From 3197e26ddb1d0f67ebe9cb220e634330df0227a9 Mon Sep 17 00:00:00 2001
From: Te-Hung Tseng <te-hung.tseng@esss.se>
Date: Wed, 13 Feb 2019 13:19:08 +0100
Subject: [PATCH] Role update

---
 README.md                              |  6 ++++--
 group_vars/all                         |  7 +++++++
 molecule/default/tests/test_default.py | 11 +++++++++++
 playbook.yml                           |  2 ++
 roles/requirements.yml                 |  4 ++++
 5 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 group_vars/all

diff --git a/README.md b/README.md
index eddd15c..fe2ba3e 100644
--- a/README.md
+++ b/README.md
@@ -5,6 +5,8 @@ Ansible playbook to configure servers on the GPN:
 
 - configure samba so that the interfaces created by docker are not broadcasted to AD and DNS
 
+- Adds csi user to servers
+
 
 This playbook should be applied on all nodes on the GPN (and only on the GPN).
 As we use a static inventory for the GPN machines, this playbook uses the "all" group.
@@ -15,8 +17,8 @@ WARNING! Be sure to run this playbook on the proper inventory!
 Requirements
 ------------
 
-- ansible >= 2.4
-- molecule >= 2.6
+- ansible >= 2.7
+- molecule >= 2.19
 
 License
 -------
diff --git a/group_vars/all b/group_vars/all
new file mode 100644
index 0000000..83a5e99
--- /dev/null
+++ b/group_vars/all
@@ -0,0 +1,7 @@
+---
+sudoers_user_list:
+  - name: csi  #ansible user
+    nopasswd: true
+localusers:
+  - name: csi
+localusers_per_user_groups : true
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index b691864..93087e0 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -18,3 +18,14 @@ def test_route_interfaces(host):
 def test_route_exist(host):
     cmd = host.run("/usr/sbin/ip route list")
     assert "172.30.0.0" in cmd.stdout
+
+
+def test_sudoers_files(host):
+    with host.sudo():
+        assert host.file("/etc/sudoers.d/csi").content_string == "csi ALL=(ALL) NOPASSWD:ALL"
+
+
+def test_sudo_with_csi(host):
+    with host.sudo("csi"):
+        cmd = host.run("sudo ls")
+    assert cmd.rc == 0
diff --git a/playbook.yml b/playbook.yml
index 92496d8..8987205 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -4,3 +4,5 @@
   roles:
     - role: ics-ans-role-samba-interfaces
     - role: ics-ans-role-lab-route
+    - role: ics-ans-role-localusers
+    - role: ics-ans-role-sudoers
diff --git a/roles/requirements.yml b/roles/requirements.yml
index c036b3f..9155ee5 100644
--- a/roles/requirements.yml
+++ b/roles/requirements.yml
@@ -3,3 +3,7 @@
   version: v0.1.0
 - src: git+https://gitlab.esss.lu.se/ics-ansible-galaxy/ics-ans-role-lab-route.git
   version: v0.1.3
+- src: git+https://gitlab.esss.lu.se/ics-ansible-galaxy/ics-ans-role-localusers.git
+  version: v1.0.0
+- src: git+https://gitlab.esss.lu.se/ics-ansible-galaxy/ics-ans-role-sudoers.git
+  version: v0.1.0
-- 
GitLab