Implement validation for manila config
This validation validates:
- Presence of the "policy.yaml" file in manila's config
directory.
This are the changes:
- Added files for testing the policy.yaml file validation
- Added role-check_policy_file.rst for the documentation
- Added the molecule folder, and more requiered files in order to test the validation in molecule
Change-Id: I450e87b4cb2e3956d44e8cedf4c8091b8771e5fb
(cherry picked from commit 9d56dc5b8e
)
This commit is contained in:
parent
390d1334aa
commit
d1ac71e256
53
doc/source/roles/role-check_manila_policy_file.rst
Normal file
53
doc/source/roles/role-check_manila_policy_file.rst
Normal file
@ -0,0 +1,53 @@
|
||||
============
|
||||
policy_file
|
||||
============
|
||||
|
||||
--------------
|
||||
About The Role
|
||||
--------------
|
||||
|
||||
This role will check if there is a file named Policy.yaml in the controlers.
|
||||
The file should be located at the manila's configuration folder in the container.
|
||||
|
||||
Requirements
|
||||
============
|
||||
|
||||
No Requirements.
|
||||
|
||||
Dependencies
|
||||
============
|
||||
|
||||
No dependencies.
|
||||
|
||||
Example Playbook
|
||||
================
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
- hosts: "{{ controller_rolename | default('Controller') }}"
|
||||
vars:
|
||||
metadata:
|
||||
name: Verify that keystone admin token is disabled
|
||||
description: |
|
||||
This validation checks that policy file of manilas configuration folder inside of the container,exists.
|
||||
groups:
|
||||
- post-deployment
|
||||
categories:
|
||||
- controller
|
||||
products:
|
||||
- tripleo
|
||||
manilas_policy_file: "/var/lib/config-data/puppet-generated/manila/etc/manila/policy.yaml"
|
||||
roles:
|
||||
- check_manila_policy_file
|
||||
|
||||
Author Information
|
||||
==================
|
||||
|
||||
**Red Hat Manila**
|
||||
|
||||
----------------
|
||||
Full Description
|
||||
----------------
|
||||
|
||||
.. ansibleautoplugin::
|
||||
:role: roles/check_manila_policy_file
|
17
playbooks/check-manila-policy-file.yaml
Normal file
17
playbooks/check-manila-policy-file.yaml
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
- hosts: "{{ controller_rolename | default('Controller') }}"
|
||||
vars:
|
||||
metadata:
|
||||
name: Verify that keystone admin token is disabled
|
||||
description: |
|
||||
This validation checks that policy file of manilas configuration folder inside of the container,exists.
|
||||
groups:
|
||||
- post-deployment
|
||||
categories:
|
||||
- controller
|
||||
products:
|
||||
- tripleo
|
||||
- manila
|
||||
manilas_policy_file: "/var/lib/config-data/puppet-generated/manila/etc/manila/policy.yaml"
|
||||
roles:
|
||||
- check_manila_policy_file
|
64
roles/check_manila_policy_file/molecule/default/converge.yml
Normal file
64
roles/check_manila_policy_file/molecule/default/converge.yml
Normal file
@ -0,0 +1,64 @@
|
||||
---
|
||||
# Copyright 2020 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
- name: Converge
|
||||
hosts: all
|
||||
vars:
|
||||
manila_policy_path: /var/lib/config-data/puppet-generated/manila/etc/manila/
|
||||
policy_file_name: policy.yaml
|
||||
tasks:
|
||||
- name: Create manila directory
|
||||
file:
|
||||
path: "{{ manila_policy_path }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
recurse: true
|
||||
|
||||
- name: Add policy file
|
||||
file:
|
||||
path: "{{ manila_policy_path }}{{ policy_file_name }}"
|
||||
state: touch
|
||||
mode: 0755
|
||||
|
||||
- name: Test pass - policy file exists
|
||||
include_role:
|
||||
name: check_manila_policy_file
|
||||
vars:
|
||||
manila_policy_file: "{{ manila_policy_path }}{{ policy_file_name }}"
|
||||
|
||||
- name: Remove policy file
|
||||
file:
|
||||
path: "{{ manila_policy_path }}{{ policy_file_name }}"
|
||||
state: absent
|
||||
|
||||
- name: Test fails - policy file doesnt exists
|
||||
block:
|
||||
- name: Load role with failure
|
||||
include_role:
|
||||
name: "check_manila_policy_file"
|
||||
rescue:
|
||||
- name: Clear host error
|
||||
meta: clear_host_errors
|
||||
|
||||
- name: Status message
|
||||
debug:
|
||||
msg: 'Successfully detected policy file doesnt exists!'
|
||||
|
||||
- name: End play
|
||||
meta: end_play
|
||||
|
||||
- name: Fail if we get to this place
|
||||
fail:
|
||||
msg: 'Unit test failed: Did not detect that policy file doesnt exists!'
|
@ -0,0 +1,3 @@
|
||||
---
|
||||
# inherits tripleo-validations/.config/molecule/config.yml
|
||||
# To override default values, please take a look at the config.yml.
|
18
roles/check_manila_policy_file/molecule/default/prepare.yml
Normal file
18
roles/check_manila_policy_file/molecule/default/prepare.yml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
# Copyright 2021 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
- name: Prepare
|
||||
hosts: all
|
||||
gather_facts: false
|
25
roles/check_manila_policy_file/tasks/main.yml
Normal file
25
roles/check_manila_policy_file/tasks/main.yml
Normal file
@ -0,0 +1,25 @@
|
||||
# Copyright 2020 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
---
|
||||
- name: Get stats of check policy file
|
||||
ansible.builtin.stat:
|
||||
path: "{{ manilas_policy_file }}"
|
||||
register: result
|
||||
|
||||
- name: Mention file does not exists
|
||||
fail:
|
||||
msg: "Test failed: Did not detect file. Policy file does not exists!"
|
||||
when:
|
||||
- not result.stat.exists
|
28
roles/check_manila_policy_file/vars/main.yml
Normal file
28
roles/check_manila_policy_file/vars/main.yml
Normal file
@ -0,0 +1,28 @@
|
||||
---
|
||||
# Copyright 2021 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
# While options found within the vars/ path can be overridden using extra
|
||||
# vars, items within this path are considered part of the role and not
|
||||
# intended to be modified.
|
||||
|
||||
# All variables within this role should have a prefix of "check_policy_file"
|
||||
|
||||
# !!!! IMPORTANT !!!!
|
||||
# Add a comment above every variables describing them.
|
||||
# This will be included in the sphinx role documentation
|
||||
# !!!! IMPORTANT !!!!
|
||||
manilas_policy_file: /var/lib/config-data/puppet-generated/manila/etc/manila/policy.yaml
|
@ -6,6 +6,7 @@
|
||||
jobs:
|
||||
- tripleo-validations-centos-8-molecule-ceph
|
||||
- tripleo-validations-centos-8-molecule-check_fips_status
|
||||
- tripleo-validations-centos-8-molecule-check_manila_policy_file
|
||||
- tripleo-validations-centos-8-molecule-check_for_dangling_images
|
||||
- tripleo-validations-centos-8-molecule-check_kernel_version
|
||||
- tripleo-validations-centos-8-molecule-check_network_gateway
|
||||
@ -37,6 +38,7 @@
|
||||
jobs:
|
||||
- tripleo-validations-centos-8-molecule-ceph
|
||||
- tripleo-validations-centos-8-molecule-check_fips_status
|
||||
- tripleo-validations-centos-8-molecule-check_manila_policy_file
|
||||
- tripleo-validations-centos-8-molecule-check_for_dangling_images
|
||||
- tripleo-validations-centos-8-molecule-check_kernel_version
|
||||
- tripleo-validations-centos-8-molecule-check_network_gateway
|
||||
@ -86,6 +88,17 @@
|
||||
parent: tripleo-validations-centos-8-base
|
||||
vars:
|
||||
tripleo_validations_role_name: fips_enabled
|
||||
- job:
|
||||
files:
|
||||
- ^roles/check_manila_policy_file/.*
|
||||
- ^tests/prepare-test-host.yml
|
||||
- ^ci/playbooks/pre.yml
|
||||
- ^ci/playbooks/run.yml
|
||||
- ^molecule-requirements.txt
|
||||
name: tripleo-validations-centos-8-molecule-check_manila_policy_file
|
||||
parent: tripleo-validations-centos-8-base
|
||||
vars:
|
||||
tripleo_validations_role_name: check_manila_policy_file
|
||||
- job:
|
||||
files:
|
||||
- ^roles/check_for_dangling_images/.*
|
||||
|
Loading…
Reference in New Issue
Block a user