Remove 'no-op-firewall-nova-driver' validator
Firewalls have been removed from nova. No need to keep this around any longer. Change-Id: I98ffa9b34b22e03bac6b1633e7886cc70504c77f Signed-off-by: Stephen Finucane <stephenfin@redhat.com> Depends-On: https://review.opendev.org/#/c/700511/
This commit is contained in:
parent
7601844e8b
commit
f1963a4e83
|
@ -1,6 +0,0 @@
|
||||||
==========================
|
|
||||||
no-op-firewall-nova-driver
|
|
||||||
==========================
|
|
||||||
|
|
||||||
.. ansibleautoplugin::
|
|
||||||
:role: roles/no_op_firewall_nova_driver
|
|
|
@ -1,13 +0,0 @@
|
||||||
---
|
|
||||||
- hosts: nova_compute
|
|
||||||
vars:
|
|
||||||
metadata:
|
|
||||||
name: Verify NoOpFirewallDriver is set in Nova
|
|
||||||
description: >
|
|
||||||
When using Neutron, the `firewall_driver` option in Nova must be set to
|
|
||||||
`NoopFirewallDriver`.
|
|
||||||
groups:
|
|
||||||
- post-deployment
|
|
||||||
nova_conf_path: "/var/lib/config-data/puppet-generated/nova_libvirt/etc/nova/nova.conf"
|
|
||||||
roles:
|
|
||||||
- no_op_firewall_nova_driver
|
|
|
@ -1,2 +0,0 @@
|
||||||
---
|
|
||||||
nova_conf_path: /var/lib/config-data/puppet-generated/nova_libvirt/etc/nova/nova.conf
|
|
|
@ -1,37 +0,0 @@
|
||||||
# Molecule managed
|
|
||||||
# Copyright 2019 Red Hat, Inc.
|
|
||||||
# All Rights Reserved.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
|
|
||||||
{% if item.registry is defined %}
|
|
||||||
FROM {{ item.registry.url }}/{{ item.image }}
|
|
||||||
{% else %}
|
|
||||||
FROM {{ item.image }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
|
|
||||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
|
|
||||||
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
|
|
||||||
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
|
|
||||||
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
|
|
||||||
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
|
|
||||||
|
|
||||||
{% for pkg in item.easy_install | default([]) %}
|
|
||||||
# install pip for centos where there is no python-pip rpm in default repos
|
|
||||||
RUN easy_install {{ pkg }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
|
|
||||||
CMD ["sh", "-c", "while true; do sleep 10000; done"]
|
|
|
@ -1,47 +0,0 @@
|
||||||
---
|
|
||||||
driver:
|
|
||||||
name: docker
|
|
||||||
|
|
||||||
log: true
|
|
||||||
|
|
||||||
platforms:
|
|
||||||
- name: centos7
|
|
||||||
hostname: centos7
|
|
||||||
image: centos:7
|
|
||||||
pkg_extras: python-setuptools python-enum34 PyYAML
|
|
||||||
easy_install:
|
|
||||||
- pip
|
|
||||||
environment: &env
|
|
||||||
http_proxy: "{{ lookup('env', 'http_proxy') }}"
|
|
||||||
https_proxy: "{{ lookup('env', 'https_proxy') }}"
|
|
||||||
|
|
||||||
- name: fedora28
|
|
||||||
hostname: fedora28
|
|
||||||
image: fedora:28
|
|
||||||
pkg_extras: python*-setuptools python*-enum PyYAML
|
|
||||||
environment:
|
|
||||||
<<: *env
|
|
||||||
|
|
||||||
provisioner:
|
|
||||||
name: ansible
|
|
||||||
log: true
|
|
||||||
env:
|
|
||||||
ANSIBLE_STDOUT_CALLBACK: yaml
|
|
||||||
ANSIBLE_LIBRARY: "../../../../library"
|
|
||||||
|
|
||||||
scenario:
|
|
||||||
test_sequence:
|
|
||||||
- destroy
|
|
||||||
- create
|
|
||||||
- prepare
|
|
||||||
- converge
|
|
||||||
- verify
|
|
||||||
- destroy
|
|
||||||
|
|
||||||
lint:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
verifier:
|
|
||||||
name: testinfra
|
|
||||||
lint:
|
|
||||||
name: flake8
|
|
|
@ -1,70 +0,0 @@
|
||||||
---
|
|
||||||
# Copyright 2019 Red Hat, Inc.
|
|
||||||
# All Rights Reserved.
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
||||||
# not use this file except in compliance with the License. You may obtain
|
|
||||||
# a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
||||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
||||||
# License for the specific language governing permissions and limitations
|
|
||||||
# under the License.
|
|
||||||
|
|
||||||
|
|
||||||
- name: Converge
|
|
||||||
hosts: all
|
|
||||||
gather_facts: false
|
|
||||||
|
|
||||||
vars:
|
|
||||||
nova_conf_path: "/nova.conf"
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
- name: Successful Validation
|
|
||||||
block:
|
|
||||||
- name: Create a correct Nova config file
|
|
||||||
copy:
|
|
||||||
dest: "/nova.conf"
|
|
||||||
content: |
|
|
||||||
[DEFAULT]
|
|
||||||
firewall_driver = nova.virt.firewall.NoopFirewallDriver
|
|
||||||
|
|
||||||
- include_role:
|
|
||||||
name: no_op_firewall_nova_driver
|
|
||||||
vars:
|
|
||||||
nova_conf_path: "/nova.conf"
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: "The validation works as expected!"
|
|
||||||
|
|
||||||
- name: Failing Validation
|
|
||||||
block:
|
|
||||||
- name: Modifying Nova config file
|
|
||||||
ini_file:
|
|
||||||
dest: "/nova.conf"
|
|
||||||
section: DEFAULT
|
|
||||||
option: firewall_driver
|
|
||||||
value: CHANGEME
|
|
||||||
backup: true
|
|
||||||
|
|
||||||
- include_role:
|
|
||||||
name: no_op_firewall_nova_driver
|
|
||||||
vars:
|
|
||||||
nova_conf_path: "/nova.conf"
|
|
||||||
rescue:
|
|
||||||
- name: Clear host errors
|
|
||||||
meta: clear_host_errors
|
|
||||||
|
|
||||||
- debug:
|
|
||||||
msg: "The validation fails as expected! End the playbook run"
|
|
||||||
|
|
||||||
- name: End play
|
|
||||||
meta: end_play
|
|
||||||
|
|
||||||
- name: Fail the test
|
|
||||||
fail:
|
|
||||||
msg: |
|
|
||||||
No-op-firewall-nova-driver validation failed finding bad configuration!
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
- name: Read the `firewall_driver` value
|
|
||||||
become: true
|
|
||||||
validations_read_ini:
|
|
||||||
path: "{{ nova_conf_path }}"
|
|
||||||
section: DEFAULT
|
|
||||||
key: firewall_driver
|
|
||||||
register: nova_firewall_driver
|
|
||||||
|
|
||||||
- name: Verify `firewall_driver` is set to `NoopFirewallDriver`
|
|
||||||
fail:
|
|
||||||
msg: >
|
|
||||||
The firewall_driver value in /etc/nova/nova.conf is
|
|
||||||
{{ nova_firewall_driver.value or 'unset' }}, but it must be set to:
|
|
||||||
nova.virt.firewall.NoopFirewallDriver
|
|
||||||
failed_when: "nova_firewall_driver.value != 'nova.virt.firewall.NoopFirewallDriver'"
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
metadata:
|
|
||||||
name: Verify NoOpFirewallDriver is set in Nova
|
|
||||||
description: >
|
|
||||||
When using Neutron, the `firewall_driver` option in Nova must be set to
|
|
||||||
`NoopFirewallDriver`.
|
|
||||||
groups:
|
|
||||||
- post-deployment
|
|
|
@ -13,7 +13,6 @@
|
||||||
- tripleo-validations-centos-7-molecule-undercloud_debug
|
- tripleo-validations-centos-7-molecule-undercloud_debug
|
||||||
- tripleo-validations-centos-7-molecule-undercloud_disk_space
|
- tripleo-validations-centos-7-molecule-undercloud_disk_space
|
||||||
- tripleo-validations-centos-7-molecule-xfs_check_ftype
|
- tripleo-validations-centos-7-molecule-xfs_check_ftype
|
||||||
- tripleo-validations-centos-7-molecule-no_op_firewall_nova_driver
|
|
||||||
- tripleo-validations-centos-7-molecule-nova_status
|
- tripleo-validations-centos-7-molecule-nova_status
|
||||||
- tripleo-validations-centos-7-molecule-image_serve
|
- tripleo-validations-centos-7-molecule-image_serve
|
||||||
- tripleo-validations-centos-7-molecule-check_network_gateway
|
- tripleo-validations-centos-7-molecule-check_network_gateway
|
||||||
|
@ -36,7 +35,6 @@
|
||||||
- tripleo-validations-centos-7-molecule-undercloud_ram
|
- tripleo-validations-centos-7-molecule-undercloud_ram
|
||||||
- tripleo-validations-centos-7-molecule-undercloud_debug
|
- tripleo-validations-centos-7-molecule-undercloud_debug
|
||||||
- tripleo-validations-centos-7-molecule-undercloud_disk_space
|
- tripleo-validations-centos-7-molecule-undercloud_disk_space
|
||||||
- tripleo-validations-centos-7-molecule-no_op_firewall_nova_driver
|
|
||||||
- tripleo-validations-centos-7-molecule-nova_status
|
- tripleo-validations-centos-7-molecule-nova_status
|
||||||
- tripleo-validations-centos-7-molecule-image_serve
|
- tripleo-validations-centos-7-molecule-image_serve
|
||||||
- tripleo-validations-centos-7-molecule-check_network_gateway
|
- tripleo-validations-centos-7-molecule-check_network_gateway
|
||||||
|
@ -126,13 +124,6 @@
|
||||||
vars:
|
vars:
|
||||||
tripleo_validations_role_name: xfs_check_ftype
|
tripleo_validations_role_name: xfs_check_ftype
|
||||||
voting: false
|
voting: false
|
||||||
- job:
|
|
||||||
files:
|
|
||||||
- ^roles/no_op_firewall_nova_driver/.*
|
|
||||||
name: tripleo-validations-centos-7-molecule-no_op_firewall_nova_driver
|
|
||||||
parent: tripleo-validations-centos-7-base
|
|
||||||
vars:
|
|
||||||
tripleo_validations_role_name: no_op_firewall_nova_driver
|
|
||||||
- job:
|
- job:
|
||||||
files:
|
files:
|
||||||
- ^roles/nova_status/.*
|
- ^roles/nova_status/.*
|
||||||
|
|
Loading…
Reference in New Issue