0c0767b3f1
This patch begins the teardown of the RHEL 6 STIG content from the ansible-hardening repository. It will still be maintained in Pike and earlier branches. This patch also updates the ansible-hardening documentation for the Queens release and notes that Pike is the latest stable version. Closes-Bug: 1715745 Change-Id: Iaae52c97a35d82dd807ef78a1a6593ce3aa33540
122 lines
2.8 KiB
INI
122 lines
2.8 KiB
INI
[tox]
|
|
minversion = 2.0
|
|
skipsdist = True
|
|
envlist = docs,linters,functional
|
|
|
|
|
|
[testenv]
|
|
usedevelop = True
|
|
install_command =
|
|
pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
|
|
deps =
|
|
-r{toxinidir}/test-requirements.txt
|
|
commands =
|
|
/usr/bin/find . -type f -name "*.pyc" -delete
|
|
passenv =
|
|
HOME
|
|
http_proxy
|
|
HTTP_PROXY
|
|
https_proxy
|
|
HTTPS_PROXY
|
|
no_proxy
|
|
NO_PROXY
|
|
whitelist_externals =
|
|
bash
|
|
setenv =
|
|
PYTHONUNBUFFERED=1
|
|
ROLE_NAME=ansible-hardening
|
|
TEST_CHECK_MODE=true
|
|
TEST_IDEMPOTENCE=true
|
|
VIRTUAL_ENV={envdir}
|
|
WORKING_DIR={toxinidir}
|
|
|
|
|
|
[testenv:docs]
|
|
commands=
|
|
bash -c "rm -rf doc/build"
|
|
# NOTE(mhayden): doc8 really dislikes the automated docs. This should be
|
|
# enabled again later.
|
|
#doc8 doc
|
|
python setup.py build_sphinx
|
|
|
|
|
|
[doc8]
|
|
# Settings for doc8:
|
|
extensions = .rst
|
|
allow-long-titles=1
|
|
|
|
|
|
[testenv:releasenotes]
|
|
commands =
|
|
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|
|
|
|
|
|
# environment used by the -infra templated docs job
|
|
[testenv:venv]
|
|
commands =
|
|
{posargs}
|
|
|
|
|
|
[testenv:pep8]
|
|
commands =
|
|
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
|
|
bash -c "{toxinidir}/tests/common/test-pep8.sh"
|
|
|
|
|
|
[flake8]
|
|
# Ignores the following rules due to how ansible modules work in general
|
|
# F403 'from ansible.module_utils.basic import *' used;
|
|
# unable to detect undefined names
|
|
ignore=F403
|
|
|
|
|
|
[testenv:bashate]
|
|
commands =
|
|
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
|
|
bash -c "{toxinidir}/tests/common/test-bashate.sh"
|
|
|
|
|
|
[testenv:ansible]
|
|
deps =
|
|
{[testenv]deps}
|
|
-rhttps://git.openstack.org/cgit/openstack/openstack-ansible/plain/global-requirement-pins.txt
|
|
-rhttps://git.openstack.org/cgit/openstack/openstack-ansible-tests/plain/test-ansible-deps.txt
|
|
|
|
|
|
[testenv:ansible-syntax]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
commands =
|
|
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
|
|
bash -c "{toxinidir}/tests/common/test-ansible-syntax.sh"
|
|
|
|
|
|
[testenv:ansible-lint]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
commands =
|
|
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
|
|
bash -c "{toxinidir}/tests/common/test-ansible-lint.sh"
|
|
|
|
|
|
[testenv:functional]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
setenv =
|
|
{[testenv]setenv}
|
|
# NOTE(mhayden): Disabling chrony since it causes conflicts in CI.
|
|
ANSIBLE_PARAMETERS=-e security_rhel7_enable_chrony=no
|
|
commands =
|
|
bash -c "{toxinidir}/tests/tests-repo-clone.sh"
|
|
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
|
|
|
[testenv:linters]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
commands =
|
|
{[testenv:pep8]commands}
|
|
{[testenv:bashate]commands}
|
|
{[testenv:ansible-lint]commands}
|
|
{[testenv:ansible-syntax]commands}
|
|
{[testenv:docs]commands}
|