Browse Source

Adding molecule tests for no-op-firewall-nova-driver validation

This patch also transforms the Nova configuration file path into an
Ansible variable.

Change-Id: I0bbbe16fbb21acef79a5f66fbea963ce3fd0f57d
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
(cherry picked from commit 2fc0f674ce)
tags/10.5.1
Gael Chamoulaud 1 month ago
parent
commit
95fbe0b62d

+ 1
- 0
playbooks/no-op-firewall-nova-driver.yaml View File

@@ -8,5 +8,6 @@
8 8
         `NoopFirewallDriver`.
9 9
       groups:
10 10
       - post-deployment
11
+    nova_conf_path: "/var/lib/config-data/puppet-generated/nova_libvirt/etc/nova/nova.conf"
11 12
   roles:
12 13
     - no-op-firewall-nova-driver

+ 2
- 0
roles/no-op-firewall-nova-driver/defaults/main.yml View File

@@ -0,0 +1,2 @@
1
+---
2
+nova_conf_path: /var/lib/config-data/puppet-generated/nova_libvirt/etc/nova/nova.conf

+ 37
- 0
roles/no-op-firewall-nova-driver/molecule/default/Dockerfile.j2 View File

@@ -0,0 +1,37 @@
1
+# Molecule managed
2
+# Copyright 2019 Red Hat, Inc.
3
+# All Rights Reserved.
4
+#
5
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
6
+# not use this file except in compliance with the License. You may obtain
7
+# a copy of the License at
8
+#
9
+#     http://www.apache.org/licenses/LICENSE-2.0
10
+#
11
+# Unless required by applicable law or agreed to in writing, software
12
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14
+# License for the specific language governing permissions and limitations
15
+# under the License.
16
+
17
+
18
+{% if item.registry is defined %}
19
+FROM {{ item.registry.url }}/{{ item.image }}
20
+{% else %}
21
+FROM {{ item.image }}
22
+{% endif %}
23
+
24
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
25
+    elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
26
+    elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
27
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
28
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
29
+    elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
30
+
31
+{% for pkg in item.easy_install | default([]) %}
32
+# install pip for centos where there is no python-pip rpm in default repos
33
+RUN easy_install {{ pkg }}
34
+{% endfor %}
35
+
36
+
37
+CMD ["sh", "-c", "while true; do sleep 10000; done"]

+ 47
- 0
roles/no-op-firewall-nova-driver/molecule/default/molecule.yml View File

@@ -0,0 +1,47 @@
1
+---
2
+driver:
3
+  name: docker
4
+
5
+log: true
6
+
7
+platforms:
8
+  - name: centos7
9
+    hostname: centos7
10
+    image: centos:7
11
+    pkg_extras: python-setuptools python-enum34
12
+    easy_install:
13
+      - pip
14
+    environment: &env
15
+      http_proxy: "{{ lookup('env', 'http_proxy') }}"
16
+      https_proxy: "{{ lookup('env', 'https_proxy') }}"
17
+
18
+  - name: fedora28
19
+    hostname: fedora28
20
+    image: fedora:28
21
+    pkg_extras: python*-setuptools python*-enum
22
+    environment:
23
+      <<: *env
24
+
25
+provisioner:
26
+  name: ansible
27
+  log: true
28
+  env:
29
+    ANSIBLE_STDOUT_CALLBACK: yaml
30
+    ANSIBLE_LIBRARY: "../../../../library"
31
+
32
+scenario:
33
+  test_sequence:
34
+    - destroy
35
+    - create
36
+    - prepare
37
+    - converge
38
+    - verify
39
+    - destroy
40
+
41
+lint:
42
+  enabled: false
43
+
44
+verifier:
45
+  name: testinfra
46
+  lint:
47
+    name: flake8

+ 70
- 0
roles/no-op-firewall-nova-driver/molecule/default/playbook.yml View File

@@ -0,0 +1,70 @@
1
+---
2
+# Copyright 2019 Red Hat, Inc.
3
+# All Rights Reserved.
4
+#
5
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
6
+# not use this file except in compliance with the License. You may obtain
7
+# a copy of the License at
8
+#
9
+#     http://www.apache.org/licenses/LICENSE-2.0
10
+#
11
+# Unless required by applicable law or agreed to in writing, software
12
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14
+# License for the specific language governing permissions and limitations
15
+# under the License.
16
+
17
+
18
+- name: Converge
19
+  hosts: all
20
+  gather_facts: no
21
+
22
+  vars:
23
+    nova_conf_path: "/nova.conf"
24
+
25
+  tasks:
26
+    - name: Successful Validation
27
+      block:
28
+        - name: Create a correct Nova config file
29
+          copy:
30
+            dest: "/nova.conf"
31
+            content: |
32
+              [DEFAULT]
33
+              firewall_driver = nova.virt.firewall.NoopFirewallDriver
34
+
35
+        - include_role:
36
+            name: no-op-firewall-nova-driver
37
+          vars:
38
+            nova_conf_path: "/nova.conf"
39
+
40
+        - debug:
41
+            msg: "The validation works as expected!"
42
+
43
+    - name: Failing Validation
44
+      block:
45
+        - name: Modifying Nova config file
46
+          ini_file:
47
+            dest: "/nova.conf"
48
+            section: DEFAULT
49
+            option: firewall_driver
50
+            value: CHANGEME
51
+            backup: yes
52
+
53
+        - include_role:
54
+            name: no-op-firewall-nova-driver
55
+          vars:
56
+            nova_conf_path: "/nova.conf"
57
+      rescue:
58
+        - name: Clear host errors
59
+          meta: clear_host_errors
60
+
61
+        - debug:
62
+            msg: "The validation fails as expected! End the playbook run"
63
+
64
+        - name: End play
65
+          meta: end_play
66
+
67
+    - name: Fail the test
68
+      fail:
69
+        msg: |
70
+          No-op-firewall-nova-driver validation failed finding bad configuration!

+ 1
- 1
roles/no-op-firewall-nova-driver/tasks/main.yml View File

@@ -2,7 +2,7 @@
2 2
 - name: Read the `firewall_driver` value
3 3
   become: true
4 4
   ini:
5
-    path: /var/lib/config-data/puppet-generated/nova_libvirt/etc/nova/nova.conf
5
+    path: "{{ nova_conf_path }}"
6 6
     section: DEFAULT
7 7
     key: firewall_driver
8 8
   register: nova_firewall_driver

+ 9
- 0
zuul.d/molecule.yaml View File

@@ -14,6 +14,7 @@
14 14
       - tripleo-validations-centos-7-molecule-undercloud-debug
15 15
       - tripleo-validations-centos-7-molecule-undercloud-disk-space
16 16
       - tripleo-validations-centos-7-molecule-xfs-check-ftype
17
+      - tripleo-validations-centos-7-molecule-no-op-firewall-nova-driver
17 18
     gate:
18 19
       queue: integrated
19 20
       jobs:
@@ -28,6 +29,7 @@
28 29
       - tripleo-validations-centos-7-molecule-undercloud-debug
29 30
       - tripleo-validations-centos-7-molecule-undercloud-disk-space
30 31
       - tripleo-validations-centos-7-molecule-xfs-check-ftype
32
+      - tripleo-validations-centos-7-molecule-no-op-firewall-nova-driver
31 33
     name: tripleo-validations-molecule-jobs
32 34
 - job:
33 35
     files:
@@ -107,3 +109,10 @@
107 109
     voting: false
108 110
     vars:
109 111
       tripleo_validations_role_name: xfs-check-ftype
112
+- job:
113
+    files:
114
+    - ^roles/no-op-firewall-nova-driver/.*
115
+    name: tripleo-validations-centos-7-molecule-no-op-firewall-nova-driver
116
+    parent: tripleo-validations-centos-7-base
117
+    vars:
118
+      tripleo_validations_role_name: no-op-firewall-nova-driver

Loading…
Cancel
Save