majic-ansible-roles Changeset

Changeset - d0e45c50137a

Parent rev.

Child rev.

[Not reviewed]

0 8 0

Branko Majic (branko) - 5 months ago 2023-11-28 22:45:53
branko@majic.rs

MAR-189: Added support for Debian 11 Bullseye to common role:

- Drop the architecture suffix from all machines.
- Introduced a hack/patch for Ferm utility that disables use of legacy
iptables tools.
- Minor fixes around package name differences compared to older
distribution.
- Use versioned binary name for Python 2.7.. Bullseye does not
default/have /usr/bin/python pointing to Python 2.7 binary.

8 files changed with 61 insertions and 16 deletions:

roles/common/molecule/default/group_vars/parameters-optional.yml

roles/common/molecule/default/molecule.yml

roles/common/molecule/default/prepare.yml

roles/common/molecule/default/tests/test_default.py

roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py

roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py

roles/common/molecule/default/tests/test_parameters_optional.py

roles/common/tasks/main.yml

0 comments (0 inline, 0 general)

roles/common/molecule/default/group_vars/parameters-optional.yml

➞

Show inline comments

@@ @@ -31,7 +31,7 @@ os_groups: @@
 common_packages:
   - units
   - gnutls-bin
-  - emacs24-nox
+  - emacs-nox
 ca_certificates:
   cacert1: "{{ lookup('file', 'tests/data/x509/ca/level1.cert.pem') }}"
   cacert2: "{{ lookup('file', 'tests/data/x509/ca/level2.cert.pem') }}"

roles/common/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -49,7 +49,7 @@ platforms: @@
         network_name: private_network
         type: static
-  - name: parameters-mandatory-buster64
+  - name: parameters-mandatory-buster
     groups:
       - parameters-mandatory
     box: debian/contrib-buster64
@@ @@ -61,7 +61,7 @@ platforms: @@
         network_name: private_network
         type: static
-  - name: parameters-optional-buster64
+  - name: parameters-optional-buster
     groups:
       - parameters-optional
     box: debian/contrib-buster64
@@ @@ -73,6 +73,30 @@ platforms: @@
         network_name: private_network
         type: static
   - name: parameters-mandatory-bullseye
     groups:
       - parameters-mandatory
     box: debian/bullseye64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 192.168.56.31
         network_name: private_network
         type: static
   - name: parameters-optional-bullseye
     groups:
       - parameters-optional
     box: debian/bullseye64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 192.168.56.32
         network_name: private_network
         type: static
 provisioner:
   name: ansible
   playbooks:

roles/common/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -70,8 +70,10 @@ @@
         mode: 0644
         state: present
       with_dict:
 .168.56.21: parameters-mandatory-buster64
 .168.56.22: parameters-optional-buster64
 .168.56.21: parameters-mandatory-buster
 .168.56.22: parameters-optional-buster
 .168.56.31: parameters-mandatory-bullseye
 .168.56.32: parameters-optional-bullseye
 - hosts: parameters-mandatory,parameters-optional
   become: true

roles/common/molecule/default/tests/test_default.py

➞

Show inline comments

     expected_packages = sorted([p.lower() for p in expected_packages])
     actual_packages = sorted(packages.stdout.lower().strip().split("\n"))
     # This is a dummy distro-provided package ignored by the pip-tools.
     # This is a dummy distro-provided package ignored by the
     # pip-tools. pkg-resources on Buster, pkg_resources on Bullseye.
     if "pkg-resources==0.0.0" in actual_packages:
         actual_packages.remove("pkg-resources==0.0.0")
     if "pkg_resources==0.0.0" in actual_packages:
         actual_packages.remove("pkg_resources==0.0.0")
     assert actual_packages == expected_packages
 @pytest.mark.parametrize('wrong_python_path', [
     '/var/lib/pipreqcheck/virtualenv/bin/python3',
     '/var/lib/pipreqcheck/virtualenv-py3/bin/python2',
+    '/var/lib/pipreqcheck/virtualenv-py3/bin/python2.7',
 ])
 def test_pipreqcheck_virtualenv_wrong_python_version_not_present(host, wrong_python_path):
     """

roles/common/molecule/default/tests/test_maintenance_from_allowed_client.py

➞

Show inline comments

 @pytest.mark.parametrize("platform", [
     "buster64"
     "buster",
     "bullseye"
 ])
 def test_ssh_connectivity(host, platform):
     """
@@ @@ -27,7 +28,8 @@ def test_ssh_connectivity(host, platform): @@
 @pytest.mark.parametrize("platform", [
     "buster64"
     "buster",
     "bullseye"
 ])
 def test_http_connectivity(host, platform):
     """

roles/common/molecule/default/tests/test_maintenance_from_disallowed_client.py

➞

Show inline comments

 @pytest.mark.parametrize("platform", [
     "buster64"
     "buster",
     "bullseye"
 ])
 def test_ssh_connectivity(host, platform):
     """
@@ @@ -27,7 +28,8 @@ def test_ssh_connectivity(host, platform): @@
 @pytest.mark.parametrize("platform", [
     "buster64"
     "buster",
     "bullseye"
 ])
 def test_http_connectivity(host, platform):
     """

roles/common/molecule/default/tests/test_parameters_optional.py

➞

Show inline comments

@@ @@ -46,7 +46,7 @@ def test_common_packages_are_installed(host): @@
     assert host.package('units').is_installed
     assert host.package('gnutls-bin').is_installed
-    assert host.package('emacs24-nox').is_installed
+    assert host.package('emacs-nox').is_installed
 def test_ssh_login_mechanisms(host):

roles/common/tasks/main.yml

➞

Show inline comments

@@ @@ -80,7 +80,10 @@ @@
     owner: root
     group: root
     mode: 0640
   when: root_bashrc_stat.stat.checksum == "b737c392222ddac2271cc8d0d8cc0308d08cf458"
   # Checksums: buster, bullseye
   when: |
     root_bashrc_stat.stat.checksum == "b737c392222ddac2271cc8d0d8cc0308d08cf458" or
     root_bashrc_stat.stat.checksum == "1a422a148ad225aa5ba33f8dafd2b7cfcdbd701f"
 - name: Install sudo
   apt:
@@ @@ -104,7 +107,7 @@ @@
     owner: root
     group: root
     mode: 0644
-  when: "'emacs24' in common_packages or 'emacs24-nox' in common_packages"
+  when: "['emacs24', 'emacs24-nox', 'emacs25', 'emacs25-nox', 'emacs', 'emacs-nox'] | intersect(common_packages) | length > 0"
 - name: Set-up operating system groups
   group:
@@ @@ -183,6 +186,15 @@ @@
     name: ferm
     state: present
 - name: Prevent ferm from using legacy iptables tools
   lineinfile:
     path: "/usr/sbin/ferm"
     regexp: "legacy_name.*="
     line: "        my $legacy_name = $1 . '-do-not-use-legacy-' . $2;"
     state: present
   notify:
     - Restart ferm
 - name: Configure ferm init script coniguration file
   copy:
     src: "ferm"
@@ @@ -323,8 +335,8 @@ @@
   with_items:
     - name: pipreqcheck
       virtualenv_path: "/var/lib/pipreqcheck/virtualenv"
       python_path: "/usr/bin/python"
       creates: "/var/lib/pipreqcheck/virtualenv/bin/python2"
       python_path: "/usr/bin/python2.7"
       creates: "/var/lib/pipreqcheck/virtualenv/bin/python2.7"
     - name: pipreqcheck-py3
       virtualenv_path: "/var/lib/pipreqcheck/virtualenv-py3"
       python_path: "/usr/bin/python3"

0 comments (0 inline, 0 general)