From 6deea42a0844e5cbc7436d1031ca821942a7bf52 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Sachse?= <joerg.sachse@slub-dresden.de>
Date: Fri, 20 Jan 2023 15:26:59 +0100
Subject: [PATCH] fix: run in CI without installing specific versions of repair
 tools

---
 molecule/resources/playbooks/converge.yml |  2 +-
 tasks/configure-systemd-services.yml      | 14 -------
 tasks/install-repair-tools.yml            | 45 +++++++++++++++--------
 3 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/molecule/resources/playbooks/converge.yml b/molecule/resources/playbooks/converge.yml
index 953cbb4..5e9e9df 100644
--- a/molecule/resources/playbooks/converge.yml
+++ b/molecule/resources/playbooks/converge.yml
@@ -14,4 +14,4 @@
       become: true
       when: ansible_os_family == "RedHat"
   roles:
-    - {role: "ansible_lza_repair", become: true, skip-tags: "no-ci"}
+    - {role: "ansible_lza_repair", become: true}
diff --git a/tasks/configure-systemd-services.yml b/tasks/configure-systemd-services.yml
index a1fbb8b..42e85ce 100644
--- a/tasks/configure-systemd-services.yml
+++ b/tasks/configure-systemd-services.yml
@@ -5,20 +5,6 @@
     state: directory
     mode: "0755"
 
-- name: Systemd-Unitfiles disablen
-  ansible.builtin.systemd:
-    unit: "{{ item.key }}"
-    state: stopped
-    enabled: false
-  with_dict: "{{ vault_service_files }}"
-  notify: systemctl daemon-reload
-
-- name: Systemd-Unitfiles entfernen
-  ansible.builtin.file:
-    path: "/etc/systemd/user/{{ item.key }}.service"
-    state: absent
-  with_dict: "{{ vault_service_files }}"
-
 - name: Systemd-Unitfiles installieren
   ansible.builtin.template:
     src: "usr/local/lib/systemd/system/{{ item.key }}.service.j2"
diff --git a/tasks/install-repair-tools.yml b/tasks/install-repair-tools.yml
index 0b3b6c7..67975bd 100644
--- a/tasks/install-repair-tools.yml
+++ b/tasks/install-repair-tools.yml
@@ -17,18 +17,7 @@
       tags: [apt]
   when: "ansible_facts['distribution'] == 'Debian'"
 
-- name: cleanup legacy tools
-  ansible.builtin.file:
-    path: "{{ item }}"
-    state: absent
-  loop:
-    - "/usr/local/bin/checkit_tiff"
-    - "/usr/local/bin/fixit_tiff"
-    - "/home/{{ vault_service_user }}/.cache/SLUB_LZA_Reparaturtool.cache"
-    - "/etc/cit_tiff6_baseline_SLUB.cfg"
-  notify: restart repairtools
-
-- name: install repairtool dependencies from local Debian repo server
+- name: install repairtool dependencies from local Debian repo server (if we're running in prod)
   ansible.builtin.apt:
     name: [
       '{{ item.package_name }}={{ item.version }}',
@@ -38,9 +27,21 @@
     #            mechanisms. Autoupdates will make the repair tool crash!
     state: present
   loop: "{{ tool_versions_local }}"
-  tags: [apt, no-ci]
+  tags: [apt, notest]
 
-- name: install repairtool (package dependencies are encoded in the package)
+- name: install repairtool dependencies from local Debian repo server (if we're running in CI)
+  ansible.builtin.apt:
+    name: [
+      '{{ item.package_name }}',
+    ]
+    # CAUTION!!! Always use "state: present". Due to version constraints, we do
+    #            not allow just any package version or automatic update
+    #            mechanisms. Autoupdates will make the repair tool crash!
+    state: present
+  loop: "{{ tool_versions_local }}"
+  tags: [apt]
+
+- name: install repairtool (package dependencies are encoded in the package) (if we're running in prod)
   ansible.builtin.apt:
     name: [
       '{{ item.package_name }}={{ item.version }}',
@@ -50,6 +51,18 @@
     #            mechanisms. Autoupdates will make the repair tool crash!
     state: present
   loop: "{{ tool_versions_public }}"
+  tags: [apt, notest]
+
+- name: install repairtool (package dependencies are encoded in the package) (if we're running in CI)
+  ansible.builtin.apt:
+    name: [
+      '{{ item.package_name }}',
+    ]
+    # CAUTION!!! Always use "state: present". Due to version constraints, we do
+    #            not allow just any package version or automatic update
+    #            mechanisms. Autoupdates will make the repair tool crash!
+    state: present
+  loop: "{{ tool_versions_public }}"
   tags: [apt]
 
 - name: configure tool version pinning to avoid automatic nightly upgrades
@@ -58,7 +71,7 @@
     dest: "/etc/apt/preferences.d/{{ item.package_name }}"
     owner: "root"
     group: "root"
-    mode: "750"
+    mode: "0750"
   loop: "{{ tool_versions_local }}"
 
 - name: configure tool version pinning to avoid automatic nightly upgrades
@@ -67,7 +80,7 @@
     dest: "/etc/apt/preferences.d/{{ item.package_name }}"
     owner: "root"
     group: "root"
-    mode: "750"
+    mode: "0750"
   loop: "{{ tool_versions_public }}"
 
 # FHS 3.0 specifies the correct path for the config:
-- 
GitLab