PowerDNS · romeroalx · Feb 6, 2025 · Jan 22, 2025 · Jan 23, 2025 · Feb 3, 2025
diff --git a/.ansible-lint b/.ansible-lint
@@ -0,0 +1,4 @@
+---
+skip_list:
+  - '306'  # [306] Shells that use pipes should set the pipefail option
+  - 'args' # [args] throws a warning on community.docker.docker_container for a correct attribute (cgroupns_mode)
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -6,30 +6,36 @@ on:
     - cron: '33 5 * * 0'
 
 jobs:
+  Lint:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint@main
   Tests:
     name: Test role on different ansible versions
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     strategy:
+      fail-fast: false
       matrix:
         ansible:
-          - "2.12"
-          - "2.13"
           - "2.14"
+          - "2.15"
+          - "2.16"
         scenario:
           - pdns-47
           - pdns-48
           - pdns-49
           - pdns-master
           - pdns-os-repos
           - systemd-no-overrides
-      fail-fast: false
     steps:
       - name: checkout
         uses: actions/checkout@v4
       - name: Install python
         uses: actions/setup-python@v5
         with:
-          python-version: "3.10"
+          python-version: "3.11"
       - name: Install dependencies
         run: |
           python -m pip install --upgrade pip

diff --git a/molecule/pdns-47/converge.yml b/molecule/pdns-47/converge.yml
@@ -1,6 +1,7 @@
 ---
 
-- hosts: pdns
+- name: PDNS 4.7
+  hosts: pdns
   vars_files:
     - ../resources/vars/pdns-common.yml
     - ../resources/vars/pdns-repo-47.yml

diff --git a/molecule/pdns-47/molecule.yml b/molecule/pdns-47/molecule.yml
@@ -119,4 +119,3 @@ verifier:
     - ../backend-sqlite/
     - ../backend-mysql/
     - ../systemd-override/
-
diff --git a/molecule/pdns-48/converge.yml b/molecule/pdns-48/converge.yml
@@ -1,6 +1,7 @@
 ---
 
-- hosts: pdns
+- name: PDNS 4.8
+  hosts: pdns
   vars_files:
     - ../resources/vars/pdns-common.yml
     - ../resources/vars/pdns-repo-48.yml

diff --git a/molecule/pdns-48/molecule.yml b/molecule/pdns-48/molecule.yml
@@ -132,4 +132,3 @@ verifier:
     - ../backend-sqlite/
     - ../backend-mysql/
     - ../systemd-override/
-
diff --git a/molecule/pdns-49/converge.yml b/molecule/pdns-49/converge.yml
@@ -1,6 +1,7 @@
 ---
 
-- hosts: pdns
+- name: PDNS 4.9
+  hosts: pdns
   vars_files:
     - ../resources/vars/pdns-common.yml
     - ../resources/vars/pdns-repo-49.yml

diff --git a/molecule/pdns-49/molecule.yml b/molecule/pdns-49/molecule.yml
@@ -140,4 +140,3 @@ verifier:
     - ../backend-sqlite/
     - ../backend-mysql/
     - ../systemd-override/
-
diff --git a/molecule/pdns-master/converge.yml b/molecule/pdns-master/converge.yml
@@ -1,6 +1,7 @@
 ---
 
-- hosts: pdns
+- name: PDNS master
+  hosts: pdns
   vars_files:
     - ../resources/vars/pdns-common.yml
     - ../resources/vars/pdns-repo-master.yml

diff --git a/molecule/pdns-master/molecule.yml b/molecule/pdns-master/molecule.yml
@@ -137,4 +137,3 @@ verifier:
     - ../backend-sqlite/
     - ../backend-mysql/
     - ../systemd-override/
-
diff --git a/molecule/pdns-os-repos/converge.yml b/molecule/pdns-os-repos/converge.yml
@@ -1,5 +1,6 @@
 ---
-- hosts: pdns
+- name: PDNS OS Repos
+  hosts: pdns
   vars_files:
     - ../resources/vars/pdns-os-repos.yml
     - ../resources/vars/pdns-backends.yml

diff --git a/molecule/pdns-os-repos/molecule.yml b/molecule/pdns-os-repos/molecule.yml
@@ -111,4 +111,3 @@ verifier:
     - ../systemd-override/
     - ../backend-sqlite/
     - ../backend-mysql/
-
diff --git a/molecule/resources/create.yml b/molecule/resources/create.yml
@@ -8,26 +8,30 @@
     - vars/molecule.yml
   tasks:
 
-    - set_fact:
+    - name: Get list of service instances
+      ansible.builtin.set_fact:
         molecule_service_instances: "{{ molecule_yml.platforms | selectattr('is_service', 'defined') | selectattr('is_service') | list }}"
-    - set_fact:
+
+    - name: Get list of platform instances
+      ansible.builtin.set_fact:
         molecule_platform_instances: "{{ molecule_yml.platforms | difference(molecule_service_instances) }}"
 
     - name: Create Dockerfiles from image names
-      template:
+      ansible.builtin.template:
         src: "Dockerfile.{{ item.dockerfile_tpl | default('default') }}.j2"
         dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
+        mode: '0644'
       with_items: "{{ molecule_platform_instances }}"
       register: platforms
 
     - name: Discover local Docker images
-      docker_image_info:
+      community.docker.docker_image_info:
         name: "molecule_pdns/{{ item.item.name }}"
       with_items: "{{ platforms.results }}"
       register: docker_images
 
     - name: Build an Ansible compatible image
-      docker_image:
+      community.docker.docker_image:
         source: build
         name: "molecule_pdns/{{ item.item.image }}"
         build:
@@ -37,7 +41,7 @@
       when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
 
     - name: Create molecule instance(s)
-      docker_container:
+      community.docker.docker_container:
         name: "{{ item.name }}"
         hostname: "{{ item.name }}"
         image: "{{ item.image }}"
@@ -49,7 +53,7 @@
       with_items: "{{ molecule_service_instances }}"
 
     - name: Create the required Services instance(s)
-      docker_container:
+      community.docker.docker_container:
         name: "{{ item.name }}"
         hostname: "{{ item.name }}"
         image: "molecule_pdns/{{ item.image }}"
@@ -61,4 +65,5 @@
         volumes:
           # Mount the cgroups fs to allow SystemD to run into the containers
           - "/sys/fs/cgroup:/sys/fs/cgroup:rw"
+        cgroupns_mode: host
       with_items: "{{ molecule_platform_instances }}"
diff --git a/molecule/resources/destroy.yml b/molecule/resources/destroy.yml
@@ -8,7 +8,7 @@
     - vars/molecule.yml
   tasks:
     - name: Destroy the target Platforms instance(s)
-      docker_container:
+      community.docker.docker_container:
         name: "{{ item.name }}"
         state: absent
         force_kill: "{{ item.force_kill | default(True) }}"

diff --git a/molecule/resources/prepare.yml b/molecule/resources/prepare.yml
@@ -6,28 +6,29 @@
     # Make sure the default MySQL and SQLite
     # schemas are installed in /usr/share/doc/
     - name: Disable the YUM 'nodocs' option
-      lineinfile:
+      ansible.builtin.lineinfile:
         line: tsflags=nodocs
         dest: /etc/yum.conf
         state: absent
       when: ansible_pkg_mgr == 'yum'
 
     - name: Disable the APT 'nodoc' option
-      lineinfile:
+      ansible.builtin.lineinfile:
         line: path-exclude=/usr/share/doc/*
         dest: /etc/dpkg/dpkg.cfg.d/excludes
         state: absent
 
     # Install rsyslog to capture the PDNS log messages
     # when the service is not managed by systemd
-    - block:
+    - name: Install rsyslog
+      when: ansible_service_mgr != 'systemd'
+      block:
         - name: Install rsyslog
-          package:
+          ansible.builtin.package:
             name: rsyslog
             state: present
 
         - name: Start rsyslog
-          service:
+          ansible.builtin.service:
             name: rsyslog
             state: started
-      when: ansible_service_mgr != 'systemd'
diff --git a/molecule/resources/vars/molecule.yml b/molecule/resources/vars/molecule.yml
@@ -2,6 +2,6 @@
 molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
 molecule_ephemeral_directory: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}"
 molecule_scenario_directory: "{{ lookup('env', 'MOLECULE_SCENARIO_DIRECTORY') }}"
-role-file: requirements.yml
-requirements-file: requirements.yml
+role_file: requirements.yml
+requirements_file: requirements.yml
 molecule_yml: "{{ lookup('file', molecule_file) | from_yaml }}"
diff --git a/molecule/systemd-no-overrides/converge.yml b/molecule/systemd-no-overrides/converge.yml
@@ -1,6 +1,7 @@
 ---
 
-- hosts: pdns
+- name: PDNS SystemD no-overrides
+  hosts: pdns
   vars_files:
     - ../resources/vars/pdns-no-overrides.yml
   roles:

diff --git a/molecule/systemd-no-overrides/molecule.yml b/molecule/systemd-no-overrides/molecule.yml
@@ -93,4 +93,3 @@ verifier:
   additional_files_or_dirs:
     # path relative to 'directory'
     - ../systemd-no-override
-
diff --git a/tasks/configure.yml b/tasks/configure.yml
@@ -1,41 +1,42 @@
 ---
-
-- block:
+- name: Set up systemd override
+  when: ansible_service_mgr == "systemd"
+  block:
 
   - name: Ensure the override directory exists (systemd)
-    file:
+    ansible.builtin.file:
       name: "/etc/systemd/system/{{ pdns_service_name }}.service.d"
       state: directory
       owner: root
       group: root
+      mode: 0755
 
   - name: Override the PowerDNS Authoritative Server unit (systemd)
-    template:
+    ansible.builtin.template:
       src: "override-service.systemd.conf.j2"
       dest: "/etc/systemd/system/{{ pdns_service_name }}.service.d/override.conf"
       owner: root
       group: root
+      mode: 0644
     register: _pdns_override_unit
     when: pdns_service_overrides | length > 0
 
   - name: Reload systemd
-    systemd:
+    ansible.builtin.systemd:
       daemon_reload: yes
     when: not pdns_disable_handlers
       and _pdns_override_unit.changed
 
-  when: ansible_service_mgr == "systemd"
-
 - name: Ensure that the PowerDNS configuration directory exists
-  file:
+  ansible.builtin.file:
     name: "{{ pdns_config_dir }}"
     state: directory
     owner: "{{ pdns_file_owner }}"
     group: "{{ pdns_file_group }}"
     mode: 0750
 
 - name: Generate the PowerDNS configuration
-  template:
+  ansible.builtin.template:
     src: pdns.conf.j2
     dest: "{{ pdns_config_dir }}/{{ pdns_config_file }}"
     owner: "{{ pdns_file_owner }}"
@@ -44,7 +45,7 @@
   register: _pdns_configuration
 
 - name: Ensure that the PowerDNS 'include-dir' directory exists
-  file:
+  ansible.builtin.file:
     name: "{{ pdns_config['include-dir'] }}"
     state: directory
     owner: "{{ pdns_file_owner }}"
@@ -53,7 +54,7 @@
   when: "pdns_config['include-dir'] is defined"
 
 - name: Restart PowerDNS
-  service:
+  ansible.builtin.service:
     name: "{{ pdns_service_name }}"
     state: restarted
     sleep: 1

diff --git a/tasks/database-lmdb.yml b/tasks/database-lmdb.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: Ensure that the directories containing the PowerDNS LMDB databases exist
-  file:
+  ansible.builtin.file:
     name: "{{ item | dirname }}"
     owner: "{{ pdns_user }}"
     group: "{{ pdns_group }}"

diff --git a/tasks/database-mysql.yml b/tasks/database-mysql.yml
@@ -1,12 +1,12 @@
 ---
 
 - name: Install the MySQL dependencies
-  package:
+  ansible.builtin.package:
     name: "{{ pdns_mysql_packages }}"
     state: present
 
 - name: Create the PowerDNS MySQL databases
-  mysql_db:
+  community.mysql.mysql_db:
     login_user: "{{ item['value']['priv_user'] }}"
     login_password: "{{ item['value']['priv_password'] }}"
     login_host: "{{ item['value']['host'] }}"
@@ -18,7 +18,7 @@
   with_dict: "{{ pdns_backends | combine(pdns_mysql_databases_credentials, recursive=True) }}"
 
 - name: Grant PowerDNS access to the MySQL databases
-  mysql_user:
+  community.mysql.mysql_user:
     login_user: "{{ item[0]['priv_user'] }}"
     login_password: "{{ item[0]['priv_password'] }}"
     login_host: "{{ item[0]['host'] }}"
@@ -35,8 +35,9 @@
     - skip_missing: yes
 
 - name: Check if the MySQL databases are empty
-  shell: |-
-    {{ pdns_backends_mysql_cmd | default('mysql') }} --user="{{ item['value']['user'] }}" --password="{{ item['value']['password'] }}" \
+  ansible.builtin.shell:
+    cmd: |-
+      {{ pdns_backends_mysql_cmd | default('mysql') }} --user="{{ item['value']['user'] }}" --password="{{ item['value']['password'] }}" \
       --host="{{ item['value']['host'] }}" --port "{{ item['value']['port'] | default('3306') }}" --batch --skip-column-names \
       --execute="SELECT COUNT(DISTINCT table_name) FROM information_schema.columns WHERE table_schema = '{{ item['value']['dbname'] }}'"
   when: item.key.split(':')[0] == 'gmysql'
@@ -46,7 +47,7 @@
   changed_when: False
 
 - name: Determine location of the SQL file
-  shell:
+  ansible.builtin.shell:
     cmd: |
       for p in /usr/share/doc/pdns-backend-mysql-{{ _pdns_running_version }}/schema.mysql.sql /usr/share/doc/pdns-backend-mysql/schema.mysql.sql /usr/share/pdns-backend-mysql/schema/schema.mysql.sql /usr/share/dbconfig-common/data/pdns-backend-mysql/install/mysql /usr/share/doc/powerdns/schema.mysql.sql /usr/share/doc/pdns/schema.mysql.sql; do
         if [ -f $p ]; then
@@ -61,14 +62,14 @@
   when: pdns_mysql_schema_file | length == 0
 
 - name: Set the schema file variable
-  set_fact:
+  ansible.builtin.set_fact:
     pdns_mysql_schema_file_to_use: "{% if pdns_mysql_schema_file | length == 0 %}{{ pdns_mysql_schema_file_detected.stdout }}{% else %}{{ pdns_mysql_schema_file }}{% endif %}"
 
-
 - name: Import the PowerDNS MySQL schema
-  shell: |-
+  ansible.builtin.shell: |-
     {{ pdns_backends_mysql_cmd | default('mysql') }} --user="{{ item['item']['value']['user'] }}" --password="{{ item['item']['value']['password'] }}" --host="{{ item['item']['value']['host'] }}" \
       --port="{{ item['item']['port'] | default('3306') }}" "{{ item.item['value']['dbname'] }}" < "{{ pdns_mysql_schema_file_to_use }}"
+  changed_when: True
   no_log: True
   when: "item['item']['key'].split(':')[0] == 'gmysql' and item['stdout'] == '0'"
   with_items: "{{ _pdns_check_mysql_db['results'] }}"
Original file line number	Diff line number	Diff line change
Expand Up		@@ -119,4 +119,3 @@ verifier:
		- ../backend-sqlite/
		- ../backend-mysql/
		- ../systemd-override/
Original file line number	Diff line number	Diff line change
Expand Up		@@ -132,4 +132,3 @@ verifier:
		- ../backend-sqlite/
		- ../backend-mysql/
		- ../systemd-override/
Original file line number	Diff line number	Diff line change
Expand Up		@@ -140,4 +140,3 @@ verifier:
		- ../backend-sqlite/
		- ../backend-mysql/
		- ../systemd-override/
Original file line number	Diff line number	Diff line change
Expand Up		@@ -137,4 +137,3 @@ verifier:
		- ../backend-sqlite/
		- ../backend-mysql/
		- ../systemd-override/
Original file line number	Diff line number	Diff line change
Expand Up		@@ -111,4 +111,3 @@ verifier:
		- ../systemd-override/
		- ../backend-sqlite/
		- ../backend-mysql/
Original file line number	Diff line number	Diff line change
Expand Up		@@ -93,4 +93,3 @@ verifier:
		additional_files_or_dirs:
		# path relative to 'directory'
		- ../systemd-no-override