From d0ca9fe631cbdeb9e8857b4e64ad81f2260c7dae Mon Sep 17 00:00:00 2001 From: Bogdan Dobrelya Date: Thu, 3 Mar 2022 17:32:58 +0100 Subject: [PATCH] Fix trailing slashes in bind-mounts and linting Podman is not always happy with bind-mounts ending with / (See I094120f7f2f6bfcfc0cc5843aa1b23629cd90a23) Follow up If951f9643d67574c1225301aab7c9e4b0d316b7f with that YAML linter couldn't catch. Improve linter to process all volumes in templates, including common/logging services templates, and neither puppet, not ansible ones, like deployment/deprecated/multipathd-container.yaml. Change-Id: Ia517b34c9d633101502bd8788e7b8764e75bbe64 Signed-off-by: Bogdan Dobrelya --- .../cinder-common-container-puppet.yaml | 4 +- .../deprecated/multipathd-container.yaml | 2 +- deployment/etcd/etcd-container-puppet.yaml | 2 +- deployment/logging/stdout/barbican-api.yaml | 8 +- deployment/logging/stdout/haproxy.yaml | 4 +- deployment/logging/stdout/heat-api-cfn.yaml | 8 +- deployment/logging/stdout/heat-api.yaml | 8 +- deployment/logging/stdout/keystone.yaml | 8 +- deployment/logging/stdout/nova-api.yaml | 8 +- deployment/logging/stdout/nova-metadata.yaml | 8 +- deployment/logging/stdout/placement-api.yaml | 8 +- deployment/manila/manila-share-common.yaml | 2 +- .../metrics/collectd-container-ansible.yaml | 2 +- .../nova/nova-compute-container-puppet.yaml | 2 +- .../rabbitmq/rabbitmq-container-puppet.yaml | 2 +- ...tmq-messaging-notify-container-puppet.yaml | 2 +- ...bbitmq-messaging-rpc-container-puppet.yaml | 2 +- .../unbound/unbound-container-ansible.yaml | 2 +- tools/yaml-validate.py | 96 ++++++++++++------- 19 files changed, 105 insertions(+), 73 deletions(-) diff --git a/deployment/cinder/cinder-common-container-puppet.yaml b/deployment/cinder/cinder-common-container-puppet.yaml index 8efcc6657b..da97901b6a 100644 --- a/deployment/cinder/cinder-common-container-puppet.yaml +++ b/deployment/cinder/cinder-common-container-puppet.yaml @@ -358,7 +358,7 @@ outputs: - - 'ro' - /lib/modules:/lib/modules:ro - /dev:/dev - - /run/:/run/ + - /run:/run - /sys:/sys - /var/lib/cinder:/var/lib/cinder:z - /var/lib/iscsi:/var/lib/iscsi:z @@ -404,7 +404,7 @@ outputs: - - '/var/lib/kolla/config_files/src-ceph' - - 'ro' - /dev:/dev - - /run/:/run/ + - /run:/run - /sys:/sys - /lib/modules:/lib/modules:ro - /var/lib/cinder:/var/lib/cinder:z diff --git a/deployment/deprecated/multipathd-container.yaml b/deployment/deprecated/multipathd-container.yaml index 2e52573275..a1ea1f320d 100644 --- a/deployment/deprecated/multipathd-container.yaml +++ b/deployment/deprecated/multipathd-container.yaml @@ -141,7 +141,7 @@ outputs: - /var/lib/config-data/puppet-generated/multipathd:/var/lib/kolla/config_files/src:ro - /etc/iscsi:/var/lib/kolla/config_files/src-iscsid:ro - /dev:/dev - - /run/:/run/ + - /run:/run - /sys:/sys - /lib/modules:/lib/modules:ro - /var/lib/iscsi:/var/lib/iscsi:z diff --git a/deployment/etcd/etcd-container-puppet.yaml b/deployment/etcd/etcd-container-puppet.yaml index ea9e6d1dd1..0c6e89d0b9 100644 --- a/deployment/etcd/etcd-container-puppet.yaml +++ b/deployment/etcd/etcd-container-puppet.yaml @@ -211,7 +211,7 @@ outputs: config_image: *etcd_config_image # TODO(mwhahaha): need to check if this works correctly or we need to switch to a bootstrap execution volumes: - - /var/lib/config-data/puppet-generated/etcd/etc/etcd/:/etc/etcd:ro + - /var/lib/config-data/puppet-generated/etcd/etc/etcd:/etc/etcd:ro - /var/lib/etcd:/var/lib/etcd:ro deploy_steps_tasks: if: diff --git a/deployment/logging/stdout/barbican-api.yaml b/deployment/logging/stdout/barbican-api.yaml index 8133a0af70..da3492aed4 100644 --- a/deployment/logging/stdout/barbican-api.yaml +++ b/deployment/logging/stdout/barbican-api.yaml @@ -51,7 +51,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - BarbicanApiLogs:/var/log/ + - BarbicanApiLogs:/var/log barbican_api_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerBarbicanApiImage]} @@ -62,7 +62,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - BarbicanApiLogs:/var/log/ + - BarbicanApiLogs:/var/log barbican_api_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerBarbicanApiImage]} @@ -73,11 +73,11 @@ outputs: test: '[ -p /var/log/barbican/main.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/barbican && rm -f /var/log/barbican/main.log && mkfifo /var/log/barbican/main.log && while true; do cat /var/log/barbican/main.log; done'] volumes: - - BarbicanApiLogs:/var/log/ + - BarbicanApiLogs:/var/log volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - BarbicanApiLogs:/var/log/ + - BarbicanApiLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/haproxy.yaml b/deployment/logging/stdout/haproxy.yaml index 206f297680..7d1b76bd6d 100644 --- a/deployment/logging/stdout/haproxy.yaml +++ b/deployment/logging/stdout/haproxy.yaml @@ -45,13 +45,13 @@ outputs: volumes: - /var/lib/kolla/config_files/rsyslog_sidecar.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/rsyslog_sidecar:/var/lib/kolla/config_files/src:ro - - HAProxyLogs:/sockets/ + - HAProxyLogs:/sockets environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - HAProxyLogs:/sockets/ + - HAProxyLogs:/sockets host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/heat-api-cfn.yaml b/deployment/logging/stdout/heat-api-cfn.yaml index 44755d48e4..dda6f2ec31 100644 --- a/deployment/logging/stdout/heat-api-cfn.yaml +++ b/deployment/logging/stdout/heat-api-cfn.yaml @@ -48,7 +48,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - HeatApiCfnLogs:/var/log/ + - HeatApiCfnLogs:/var/log heat_api_cfn_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerHeatApiCfnImage]} @@ -59,7 +59,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - HeatApiCfnLogs:/var/log/ + - HeatApiCfnLogs:/var/log heat_api_cfn_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerHeatApiCfnImage]} @@ -70,11 +70,11 @@ outputs: test: '[ -p /var/log/heat/heat_api_cfn.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/heat && rm -f /var/log/heat/heat_api_cfn.log && mkfifo /var/log/heat/heat_api_cfn.log && while true; do cat /var/log/heat/heat_api_cfn.log; done'] volumes: - - HeatApiCfnLogs:/var/log/ + - HeatApiCfnLogs:/var/log volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - HeatApiCfnLogs:/var/log/ + - HeatApiCfnLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/heat-api.yaml b/deployment/logging/stdout/heat-api.yaml index 8d2506706a..efdf0d871a 100644 --- a/deployment/logging/stdout/heat-api.yaml +++ b/deployment/logging/stdout/heat-api.yaml @@ -48,7 +48,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - HeatApiLogs:/var/log/ + - HeatApiLogs:/var/log heat_api_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerHeatApiImage]} @@ -59,7 +59,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - HeatApiLogs:/var/log/ + - HeatApiLogs:/var/log heat_api_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerHeatApiImage]} @@ -70,11 +70,11 @@ outputs: test: '[ -p /var/log/heat/heat_api.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/heat && rm -f /var/log/heat/heat_api.log && mkfifo /var/log/heat/heat_api.log && while true; do cat /var/log/heat/heat_api.log; done'] volumes: - - HeatApiLogs:/var/log/ + - HeatApiLogs:/var/log volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - HeatApiLogs:/var/log/ + - HeatApiLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/keystone.yaml b/deployment/logging/stdout/keystone.yaml index 84c6d4c306..5aff4136fa 100644 --- a/deployment/logging/stdout/keystone.yaml +++ b/deployment/logging/stdout/keystone.yaml @@ -48,7 +48,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - KeystoneLogs:/var/log/ + - KeystoneLogs:/var/log keystone_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerKeystoneImage]} @@ -59,7 +59,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - KeystoneLogs:/var/log/ + - KeystoneLogs:/var/log keystone_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerKeystoneImage]} @@ -70,7 +70,7 @@ outputs: test: '[ -p /var/log/keystone/keystone.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/keystone && rm -f /var/log/keystone/keystone.log && mkfifo /var/log/keystone/keystone.log && while true; do cat /var/log/keystone/keystone.log; done'] volumes: - - KeystoneLogs:/var/log/ + - KeystoneLogs:/var/log environment: description: Extra environment variables needed for the service to log to stdout. value: @@ -78,7 +78,7 @@ outputs: volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - KeystoneLogs:/var/log/ + - KeystoneLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/nova-api.yaml b/deployment/logging/stdout/nova-api.yaml index 46ef7db77f..f672a33a2a 100644 --- a/deployment/logging/stdout/nova-api.yaml +++ b/deployment/logging/stdout/nova-api.yaml @@ -37,7 +37,7 @@ outputs: volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - NovaApiLogs:/var/log/ + - NovaApiLogs:/var/log docker_config: description: Extra containers needed for logging to stdout or a sidecar container. value: @@ -52,7 +52,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - NovaApiLogs:/var/log/ + - NovaApiLogs:/var/log nova_api_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerNovaApiImage]} @@ -63,7 +63,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - NovaApiLogs:/var/log/ + - NovaApiLogs:/var/log nova_api_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerNovaApiImage]} @@ -74,7 +74,7 @@ outputs: test: '[ -p /var/log/nova/nova-api.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/nova && rm -f /var/log/nova/nova-api.log && mkfifo /var/log/nova/nova-api.log && while true; do cat /var/log/nova/nova-api.log; done'] volumes: - - NovaApiLogs:/var/log/ + - NovaApiLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/nova-metadata.yaml b/deployment/logging/stdout/nova-metadata.yaml index 57a02c804a..e946db01c8 100644 --- a/deployment/logging/stdout/nova-metadata.yaml +++ b/deployment/logging/stdout/nova-metadata.yaml @@ -37,7 +37,7 @@ outputs: volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - NovaMetadataLogs:/var/log/ + - NovaMetadataLogs:/var/log docker_config: description: Extra containers needed for logging to stdout or a sidecar container. value: @@ -52,7 +52,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - NovaMetadataLogs:/var/log/ + - NovaMetadataLogs:/var/log nova_metadata_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerNovaMetadataImage]} @@ -63,7 +63,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - NovaMetadataLogs:/var/log/ + - NovaMetadataLogs:/var/log nova_metadata_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerNovaMetadataImage]} @@ -74,7 +74,7 @@ outputs: test: '[ -p /var/log/nova/nova-metadata-api.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/nova && rm -f /var/log/nova/nova-metadata-api.log && mkfifo /var/log/nova/nova-metadata-api.log && while true; do cat /var/log/nova/nova-metadata-api.log; done'] volumes: - - NovaMetadataLogs:/var/log/ + - NovaMetadataLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/logging/stdout/placement-api.yaml b/deployment/logging/stdout/placement-api.yaml index aec2c58ecf..b41461051d 100644 --- a/deployment/logging/stdout/placement-api.yaml +++ b/deployment/logging/stdout/placement-api.yaml @@ -37,7 +37,7 @@ outputs: volumes: description: The volumes needed to log to stdout or a sidecar container. value: - - PlacementLogs:/var/log/ + - PlacementLogs:/var/log docker_config: description: Extra containers needed for logging to stdout or a sidecar container. value: @@ -52,7 +52,7 @@ outputs: test: '[ -p /var/log/httpd/error_log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/error_log && mkfifo /var/log/httpd/error_log && while true; do cat /var/log/httpd/error_log; done'] volumes: - - PlacementLogs:/var/log/ + - PlacementLogs:/var/log placement_apache_access_logs: start_order: 1 image: {get_attr: [RoleParametersValue, value, ContainerPlacementImage]} @@ -63,7 +63,7 @@ outputs: test: '[ -p /var/log/httpd/access.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/httpd && rm -f /var/log/httpd/access.log && mkfifo /var/log/httpd/access.log && while true; do cat /var/log/httpd/access.log; done'] volumes: - - PlacementLogs:/var/log/ + - PlacementLogs:/var/log placement_logs: start_order: 2 image: {get_attr: [RoleParametersValue, value, ContainerPlacementImage]} @@ -74,7 +74,7 @@ outputs: test: '[ -p /var/log/placement/placement-api.log ]' command: ['/bin/bash', '-c', 'mkdir -p /var/log/placement && rm -f /var/log/placement/placement-api.log && mkfifo /var/log/placement/placement-api.log && while true; do cat /var/log/placement/placement-api.log; done'] volumes: - - PlacementLogs:/var/log/ + - PlacementLogs:/var/log host_prep_tasks: description: Extra ansible tasks needed for logging to files in the host. value: null diff --git a/deployment/manila/manila-share-common.yaml b/deployment/manila/manila-share-common.yaml index 6b1007f2ba..ffa7a945b7 100644 --- a/deployment/manila/manila-share-common.yaml +++ b/deployment/manila/manila-share-common.yaml @@ -62,7 +62,7 @@ outputs: - - '/var/lib/kolla/config_files/src-ceph' - - 'ro' - /dev:/dev - - /run/:/run/ + - /run:/run - /sys:/sys - /lib/modules:/lib/modules:ro - /var/lib/manila:/var/lib/manila:z diff --git a/deployment/metrics/collectd-container-ansible.yaml b/deployment/metrics/collectd-container-ansible.yaml index fdf59b7658..3ca5a844e2 100644 --- a/deployment/metrics/collectd-container-ansible.yaml +++ b/deployment/metrics/collectd-container-ansible.yaml @@ -426,7 +426,7 @@ outputs: - /var/lib/containers/storage/overlay-containers:/var/lib/containers/storage/overlay-containers:ro - /var/lib/config-data/ansible-generated/collectd:/var/lib/kolla/config_files/src:ro - /var/log/containers/collectd:/var/log/collectd:rw,z - - /var/run/:/var/run:rw + - /var/run:/var/run:rw - /sys/fs/cgroup:/sys/fs/cgroup:ro environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS diff --git a/deployment/nova/nova-compute-container-puppet.yaml b/deployment/nova/nova-compute-container-puppet.yaml index e6298e77e9..83acc5e6f7 100644 --- a/deployment/nova/nova-compute-container-puppet.yaml +++ b/deployment/nova/nova-compute-container-puppet.yaml @@ -1402,7 +1402,7 @@ outputs: - /var/lib/kolla/config_files/nova_compute_wait_for_compute_service.json:/var/lib/kolla/config_files/config.json:ro - /var/lib/config-data/puppet-generated/nova_libvirt:/var/lib/kolla/config_files/src:ro - /var/log/containers/nova:/var/log/nova - - /var/lib/container-config-scripts/:/container-config-scripts/ + - /var/lib/container-config-scripts:/container-config-scripts user: nova environment: KOLLA_CONFIG_STRATEGY: COPY_ALWAYS diff --git a/deployment/rabbitmq/rabbitmq-container-puppet.yaml b/deployment/rabbitmq/rabbitmq-container-puppet.yaml index 6b9656d38a..0c030e9780 100644 --- a/deployment/rabbitmq/rabbitmq-container-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-container-puppet.yaml @@ -374,7 +374,7 @@ outputs: step_config: 'include tripleo::profile::base::rabbitmq' config_image: *rabbitmq_config_image volumes: - - /var/lib/config-data/puppet-generated/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro + - /var/lib/config-data/puppet-generated/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro - /var/lib/rabbitmq:/var/lib/rabbitmq metadata_settings: if: diff --git a/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml index 38a2f22b6e..ebc14c0d9e 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-notify-container-puppet.yaml @@ -267,7 +267,7 @@ outputs: step_config: 'include tripleo::profile::base::rabbitmq' config_image: *rabbitmq_config_image volumes: - - /var/lib/config-data/puppet-generated/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro + - /var/lib/config-data/puppet-generated/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro - /var/lib/rabbitmq:/var/lib/rabbitmq:z metadata_settings: if: diff --git a/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml b/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml index cfb80ddb89..a134a52e14 100644 --- a/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml +++ b/deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml @@ -267,7 +267,7 @@ outputs: step_config: 'include tripleo::profile::base::rabbitmq' config_image: *rabbitmq_config_image volumes: - - /var/lib/config-data/puppet-generated/rabbitmq/etc/rabbitmq/:/etc/rabbitmq/:ro + - /var/lib/config-data/puppet-generated/rabbitmq/etc/rabbitmq:/etc/rabbitmq:ro - /var/lib/rabbitmq:/var/lib/rabbitmq:z metadata_settings: if: diff --git a/deployment/unbound/unbound-container-ansible.yaml b/deployment/unbound/unbound-container-ansible.yaml index 9dc7ae3566..dedf5288c4 100644 --- a/deployment/unbound/unbound-container-ansible.yaml +++ b/deployment/unbound/unbound-container-ansible.yaml @@ -142,7 +142,7 @@ outputs: volumes: list_concat: - {get_attr: [ContainersCommon, volumes]} - - - /run/:/run/ + - - /run:/run - /var/lib/kolla/config_files/unbound.json:/var/lib/kolla/config_files/config.json:ro - /var/log/containers/unbound:/var/log/unbound:z - /var/lib/config-data/ansible-generated/unbound:/var/lib/kolla/config_files/src:ro diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index 0a4bf5d724..c1291864ec 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -637,6 +637,17 @@ def validate_docker_service_mysql_usage(filename, tpl): return 0 +def validate_common_service(filename, tpl): + # NOTE(bogdando): it doesn't always detect volumes in Heat funcs, like: + # : [{: [FooCommon, volumes]}, []] + if 'outputs' not in tpl: + print('ERROR: missing outputs for filename: %s' % filename) + return 1 + if validate_ct_volumes(tpl['outputs']): + return 1 + return 0 + + def validate_docker_service(filename, tpl): if 'outputs' in tpl and 'role_data' in tpl['outputs']: if 'value' not in tpl['outputs']['role_data']: @@ -644,6 +655,10 @@ def validate_docker_service(filename, tpl): % filename) return 1 role_data = tpl['outputs']['role_data']['value'] + + if validate_ct_volumes(role_data): + return 1 + if list(role_data.keys()) == ['map_merge']: merged_role_data = {} for part in role_data['map_merge']: @@ -703,8 +718,6 @@ def validate_docker_service(filename, tpl): print('ERROR: %s should not be in puppet_config section.' % key) return 1 - if validate_ct_volumes(puppet_config.get('volumes')): - return 1 for key in REQUIRED_DOCKER_PUPPET_CONFIG_SECTIONS: if key not in puppet_config: print('ERROR: %s is required in puppet_config for %s.' @@ -742,8 +755,6 @@ def validate_docker_service(filename, tpl): print('ERROR: bootstrap_host_exec needs to run ' 'as the root user.') return 1 - if validate_ct_volumes(container.get('volumes')): - return 1 if 'upgrade_tasks' in role_data and role_data['upgrade_tasks']: if (validate_upgrade_tasks(role_data['upgrade_tasks']) or @@ -760,36 +771,53 @@ def validate_docker_service(filename, tpl): return 0 -def validate_ct_volumes(volumes): - '''Ensure we don't have any trailing "/" in the volume''' - if not volumes: - return 0 - if isinstance(volumes, list): - # Plain list without much complications - for vol in volumes: - if isinstance(vol, dict): - # Avoid 'if' - continue - vol_def = vol.split(':') - if vol_def[0][-1] == '/' or vol_def[1][-1] == '/': - print('ERROR: trailing "/" detected for {}'.format(vol)) - return 1 - return 0 - - ret = 0 - if isinstance(volumes, dict): - # We probably face a list_concat thing. Clean and re-run! - # First avoid the get_attr. - if 'get_attr' in list(volumes.keys()): +def validate_ct_volumes(data): + '''Ensure we don't have any trailing "/" in data for volumes''' + def check_volumes(volumes): + if not volumes: return 0 - if 'list_concat' in list(volumes.keys()): - for vol in volumes['list_concat']: + result = 0 + if isinstance(volumes, list): + for vol in volumes: if isinstance(vol, dict): + # Avoid 'if', 'get_*' etc continue - ret += validate_ct_volumes(vol) - return ret - print('ERROR: unknown "volumes" type: {}'.format(volumes)) - return 1 + elif isinstance(vol, list): + for item in vol: + result += check_volumes(item) + elif isinstance(vol, str): + vol_def = vol.split(':') + try: + if vol_def[0][-1] == '/' or vol_def[1][-1] == '/': + print('ERROR: trailing "/" detected' + ' for {}'.format(vol)) + return 1 + except IndexError: + # Not a volume definition, ignore it + continue + elif isinstance(volumes, dict): + # Step into 'list_concat', 'map_*' etc. + for item in volumes.values(): + result += check_volumes(item) + return result + + if not data: + return 0 + result = 0 + for _, item in enumerate(data): + if isinstance(data[item], dict): + if 'volumes' not in data[item]: + result += validate_ct_volumes(data[item]) + else: + result += check_volumes(data[item]['volumes']) + elif isinstance(item, list): + if 'volumes' not in item: + result += validate_ct_volumes(item) + else: + result += check_volumes(item.index('volumes')) + else: + continue + return result def validate_docker_logging_template(filename, tpl): @@ -803,6 +831,8 @@ def validate_docker_logging_template(filename, tpl): print('ERROR: The file %s is missing the following output(s):' ' %s' % (filename, ', '.join(missing_entries))) return 1 + if validate_ct_volumes(tpl['outputs']): + return 1 return 0 @@ -1144,9 +1174,11 @@ def validate(filename, param_map): if re.search(r'^\.\/deployment\/logging\/(files|stdout)\/', filename): retval |= validate_docker_logging_template(filename, tpl) elif VALIDATE_DOCKER_OVERRIDE.get(filename, False) or ( - re.search(r'^\.\/deployment\/.+-container-puppet.yaml$', filename) and + re.search(r'^\.\/deployment\/.+-container(-puppet)*.yaml$', filename) and VALIDATE_DOCKER_OVERRIDE.get(filename, True)): retval |= validate_docker_service(filename, tpl) + elif re.search(r'^\.\/deployment\/.+-common.*.yaml$', filename): + retval |= validate_common_service(filename, tpl) if filename.endswith('hyperconverged-ceph.yaml'): retval |= validate_hci_compute_services_default(filename, tpl)