From 01569f774a7819bb3245d34d838b3830a920e730 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20B=C3=A4rlocher?= Date: Wed, 17 Jun 2026 23:14:44 +0200 Subject: [PATCH] docs(ci): document KVM molecule reusable in changelog and agents The ci-ansible-molecule-kvm.yml workflow was merged without the accompanying documentation the repo conventions require. Add its CHANGELOG entry under 2026-06-17 and a row in the AGENTS.md CI table. --- AGENTS.md | 1 + CHANGELOG.md | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/AGENTS.md b/AGENTS.md index fd04d2e..6c7a7af 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -96,6 +96,7 @@ This repository provides shared Renovate presets for consumer repositories: |----------|------|-------------| | Ansible Collection CI | [ci-ansible-collection.yml](./.github/workflows/ci-ansible-collection.yml) | Linting, security scan, sanity/unit/integration tests, build | | Ansible Molecule CI | [ci-ansible-molecule.yml](./.github/workflows/ci-ansible-molecule.yml) | Auto-discovered Molecule scenarios under `extensions/molecule/`, docker driver | +| Ansible Molecule CI (KVM) | [ci-ansible-molecule-kvm.yml](./.github/workflows/ci-ansible-molecule-kvm.yml) | Molecule scenarios in full VMs via the `molecule-qemu` driver — for roles needing a real kernel/init (k3s, container engines, systemd-service agents) | | Go CI | [ci-go.yml](./.github/workflows/ci-go.yml) | golangci-lint, gofmt, go vet, go test | | Lint | [ci-lint.yml](./.github/workflows/ci-lint.yml) | MegaLinter aggregator | diff --git a/CHANGELOG.md b/CHANGELOG.md index be147f8..0234ee3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,17 @@ This is a rolling release - changes are deployed continuously to `main`. ### Added +- **ci-ansible-molecule-kvm.yml**: New reusable Molecule runner that boots full + VMs via the `molecule-qemu` driver instead of the docker driver, for roles + that need a real kernel and init system (k3s `modprobe`/cgroups, container + engines, agents that must run as a stable `systemd` service — under docker + the unit reports started while it has crash-looped, masking config bugs). + GitHub-hosted `ubuntu-latest` exposes a writable `/dev/kvm`, so the job + installs `qemu-system-x86`/`qemu-utils`/`genisoimage`, adds the runner to the + `kvm` group, and runs molecule via `sg kvm`; molecule-qemu auto-detects KVM + acceleration and falls back to TCG. Validated end-to-end on `arillso.agent` + (alloy) and `arillso.container` (k3s). Docker-driver roles keep using + `ci-ansible-molecule.yml` - **AGENTS.md**: New "Ansible Collection Conventions" section documenting the shared release workflow shape (`name`, `run-name`, `concurrency`), the Keep-a-Changelog format, the cross-collection dependency-bound matrix