Import tripleo-container-tag role

This change imports the tripleo-container-tag role and adds testing using
molecule. Tests within this role will be delegated to the host so that
it can natively control both docker and podman containers.

To test this role the "openstack-tox-with-sudo" job is being used which
will allow the job to locally execute against the target node.

Change-Id: I7b30561137cd78b5a3d297fa26115dbfe4458e06
Signed-off-by: Kevin Carter <kevin@cloudnull.com>
This commit is contained in:
Kevin Carter 2019-06-20 14:10:52 -05:00 committed by Kevin Carter
parent b0ec09a05f
commit 5e55213e45
16 changed files with 536 additions and 0 deletions

View File

@ -0,0 +1,31 @@
============================
Role - tripleo-container-tag
============================
This role provides for the following services:
* tripleo-container-tag
Default variables
~~~~~~~~~~~~~~~~~
.. literalinclude:: ../../../tripleo_ansible/roles/tripleo-container-tag/defaults/main.yml
:language: yaml
:start-after: under the License.
Example default playbook
~~~~~~~~~~~~~~~~~~~~~~~~
.. literalinclude:: ../../../tripleo_ansible/roles/tripleo-container-tag/molecule/default/playbook.yml
:language: yaml
:start-after: under the License.
Example podman playbook
~~~~~~~~~~~~~~~~~~~~~~~
.. literalinclude:: ../../../tripleo_ansible/roles/tripleo-container-tag/molecule/podman/playbook.yml
:language: yaml
:start-after: under the License.

19
tox.ini
View File

@ -19,6 +19,7 @@ setenv =
ANSIBLE_NOCOWS=1
ANSIBLE_RETRY_FILES_ENABLED=0
ANSIBLE_STDOUT_CALLBACK=debug
ANSIBLE_LOG_PATH={envlogdir}/ansible-execution.log
VIRTUAL_ENV={envdir}
# pip: Avoid 2020-01-01 warnings: https://github.com/pypa/pip/issues/6207
# paramiko CryptographyDeprecationWarning: https://github.com/ansible/ansible/issues/52598
@ -237,3 +238,21 @@ basepython = {[testenv:mol]basepython}
deps = {[testenv:mol]deps}
changedir = {toxinidir}/tripleo_ansible/roles/tripleo-ssh-known-hosts
commands = python -m pytest --color=yes --html={envlogdir}/reports.html --self-contained-html {tty:-s} {toxinidir}/tests/test_molecule.py
[testenv:mol-tripleo-container-tag]
basepython = {[testenv:mol]basepython}
deps = {[testenv:mol]deps}
changedir = {toxinidir}/tripleo_ansible/roles/tripleo-container-tag
commands = python -m pytest --color=yes --html={envlogdir}/reports.html --self-contained-html {tty:-s} {toxinidir}/tests/test_molecule.py
[testenv:mol-tripleo-container-tag-default]
basepython = {[testenv:mol]basepython}
deps = {[testenv:mol]deps}
changedir = {toxinidir}/tripleo_ansible/roles/tripleo-container-tag
commands = python -m pytest --color=yes --html={envlogdir}/reports.html --self-contained-html {tty:-s} {toxinidir}/tests/test_molecule.py --scenario=default
[testenv:mol-tripleo-container-tag-podman]
basepython = {[testenv:mol]basepython}
deps = {[testenv:mol]deps}
changedir = {toxinidir}/tripleo_ansible/roles/tripleo-container-tag
commands = python -m pytest --color=yes --html={envlogdir}/reports.html --self-contained-html {tty:-s} {toxinidir}/tests/test_molecule.py --scenario=podman

View File

@ -32,11 +32,17 @@
- always
- name: install deplorean repo
become: true
get_url:
url: "https://trunk.rdoproject.org/{{ ansible_distribution | lower }}{{ ansible_distribution_major_version }}-master/current-tripleo/delorean.repo"
dest: /etc/yum.repos.d/delorean.repo
when:
- (ansible_os_family | lower) == 'redhat'
- name: install deplorean-deps repo
become: true
get_url:
url: "https://trunk.rdoproject.org/{{ ansible_distribution | lower }}{{ ansible_distribution_major_version }}-master/delorean-deps.repo"
dest: /etc/yum.repos.d/delorean-deps.repo
when:
- (ansible_os_family | lower) == 'redhat'

View File

@ -0,0 +1,42 @@
tripleo-container-tag
=====================
An Ansible role to tag Pacemaker-managed containers.
Requirements
------------
It requires Docker or Podman on the host, depending which container CLI
is used.
Role variables
--------------
- container_image: -- Name of the container image to tag.
- container_image_latest: -- Name of the tag.
- container_cli: -- Name of the Container CLI tool (default to docker).
- pull_image: -- Pulling or not the image passed in container_image variable ( default to true).
Example Playbook
----------------
Sample playbook to call the role:
- name: Tag Pacemaker containers
hosts: all
roles:
- tripleo-container-tag
vars:
container_image: haproxy
container_image_latest: pcmklatest
container_cli: docker
License
-------
Free software: Apache License (2.0)
Author Information
------------------
OpenStack TripleO team

View File

@ -0,0 +1,37 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# All variables intended for modification should place placed in this file.
# All variables within this role should have a prefix of "tripleo-container-tag"
# NOTE(cloudnull): This role used to use a non-namespaced option, which has a high
# probability of creating conflicts with other roles in the greater
# ansible ecosystem. To ensure that we're able to retain existing
# variable functionality the "modules" option will supersede
# "tripleo_modules" if defined. This default should be removed
# just as soon as we're validate that the non-namespaced option
# is no longer in use.
#
# Set the container command line entry-point
tripleo_container_cli: "{{ container_cli | default('docker') }}"
# Enable or disable pulling images.
tripleo_container_pull_image: "{{ pull_image | default(true) }}"
# Name of the tag
tripleo_container_image_latest: "{{ container_image_latest | default('latest') }}"

View File

@ -0,0 +1,44 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
galaxy_info:
author: OpenStack
description: TripleO OpenStack Role -- tripleo-container-tag
company: Red Hat
license: Apache-2.0
min_ansible_version: 2.7
#
# Provide a list of supported platforms, and for each platform a list of versions.
# If you don't wish to enumerate all versions for a particular platform, use 'all'.
# To view available platforms and versions (or releases), visit:
# https://galaxy.ansible.com/api/v1/platforms/
#
platforms:
- name: Fedora
versions:
- 28
- name: CentOS
versions:
- 7
galaxy_tags:
- tripleo
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
dependencies: []

View File

@ -0,0 +1,48 @@
---
driver:
name: delegated
options:
managed: false
login_cmd_template: >-
ssh
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=no
{instance}
ansible_connection_options:
ansible_connection: ssh
log: true
platforms:
- name: instance
provisioner:
name: ansible
inventory:
hosts:
all:
hosts:
instance:
ansible_host: localhost
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- prepare
- converge
- verify
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

View File

@ -0,0 +1,31 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
become: true
hosts: all
roles:
- role: "tripleo-container-tag"
tripleo_container_image: fedora:28
tripleo_container_image_latest: test-latest
tripleo_container_cli: docker
tripleo_container_pull_image: true
- role: "tripleo-container-tag"
tripleo_container_image: fedora:28
tripleo_container_image_latest: test-latest-2
tripleo_container_cli: docker
tripleo_container_pull_image: false

View File

@ -0,0 +1,78 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- import_playbook: ../pre-prepare.yml
- name: Prepare
hosts: all
become: true
gather_facts: true
vars:
required_packages:
- docker
- python-virtualenv
pre_tasks:
- name: Set current user fact
set_fact:
current_user: "{{ lookup('env','USER') }}"
roles:
- role: test_deps
post_tasks:
- name: Docker block
block:
- name: Install docker
package:
name: "{{ required_packages }}"
state: latest
- name: Ensure "docker" group exists
group:
name: docker
state: present
- name: Ensure the ansible user can access docker
user:
name: "{{ ansible_user | default(current_user) }}"
groups: docker
- name: Start docker
systemd:
name: docker
state: started
- name: Install python-docker in venv
pip:
name: "docker"
virtualenv: /opt/tripleo-ansible
virtualenv_site_packages: true
- name: reset ssh connection to allow user changes to take affect
meta: reset_connection
- name: pull an image
vars:
ansible_python_interpreter: /opt/tripleo-ansible/bin/python
docker_image:
name: fedora:28
source: pull
- name: Create a data container
vars:
ansible_python_interpreter: /opt/tripleo-ansible/bin/python
docker_container:
name: test-container
image: fedora:28

View File

@ -0,0 +1,48 @@
---
driver:
name: delegated
options:
managed: false
login_cmd_template: >-
ssh
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=no
{instance}
ansible_connection_options:
ansible_connection: ssh
log: true
platforms:
- name: instance
provisioner:
name: ansible
inventory:
hosts:
all:
hosts:
instance:
ansible_host: localhost
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
scenario:
test_sequence:
- prepare
- converge
- verify
lint:
enabled: false
verifier:
name: testinfra
lint:
name: flake8

View File

@ -0,0 +1,30 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
become: true
roles:
- role: "tripleo-container-tag"
tripleo_container_image: fedora:28
tripleo_container_image_latest: test-latest
tripleo_container_cli: podman
- role: "tripleo-container-tag"
tripleo_container_image: fedora:28
tripleo_container_image_latest: test-latest-2
tripleo_container_cli: podman
tripleo_container_pull_image: false

View File

@ -0,0 +1,34 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- import_playbook: ../pre-prepare.yml
- name: Prepare
hosts: all
become: true
gather_facts: true
vars:
required_packages:
- podman
roles:
- role: test_deps
post_tasks:
- name: Install podman
become: true
package:
name: "{{ required_packages }}"
state: latest

View File

@ -0,0 +1,46 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: pre prepare
connection: local
hosts: all
gather_facts: false
tasks:
- name: Set current user fact
set_fact:
current_user_home: "{{ lookup('env','HOME') }}"
current_user: "{{ lookup('env','USER') }}"
- name: Ensure the user has a .ssh directory
file:
path: "{{ current_user_home }}/.ssh"
state: directory
owner: "{{ ansible_user | default(current_user) }}"
group: "{{ ansible_user | default(current_user) }}"
mode: "0700"
- name: Create ssh key pair
user:
name: "{{ ansible_user | default(current_user) }}"
generate_ssh_key: true
ssh_key_bits: 2048
ssh_key_file: "{{ current_user_home }}/.ssh/id_rsa"
- name: Ensure can ssh to can connect to localhost
authorized_key:
user: "{{ ansible_user | default(current_user) }}"
key: "{{ lookup('file', (current_user_home ~ '/.ssh/id_rsa.pub')) }}"

View File

@ -0,0 +1,26 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# "tripleo-container-tag" will search for and load any operating system variable file
- name: Pull {{ tripleo_container_image }} image
shell: "{{ tripleo_container_cli }} pull {{ tripleo_container_image }}"
when:
- tripleo_container_pull_image | bool
- name: Tag {{ tripleo_container_image_latest }} to latest {{ tripleo_container_image }} image
shell: "{{ tripleo_container_cli }} tag {{ tripleo_container_image }} {{ tripleo_container_image_latest }}"

View File

@ -6,6 +6,13 @@
timeout: 900
nodeset: centos-7
voting: true
- job:
name: tripleo-ansible-centos-sudo
parent: openstack-tox-with-sudo
description: Basic tripleo-ansible tox job with sudo
timeout: 900
nodeset: centos-7
voting: true
- job:
name: tripleo-ansible-docs
parent: openstack-tox-docs

View File

@ -12,6 +12,7 @@
- tripleo-ansible-centos-7-molecule-tripleo-create-admin
- tripleo-ansible-centos-7-molecule-tripleo-module-load
- tripleo-ansible-centos-7-molecule-tripleo-ssh-known-hosts
- tripleo-ansible-centos-7-molecule-tripleo-container-tag
gate:
jobs:
- tripleo-ansible-centos-7-molecule-aide
@ -24,6 +25,7 @@
- tripleo-ansible-centos-7-molecule-tripleo-create-admin
- tripleo-ansible-centos-7-molecule-tripleo-module-load
- tripleo-ansible-centos-7-molecule-tripleo-ssh-known-hosts
- tripleo-ansible-centos-7-molecule-tripleo-container-tag
name: tripleo-ansible-molecule-jobs
- job:
files:
@ -99,3 +101,10 @@
parent: tripleo-ansible-centos
vars:
tox_envlist: mol-tripleo-ssh-known-hosts
- job:
files:
- ^tripleo_ansible/roles/tripleo-container-tag/.*
name: tripleo-ansible-centos-7-molecule-tripleo-container-tag
parent: tripleo-ansible-centos-sudo
vars:
tox_envlist: mol-tripleo-container-tag