e70c1e581c
Currently we define the letsencrypt certs for each host in its individual host variables. With recent work we have a trusted CA and SAN names setup in our testing environment; introducing the possibility that we could accidentally reference the production host during testing (both have valid certs, as far as the testing hosts are concerned). To avoid this, we can use our naming scheme to move our testing hosts to "99" and avoid collision with the production hosts. As a bonus, this really makes you think more about your group/host split to get things right and keep the environment as abstract as possible. One example of this is that with letsencrypt certificates defined in host vars, testing and production need to use the same hostname to get the right certificates created. Really, this should be group-level information so it applies equally to host01 and host99. To cover "hostXX.opendev.org" as a SAN we can include the inventory_hostname in the group variables. This updates one of the more tricky hosts, static, as a proof of concept. We rename the handlers to be generic, and update the testing targets. Change-Id: Id98768e29a06cebaf645eb75b39e4dc5adb8830d
239 lines
9.7 KiB
Python
239 lines
9.7 KiB
Python
# Copyright 2019 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import pytest
|
|
|
|
testinfra_hosts = ['static99.opendev.org']
|
|
|
|
|
|
def test_apache(host):
|
|
apache = host.service('apache2')
|
|
assert apache.is_running
|
|
|
|
def test_zuul_user(host):
|
|
user = host.user('zuul')
|
|
assert user.exists
|
|
|
|
authorized_keys = host.file('%s/.ssh/authorized_keys' %
|
|
user.home)
|
|
assert authorized_keys.exists
|
|
|
|
static_names = (
|
|
'static99.opendev.org',
|
|
'static.opendev.org',
|
|
'static.openstack.org',
|
|
'files.openstack.org',
|
|
)
|
|
|
|
@pytest.mark.parametrize("name", static_names)
|
|
def test_static_opendev_org(host, name):
|
|
cmd = host.run('curl --resolve %s:443:127.0.0.1 https://%s/' %
|
|
(name, name))
|
|
assert 'Index of /' in cmd.stdout
|
|
|
|
def test_ask_openstack_org(host):
|
|
cmd = host.run('curl --resolve ask.openstack.org:443:127.0.0.1 '
|
|
'https://ask.openstack.org/')
|
|
assert 'ask.openstack.org' in cmd.stdout
|
|
|
|
def test_docs_airshipit_org(host):
|
|
cmd = host.run('curl --resolve docs.airshipit.org:443:127.0.0.1 '
|
|
'https://docs.airshipit.org/')
|
|
assert 'Airship documentation' in cmd.stdout
|
|
|
|
def test_governance_openstack_org(host):
|
|
cmd = host.run('curl --resolve governance.openstack.org:443:127.0.0.1 '
|
|
'https://governance.openstack.org/')
|
|
assert 'OpenStack Governance' in cmd.stdout
|
|
|
|
def test_security_openstack_org(host):
|
|
cmd = host.run('curl --resolve security.openstack.org:443:127.0.0.1 '
|
|
'https://security.openstack.org/')
|
|
assert 'OpenStack Security Project' in cmd.stdout
|
|
|
|
def test_tarballs_openstack_org(host):
|
|
cmd = host.run('curl '
|
|
'--resolve tarballs.openstack.org:443:127.0.0.1 '
|
|
'--resolve tarballs.opendev.org:443:127.0.0.1 '
|
|
'https://tarballs.openstack.org/nova/')
|
|
# The redirect page should send us to tarballs.opendev.org
|
|
assert '302 Found' in cmd.stdout
|
|
assert 'https://tarballs.opendev.org/openstack/nova/' in cmd.stdout
|
|
|
|
def test_tarballs_opendev_org(host):
|
|
cmd = host.run('curl --resolve tarballs.opendev.org:443:127.0.0.1 '
|
|
'https://tarballs.opendev.org/openstack/nova/')
|
|
# An old file that should be present
|
|
assert 'nova-12.0.0.tar.gz' in cmd.stdout
|
|
|
|
def test_tarballs_opendev_org_redirects(host):
|
|
cmd = host.run('curl --resolve tarballs.opendev.org:443:127.0.0.1 '
|
|
'https://tarballs.opendev.org/openstack/afsmon/')
|
|
# Should be redirected to opendev/afsmon
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert 'https://tarballs.opendev.org/opendev/afsmon' in cmd.stdout
|
|
|
|
def test_specs_openstack_org(host):
|
|
cmd = host.run('curl --resolve specs.openstack.org:443:127.0.0.1 '
|
|
'https://specs.openstack.org/specs.opml')
|
|
assert 'OpenStack Specs Feeds' in cmd.stdout
|
|
|
|
def test_service_types_openstack_org(host):
|
|
cmd = host.run('curl --resolve service-types.openstack.org:443:127.0.0.1 '
|
|
'https://service-types.openstack.org')
|
|
assert 'OpenStack Service Types Authority Data' in cmd.stdout
|
|
|
|
def test_releases_openstack_org(host):
|
|
cmd = host.run('curl --resolve releases.openstack.org:443:127.0.0.1 '
|
|
'https://releases.openstack.org')
|
|
assert 'OpenStack Releases: OpenStack Releases' in cmd.stdout
|
|
|
|
def test_developer_openstack_org(host):
|
|
cmd = host.run('curl --resolve developer.openstack.org:443:127.0.0.1 '
|
|
'https://developer.openstack.org')
|
|
assert 'OpenStack Docs: Application Development' in cmd.stdout
|
|
|
|
def test_docs_openstack_org(host):
|
|
cmd = host.run('curl --resolve docs.openstack.org:443:127.0.0.1 '
|
|
'https://docs.openstack.org')
|
|
# links to the latest, make sure it redirected us
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
|
|
def test_docs_opendev_org(host):
|
|
cmd = host.run('curl --resolve docs.opendev.org:443:127.0.0.1 '
|
|
'https://docs.opendev.org')
|
|
assert 'Index of /' in cmd.stdout
|
|
|
|
def test_docs_starlingx_io(host):
|
|
cmd = host.run('curl --resolve docs.starlingx.io:443:127.0.0.1 '
|
|
'https://docs.starlingx.io')
|
|
# links to the latest, make sure it redirected us
|
|
assert 'Welcome to the StarlingX Documentation' \
|
|
in cmd.stdout
|
|
|
|
zuul_names = (
|
|
'zuul-ci.org',
|
|
'www.zuul-ci.org',
|
|
'zuulci.org',
|
|
'www.zuulci.org',
|
|
)
|
|
|
|
@pytest.mark.parametrize("name", zuul_names)
|
|
def test_zuulci_org(host, name):
|
|
|
|
cmd = host.run('curl --resolve %s:443:127.0.0.1 https://%s/ ' %
|
|
(name, name))
|
|
assert 'Zuul is an open source CI tool' in cmd.stdout
|
|
|
|
# test redirects as they are. leave http off the first one and we
|
|
# test both http/https.
|
|
git_redirects = (
|
|
('git.openstack.org/openstack/nova', 'https://opendev.org/openstack/nova'),
|
|
('git.openstack.org/cgit/openstack/tripleo-ansible/commit/?id=a6f9b1551baf5f680c05f4fa69ac926f8a0a3f81',
|
|
'https://opendev.org/openstack/tripleo-ansible/commit/a6f9b1551baf5f680c05f4fa69ac926f8a0a3f81'),
|
|
('git.starlingx.io/stx-tools', 'https://opendev.org/starlingx/tools'),
|
|
('git.zuul-ci.org/zuul', 'https://opendev.org/zuul/zuul'),
|
|
('git.zuul-ci.org/nodepool', 'https://opendev.org/zuul/nodepool'),
|
|
('git.airshipit.org/airship-armada', 'https://opendev.org/airship/armada'),
|
|
('git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt',
|
|
'https://opendev.org/openstack/requirements/raw/branch/master/upper-constraints.txt')
|
|
)
|
|
@pytest.mark.parametrize("url,target", git_redirects)
|
|
|
|
def test_git_redirects(host, url, target):
|
|
hostname = url.split('/')[0]
|
|
|
|
# http should redirect directly (not bounce via https)
|
|
cmd = host.run('curl --resolve %s:80:127.0.0.1 http://%s' % (hostname, url))
|
|
assert '302 Found' in cmd.stdout
|
|
assert target in cmd.stdout
|
|
|
|
cmd = host.run('curl --resolve %s:443:127.0.0.1 https://%s' %
|
|
(hostname, url))
|
|
assert '302 Found' in cmd.stdout
|
|
assert target in cmd.stdout
|
|
|
|
doc_redirects = (
|
|
('devstack.org', 'https://docs.openstack.org/devstack/latest'),
|
|
('www.devstack.org', 'https://docs.openstack.org/devstack/latest'),
|
|
('cinder.openstack.org', 'https://docs.openstack.org/cinder/latest'),
|
|
('glance.openstack.org', 'https://docs.openstack.org/glance/latest'),
|
|
('horizon.openstack.org', 'https://docs.openstack.org/horizon/latest'),
|
|
('keystone.openstack.org', 'https://docs.openstack.org/keystone/latest'),
|
|
('nova.openstack.org', 'https://docs.openstack.org/nova/latest'),
|
|
('swift.openstack.org', 'https://docs.openstack.org/swift/latest'),
|
|
)
|
|
|
|
@pytest.mark.parametrize("hostname,target", doc_redirects)
|
|
def test_doc_redirects(host, hostname, target):
|
|
cmd = host.run('curl --resolve %s:80:127.0.0.1 http://%s' %
|
|
(hostname, hostname))
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert target in cmd.stdout
|
|
|
|
cmd = host.run('curl --resolve %s:443:127.0.0.1 https://%s' %
|
|
(hostname, hostname))
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert target in cmd.stdout
|
|
|
|
def test_summit_openstack_org(host):
|
|
cmd = host.run('curl --resolve summit.openstack.org:80:127.0.0.1'
|
|
' http://summit.openstack.org')
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert 'https://openstack.org/summit/' in cmd.stdout
|
|
|
|
cmd = host.run('curl --resolve summit.openstack.org:443:127.0.0.1'
|
|
' https://summit.openstack.org')
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert 'https://openstack.org/summit/' in cmd.stdout
|
|
|
|
def test_planet_openstack_org_redirects(host):
|
|
cmd = host.run('curl --resolve planet.openstack.org:443:127.0.0.1 '
|
|
'https://planet.openstack.org/')
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert 'https://opendev.org/openstack/openstack-planet' in cmd.stdout
|
|
|
|
def test_meetings_opendev_org(host):
|
|
cmd = host.run('curl --resolve meetings.opendev.org:443:127.0.0.1 '
|
|
'https://meetings.opendev.org/')
|
|
assert 'IRC channels and meetings' in cmd.stdout
|
|
|
|
def test_eavesdrop_openstack_org(host):
|
|
cmd = host.run('curl --resolve eavesdrop.openstack.org:443:127.0.0.1 '
|
|
'https://eavesdrop.openstack.org/')
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert 'https://meetings.opendev.org' in cmd.stdout
|
|
|
|
ci_redirects = (
|
|
('/jenkins-job-builder', 'https://docs.openstack.org/infra/jenkins-job-builder'),
|
|
('/nodepool', 'https://docs.openstack.org/infra/nodepool'),
|
|
('/openstackid', 'https://docs.openstack.org/infra/openstackid'),
|
|
('/shade', 'https://docs.openstack.org/shade/latest'),
|
|
('/storyboard', 'https://docs.openstack.org/infra/storyboard'),
|
|
('/zuul', 'https://zuul-ci.org/docs/zuul'),
|
|
('/', 'https://docs.openstack.org/infra/system-config/'),
|
|
)
|
|
|
|
@pytest.mark.parametrize("path,target", ci_redirects)
|
|
def test_ci_openstack_org(host, path, target):
|
|
cmd = host.run('curl --resolve ci.openstack.org:80:127.0.0.1'
|
|
' http://ci.openstack.org%s' % path)
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert target in cmd.stdout
|
|
|
|
cmd = host.run('curl --resolve ci.openstack.org:443:127.0.0.1'
|
|
' https://ci.openstack.org%s' % path)
|
|
assert '301 Moved Permanently' in cmd.stdout
|
|
assert target in cmd.stdout
|