majic-ansible-roles Changeset

Changeset - 3c03c2ea9d2a

Parent rev.

Child rev.

[Not reviewed]

7 1 10

Branko Majic (branko) - 6 years ago 2017-11-26 00:42:12
branko@majic.rs

MAR-128: Upgraded tests for bootstrap role:

- Switch to new Molecule configuration.
- Updated set-up playbook to use become: yes.
- Moved some preparatory steps outside of the main playbook (eases
idempotence tests).
- Updated tests to reference the yml inventory file.
- Updated tests to use new fixture (host instead of individual ones).
- Fixed some linting issues.

13 files changed with 216 insertions and 100 deletions:

roles/bootstrap/defaults/main.yml

roles/bootstrap/molecule.yml

roles/bootstrap/molecule/default/create.yml

roles/bootstrap/molecule/default/destroy.yml

roles/bootstrap/molecule/default/molecule.yml

roles/bootstrap/molecule/default/playbook.yml

roles/bootstrap/molecule/default/prepare.yml

roles/bootstrap/molecule/default/tests/data/ansible_key

rename

roles/bootstrap/molecule/default/tests/data/ansible_key.pub

rename

roles/bootstrap/molecule/default/tests/test_default.py

roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py

roles/bootstrap/molecule/default/tests/test_parameters_optional.py

roles/bootstrap/playbook.yml

0 comments (0 inline, 0 general)

roles/bootstrap/defaults/main.yml

➞

Show inline comments

 ---
 ansible_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
@@ \ No newline at end of file @@
 ansible_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

roles/bootstrap/molecule.yml

➞

Show inline comments

deleted file

roles/bootstrap/molecule/default/create.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - name: Create
   hosts: localhost
   connection: local
   gather_facts: False
   no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
   vars:
     molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
     molecule_instance_config: "{{ lookup('env', 'MOLECULE_INSTANCE_CONFIG') }}"
     molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
   tasks:
     - name: Create molecule instance(s)
       molecule_vagrant:
         instance_name: "{{ item.name }}"
         instance_interfaces: "{{ item.interfaces | default(omit) }}"
         instance_raw_config_args: "{{ item.instance_raw_config_args | default(omit) }}"
         platform_box: "{{ item.box }}"
         platform_box_version: "{{ item.box_version | default(omit) }}"
         platform_box_url: "{{ item.box_url | default(omit) }}"
         provider_name: "{{ molecule_yml.driver.provider.name }}"
         provider_memory: "{{ item.memory | default(omit) }}"
         provider_cpus: "{{ item.cpus | default(omit) }}"
         provider_raw_config_args: "{{ item.raw_config_args | default(omit) }}"
         state: up
       register: server
       with_items: "{{ molecule_yml.platforms }}"
     # Mandatory configuration for Molecule to function.
     - name: Populate instance config dict
       set_fact:
         instance_conf_dict: {
           'instance': "{{ item.Host }}",
           'address': "{{ item.HostName }}",
           'user': "{{ item.User }}",
           'port': "{{ item.Port }}",
           'identity_file': "{{ item.IdentityFile }}", }
       with_items: "{{ server.results }}"
       register: instance_config_dict
       when: server.changed | bool
     - name: Convert instance config dict to a list
       set_fact:
         instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
       when: server.changed | bool
     - name: Dump instance config
       copy:
         # NOTE(retr0h): Workaround for Ansible 2.2.
         #               https://github.com/ansible/ansible/issues/20885
         content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
         dest: "{{ molecule_instance_config }}"
       when: server.changed | bool

roles/bootstrap/molecule/default/destroy.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - name: Destroy
   hosts: localhost
   connection: local
   gather_facts: False
   no_log: "{{ not lookup('env', 'MOLECULE_DEBUG') | bool }}"
   vars:
     molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
     molecule_instance_config: "{{ lookup('env',' MOLECULE_INSTANCE_CONFIG') }}"
     molecule_yml: "{{ lookup('file', molecule_file) | molecule_from_yaml }}"
   tasks:
     - name: Destroy molecule instance(s)
       molecule_vagrant:
         instance_name: "{{ item.name }}"
         platform_box: "{{ item.box }}"
         provider_name: "{{ molecule_yml.driver.provider.name }}"
         force_stop: "{{ item.force_stop | default(True) }}"
         state: destroy
       register: server
       with_items: "{{ molecule_yml.platforms }}"
     # Mandatory configuration for Molecule to function.
     - name: Populate instance config
       set_fact:
         instance_conf: {}
     - name: Dump instance config
       copy:
         # NOTE(retr0h): Workaround for Ansible 2.2.
         #               https://github.com/ansible/ansible/issues/20885
         content: "{{ instance_conf | to_json | from_json | molecule_to_yaml | molecule_header }}"
         dest: "{{ molecule_instance_config }}"
       when: server.changed | bool

roles/bootstrap/molecule/default/molecule.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 dependency: {}
 driver:
   name: vagrant
   provider:
     name: virtualbox
 lint:
   name: yamllint
 platforms:
   - name: parameters-mandatory-jessie64
     groups:
       - parameters-mandatory
     box: debian/contrib-jessie64
     memory: 256
     cpus: 1
   - name: parameters-optional-jessie64
     groups:
       - parameters-optional
     box: debian/contrib-jessie64
     memory: 256
     cpus: 1
   - name: parameters-mandatory-stretch64
     groups:
       - parameters-mandatory
     box: debian/contrib-stretch64
     memory: 256
     cpus: 1
   - name: parameters-optional-stretch64
     groups:
       - parameters-optional
     box: debian/contrib-stretch64
     memory: 256
     cpus: 1
 provisioner:
   name: ansible
   config_options:
     ssh_connection:
       pipelining: "True"
   lint:
     name: ansible-lint
 scenario:
   name: default
 verifier:
   name: testinfra
   lint:
     name: flake8

roles/bootstrap/molecule/default/playbook.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - hosts: parameters-mandatory
   become: yes
   roles:
     - role: bootstrap
 - hosts: parameters-optional
   become: yes
   roles:
     - role: bootstrap
       ansible_key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"

roles/bootstrap/molecule/default/prepare.yml

➞

Show inline comments

@@ new file 100644 @@
 ---
 - name: Prepare
   hosts: all
   gather_facts: False
   tasks:
     - name: Install python for Ansible
       raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
       become: True
       changed_when: False
 # Put Ansible key into root's authorized_keys to test its removal.
 - hosts: parameters-mandatory
   become: yes
   tasks:
     - name: Deploy authorized_keys to mimic set-up via preseed file
       authorized_key:
         user: root
         key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
 # Put Ansible key into root's authorized_keys to test its removal.
 - hosts: parameters-optional
   become: yes
   tasks:
     - name: Deploy authorized_keys to mimic set-up via preseed file
       authorized_key:
         user: root
         key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"

roles/bootstrap/molecule/default/tests/data/ansible_key

➞

Show inline comments

file renamed from roles/bootstrap/tests/data/ansible_key to roles/bootstrap/molecule/default/tests/data/ansible_key

roles/bootstrap/molecule/default/tests/data/ansible_key.pub

➞

Show inline comments

file renamed from roles/bootstrap/tests/data/ansible_key.pub to roles/bootstrap/molecule/default/tests/data/ansible_key.pub

roles/bootstrap/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -2,28 +2,28 @@ import testinfra.utils.ansible_runner @@
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     '.molecule/ansible_inventory').get_hosts('all')
+    '.molecule/ansible_inventory.yml').get_hosts('all')
-def test_installed_packages(Package):
+def test_installed_packages(host):
     """
     Tests if packages have been installed.
     """
-    assert Package('sudo').is_installed
+    assert host.package('sudo').is_installed
-def test_ansible_user(Group, Sudo, User):
+def test_ansible_user(host):
     """
     Tests if Ansible user and group have been set-up correctly.
     """
     with Sudo():
         group = Group('ansible')
     with host.sudo():
         group = host.group('ansible')
         assert group.exists
         assert group.gid < 1000
-        user = User('ansible')
+        user = host.user('ansible')
         assert user.exists
         assert user.group == 'ansible'
         assert user.groups == ['ansible']
@@ @@ -32,15 +32,15 @@ def test_ansible_user(Group, Sudo, User): @@
         assert user.password == '!'
-def test_sudo_configuration(File, Sudo):
+def test_sudo_configuration(host):
     """
     Tests if sudo has been configured to allow Ansible user to run any command
     without password.
     """
-    with Sudo():
+    with host.sudo():
-        sudo_config = File('/etc/sudoers.d/ansible')
+        sudo_config = host.file('/etc/sudoers.d/ansible')
         assert sudo_config.is_file
         assert sudo_config.user == 'root'

roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py

➞

Show inline comments

@@ @@ -5,30 +5,30 @@ import testinfra.utils.ansible_runner @@
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     '.molecule/ansible_inventory').get_hosts('parameters-mandatory')
+    '.molecule/ansible_inventory.yml').get_hosts('parameters-mandatory')
-def test_authorized_keys(File, Sudo):
+def test_authorized_keys(host):
     """
     Tests if Ansible user authorized_keys has been set-up correctly.
     """
-    with Sudo():
+    with host.sudo():
         ssh_key = open(os.path.expanduser('~/.ssh/id_rsa.pub'), 'read').read().strip()
-        authorized_keys = File('/home/ansible/.ssh/authorized_keys')
+        authorized_keys = host.file('/home/ansible/.ssh/authorized_keys')
         assert authorized_keys.is_file
         assert ssh_key in authorized_keys.content
-def test_root_authorized_keys(File, Sudo):
+def test_root_authorized_keys(host):
     """
     Tests if Ansible key been removed from root's authorized keys.
     """
-    with Sudo():
+    with host.sudo():
         ssh_key = open(os.path.expanduser('~/.ssh/id_rsa.pub'), 'read').read().strip()
-        assert ssh_key not in File('/root/.ssh/authorized_keys').content
+        assert ssh_key not in host.file('/root/.ssh/authorized_keys').content

roles/bootstrap/molecule/default/tests/test_parameters_optional.py

➞

Show inline comments

@@ @@ -2,30 +2,30 @@ import testinfra.utils.ansible_runner @@
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
     '.molecule/ansible_inventory').get_hosts('parameters-optional')
+    '.molecule/ansible_inventory.yml').get_hosts('parameters-optional')
-def test_authorized_keys(File, Sudo):
+def test_authorized_keys(host):
     """
     Tests if Ansible user authorized_keys has been set-up correctly.
     """
-    with Sudo():
+    with host.sudo():
         ssh_key = open('tests/data/ansible_key.pub', 'read').read().strip()
-        authorized_keys = File('/home/ansible/.ssh/authorized_keys')
+        authorized_keys = host.file('/home/ansible/.ssh/authorized_keys')
         assert authorized_keys.is_file
         assert ssh_key in authorized_keys.content
-def test_root_authorised_keys(File, Sudo):
+def test_root_authorised_keys(host):
     """
     Tests if Ansible key been removed from root's authorized keys.
     """
-    with Sudo():
+    with host.sudo():
         ssh_key = open('tests/data/ansible_key.pub', 'read').read().strip()
-        assert ssh_key not in File('/root/.ssh/authorized_keys').content
+        assert ssh_key not in host.file('/root/.ssh/authorized_keys').content

roles/bootstrap/playbook.yml

➞

Show inline comments

deleted file

0 comments (0 inline, 0 general)