CI: add more tests

[macno]

Introduce a wrapper to invoke molecule.
Within the wrapper we are able to handle scenarios that correctly fail on some distro

[nvtkaszpir]

I suggest to add some short description of the purpose of the file and how to use it in 'must succes' and 'must fail scenarios'.

[macno]

Nice suggestion, added

[nvtkaszpir]

maybe it would be better to make it parametrized per distro/codename?
aloo 14.04 is really dead.

[nvtkaszpir]

I'm super picky here, pleas double quote values, I've seen nightmares due to colons improperly parsed :D

[macno]

Ok, done

[nvtkaszpir]

I see you added double newline between pre_tasks and roles, maybe adding single line between vars and pre_tasks could help visually here aswell?

[macno]

I see, but I think I prefer to remove the empty lines

[nvtkaszpir]

I get the feeling there is too much of must fail scenarios. Anyway to fix this to actually make it pass, without getting isane ;-) ?
Or maybe just drop centos6.

[macno]

The point is to be sure that the role correctly fails in that cases so none will be unable to login. So I think it safer to keep it as it is

[gizero]

I guess @nvtkaszpir is more or less about touching the point we have been struggling with lately. Regardless how many "must fail" scenarios we want to maintain, we didn't find a sane way to cleanly test a "must fail scenario" within the molecule test framework. I mean, how to write a test that's successful when Ansible complains in applying the role to a specific (incompatible) scenario with a given error message? It would have been nice if Ansible had a builtin mechanism to early fail based on some distro compatibility metadata, but I'm not aware of any. I'm also very concerned about long term maintenance of this runMolecule.sh. As @macno pointed out, trying to forcefully apply the role to well known "must fail" scenarios could render the system unaccessible. Then we need to be extra safe here. Suggestions for a better approach here are hugely appreciated!