[Alloy] Init role and molecule

.github/workflows/molecule.alloy.yaml

@@ -0,0 +1,25 @@
+name: Molecule - Alloy
+
+on:
+  pull_request:
+    paths:
+      - .manala.yaml
+      - .github/workflows/molecule.alloy.yaml
+      - .config/molecule/config.yml
+      - molecule/Dockerfile.*
+      - molecule/alloy/**
+      - roles/alloy/**
+  workflow_dispatch:
+    inputs:
+      debug:
+        type: boolean
+        description: Run with tmate debugging
+        required: false
+        default: false
+
+jobs:
+  alloy:
+    uses: ./.github/workflows/molecule.yaml
+    with:
+      debug: ${{ inputs.debug == true }}
+      scenario: alloy

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+- [Alloy] Add installation and basics configuration role and test it with molecule 
+
+
 ## [4.2.2] - 2024-09-20
 ### Fixed
 - [Fail2ban] Fix Bookworm sshd jail by installing python3-systemd

molecule/alloy/converge.yml

@@ -0,0 +1,60 @@
+---
+
+###########
+# Default #
+###########
+
+- name: Default
+  tags: [default]
+  hosts: debian
+  tasks:
+    - block:  # noqa: name[missing]
+        - name: Role
+          ansible.builtin.import_role:
+            name: manala.roles.alloy
+      always:
+        - name: Goss
+          ansible.builtin.command:
+            cmd: goss --gossfile - validate --retry-timeout 10s
+            stdin: "{{ lookup('ansible.builtin.template', 'goss/default.yaml.j2') }}"
+          changed_when: false
+
+##########
+# Config #
+##########
+
+- name: Config
+  tags: [config]
+  hosts: debian
+  vars:
+    tests_dir: /molecule/alloy/config
+  tasks:
+    - name: Clean tests dir  # noqa: risky-file-permissions
+      ansible.builtin.file:
+        path: "{{ tests_dir }}"
+        state: "{{ item }}"
+      loop: [absent, directory]
+    - block:  # noqa: name[missing]
+        - name: Role - Content
+          ansible.builtin.import_role:
+            name: manala.roles.alloy
+            tasks_from: config
+          vars:
+            manala_alloy_config_file: "{{ tests_dir }}/content"
+            manala_alloy_config_template: ~
+            manala_alloy_config: |
+              Content
+        - name: Role - Template
+          ansible.builtin.import_role:
+            name: manala.roles.alloy
+            tasks_from: config
+          vars:
+            manala_alloy_config_file: "{{ tests_dir }}/template"
+            manala_alloy_config_template: fixtures/template.j2
+            manala_alloy_config: ~
+      always:
+        - name: Goss
+          ansible.builtin.command:
+            cmd: goss --gossfile - validate
+            stdin: "{{ lookup('ansible.builtin.template', 'goss/config.yaml.j2') }}"
+          changed_when: false

molecule/alloy/fixtures/template.j2

@@ -0,0 +1 @@
+Template

molecule/alloy/goss/config.yaml.j2

@@ -0,0 +1,19 @@
+---
+
+file:
+  {{ tests_dir }}/content:
+    exists: true
+    filetype: file
+    owner: root
+    group: root
+    mode: "0644"
+    contents: |
+      Content
+  {{ tests_dir }}/template:
+    exists: true
+    filetype: file
+    owner: root
+    group: root
+    mode: "0644"
+    contents: |
+      Template

molecule/alloy/goss/default.yaml.j2

@@ -0,0 +1,22 @@
+---
+
+package:
+  alloy:
+    installed: true
+
+service:
+  alloy:
+    enabled: true
+    running: true
+
+process:
+  alloy:
+    running: true
+
+file:
+  {{ manala_alloy_config_file }}:
+    exists: true
+    filetype: file
+    owner: root
+    group: root
+    mode: "0644"

molecule/alloy/prepare.yml

@@ -0,0 +1,12 @@
+---
+
+- name: Prepare
+  tags: [always]
+  hosts: debian
+  tasks:
+    - name: Apt
+      ansible.builtin.import_role:
+        name: manala.roles.apt
+      vars:
+        manala_apt_preferences:
+          - alloy@grafana

roles/alloy/README.md

@@ -0,0 +1,95 @@
+# Ansible Role: Alloy
+
+This role will deal with the configuration of [Alloy](https://grafana.com/docs/alloy/latest/).
+
+It's part of the [Manala Ansible Collection](https://galaxy.ansible.com/manala/roles).
+
+## Requirements
+
+This role is made to work with the __Alloy__ official debian packages, available on the [__grafana__ debian repository](https://grafana.com/docs/agent/latest/set-up/install-agent-linux/#install-on-debian-or-ubuntu). Please use the [**manala.roles.apt**](../apt/) role to handle it properly.
+
+```yaml
+manala_apt_preferences:
+  - alloy@grafana
+```
+
+## Dependencies
+
+None.
+
+## Installation
+
+Installation instructions can be found in the main [README.md](https://github.com/manala/ansible-roles/blob/main/README.md)
+
+## Role Variables
+
+You can find all variables and default values used by this role in the [defaults/main.yaml](./defaults/main.yaml) file
+
+### Configuration example
+
+See : https://grafana.com/docs/alloy/latest/configure/
+
+
+```
+manala_alloy_config: |
+  # Sample config for Alloy
+  # For a full configuration reference, see: https://grafana.com/docs/alloy/latest/get-started/configuration-syntax/.
+  
+  // Collection: mount a local directory with a certain path spec
+  local.file_match "applogs" {
+      path_targets = [{"__path__" = "/tmp/app-logs/app.log"}]
+  }
+
+  // Collection: Take the file match as input, and scrape those mounted log files
+  loki.source.file "local_files" {
+      targets    = local.file_match.applogs.targets
+
+      // This specifies which component should process the logs next, the "link in the chain"
+      forward_to = [loki.process.add_new_label.receiver]
+  }
+
+  // Transformation: pull some data out of the log message, and turn it into a label
+  loki.process "add_new_label" {
+      stage.logfmt {
+          mapping = {
+              "extracted_level" = "level",
+          }
+      }
+
+      // Add the value of "extracted_level" from the extracted map as a "level" label
+      stage.labels {
+          values = {
+              "level" = "extracted_level",
+          }
+      }
+
+      // The next link in the chain is the local_loki "receiver" (receives the telemetry)
+      forward_to = [loki.write.local_loki.receiver]
+  }
+
+  // Anything that comes into this component gets written to the loki remote API
+  loki.write "local_loki" {
+      endpoint {
+          url = "http://loki:3100/loki/api/v1/push"
+      }
+  }
+```
+
+## Example playbook
+
+```yaml
+- hosts: foo
+  tasks:
+    - ansible.builtin.import_role:  
+        name: manala.roles.alloy
+```
+
+# Licencing
+
+This collection is distributed under the MIT license.
+
+See [LICENSE](https://opensource.org/licenses/MIT) to see the full text.
+
+# Author information
+
+Manala [**(http://www.manala.io/)**](http://www.manala.io)

roles/alloy/defaults/main.yaml

@@ -0,0 +1,11 @@
+---
+
+# Install
+manala_alloy_install_packages: ~
+manala_alloy_install_packages_default:
+  - alloy
+
+# Config
+manala_alloy_config_file: /etc/alloy/config.alloy
+manala_alloy_config_template: ~
+manala_alloy_config: ~

roles/alloy/meta/main.yaml

@@ -0,0 +1,22 @@
+---
+
+dependencies: []
+
+galaxy_info:
+
+  role_name: alloy
+  author: Manala
+  company: Manala
+  description: Handle alloy
+  license: MIT
+  min_ansible_version: 2.15.0
+  issue_tracker_url: https://github.com/manala/ansible-roles/issues
+  platforms:
+    - name: Debian
+      versions:
+        - buster
+        - bullseye
+        - bookworm
+  galaxy_tags:
+    - monitoring
+    - alloy

roles/alloy/tasks/config.yaml

@@ -0,0 +1,12 @@
+---
+
+- name: Config > Template
+  ansible.builtin.template:
+    src: "{{ manala_alloy_config_template | ternary(manala_alloy_config_template, 'config/_default.j2') }}"
+    dest: "{{ manala_alloy_config_file }}"
+    owner: root
+    group: root
+    mode: "0644"
+  when: manala_alloy_config_template
+    or manala_alloy_config
+  register: __manala_alloy_config_template_result

roles/alloy/tasks/install.yaml

@@ -0,0 +1,10 @@
+---
+
+- name: Install > Packages
+  ansible.builtin.apt:
+    name: "{{ item }}"
+    install_recommends: false
+    update_cache: true
+    cache_valid_time: 3600
+  loop:
+    - "{{ manala_alloy_install_packages | default(manala_alloy_install_packages_default, True) }}"

roles/alloy/tasks/main.yaml

@@ -0,0 +1,20 @@
+---
+
+- name: Install
+  ansible.builtin.import_tasks: install.yaml
+  tags:
+    - manala_alloy
+    - manala_alloy.install
+
+- name: Config
+  ansible.builtin.import_tasks: config.yaml
+  tags:
+    - manala_alloy
+    - manala_alloy.config
+
+- name: Services
+  ansible.builtin.import_tasks: services.yaml
+  tags:
+    - manala_alloy
+    - manala_alloy.services
+    - manala.services

roles/alloy/tasks/services.yaml

@@ -0,0 +1,17 @@
+---
+
+- name: Services > Services
+  ansible.builtin.service:
+    name: "{{ item }}"
+    state: |-
+      {{
+        'restarted'
+          if (
+            __manala_alloy_config_template_result | default({}) is changed
+          ) else
+        'started'
+      }}
+    enabled: true
+    daemon_reload: "{{ (ansible_facts.distribution_release in ['buster']) | ternary(True, omit) }}"
+  loop:
+    - alloy

roles/alloy/templates/config/_default.j2

@@ -0,0 +1,3 @@
+{%- set config = manala_alloy_config -%}
+
+{{ config }}