feat: Initial implementation (fixes #1)

README.md

 ECGALAXY gitlab_instance role
 ========
 
-Installs Gitlab instance EE or CE
+Installs Gitlab EE or CE instance.
 
 Requirements
 ------------
 
-
+- Amazon Linux 2023, which is the only platform currently supported.
 
 Role Variables
 --------------
 
-
+- `gitlab_edition`: Set to `enterprise` (default) or `community` depending on the variant to install
+- `gitlab_rb_file_path`: Local path of a configuration file on the control machine (optional)
 
 Dependencies
-------------
-
+--------------
 
+None.
 
 Example Playbook
 ----------------
@@ -41,6 +42,11 @@ Copyright the European Union 2022.
 
 Licensed under the EUPL-1.2 or later.
 
+Original work
+-------------
+
+Copyright Red Hat, Josh Swanson, see https://www.redhat.com/en/blog/installing-gitlab-ce-rhel-9
+
 Author Information
 ------------------
 

RELEASES.md

 # Releases
+
+## 0.1.x
+
+- Initial role implementation.

defaults/main.yml

 ---
+gitlab_edition: "enterprise"
+gitlab_rb_file_path: "gitlab.rb"

files/gitlab.rb

+external_url "http://gitlab.example.com"
+letsencrypt['enable'] = false

handlers/main.yml

+---
+- name: Reconfigure GitLab
+  ansible.builtin.command:
+    cmd: gitlab-ctl reconfigure
+  async: 1800
+  poll: 5
+  register: reconfigure_result
+  changed_when: false
+  become: true

meta/main.yml

@@ -8,16 +8,6 @@ galaxy_info:
   platforms:
     - name: Amazon Linux 
       versions:
-        - "2"
         - "2023"
-    - name: EL
-      versions:
-        - "7"
-        - "8"
-    - name: Ubuntu
-      versions:
-        - bionic
-        - focal
-        - jammy
   galaxy_tags: []
 dependencies: []

molecule/default/converge.yml

@@ -5,6 +5,8 @@
     - name: Include gitlab_instance
       ansible.builtin.include_role:
         name: gitlab_instance
+      vars:
+        gitlab_rb_file_path: "gitlab-test.rb"
   environment:
     http_proxy: "{{ lookup('env', 'http_proxy') }}"
     https_proxy: "{{ lookup('env', 'https_proxy') }}"

molecule/default/files/gitlab-test.rb

+external_url "http://gitlab.example.net"
+letsencrypt['enable'] = false

molecule/default/molecule.yml

@@ -4,50 +4,13 @@ dependency:
 driver:
   name: docker
 platforms:
-  - name: amazonlinux2-${CI_JOB_ID:-0}
-    image: code.europa.eu:4567/ecgalaxy/amazonlinux2-ansible:latest
-    pre_build_image: true
-    environment:
-      http_proxy: "${http_proxy}"
-      https_proxy: "${https_proxy}"
-      no_proxy: "${no_proxy}"
   - name: amazonlinux2023-${CI_JOB_ID:-0}
     image: code.europa.eu:4567/ecgalaxy/amazonlinux2023-ansible:latest
-    pre_build_image: true
-    environment:
-      http_proxy: "${http_proxy}"
-      https_proxy: "${https_proxy}"
-      no_proxy: "${no_proxy}"
-  - name: centos7-${CI_JOB_ID:-0}
-    image: code.europa.eu:4567/ecgalaxy/centos7-ansible:latest
-    pre_build_image: true
-    environment:
-      http_proxy: "${http_proxy}"
-      https_proxy: "${https_proxy}"
-      no_proxy: "${no_proxy}"
-  - name: rockylinux8-${CI_JOB_ID:-0}
-    image: code.europa.eu:4567/ecgalaxy/rockylinux8-ansible:latest
-    pre_build_image: true
-    environment:
-      http_proxy: "${http_proxy}"
-      https_proxy: "${https_proxy}"
-      no_proxy: "${no_proxy}"
-  - name: ubuntu1804-${CI_JOB_ID:-0}
-    image: code.europa.eu:4567/ecgalaxy/ubuntu1804-ansible:latest
-    pre_build_image: true
-    environment:
-      http_proxy: "${http_proxy}"
-      https_proxy: "${https_proxy}"
-      no_proxy: "${no_proxy}"
-  - name: ubuntu2004-${CI_JOB_ID:-0}
-    image: code.europa.eu:4567/ecgalaxy/ubuntu2004-ansible:latest
-    pre_build_image: true
-    environment:
-      http_proxy: "${http_proxy}"
-      https_proxy: "${https_proxy}"
-      no_proxy: "${no_proxy}"
-  - name: ubuntu2204-${CI_JOB_ID:-0}
-    image: code.europa.eu:4567/ecgalaxy/ubuntu2204-ansible:latest
+    command: ""
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    privileged: true
     pre_build_image: true
     environment:
       http_proxy: "${http_proxy}"

molecule/default/verify.yml

@@ -4,6 +4,13 @@
   vars_files:
     - ../../defaults/main.yml
   tasks:
-    - name: Assert something
+    - name: "Execute gitlab-ctl status"
+      ansible.builtin.shell: "gitlab-ctl status"
+      register: status
+      become: true
+
+    - name: "Verify GitLab status"
       ansible.builtin.assert:
-        that: true
+        that:
+          - "'run: gitaly' in status.stdout"
+          - "'run: nginx' in status.stdout"

tasks/customise.yml

+---
+- name: Copy the configuration file
+  ansible.builtin.copy:
+    src: "{{ gitlab_rb_file_path }}"
+    dest: /etc/gitlab/gitlab.rb
+    mode: '0600'
+  when: gitlab_rb_file_path | length > 0
+  notify: Reconfigure GitLab
+  become: true

tasks/install-gitlab.yml

+---
+- name: Install GitLab using package
+  ansible.builtin.yum:
+    name: "{{ gitlab_package }}"
+  become: true

tasks/install-prerequisites.yml

+---
+- name: Install packages
+  ansible.builtin.yum:
+    name:
+      - openssh-clients
+      - openssh-server
+      - perl
+      - policycoreutils
+      - yum-utils
+  register: packages_installed
+  become: true
+
+- name: Start/enable services
+  ansible.builtin.systemd:
+    name: "{{ service }}"
+    enabled: yes
+    state: started
+  loop_control:
+    loop_var: service
+  loop:
+    - sshd
+  when:
+    - packages_installed.changed # noqa: no-handler
+  become: true

tasks/main.yml

 ---
+- name: Set vars for community edition
+  ansible.builtin.include_tasks:
+    file: set-ce-edition.yml
+  when:
+    - gitlab_edition == 'community'
+
+- name: Set vars for enterprise edition
+  ansible.builtin.include_tasks:
+    file: set-ee-edition.yml
+  when:
+    - gitlab_edition == 'enterprise'
+
+- name: Install prerequisites
+  ansible.builtin.include_tasks: install-prerequisites.yml
+
+- name: Setup GitLab repo
+  ansible.builtin.include_tasks: setup-gitlab-repo.yml
+
+- name: Install GitLab
+  ansible.builtin.include_tasks: install-gitlab.yml
+
+- name: Customise GitLab
+  ansible.builtin.include_tasks: customise.yml

tasks/set-ce-edition.yml

+---
+- name: Set CE vars
+  ansible.builtin.set_fact:
+    edition_abbreviation: ce
+    gitlab_package: gitlab-ce

tasks/set-ee-edition.yml

+---
+- name: Set EE vars
+  ansible.builtin.set_fact:
+    edition_abbreviation: ee
+    gitlab_package: gitlab-ee

tasks/setup-gitlab-repo.yml

+---
+- name: Push GitLab repo file
+  ansible.builtin.template:
+    src: templates/gitlab.repo.j2
+    dest: "/etc/yum.repos.d/gitlab_gitlab-{{ edition_abbreviation }}.repo"
+    owner: root
+    group: root
+    mode: '0644'
+  register: repo_file_pushed
+  become: true
+
+- name: Clear yum cache
+  ansible.builtin.command:
+    cmd: yum clean all
+  when:
+    - repo_file_pushed.changed # noqa: no-handler
+  changed_when: true

templates/gitlab.repo.j2

+[gitlab_gitlab-{{ edition_abbreviation }}]
+name=gitlab_gitlab-{{ edition_abbreviation }}
+baseurl=https://packages.gitlab.com/gitlab/gitlab-{{ edition_abbreviation }}/amazon/2023/$basearch
+repo_gpgcheck=1
+gpgcheck=1
+enabled=1
+gpgkey=https://packages.gitlab.com/gitlab/gitlab-{{ edition_abbreviation }}/gpgkey
+       https://packages.gitlab.com/gitlab/gitlab-{{ edition_abbreviation }}/gpgkey/gitlab-gitlab-{{ edition_abbreviation }}-3D645A26AB9FBD22.pub.gpg
+sslverify=1
+sslcacert=/etc/pki/tls/certs/ca-bundle.crt
+metadata_expire=300
+
+[gitlab_gitlab-{{ edition_abbreviation }}-source]
+name=gitlab_gitlab-{{ edition_abbreviation }}-source
+baseurl=https://packages.gitlab.com/gitlab/gitlab-{{ edition_abbreviation }}/amazon2023/SRPMS
+repo_gpgcheck=1
+gpgcheck=1
+enabled=1
+gpgkey=https://packages.gitlab.com/gitlab/gitlab-{{ edition_abbreviation }}/gpgkey
+       https://packages.gitlab.com/gitlab/gitlab-{{ edition_abbreviation }}/gpgkey/gitlab-gitlab-{{ edition_abbreviation }}-3D645A26AB9FBD22.pub.gpg
+sslverify=1
+sslcacert=/etc/pki/tls/certs/ca-bundle.crt
+metadata_expire=300