diff --git a/doc/source/general-jobs.rst b/doc/source/general-jobs.rst index 08b95c8c9..747b1ac70 100644 --- a/doc/source/general-jobs.rst +++ b/doc/source/general-jobs.rst @@ -6,3 +6,4 @@ General Purpose Jobs .. zuul:autojob:: multinode .. zuul:autojob:: run-test-command .. zuul:autojob:: upload-git-mirror +.. zuul:autojob:: validate-zone-db diff --git a/playbooks/validate-zone-db/run.yaml b/playbooks/validate-zone-db/run.yaml new file mode 100644 index 000000000..2dce18818 --- /dev/null +++ b/playbooks/validate-zone-db/run.yaml @@ -0,0 +1,4 @@ +- hosts: all + name: Run zone.db check + roles: + - validate-zone-db diff --git a/roles/validate-zone-db/README.rst b/roles/validate-zone-db/README.rst index 8b388d7d2..61db67985 100644 --- a/roles/validate-zone-db/README.rst +++ b/roles/validate-zone-db/README.rst @@ -9,4 +9,14 @@ This role uses ``named-checkzone`` to validate Bind ``zone.db`` files. Look for ``zone.db`` files recursively in this directory. The layout should be ``domain.xyz/zone.db`` where a parent directory is - named for the zone the child ``zone.db`` file describes. + named for the zone the child ``zone.db`` file describes. This + populates the ``zone_db_files`` variable. Will not be used if + ``zone_db_files`` is explicitly set per below. + +.. zuul:rolevar:: zone_db_files + :default: [] + + A list of ``zone.db`` files to check. Each entry is a list with + the first element the domain, and the second element the path to + the ``zone.db`` file. If this variable is set, automatic searching + described by ``zone_files`` will not be performed. diff --git a/roles/validate-zone-db/defaults/main.yaml b/roles/validate-zone-db/defaults/main.yaml index fd44e370e..d019dbedf 100644 --- a/roles/validate-zone-db/defaults/main.yaml +++ b/roles/validate-zone-db/defaults/main.yaml @@ -1,2 +1,3 @@ zone_files: '{{ ansible_user_dir }}/{{ zuul.project.src_dir }}' +zone_db_files: [] diff --git a/roles/validate-zone-db/tasks/find.yaml b/roles/validate-zone-db/tasks/find.yaml new file mode 100644 index 000000000..e2092cdba --- /dev/null +++ b/roles/validate-zone-db/tasks/find.yaml @@ -0,0 +1,12 @@ +- name: Find zone files + find: + paths: '{{ zone_files }}' + patterns: 'zone.db' + recurse: yes + file_type: 'file' + register: zone_db_found_files + +- name: Build zone.db file list + set_fact: + zone_db_files: '{{ zone_db_files + [ [item.path.split("/")[-2], item.path] ] }}' + loop: "{{ zone_db_found_files['files'] }}" diff --git a/roles/validate-zone-db/tasks/main.yaml b/roles/validate-zone-db/tasks/main.yaml index 4c2abe01d..8d11b34c5 100644 --- a/roles/validate-zone-db/tasks/main.yaml +++ b/roles/validate-zone-db/tasks/main.yaml @@ -4,14 +4,10 @@ state: present become: yes -- name: Find zone files - find: - paths: '{{ zone_files }}' - patterns: 'zone.db' - recurse: yes - file_type: 'file' - register: zone_db_files +- name: Build zone.db list + include_tasks: find.yaml + when: not zone_db_files - name: 'Run checkzone' - command: '/usr/sbin/named-checkzone {{ item.path.split("/")[-2] }} {{ item.path }}' - loop: "{{ zone_db_files['files'] }}" + command: '/usr/sbin/named-checkzone {{ item[0] }} {{ item[1] }}' + loop: "{{ zone_db_files }}" diff --git a/zuul.yaml b/zuul.yaml index 11ce741cd..e71be31ef 100644 --- a/zuul.yaml +++ b/zuul.yaml @@ -574,3 +574,25 @@ run: playbooks/run-test-command/run.yaml vars: test_command: "exit 1" + +- job: + name: validate-zone-db + parent: base + description: | + Validate zone.db files in project. + + Responds to these variables: + + .. zuul:jobvar:: zone_files + :default: {{ ansible_user_dir }}/{{ zuul.project.src_dir }} + + Search for zone.db files recursively in this directory. + Format should be domain.xyz/zone.db, where the parent + directory is named for the zone described. + + .. zuul:jobvar:: zone_db_list + :default: [] + + Override the default searching above with explicit + domain/path references (see validate-zone-db role) + run: playbooks/validate-zone-db/run.yaml \ No newline at end of file