majic-ansible-roles Changeset

Changeset - 0bfda9b0c3fe

Parent rev.

Child rev.

[Not reviewed]

0 2 0

Branko Majic (branko) - 7 years ago 2018-10-18 07:59:20
branko@majic.rs

MAR-132: Pin packages as part of wsgi_website role test to ensure reproducability:

- Provide explicit list of packages being deployed. This should ensure
we can always reproduce the tests without being affected by new
releases of packages.
- Updated expected requirements in test for the jedi version.

2 files changed with 10 insertions and 2 deletions:

roles/wsgi_website/molecule/default/playbook.yml

roles/wsgi_website/molecule/default/tests/test_default.py

0 comments (0 inline, 0 general)

roles/wsgi_website/molecule/default/playbook.yml

➞

Show inline comments

@@ @@ -7,99 +7,107 @@ @@
     ca_certificates:
       testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
     # web_server
     default_https_tls_certificate: "{{ lookup('file', 'tests/data/x509/wsgi-website_https.cert.pem') }}"
     default_https_tls_key: "{{ lookup('file', 'tests/data/x509/wsgi-website_https.key.pem') }}"
     # Common parameters (general, not role).
     tls_certificate_dir: tests/data/x509/
     tls_private_key_dir: tests/data/x509/
   roles:
     - role: wsgi_website
       fqdn: parameters-mandatory
       wsgi_application: testapp:application
     - role: wsgi_website
       fqdn: parameters-optional.local
       additional_nginx_config:
         - comment: Custom missing page.
           value: error_page 404 /my/own/error/page;
       admin_uid: 5000
       enforce_https: false
       environment_indicator:
         background_colour: "#ff0000"
         text_colour: "#00ff00"
         text: "parameters-optional"
       environment_variables:
         MY_ENV_VAR: "My environment variable"
       futures_version: 3.1.0
       gunicorn_version: 19.7.0
       https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.cert.pem') }}"
       https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.key.pem') }}"
       packages:
         - "{% if ansible_distribution_release == 'jessie' %}libmariadb-client-lgpl-dev-compat\
 {% elif ansible_distribution_release == 'stretch' %}libmariadbclient-dev-compat{% endif %}"
         - global
       proxy_headers:
         Accept-Encoding: '""'
       rewrites:
         - '^/rewrite1/(.*) /rewritten1/ last'
         - '^/rewrite2/(.*) /rewritten2/$1 last'
       static_locations:
         - /static/
         - /media/
       uid: 5001
       use_paste: false
       virtualenv_packages:
         - dnspython==1.15.0,<1.20.0
         # Main packages.
         - dnspython==1.15.0
         - ptpython==0.41
         - prompt-toolkit==1.0.15
         # Dependencies.
         - docopt==0.6.2
         - jedi==0.13.1
         - parso==0.3.1
         - Pygments==2.2.0
         - six==1.11.0
         - wcwidth==0.1.7
       website_mail_recipients: user
       wsgi_application: testapp:application
       wsgi_requirements: []
       python_version: 3
     - role: wsgi_website
       fqdn: parameters-paste-req
       use_paste: true
       virtualenv_packages:
         - click==6.7
         - Flask==0.12.2
         - itsdangerous==0.24
         - Jinja2==2.9.6
         - MarkupSafe==1.0
         - Paste==2.0.3
         - PasteDeploy==1.5.2
         - PasteScript==2.0.2
         - six==1.10.0
         - Werkzeug==0.12.2
       wsgi_application: config.ini
       wsgi_requirements:
         - futures==3.1.0
         - gunicorn==19.7.0
       https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-paste-req_https.cert.pem') }}"
       https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-paste-req_https.key.pem') }}"
 - hosts: wsgi-website
   become: true
   tasks:
     # parameters-mandatory application
     - name: Set-up directories where application files are hosted at
       file:
         path: "/var/www/parameters-mandatory/{{ item }}"
         state: directory
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 02750
       with_items:
         - htdocs/static
         - htdocs/media
         - code
     - name: Deploy WSGI application
       copy:
         src: "tests/data/python/wsgi/testapp.py"
         dest: "/var/www/parameters-mandatory/code/testapp.py"
         owner: admin-parameters-mandatory
         group: web-parameters-mandatory
         mode: 0640

roles/wsgi_website/molecule/default/tests/test_default.py

➞

Show inline comments

     """
     Tests if project directory configuration within virtualenv is set-up
     correctly.
     """
     with host.sudo():
         project = host.file(project_file)
         assert project.is_file
         assert project.user == expected_owner
         assert project.group == expected_group
         assert project.mode == 0o640
 @pytest.mark.parametrize("wrapper_script, expected_owner, expected_group", [
     ('/var/www/parameters-mandatory/virtualenv/bin/exec', 'admin-parameters-mandatory', 'web-parameters-mandatory'),
     ('/var/www/parameters-optional.local/virtualenv/bin/exec', 'admin-parameters-optional_local', 'web-parameters-optional_local'),
     ('/var/www/parameters-paste-req/virtualenv/bin/exec', 'admin-parameters-paste-req', 'web-parameters-paste-req'),
 ])
 def test_python_virtualenv_wrapper_script(host, wrapper_script, expected_owner, expected_group):
     """
     Tests if Python virtualenv wrapper script is functioning correctly.
     """
     with host.sudo():
         wrapper = host.file(wrapper_script)
         assert wrapper.is_file
         assert wrapper.user == expected_owner
         assert wrapper.group == expected_group
         assert wrapper.mode == 0o750
         command = host.run("sudo -u %s %s python -c 'import gunicorn'" % (expected_owner, wrapper_script))
         assert command.rc == 0
 @pytest.mark.parametrize("admin_user, pip_path, expected_packages",  [
     ('admin-parameters-mandatory', '/var/www/parameters-mandatory/virtualenv/bin/pip', [
         "futures==3.2.0",
         "gunicorn==19.9.0",
     ]),
     ('admin-parameters-optional_local', '/var/www/parameters-optional.local/virtualenv/bin/pip', [
         "Pygments==2.2.0",
         "dnspython==1.15.0",
         "docopt==0.6.2",
         "futures==3.1.0",
         "gunicorn==19.7.0",
-        "jedi==0.12.1",
+        "jedi==0.13.1",
         "parso==0.3.1",
         "prompt-toolkit==1.0.15",
         "ptpython==0.41",
         "six==1.11.0",
         "wcwidth==0.1.7",
     ]),
     ('admin-parameters-paste-req', '/var/www/parameters-paste-req/virtualenv/bin/pip', [
         "Flask==0.12.2",
         "Jinja2==2.9.6",
         "MarkupSafe==1.0",
         "Paste==2.0.3",
         "PasteDeploy==1.5.2",
         "PasteScript==2.0.2",
         "Werkzeug==0.12.2",
         "click==6.7",
         "futures==3.1.0",
         "gunicorn==19.7.0",
         "itsdangerous==0.24",
         "six==1.10.0",
     ]),
 ])
 def test_virtualenv_packages(host, admin_user, pip_path, expected_packages):
     """
     Tests if correct packages are installed in virtualenv.
     """
     packages = host.run("sudo -u %s %s freeze" % (admin_user, pip_path))
     # Normalise package names and order.
     expected_packages = sorted([p.lower() for p in expected_packages])
     actual_packages = sorted(packages.stdout.lower().split("\n"))
     assert actual_packages == expected_packages
 @pytest.mark.parametrize('check_config_dir', [
     '/etc/pip_check_requirements_upgrades/parameters-mandatory',
     '/etc/pip_check_requirements_upgrades/parameters-optional.local',
 ])
 def test_wsgi_requirements_upgrade_checks(host, check_config_dir):
     """
     Tests if Python requirements files for upgrade checks are set-up
     correctly (absent when not configured).
     """
     with host.sudo():
         directory = host.file(check_config_dir)
         assert not directory.exists

0 comments (0 inline, 0 general)