66ceb321a6
This adds the concept of an unmanaged domain; for unmanaged domains we will write out the zone file only if it doesn't already exist. acme.opendev.org is added as an unmanaged domain. It will be managed by other ansible roles which add TXT records for ACME authentication. The initial template comes from the dependent change, and this ensures the bind configuration is always valid. For flexibility and testing purposes, we allow passing an extra refspec and version to the git checkout. This is one way to pull in changes for speculative CI runs (I looked into having the hosts under test checkout from Zuul; but by the time we're 3-ansible call's deep on the DNS hosts-under-test it's a real pain. For the amount of times we update this, it's easier to just allow a speculative change that can take a gerrit URL; for an example see [1]) [1] https://review.openstack.org/#/c/641155/10/playbooks/group_vars/dns.yaml Testing is enhanced to check for zone files and correct configuration stanzas. Depends-On: https://review.openstack.org/641154 Depends-On: https://review.openstack.org/641168 Change-Id: I9ef5cfc850c3458c63aff46cfaa0d49a5d194e87
41 lines
1.4 KiB
Python
41 lines
1.4 KiB
Python
# Copyright 2018 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
testinfra_hosts = ['adns1.opendev.org']
|
|
|
|
|
|
def test_bind(host):
|
|
named = host.service('bind9')
|
|
assert named.is_running
|
|
|
|
def test_zone_files(host):
|
|
opendev_zone = host.file('/var/lib/bind/zones/opendev.org')
|
|
assert opendev_zone.exists
|
|
|
|
acme_opendev_zone = host.file('/var/lib/bind/zones/acme.opendev.org')
|
|
assert acme_opendev_zone.exists
|
|
|
|
zuul_ci_zone = host.file('/var/lib/bind/zones/zuul-ci.org')
|
|
assert zuul_ci_zone.exists
|
|
|
|
zuulci_zone = host.file('/var/lib/bind/zones/zuulci.org')
|
|
assert zuulci_zone.exists
|
|
|
|
bind_config = host.file('/etc/bind/named.conf')
|
|
assert b'zone opendev.org {' in bind_config.content
|
|
assert b'zone acme.opendev.org {' in bind_config.content
|
|
assert b'zone zuul-ci.org {' in bind_config.content
|
|
assert b'zone zuulci.org {' in bind_config.content
|