diff --git a/.zuul.yaml b/.zuul.yaml index 82bc2d5..0a29972 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -1,8 +1,62 @@ --- +- job: + name: ansible-role-zuul-registry-base + pre-run: tests/playbooks/pre.yaml + run: tests/playbooks/run.yaml + post-run: tests/collect-logs.yaml + roles: + - zuul: windmill/ansible-role-zuul-registry + +# Testing for zuul_registry_install_method: pip +- job: + name: ansible-role-zuul-registry + parent: ansible-role-zuul-registry-base + +- job: + name: ansible-role-zuul-registry-fedora-latest + parent: ansible-role-zuul-registry + nodeset: fedora-latest + +- job: + name: ansible-role-zuul-registry-ubuntu-bionic + parent: ansible-role-zuul-registry + nodeset: ubuntu-bionic + +# Testing for zuul_registry_install_method: git +- job: + name: ansible-role-zuul-registry-src + parent: ansible-role-zuul-registry-base + required-projects: + - name: zuul/zuul-registry + vars: + zuul_registry_git_update: false + zuul_registry_install_method: git + +- job: + name: ansible-role-zuul-registry-src-fedora-latest + parent: ansible-role-zuul-registry-src + nodeset: fedora-latest + +- job: + name: ansible-role-zuul-registry-src-ubuntu-bionic + parent: ansible-role-zuul-registry-src + nodeset: ubuntu-bionic + - project: + templates: + - windmill-jobs-fedora-latest + - windmill-jobs-bionic check: jobs: + - ansible-role-zuul-registry-fedora-latest + - ansible-role-zuul-registry-ubuntu-bionic + - ansible-role-zuul-registry-src-fedora-latest + - ansible-role-zuul-registry-src-ubuntu-bionic - tox-linters gate: jobs: + - ansible-role-zuul-registry-fedora-latest + - ansible-role-zuul-registry-ubuntu-bionic + - ansible-role-zuul-registry-src-fedora-latest + - ansible-role-zuul-registry-src-ubuntu-bionic - tox-linters diff --git a/bindep.txt b/bindep.txt new file mode 100644 index 0000000..5d3d029 --- /dev/null +++ b/bindep.txt @@ -0,0 +1,5 @@ +# This is a cross-platform list tracking distribution packages needed by tests; +# see http://docs.openstack.org/infra/bindep/ for additional information. + +python3-pip [test] +python3-setuptools [test] diff --git a/defaults/main.yaml b/defaults/main.yaml new file mode 100644 index 0000000..f1289ea --- /dev/null +++ b/defaults/main.yaml @@ -0,0 +1,80 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +# tasks/main.yaml +zuul_registry_task_manager: + - pre + - install + - config + - service + +# tasks/config.yaml +zuul_registry_user_name: zuul-registry +zuul_registry_user_group: zuul-registry +zuul_registry_user_home: /var/lib/zuul-registry +zuul_registry_user_home_mode: 0755 +# zuul_registry_user_shell: + +zuul_registry_file_registry_yaml_dest: /etc/zuul-registry/registry.yaml +zuul_registry_file_registry_yaml_group: "{{ zuul_registry_user_group }}" +zuul_registry_file_registry_yaml_mode: 0644 +zuul_registry_file_registry_yaml_owner: "{{ zuul_registry_user_name }}" +zuul_registry_file_registry_yaml_src: etc/zuul-registry/registry.yaml + +zuul_registry_file_ssl_cert_content: +zuul_registry_file_ssl_cert_dest: /etc/zuul-registry/ssl/cert.pem +zuul_registry_file_ssl_cert_group: "{{ zuul_registry_user_group }}" +zuul_registry_file_ssl_cert_mode: 0644 +zuul_registry_file_ssl_cert_owner: "{{ zuul_registry_user_name }}" +zuul_registry_file_ssl_cert_src: etc/zuul-registry/ssl/cert.pem + +zuul_registry_file_ssl_key_content: +zuul_registry_file_ssl_key_dest: /etc/zuul-registry/ssl/cert.key +zuul_registry_file_ssl_key_group: "{{ zuul_registry_user_group }}" +zuul_registry_file_ssl_key_mode: 0600 +zuul_registry_file_ssl_key_owner: "{{ zuul_registry_user_name }}" +zuul_registry_file_ssl_key_src: etc/zuul-registry/ssl/cert.key + +# tasks/install.yaml +zuul_registry_git_dest: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry" +zuul_registry_git_uri: https://opendev.org/zuul/zuul-registry +zuul_registry_git_version: master +# zuul_registry_git_refspec: +# zuul_registry_git_update: + +zuul_registry_install_method: pip + +zuul_registry_pip_name: zuul-registry +# zuul_registry_pip_executable: +# zuul_registry_pip_editable: +# zuul_registry_pip_extra_args: +# zuul_registry_pip_version: +# zuul_registry_pip_virtualenv_python: +# zuul_registry_pip_virtualenv: +# zuul_registry_pip_virtualenv_symlink: + +# tasks/service.yaml +zuul_registry_file_zuul_registry_service_manage: true +zuul_registry_file_zuul_registry_service_group: root +zuul_registry_file_zuul_registry_service_owner: root + +zuul_registry_file_zuul_registry_service_config_manage: true +zuul_registry_file_zuul_registry_service_config_group: root +zuul_registry_file_zuul_registry_service_config_owner: root + +zuul_registry_service_zuul_registry_daemon_reload: true +zuul_registry_service_zuul_registry_enabled: true +zuul_registry_service_zuul_registry_manage: true +zuul_registry_service_zuul_registry_name: zuul-registry +zuul_registry_service_zuul_registry_state: started diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..8b2f48c --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,33 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +galaxy_info: + author: Paul Belanger + description: | + This is a container image registry for use with the Zuul project gating + system. + company: Red Hat, Inc. + license: Apache + min_ansible_version: 2.4 + platforms: + - name: Fedora + versions: + - 27 + - name: Ubuntu + versions: + - 16.04 + - 18.04 + categories: + - system +dependencies: [] diff --git a/tasks/config.yaml b/tasks/config.yaml new file mode 100644 index 0000000..f6f2545 --- /dev/null +++ b/tasks/config.yaml @@ -0,0 +1,55 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Create required directories + become: true + file: + group: "{{ zuul_registry_user_group }}" + owner: "{{ zuul_registry_user_name }}" + path: "{{ item }}" + state: directory + with_items: + - /etc/zuul-registry + - /etc/zuul-registry/ssl + - /var/lib/zuul-registry/storage + +- name: Install zuul-registry configuration + become: true + template: + dest: "{{ zuul_registry_file_registry_yaml_dest }}" + group: "{{ zuul_registry_file_registry_yaml_group }}" + mode: "{{ zuul_registry_file_registry_yaml_mode }}" + owner: "{{zuul_registry_file_registry_yaml_owner }}" + src: "{{ zuul_registry_file_registry_yaml_src }}" + register: zuul_registry_file_registry_yaml + +- name: Install zuul ssl cert configuration + become: true + template: + dest: "{{ zuul_registry_file_ssl_cert_dest }}" + group: "{{ zuul_registry_file_ssl_cert_group }}" + mode: "{{ zuul_registry_file_ssl_cert_mode }}" + owner: "{{ zuul_registry_file_ssl_cert_owner }}" + src: "{{ zuul_registry_file_ssl_cert_src }}" + register: zuul_registry_file_ssl_cert + +- name: Install zuul ssl key configuration + become: true + template: + dest: "{{ zuul_registry_file_ssl_key_dest }}" + group: "{{ zuul_registry_file_ssl_key_group }}" + mode: "{{ zuul_registry_file_ssl_key_mode }}" + owner: "{{ zuul_registry_file_ssl_key_owner }}" + src: "{{ zuul_registry_file_ssl_key_src }}" + register: zuul_registry_file_ssl_key diff --git a/tasks/install.yaml b/tasks/install.yaml new file mode 100644 index 0000000..b8f49c7 --- /dev/null +++ b/tasks/install.yaml @@ -0,0 +1,35 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Define zuul_registry_build_depends + set_fact: + zuul_registry_build_depends: "{{ __zuul_registry_build_depends | list }}" + when: zuul_registry_build_depends is not defined + +- name: Ensure build dependencies are present + become: true + package: + name: "{{ zuul_registry_build_depends }}" + state: present + when: zuul_registry_install_method == 'git' + +- name: Define zuul_registry_pip_executable if needed + set_fact: + zuul_registry_pip_executable: pip3 + when: + - zuul_registry_install_method == 'git' or zuul_registry_install_method == 'pip' + - zuul_registry_pip_virtualenv_python is not defined + - zuul_registry_pip_executable is not defined + +- include: "install/{{ zuul_registry_install_method }}.yaml" diff --git a/tasks/install/git.yaml b/tasks/install/git.yaml new file mode 100644 index 0000000..ff5e704 --- /dev/null +++ b/tasks/install/git.yaml @@ -0,0 +1,27 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Git clone zuul-registry + git: + dest: "{{ zuul_registry_git_dest }}" + refspec: "{{ zuul_registry_git_refspec|default(omit) }}" + repo: "{{ zuul_registry_git_uri }}" + update: "{{ zuul_registry_git_update|default(omit) }}" + version: "{{ zuul_registry_git_version|default(omit) }}" + +- name: Set zuul_registry_pip_name to local git repo + set_fact: + zuul_registry_pip_name: "file://{{ zuul_registry_git_dest }}" + +- include: pip.yaml diff --git a/tasks/install/pip.yaml b/tasks/install/pip.yaml new file mode 100644 index 0000000..bdd640a --- /dev/null +++ b/tasks/install/pip.yaml @@ -0,0 +1,35 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Install zuul-registry using pip + become: true + pip: + executable: "{{ zuul_registry_pip_executable|default(omit) }}" + editable: "{{ zuul_registry_pip_editable|default(omit) }}" + extra_args: "{{ zuul_registry_pip_extra_args|default(omit) }}" + name: "{{ zuul_registry_pip_name }}" + version: "{{ zuul_registry_pip_version|default(omit) }}" + virtualenv_python: "{{ zuul_registry_pip_virtualenv_python|default(omit) }}" + virtualenv: "{{ zuul_registry_pip_virtualenv|default(omit) }}" + +- name: Symlink zuul-registry virtualenv + become: true + file: + src: "{{ zuul_registry_pip_virtualenv }}" + dest: "{{ zuul_registry_pip_virtualenv_symlink }}" + state: link + when: + - zuul_registry_pip_virtualenv is defined + - zuul_registry_pip_virtualenv_symlink is defined + - zuul_registry_pip_virtualenv != zuul_registry_pip_virtualenv_symlink diff --git a/tasks/main.yaml b/tasks/main.yaml new file mode 100644 index 0000000..7c9153d --- /dev/null +++ b/tasks/main.yaml @@ -0,0 +1,21 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Include OS-specific variables + include_vars: "{{ ansible_os_family | lower }}.yaml" + +- include: "{{ zuul_registry_task }}.yaml" + with_items: "{{ zuul_registry_task_manager }}" + loop_control: + loop_var: zuul_registry_task diff --git a/tasks/pre.yaml b/tasks/pre.yaml new file mode 100644 index 0000000..1418574 --- /dev/null +++ b/tasks/pre.yaml @@ -0,0 +1,33 @@ +# Copyright 2016 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Create group account + become: true + group: + name: "{{ zuul_registry_user_group }}" + +- name: Create user account + become: true + user: + createhome: true + group: "{{ zuul_registry_user_group }}" + home: "{{ zuul_registry_user_home }}" + name: "{{ zuul_registry_user_name }}" + shell: "{{ zuul_registry_user_shell|default(omit) }}" + +- name: Set permissions on home directory + become: true + file: + path: "{{ zuul_registry_user_home }}" + mode: "{{ zuul_registry_user_home_mode }}" diff --git a/tasks/service.yaml b/tasks/service.yaml new file mode 100644 index 0000000..cabf38c --- /dev/null +++ b/tasks/service.yaml @@ -0,0 +1,94 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- name: Define zuul_registry_file_zuul_registry_service_dest + set_fact: + zuul_registry_file_zuul_registry_service_dest: "{{ __zuul_registry_file_zuul_registry_service_dest }}" + when: zuul_registry_file_zuul_registry_service_dest is not defined + +- name: Define zuul_registry_file_zuul_registry_service_mode + set_fact: + zuul_registry_file_zuul_registry_service_mode: "{{ __zuul_registry_file_zuul_registry_service_mode }}" + when: zuul_registry_file_zuul_registry_service_mode is not defined + +- name: Define zuul_registry_file_zuul_registry_service_src + set_fact: + zuul_registry_file_zuul_registry_service_src: "{{ __zuul_registry_file_zuul_registry_service_src }}" + when: zuul_registry_file_zuul_registry_service_src is not defined + +- name: Define zuul_registry_file_zuul_registry_service_config_dest + set_fact: + zuul_registry_file_zuul_registry_service_config_dest: "{{ __zuul_registry_file_zuul_registry_service_config_dest }}" + when: zuul_registry_file_zuul_registry_service_config_dest is not defined + +- name: Define zuul_registry_file_zuul_registry_service_config_mode + set_fact: + zuul_registry_file_zuul_registry_service_config_mode: "{{ __zuul_registry_file_zuul_registry_service_config_mode }}" + when: zuul_registry_file_zuul_registry_service_config_mode is not defined + +- name: Define zuul_registry_file_zuul_registry_service_config_src + set_fact: + zuul_registry_file_zuul_registry_service_config_src: "{{ __zuul_registry_file_zuul_registry_service_config_src }}" + when: zuul_registry_file_zuul_registry_service_config_src is not defined + +- name: Install zuul-registry service script into place + become: true + template: + dest: "{{ zuul_registry_file_zuul_registry_service_dest }}" + group: "{{ zuul_registry_file_zuul_registry_service_group }}" + mode: "{{ zuul_registry_file_zuul_registry_service_mode }}" + owner: "{{ zuul_registry_file_zuul_registry_service_owner }}" + src: "{{ zuul_registry_file_zuul_registry_service_src }}" + register: zuul_registry_file_zuul_registry_service + when: zuul_registry_file_zuul_registry_service_manage + +- name: Create zuul-registry service config directory + become: true + file: + group: "{{ zuul_registry_file_zuul_registry_service_config_group }}" + owner: "{{ zuul_registry_file_zuul_registry_service_config_owner }}" + path: "{{ zuul_registry_file_zuul_registry_service_dest }}.d" + state: directory + when: zuul_registry_file_zuul_registry_service_config_manage + +- name: Install zuul-registry service config into place + become: true + template: + dest: "{{ zuul_registry_file_zuul_registry_service_config_dest }}" + group: "{{ zuul_registry_file_zuul_registry_service_config_group }}" + mode: "{{ zuul_registry_file_zuul_registry_service_config_mode }}" + owner: "{{ zuul_registry_file_zuul_registry_service_config_owner }}" + src: "{{ zuul_registry_file_zuul_registry_service_config_src }}" + register: zuul_registry_file_zuul_registry_service_config + when: zuul_registry_file_zuul_registry_service_config_manage + +- name: Enable zuul-registry service + become: true + systemd: + daemon_reload: "{{ zuul_registry_service_zuul_registry_daemon_reload }}" + enabled: "{{ zuul_registry_service_zuul_registry_enabled }}" + name: "{{ zuul_registry_service_zuul_registry_name }}" + register: zuul_registry_service_zuul_registry + when: zuul_registry_service_zuul_registry_manage + +- name: Set zuul-registry service state + become: true + systemd: + daemon_reload: "{{ zuul_registry_service_zuul_registry_daemon_reload }}" + name: "{{ zuul_registry_service_zuul_registry_name }}" + state: "{{ zuul_registry_service_zuul_registry_state }}" + register: zuul_registry_service_zuul_registry_state_info + when: + - zuul_registry_service_zuul_registry_manage + - zuul_registry_service_zuul_registry_state in ['reloaded', 'restarted', 'started', 'stopped'] diff --git a/templates/etc/systemd/system/zuul-registry.service b/templates/etc/systemd/system/zuul-registry.service new file mode 100644 index 0000000..a82bea5 --- /dev/null +++ b/templates/etc/systemd/system/zuul-registry.service @@ -0,0 +1,14 @@ +[Unit] +Description=Zuul Registry Service +After=syslog.target network.target + +[Service] +Type=simple +# Options to pass to zuul-registry. +Environment="ARGS=-c /etc/zuul-registry/registry.yaml" +Group=zuul-registry +User=zuul-registry +ExecStart={{ zuul_registry_pip_virtualenv | default('/usr/local') }}/bin/zuul-registry -d $ARGS + +[Install] +WantedBy=multi-user.target diff --git a/templates/etc/systemd/system/zuul-registry.service.d/override.conf b/templates/etc/systemd/system/zuul-registry.service.d/override.conf new file mode 100644 index 0000000..602ac8e --- /dev/null +++ b/templates/etc/systemd/system/zuul-registry.service.d/override.conf @@ -0,0 +1,3 @@ +# This file is generated by Ansible +# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN +# diff --git a/templates/etc/zuul-registry/registry.yaml b/templates/etc/zuul-registry/registry.yaml new file mode 100644 index 0000000..eb7f2e0 --- /dev/null +++ b/templates/etc/zuul-registry/registry.yaml @@ -0,0 +1,18 @@ +--- +registry: + address: '127.0.0.1' + port: 9000 + tls-cert: /etc/zuul-registry/ssl/cert.pem + tls-key: /etc/zuul-registry/ssl/cert.key + secret: test_token_secret + public-url: https://localhost:9000 + users: + - name: testuser + pass: testpass + access: write + - name: anonymous + pass: '' + access: read + storage: + driver: filesystem + root: /var/lib/zuul-registry/storage diff --git a/templates/etc/zuul-registry/ssl/cert.key b/templates/etc/zuul-registry/ssl/cert.key new file mode 100644 index 0000000..3c65ae8 --- /dev/null +++ b/templates/etc/zuul-registry/ssl/cert.key @@ -0,0 +1,4 @@ +# This file is generated by Ansible +# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN +# +{{ zuul_registry_file_ssl_key_content }} diff --git a/templates/etc/zuul-registry/ssl/cert.pem b/templates/etc/zuul-registry/ssl/cert.pem new file mode 100644 index 0000000..910f83f --- /dev/null +++ b/templates/etc/zuul-registry/ssl/cert.pem @@ -0,0 +1,4 @@ +# This file is generated by Ansible +# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN +# +{{ zuul_registry_file_ssl_cert_content }} diff --git a/tests/collect-logs.yaml b/tests/collect-logs.yaml new file mode 100644 index 0000000..34899ac --- /dev/null +++ b/tests/collect-logs.yaml @@ -0,0 +1,36 @@ +--- +- hosts: all + tasks: + - name: Ensure journald logs directory exists + file: + path: "{{ zuul_output_dir }}/logs/logs/var/log/journal" + state: directory + + - name: Collect journald logs + shell: "sudo journalctl -u {{ item }}.service | tee {{ zuul_output_dir }}/logs/logs/var/log/journal/{{ item }}.service.log" + args: + creates: "{{ zuul_output_dir }}/logs/logs/var/log/journal/{{ item }}.service.log" + with_items: + - zuul-registry + + - name: Prepare zuul-registry log files + become: true + synchronize: + dest: "{{ zuul_output_dir }}/logs/logs" + rsync_opts: + - "--relative" + - "--chown={{ ansible_user_id }}:{{ ansible_user_id }}" + src: "{{ item }}" + verify_host: true + delegate_to: "{{ inventory_hostname }}" + with_items: + - /etc/zuul-registry + + # TODO: Migrate to fetch-zuul-logs when + # https://review.opendev.org/#/c/583346/ is merged. + - name: Collect log output + synchronize: + dest: "{{ zuul.executor.log_root }}/" + mode: pull + src: "{{ zuul_output_dir }}/logs/" + verify_host: true diff --git a/tests/inventory b/tests/inventory new file mode 100644 index 0000000..2fbb50c --- /dev/null +++ b/tests/inventory @@ -0,0 +1 @@ +localhost diff --git a/tests/playbooks/pre.yaml b/tests/playbooks/pre.yaml new file mode 100644 index 0000000..25d7d32 --- /dev/null +++ b/tests/playbooks/pre.yaml @@ -0,0 +1,25 @@ +--- +- hosts: all + tasks: + # TODO(pabelanger): Remove once this lands in our base job in + # project-config. + - name: Execute ensure-output-dirs role + include_role: + name: ensure-output-dirs + + - name: Disable extra wheels mirror + become: true + lineinfile: + dest: /etc/pip.conf + regexp: ^extra-index-url + state: absent + + - name: Execute bindep role + include_role: + name: bindep + vars: + bindep_profile: ansible test + + - name: Execute test-setup role + include_role: + name: test-setup diff --git a/tests/playbooks/run.yaml b/tests/playbooks/run.yaml new file mode 100644 index 0000000..1f7eb4f --- /dev/null +++ b/tests/playbooks/run.yaml @@ -0,0 +1,125 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +- hosts: all + vars: + rolename: ansible-role-zuul-registry + zuul_registry_file_ssl_cert_content: | + -----BEGIN CERTIFICATE----- + MIIDTzCCAjcCFBfoHAg0EQQloogrr6mpLimi+YUJMA0GCSqGSIb3DQEBCwUAMGIx + CzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEPMA0GA1UEBwwGQXVzdGluMR0w + GwYDVQQKDBRPcGVuU3RhY2sgRm91bmRhdGlvbjETMBEGA1UEAwwKZ2Vhcm1hbi1j + YTAeFw0yMDExMTcyMTIxMzVaFw0zMDExMTUyMTIxMzVaMGYxCzAJBgNVBAYTAlVT + MQ4wDAYDVQQIDAVUZXhhczEPMA0GA1UEBwwGQXVzdGluMR0wGwYDVQQKDBRPcGVu + U3RhY2sgRm91bmRhdGlvbjEXMBUGA1UEAwwOZ2Vhcm1hbi1jbGllbnQwggEiMA0G + CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4cIGCILH7E15Pl0tK6TUKd/8DlsQW + R+sUju2pSwETz+/sW3TFWcWacS91BX8A3uMuneLTf1xgN/IhH/z4/6+XQi4BUN1a + /vI8t2xOWAFgq9h9pM2GvYTlPJC2Xj4vTONdZSEIPJE5d/QYpNzHA/NKlQq61A1n + /bdTALRxdPEeGLF63uY/kiiU+UtR3SF69lysJSw8ryHlCnSUPKc/2NpOvgmzPBVz + 0CjSMeKQzvLxvV31sD1jYa/qEGORwURQl4GrKch4KlOBelEHsjZhKaWnr/19Dhgy + WoLeXxeACMfa822D5kWza1p5aIMHYXELjKa3PlDCUQnqYqoWIqrNG7FpAgMBAAEw + DQYJKoZIhvcNAQELBQADggEBAFZVHK2ZxDO9aIAnB03akKQ5WQ1tpljtidBdTvuf + +Xw76BxCtMFZpk7n3IlfMuhOyTjRyuswb1eTP7VQwW/v3UDJOVzxBrGcCgSA1MEU + MmftGuV9DMHCELmKGBQKstK59oSCLp55U0cEdHF9Uxuwxv5b5MHdUFiHsKqDYQST + CUSpLqE7WwZhAu9+vVQq6+4Dr1llu72i4sSV6Yo8/qLALoIhUnocyco1pO/Uh7uQ + WLpKtURdHg6l4lfhIe3RySTL00W4iSVVZbVX2D234DD7kr4Uj9NhJuNZHap7k4WN + +pq0Knq5gJvNe49BTgsulj9Inv3gkR9FiWQlidPOKXP0T0s= + -----END CERTIFICATE----- + zuul_registry_file_ssl_key_content: | + -----BEGIN PRIVATE KEY----- + MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQC4cIGCILH7E15P + l0tK6TUKd/8DlsQWR+sUju2pSwETz+/sW3TFWcWacS91BX8A3uMuneLTf1xgN/Ih + H/z4/6+XQi4BUN1a/vI8t2xOWAFgq9h9pM2GvYTlPJC2Xj4vTONdZSEIPJE5d/QY + pNzHA/NKlQq61A1n/bdTALRxdPEeGLF63uY/kiiU+UtR3SF69lysJSw8ryHlCnSU + PKc/2NpOvgmzPBVz0CjSMeKQzvLxvV31sD1jYa/qEGORwURQl4GrKch4KlOBelEH + sjZhKaWnr/19DhgyWoLeXxeACMfa822D5kWza1p5aIMHYXELjKa3PlDCUQnqYqoW + IqrNG7FpAgMBAAECggEBAIZeKGul6CQzcxTm8wprJaIv05BIySg2UtQSYKBiLTHC + 3lbCNisEgMpIRTuqumDnAHlYuwQ8GA9dEsABLuo0VDcNFrkMsYb2j4GeW4Aj6zUD + XOAELVtJPMVIv2Cs/f61tDq5TzxR67cDZciCavluLlOai0ua6v1kwKbur4asnHDA + bagRhqa5Kij+63Wq1o08AtpfUVcvr3iAtuqTf0dw0Fz+iMSxvResy57U/r1sByAa + vNbLliBXgkO6IfHeiIQ6JdOVNBsjE9Lz1d5yFshOf8SROdBmIKedtSY29nc/2Rit + +wuWlp2nOdzq+KIaPRqfacWYomcSdwLLhsrSOJKO/JECgYEA5CFJv5wmzTJ3RaZF + LcErfKWA98jS46oStWWf4DQIltEoWeb/3anoAxyzx1KsId1LCWtEQzf9LlQ2IuRz + CYhv2T5FWiXT1Ia4OX/WFUMRYXho4hMPxLNOxMPw2rR06FDWDRUAyJdc5g9as6vp + JRCjiVmFuiV2Ln/tBts/jFgjI50CgYEAzvjOYm05HKwPlnlIMv6sOJtCZslgNcH2 + FRfKUPPTAos8iBu/joprCzUd3TRJn2QlOORvB00M+gQRZTT/+ig60h1stWVkjg6K + LKpdCBeCS7/2CirFx7cNsLA6fgalqBA1QnwAsCh9ykW1Ao0yM11gq6A0lfMNXW7l + bwlGMqlTeT0CgYEAnW+Lobx12q61OU/h9g2VoVPmiRoC0DMS7jTP/L5sHwkBO+n7 + MlKLV3p7Z1dai5RYsItidLEy/MIJClN2QGH0LoyW9/ubENRYVvYuHEZIvGeImlxl + SW4lMg23LnfTJnCDCEwyWjx7VBnMkqpVH8s30RYC/8/Sm4yVW2H7nTNGLNECgYEA + l+A1uj5B6YtNCPNIirsc75DmwfxFkE0bYdEKUisJjVVU/t+1ykhCUoAQwRCscb0Q + H1ZpLudYfWJczXJ94DiDKUoUSmvzxNZgiHQfPl/Z6fIb/svyRCJMdnprAa2pA9GY + 84eBDcM4wyQxtoSb8Ns1o9s0m1A2X3iP/dHFZEmiilUCgYEA2tzCS7zu6VXaBXFq + CwhImmNmBWMrncx7TeCLL2UGxl53z6hmNTZ2N216O+cNItpXeBWmjbyDK1wyLAug + 7fLNnW3xMlIRNaqo5qkoj1iPyaYzAz/RfhIjSH7EHHcm0L5HssjanOGW9YOpTpqv + 4VFGmzIrdzue1QSi4qkP8DuY7Nk= + -----END PRIVATE KEY----- + + roles: + - "{{ rolename }}" + + post_tasks: + - name: Assert results are registered. + assert: + that: + - zuul_registry_file_registry_yaml + - zuul_registry_file_zuul_registry_service + - zuul_registry_file_zuul_registry_service_config + - zuul_registry_service_zuul_registry + + - name: Register zuul_registry_git_dest_stat. + stat: + path: /home/zuul/src/opendev.org/zuul/zuul-registry + register: zuul_registry_git_dest_stat + when: zuul_registry_install_method == 'git' + + - name: Assert zuul_registry_git_dest tests. + assert: + that: + - zuul_registry_git_dest_stat.stat.exists + - zuul_registry_git_dest_stat.stat.isdir + when: zuul_registry_install_method == 'git' + + - name: Register /etc/systemd/system/zuul-registry.service + stat: + path: /etc/systemd/system/zuul-registry.service + register: _zuul_registry_service_systemd_stat + + - name: Assert _zuul_registry_service_systemd_stat tests. + assert: + that: + - _zuul_registry_service_systemd_stat.stat.exists + - _zuul_registry_service_systemd_stat.stat.isreg + - _zuul_registry_service_systemd_stat.stat.pw_name == 'root' + - _zuul_registry_service_systemd_stat.stat.gr_name == 'root' + - _zuul_registry_service_systemd_stat.stat.mode == '0644' + + - name: Register /etc/systemd/system/zuul-registry.service.d/override.conf + stat: + path: /etc/systemd/system/zuul-registry.service.d/override.conf + register: zuul_registry_service_config_stat + + - name: Assert zuul_registry_service_config_stat tests. + assert: + that: + - zuul_registry_service_config_stat.stat.exists + - zuul_registry_service_config_stat.stat.isreg + - zuul_registry_service_config_stat.stat.pw_name == 'root' + - zuul_registry_service_config_stat.stat.gr_name == 'root' + - zuul_registry_service_config_stat.stat.mode == '0644' + + - name: Ensure zuul-registry is running + become: true + shell: /usr/sbin/service zuul-registry status + tags: skip_ansible_lint diff --git a/vars/debian.yaml b/vars/debian.yaml new file mode 100644 index 0000000..53f482c --- /dev/null +++ b/vars/debian.yaml @@ -0,0 +1,24 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +__zuul_registry_build_depends: + - python3-dev + +__zuul_registry_file_zuul_registry_service_dest: /etc/systemd/system/zuul-registry.service +__zuul_registry_file_zuul_registry_service_mode: 0644 +__zuul_registry_file_zuul_registry_service_src: etc/systemd/system/zuul-registry.service + +__zuul_registry_file_zuul_registry_service_config_dest: /etc/systemd/system/zuul-registry.service.d/override.conf +__zuul_registry_file_zuul_registry_service_config_mode: 0644 +__zuul_registry_file_zuul_registry_service_config_src: etc/systemd/system/zuul-registry.service.d/override.conf diff --git a/vars/redhat.yaml b/vars/redhat.yaml new file mode 100644 index 0000000..deca027 --- /dev/null +++ b/vars/redhat.yaml @@ -0,0 +1,24 @@ +# Copyright 2015 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +--- +__zuul_registry_build_depends: + - python3-devel + +__zuul_registry_file_zuul_registry_service_dest: /etc/systemd/system/zuul-registry.service +__zuul_registry_file_zuul_registry_service_mode: 0644 +__zuul_registry_file_zuul_registry_service_src: etc/systemd/system/zuul-registry.service + +__zuul_registry_file_zuul_registry_service_config_dest: /etc/systemd/system/zuul-registry.service.d/override.conf +__zuul_registry_file_zuul_registry_service_config_mode: 0644 +__zuul_registry_file_zuul_registry_service_config_src: etc/systemd/system/zuul-registry.service.d/override.conf