Make validation inputs configurable via Mistral

The validations have certain values (e.g. the amount of RAM necessary for the undercloud node) configurable, but these were not exposed through Mistral. This adds a new `--inputs` parameter to the `run-validation` script which takes a path to a YAML or JSON file with the additional inputs (i.e. Ansible extra-args) defined. And the `run_validation` action now optionally takes an `inputs` dictionary which gets passed to `run-validation`. Closes-Bug: #1625547 Implements: blueprint validation-framework Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com> Change-Id: I8944cf7133d47869d26974fd123cd93c98425f17 Co-authored: Tomas Sedovic <tsedovic@redhat.com>
2019-03-19 16:45:05 +01:00 · 2019-03-19 16:45:05 +01:00 · 5762772fdf
parent 3db41939a3
commit 5762772fdf
7 changed files with 94 additions and 9 deletions
--- a/scripts/run-validation
+++ b/scripts/run-validation
@ -3,6 +3,27 @@
 set -e
 set -o pipefail
 SCRIPT_NAME=$(basename $0)
 OPTS=`getopt -o i: -l inputs: -n $SCRIPT_NAME -- "$@"`
 if [ $? != 0 ]; then
    echo "Terminating..." >&2
    exit 1
 fi
 EXTRA_VARS_FILE=""
 # Note the quotes around `$OPTS': they are essential!
 eval set -- "$OPTS"
 while true ; do
    case "$1" in
        -i | --inputs ) EXTRA_VARS_FILE="$2" ; shift 2 ;;
        -- ) shift ; break ;;
        * ) echo "Error: unsupported option $1." ; exit 1 ;;
    esac
 done
 VALIDATION_FILE=$1
 IDENTITY_FILE=$2
 PLAN_NAME=$3
@ -22,6 +43,15 @@ if [[ -z "$IDENTITY_FILE" ]]; then
    exit 1
 fi
 if [[ -z "$EXTRA_VARS_FILE" ]]; then
    EXTRA_VARS_ARGS=""
 elif [[ -r "$EXTRA_VARS_FILE" ]]; then
    EXTRA_VARS_ARGS="--extra-vars @$EXTRA_VARS_FILE"
 else
    echo "Can not find the inputs file at $EXTRA_VARS_FILE"
    exit 1
 fi
 # Make sure ssh is not asking interactively for hosts it can't check the key
 # authenticity
 export ANSIBLE_HOST_KEY_CHECKING=False
@ -55,4 +85,4 @@ if [ -z "${OS_PASSWORD:-}" ]; then
    export OS_AUTH_URL=${OS_AUTH_URL/%v3/v2.0}
 fi
-ansible-playbook $VALIDATION_FILE
+ansible-playbook $EXTRA_VARS_ARGS $VALIDATION_FILE
--- a/5
+++ b/5
@ -4,8 +4,13 @@ Defaults:mistral !requiretty
 mistral ALL = (validations) NOPASSWD:SETENV: /usr/bin/run-validation
 mistral ALL = NOPASSWD: /usr/bin/chown -h validations\: /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
        !/usr/bin/chown /tmp/validations_identity_* *, !/usr/bin/chown /tmp/validations_identity_*..*
 mistral ALL = NOPASSWD: /usr/bin/chown -h validations\: /tmp/validations_inputs_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
        /usr/bin/chown validations\: /tmp/validations_inputs_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
        !/usr/bin/chown /tmp/validations_inputs_* *, !/usr/bin/chown /tmp/validations_inputs_*..*
 mistral ALL = NOPASSWD: /usr/bin/rm -f /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
        !/usr/bin/rm /tmp/validations_identity_* *, !/usr/bin/rm /tmp/validations_identity_*..*
 mistral ALL = NOPASSWD: /usr/bin/rm -f /tmp/validations_inputs_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
        !/usr/bin/rm /tmp/validations_inputs_* *, !/usr/bin/rm /tmp/validations_inputs_*..*
 mistral ALL = NOPASSWD: /bin/nova-manage cell_v2 discover_hosts *
 mistral ALL = NOPASSWD: /usr/bin/tar --xattrs --ignore-failed-read -C / -cf /var/tmp/undercloud-backup-*.tar *
 mistral ALL = NOPASSWD: /usr/bin/chown mistral. /var/tmp/undercloud-backup-*/filesystem-*.tar
--- a/tripleo_common/actions/validations.py
+++ b/tripleo_common/actions/validations.py
@ -121,16 +121,19 @@ class ListGroupsAction(base.TripleOAction):
 class RunValidationAction(base.TripleOAction):
    """Run the given validation"""
-    def __init__(self, validation, plan=constants.DEFAULT_CONTAINER_NAME):
+    def __init__(self, validation, plan=constants.DEFAULT_CONTAINER_NAME,
                 inputs=None):
        super(RunValidationAction, self).__init__()
        self.validation = validation
        self.plan = plan
        self.inputs = inputs if inputs else {}
    def run(self, context):
        mc = self.get_workflow_client(context)
        swift = self.get_object_client(context)
        identity_file = None
        inputs_file = None
        # Make sure the ssh_keys environment exists
        try:
@ -146,11 +149,13 @@ class RunValidationAction(base.TripleOAction):
        try:
            private_key = env.variables['private_key']
            identity_file = utils.write_identity_file(private_key)
            inputs_file = utils.write_inputs_file(self.inputs)
            stdout, stderr = utils.run_validation(swift,
                                                  self.validation,
                                                  identity_file,
                                                  self.plan,
                                                  inputs_file,
                                                  context)
            return_value = {'stdout': stdout, 'stderr': stderr}
            mistral_result = {"data": return_value}
@ -164,6 +169,8 @@ class RunValidationAction(base.TripleOAction):
        finally:
            if identity_file:
                utils.cleanup_identity_file(identity_file)
            if inputs_file:
                utils.cleanup_inputs_file(inputs_file)
        return actions.Result(**mistral_result)
--- a/tripleo_common/tests/actions/test_validations.py
+++ b/tripleo_common/tests/actions/test_validations.py
@ -165,11 +165,17 @@ class RunValidationActionTest(base.TestCase):
    @mock.patch(
        'tripleo_common.actions.base.TripleOAction.get_workflow_client')
    @mock.patch('tripleo_common.actions.base.TripleOAction.get_object_client')
    @mock.patch('tripleo_common.utils.validations.write_inputs_file')
    @mock.patch('tripleo_common.utils.validations.cleanup_inputs_file')
    @mock.patch('tripleo_common.utils.validations.write_identity_file')
    @mock.patch('tripleo_common.utils.validations.cleanup_identity_file')
    @mock.patch('tripleo_common.utils.validations.run_validation')
-    def test_run(self, mock_run_validation, mock_cleanup_identity_file,
+    def test_run(self, mock_run_validation,
-                 mock_write_identity_file, mock_get_object_client,
+                 mock_cleanup_identity_file,
                 mock_write_identity_file,
                 mock_cleanup_inputs_file,
                 mock_write_inputs_file,
                 mock_get_object_client,
                 get_workflow_client_mock):
        mock_ctx = mock.MagicMock()
        mistral = mock.MagicMock()
@ -181,6 +187,7 @@ class RunValidationActionTest(base.TestCase):
        swiftclient = mock.MagicMock(url='http://swift:8080/v1/AUTH_test')
        mock_get_object_client.return_value = swiftclient
        mock_write_identity_file.return_value = 'identity_file_path'
        mock_write_inputs_file.return_value = 'inputs_file_path'
        mock_run_validation.return_value = 'output', 'error'
        action = validations.RunValidationAction('validation')
        expected = actions.Result(
@ -196,18 +203,26 @@ class RunValidationActionTest(base.TestCase):
            'validation',
            'identity_file_path',
            constants.DEFAULT_CONTAINER_NAME,
            'inputs_file_path',
            mock_ctx)
        mock_cleanup_identity_file.assert_called_once_with(
            'identity_file_path')
        mock_cleanup_inputs_file.assert_called_once_with('inputs_file_path')
    @mock.patch(
        'tripleo_common.actions.base.TripleOAction.get_workflow_client')
    @mock.patch('tripleo_common.utils.validations.write_inputs_file')
    @mock.patch('tripleo_common.utils.validations.cleanup_inputs_file')
    @mock.patch('tripleo_common.actions.base.TripleOAction.get_object_client')
    @mock.patch('tripleo_common.utils.validations.write_identity_file')
    @mock.patch('tripleo_common.utils.validations.cleanup_identity_file')
    @mock.patch('tripleo_common.utils.validations.run_validation')
-    def test_run_failing(self, mock_run_validation, mock_cleanup_identity_file,
+    def test_run_failing(self, mock_run_validation,
-                         mock_write_identity_file, mock_get_object_client,
+                         mock_cleanup_identity_file,
                         mock_write_identity_file,
                         mock_get_object_client,
                         mock_cleanup_inputs_file,
                         mock_write_inputs_file,
                         get_workflow_client_mock):
        mock_ctx = mock.MagicMock()
        mistral = mock.MagicMock()
@ -219,6 +234,7 @@ class RunValidationActionTest(base.TestCase):
        swiftclient = mock.MagicMock(url='http://swift:8080/v1/AUTH_test')
        mock_get_object_client.return_value = swiftclient
        mock_write_identity_file.return_value = 'identity_file_path'
        mock_write_inputs_file.return_value = 'inputs_file_path'
        mock_run_validation.side_effect = ProcessExecutionError(
            stdout='output', stderr='error')
        action = validations.RunValidationAction('validation')
@ -235,6 +251,8 @@ class RunValidationActionTest(base.TestCase):
            'validation',
            'identity_file_path',
            constants.DEFAULT_CONTAINER_NAME,
            'inputs_file_path',
            mock_ctx)
        mock_cleanup_identity_file.assert_called_once_with(
            'identity_file_path')
        mock_cleanup_inputs_file.assert_called_once_with('inputs_file_path')
--- a/tripleo_common/tests/utils/test_validations.py
+++ b/tripleo_common/tests/utils/test_validations.py
@ -249,7 +249,7 @@ class RunValidationTest(base.TestCase):
        result = validations.run_validation(mock_get_object_client(),
                                            'validation', 'identity_file',
-                                            'plan', mock_ctx)
+                                            'plan', 'inputs_file', mock_ctx)
        self.assertEqual('output', result)
        mock_execute.assert_called_once_with(
            '/usr/bin/sudo', '-u', 'validations',
@ -258,6 +258,7 @@ class RunValidationTest(base.TestCase):
            'OS_AUTH_TOKEN=auth_token',
            'OS_TENANT_NAME=project_name',
            '/usr/bin/run-validation',
            '--inputs', 'inputs_file',
            'validation_path',
            'identity_file',
            'plan'
--- a/tripleo_common/utils/validations.py
+++ b/tripleo_common/utils/validations.py
@ -140,7 +140,8 @@ def download_validation(swift, plan, validation):
    return dst_path
-def run_validation(swift, validation, identity_file, plan, context):
+def run_validation(swift, validation, identity_file,
                   plan, inputs_file, context):
    return processutils.execute(
        '/usr/bin/sudo', '-u', 'validations',
        'OS_AUTH_URL={}'.format(context.auth_uri),
@ -148,6 +149,7 @@ def run_validation(swift, validation, identity_file, plan, context):
        'OS_AUTH_TOKEN={}'.format(context.auth_token),
        'OS_TENANT_NAME={}'.format(context.project_name),
        '/usr/bin/run-validation',
        '--inputs', inputs_file,
        download_validation(swift, plan, validation),
        identity_file,
        plan
@ -176,3 +178,20 @@ def pattern_validator(pattern, value):
    if not re.match(pattern, value):
        return False
    return True
 def write_inputs_file(inputs):
    """Serialise the validation inputs to a file on disk."""
    fd, path = tempfile.mkstemp(prefix='validation_inputs_')
    LOG.debug("Writing the validation inputs to %s", path)
    with os.fdopen(fd, 'w') as tmp:
        tmp.write(yaml.dump(inputs))
    processutils.execute('/usr/bin/sudo', '/usr/bin/chown', 'validations:',
                         path)
    return path
 def cleanup_inputs_file(path):
    """Remove the temporary validation inputs file."""
    LOG.debug("Cleaning up the validation inputs at %s", path)
    processutils.execute('/usr/bin/sudo', '/usr/bin/rm', '-f', path)
--- a/workbooks/validations.yaml
+++ b/workbooks/validations.yaml
@ -9,6 +9,7 @@ workflows:
    input:
      - validation_name
      - plan: overcloud
      - validation_inputs: {}
      - queue_name: tripleo
    tags:
@ -32,7 +33,7 @@ workflows:
      run_validation:
        on-success: send_message
        on-error: set_status_failed
-        action: tripleo.validations.run_validation validation=<% $.validation_name %> plan=<% $.plan %>
+        action: tripleo.validations.run_validation validation=<% $.validation_name %> plan=<% $.plan %> inputs=<% $.validation_inputs %>
        publish:
          status: SUCCESS
          validation: <% $.validation_name %>
@ -65,6 +66,7 @@ workflows:
    input:
      - validation_names: []
      - plan: overcloud
      - validation_inputs: {}
      - queue_name: tripleo
    tags:
@ -91,6 +93,7 @@ workflows:
        workflow: tripleo.validations.v1.run_validation
        input:
          validation_name: <% $.validation %>
          validation_inputs: <% $.validation_inputs %>
          plan: <% $.plan %>
          queue_name: <% $.queue_name %>
        with-items: validation in <% $.validation_names %>
@ -121,6 +124,7 @@ workflows:
    input:
      - group_names: []
      - plan: overcloud
      - validation_inputs: {}
      - queue_name: tripleo
    tags:
@ -154,6 +158,7 @@ workflows:
        workflow: tripleo.validations.v1.run_validation
        input:
          validation_name: <% $.validation %>
          validation_inputs: <% $.validation_inputs %>
          plan: <% $.plan %>
          queue_name: <% $.queue_name %>
        with-items: validation in <% $.validations.id %>