share/ansible: convert fedora dockerfile to ansible

Using a dockerfile to build, install and test the code can be
problematic as we can't capture the log files to check what failed in
case of failure. This PR converts the fedora dockerfile to Ansible, an
open source IT automation tool. The tool can be used on the developers
and the CI system to check whether a piece of code can be built,
installed and tested.

This is the first patch in a series, where I will convert the existing
PR workflows to use Ansible instead of dockerfiles.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

diff --git a/share/ansible/inventory.ini b/share/ansible/inventory.ini
new file mode 100644 (file)
index 0000000..46475c8
--- /dev/null
+++ b/share/ansible/inventory.ini
@@ -0,0 +1 @@
+builder ansible_connection=containers.podman.podman

diff --git a/share/ansible/playbook.yml b/share/ansible/playbook.yml
new file mode 100644 (file)
index 0000000..2325d9a
--- /dev/null
+++ b/share/ansible/playbook.yml
@@ -0,0 +1,89 @@
+- name: Start build container
+  hosts: localhost
+  tasks:
+    - name: Pull container image
+      containers.podman.podman_image:
+        name: registry.fedoraproject.org/fedora:latest
+
+    - name: Create and start container
+      containers.podman.podman_container:
+        name: builder
+        state: started
+        image: fedora:latest
+        command: "sleep 1d"
+
+    - name: Copy repo
+      ansible.builtin.shell:
+        podman cp ../../ builder:/usr/local/src
+
+- name: CI run
+  hosts: builder
+  connection: podman
+  tasks:
+    - name: Ensure dependencies are installed
+      ansible.builtin.dnf:
+        name:
+          - dnf-plugins-core
+          - libcmocka-devel
+          - systemd-devel
+        state: present
+
+    - name: Ensure build dependencies are installed
+      ansible.builtin.command:
+        dnf builddep -y shadow-utils
+      register: dnf_result
+      changed_when: '"Nothing to do" not in dnf_result.stdout'
+
+    - name: Build configuration
+      ansible.builtin.command: >
+        ./autogen.sh
+        --disable-account-tools-setuid
+        --enable-lastlog
+        --enable-logind=no
+        --enable-man
+        --enable-shadowgrp
+        --enable-shared
+        --with-audit
+        --with-bcrypt
+        --with-group-name-max-length=32
+        --with-libpam
+        --with-selinux
+        --with-sha-crypt
+        --with-yescrypt
+        --without-libbsd
+        --without-libcrack
+        --without-sssd
+      args:
+        chdir: /usr/local/src/shadow/
+      ignore_errors: true
+
+    - name: Build
+      ansible.builtin.shell:
+        make -Orecurse -j4 > build.log
+      args:
+        chdir: /usr/local/src/shadow/
+      ignore_errors: true
+
+    - name: Run unit-tests
+      ansible.builtin.command:
+        make check
+      args:
+        chdir: /usr/local/src/shadow/
+      ignore_errors: true
+
+    - name: Install
+      ansible.builtin.command:
+        make install
+      args:
+        chdir: /usr/local/src/shadow/
+      ignore_errors: true
+
+    - name: Copy shadow repo
+      ansible.builtin.fetch:
+        src: '{{ item }}'
+        dest: ./build-out/
+      with_items:
+        - "/usr/local/src/shadow/config.log"
+        - "/usr/local/src/shadow/config.h"
+        - "/usr/local/src/shadow/build.log"
+        - "/usr/local/src/shadow/tests/unit/test-suite.log"