Browse Source

Check for dangling images

Make sure before update we do not have any dangling images.

Basically - make sure the command:

$ podman images --filter "dangling=true" -q --no-trunc

returns empty.

Co-authored-by: Daniel Bengtsson <dbengt@redhat.com>
Change-Id: I70acd9cef9e84d2c68b7bd3d82dcbd0f99c79fb9
(cherry picked from commit bd87790cf9)
changes/39/791539/3
omcgonag 4 months ago
committed by Daniel Bengtsson
parent
commit
e8c2f875c8
  1. 8
      doc/source/roles/role-check_for_dangling_images.rst
  2. 13
      playbooks/check-for-dangling-images.yaml
  3. 37
      roles/check_for_dangling_images/README.md
  4. 21
      roles/check_for_dangling_images/defaults/main.yml
  5. 35
      roles/check_for_dangling_images/molecule/default/Dockerfile
  6. 60
      roles/check_for_dangling_images/molecule/default/converge.yml
  7. 47
      roles/check_for_dangling_images/molecule/default/molecule.yml
  8. 28
      roles/check_for_dangling_images/tasks/main.yml
  9. 12
      zuul.d/molecule.yaml

8
doc/source/roles/role-check_for_dangling_images.rst

@ -0,0 +1,8 @@
================================
Role - check_for_dangling_images
================================
.. include:: ../../../roles/check_for_dangling_images/README.md
.. ansibleautoplugin::
:role: roles/check_for_dangling_images

13
playbooks/check-for-dangling-images.yaml

@ -0,0 +1,13 @@
---
- hosts: undercloud
gather_facts: false
vars:
metadata:
name: Check for podman dangling images
description: |
Make sure before update we do not have any dangling images.
groups:
- pre-update
check_for_dangling_images_debug: false
roles:
- check_for_dangling_images

37
roles/check_for_dangling_images/README.md

@ -0,0 +1,37 @@
Check-for-dangling-images
=========================
Add Ansible role to check for dangling images
Requirements
------------
This role will be executed pre Update.
Role Variables
--------------
* `check_for_dangling_images_debug`: <'false'> -- debugging mode.
Dependencies
------------
No Dependencies
Example Playbook
----------------
- hosts: servers
roles:
- { role: check_for_dangling_images, check_for_dangling_images_debug: true }
License
-------
Apache
Author Information
------------------
Red Hat TripleO DFG:Upgrades

21
roles/check_for_dangling_images/defaults/main.yml

@ -0,0 +1,21 @@
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# All variables intended for modification should place placed in this file.
# All variables within this role should have a prefix of "check_for_dangling_images"
check_for_dangling_images_debug: false

35
roles/check_for_dangling_images/molecule/default/Dockerfile

@ -0,0 +1,35 @@
# Molecule managed
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
{% if item.registry is defined %}
FROM {{ item.registry.url }}/{{ item.image }}
{% else %}
FROM {{ item.image }}
{% endif %}
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
{% for pkg in item.easy_install | default([]) %}
# install pip for centos where there is no python-pip rpm in default repos
RUN easy_install {{ pkg }}
{% endfor %}
CMD ["sh", "-c", "while true; do sleep 10000; done"]

60
roles/check_for_dangling_images/molecule/default/converge.yml

@ -0,0 +1,60 @@
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: Converge
hosts: all
gather_facts: false
tasks:
- name: Populate successful podman CLI
copy:
dest: /usr/bin/podman
mode: 0755
content: |
#!/bin/bash
- name: Test good values
include_role:
name: check_for_dangling_images
- name: Populate failing podman CLI
copy:
dest: /usr/bin/podman
mode: 0755
content: |
#!/bin/bash
echo 4199acc83c6a43243392aecbff22764dbb501aef81a26d7c4c8c69064f84ef47
- name: Test failing
block:
- name: Catch when images exist
include_role:
name: check_for_dangling_images
rescue:
- name: Clear host errors
meta: clear_host_errors
- debug:
msg: The validation works! End the playbook run
- name: End play
meta: end_play
- name: Fail the test
fail:
msg: |
Found dangling podman images

47
roles/check_for_dangling_images/molecule/default/molecule.yml

@ -0,0 +1,47 @@
---
driver:
name: podman
log: true
platforms:
- name: ubi8
hostname: ubi8
image: ubi8/ubi-init
registry:
url: registry.access.redhat.com
dockerfile: Dockerfile
pkg_extras: python*-setuptools
privileged: true
volumes:
- /etc/yum.repos.d:/etc/yum.repos.d:rw
environment: &env
http_proxy: "{{ lookup('env', 'http_proxy') }}"
https_proxy: "{{ lookup('env', 'https_proxy') }}"
ulimits: &ulimit
- host
provisioner:
name: ansible
inventory:
hosts:
all:
hosts:
ubi8:
ansible_python_interpreter: /usr/bin/python3
log: true
env:
ANSIBLE_STDOUT_CALLBACK: yaml
ANSIBLE_LIBRARY: "${ANSIBLE_LIBRARY:-/usr/share/ansible/plugins/modules}"
scenario:
test_sequence:
- destroy
- create
- prepare
- converge
- verify
- destroy
verifier:
name: testinfra

28
roles/check_for_dangling_images/tasks/main.yml

@ -0,0 +1,28 @@
---
# Copyright 2020 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# "check_for_dangling_images" tasks
- name: Get podman check for images
shell: podman images --filter "dangling=true" -q --no-trunc
register: dangling_images
- name: Verify no images exist
fail:
msg: >-
Error - podman images were found using 'podman images --filter "dangling=true" -q --no-trunc'
failed_when: dangling_images.stdout != ""

12
zuul.d/molecule.yaml

@ -3,6 +3,7 @@
check:
jobs:
- tripleo-validations-centos-8-molecule-ceph
- tripleo-validations-centos-8-molecule-check_for_dangling_images
- tripleo-validations-centos-8-molecule-check_network_gateway
- tripleo-validations-centos-8-molecule-check_rhsm_version
- tripleo-validations-centos-8-molecule-check_undercloud_conf
@ -25,6 +26,7 @@
gate:
jobs:
- tripleo-validations-centos-8-molecule-ceph
- tripleo-validations-centos-8-molecule-check_for_dangling_images
- tripleo-validations-centos-8-molecule-check_network_gateway
- tripleo-validations-centos-8-molecule-check_rhsm_version
- tripleo-validations-centos-8-molecule-check_uc_hostname
@ -350,3 +352,13 @@
parent: tripleo-validations-centos-8-base
vars:
tripleo_validations_role_name: check_uc_hostname
- job:
files:
- ^roles/check_for_dangling_images/.*
- ^tests/prepare-test-host.yml
- ^ci/playbooks/pre.yml
- ^ci/playbooks/run.yml
name: tripleo-validations-centos-8-molecule-check_for_dangling_images
parent: tripleo-validations-centos-8-base
vars:
tripleo_validations_role_name: check_for_dangling_images
Loading…
Cancel
Save