Merge "Add system-config-run-eavesdrop"

2018-08-30 18:38:18 +00:00 · 2018-08-30 18:38:18 +00:00 · 2a51a493e0
commit 2a51a493e0
parent 94ea02f635 09b1ff4bc3
7 changed files with 55 additions and 20 deletions
--- a/.zuul.yaml
+++ b/.zuul.yaml
@ -131,14 +131,6 @@
          label: ubuntu-bionic
        - name: centos7
          label: centos-7
      groups:
        # We test puppet installation on this group.  Note bionic not
        # in here as we have no bionic puppeted nodes (yet?)
        - name: puppet
          nodes:
            - trusty
            - xenial
            - centos7
    host-vars:
      trusty:
        ansible_python_interpreter: python2
@ -153,6 +145,21 @@
      - roles/.*
      - testinfra/.*
 - job:
    name: system-config-run-eavesdrop
    nodeset:
      nodes:
        - name: bridge.openstack.org
          label: ubuntu-bionic
        - name: eavesdrop01.openstack.org
          label: ubuntu-xenial
    pre-run: playbooks/zuul/run-base-pre.yaml
    run: playbooks/zuul/run-base.yaml
    files:
      - .zuul.yaml
      - playbooks/group_vars/eavesdrop.yaml
      - testinfra/test_eavesdrop.py
 - project:
    templates:
      - system-config-zuul-role-integration
@ -163,6 +170,7 @@
        - puppet-beaker-rspec-puppet-4-infra-system-config
        - puppet-beaker-rspec-puppet-4-centos-7-infra-system-config
        - system-config-run-base
        - system-config-run-eavesdrop
    gate:
      jobs:
        - puppet-beaker-rspec-infra-system-config
@ -170,3 +178,4 @@
        - puppet-beaker-rspec-puppet-4-infra-system-config
        - puppet-beaker-rspec-puppet-4-centos-7-infra-system-config
        - system-config-run-base
        - system-config-run-eavesdrop
--- a/inventory/groups.yaml
+++ b/inventory/groups.yaml
@ -32,7 +32,7 @@ groups:
  ns: inventory_hostname.startswith('ns')
  paste: inventory_hostname.startswith('paste')
  pbx: inventory_hostname.startswith('pbx')
-  puppet: not inventory_hostname.startswith('bridge')
+  puppet: not (inventory_hostname.startswith('bridge') or inventory_hostname.startswith('bionic'))
  refstack: inventory_hostname.startswith('refstack')
  review-dev: inventory_hostname is match('review-dev\d+\.openstack\.org')
  review: inventory_hostname is match('review\d+\.openstack\.org')
--- a/playbooks/zuul/run-base.yaml
+++ b/playbooks/zuul/run-base.yaml
@ -12,17 +12,17 @@
        write_inventory_dest: /etc/ansible/hosts/inventory.yaml
        write_inventory_exclude_hostvars:
          - ansible_user
    - name: Update ansible.cfg to use job inventory
      ini_file:
        path: /etc/ansible/ansible.cfg
        section: defaults
        option: inventory
        value: /etc/ansible/hosts/inventory.yaml
    - name: Set up /opt/system-config repo
      git:
        repo: /home/zuul/src/git.openstack.org/openstack-infra/system-config
        dest: /opt/system-config
        force: yes
    - name: Update ansible.cfg to use job inventory
      ini_file:
        path: /etc/ansible/ansible.cfg
        section: defaults
        option: inventory
        value: /etc/ansible/hosts/inventory.yaml,/opt/system-config/inventory/groups.yaml
    - name: Make host_vars directory
      file:
        path: "/etc/ansible/hosts/host_vars"
@ -42,6 +42,8 @@
        dest: "/etc/ansible/hosts/{{ item }}"
      loop:
        - group_vars/all.yaml
    - name: Display group membership
      command: ansible localhost -m debug -a 'var=groups'
    - name: Run base.yaml
      command: ansible-playbook /home/zuul/src/git.openstack.org/openstack-infra/system-config/playbooks/base.yaml
    - name: Run testinfra to validate configuration
@ -49,4 +51,3 @@
        name: tox
      vars:
        tox_envlist: testinfra
        tox_extra_args: testinfra/test_base.py
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -8,6 +8,3 @@ ansible-lint
 openstacksdk
 zuul-sphinx>=0.2.3
 testinfra
 # pytest-xdist is a plugin for pytest which allows parallel execution,
 # used by testinfra
 pytest-xdist
--- a/testinfra/test_base.py
+++ b/testinfra/test_base.py
@ -15,6 +15,9 @@
 import socket
 testinfra_hosts = ['all']
 def get_ips(value, family=None):
    ret = set()
    try:
--- a/testinfra/test_eavesdrop.py
+++ b/testinfra/test_eavesdrop.py
@ -0,0 +1,25 @@
 # Copyright 2018 Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License"); you may
 # not use this file except in compliance with the License. You may obtain
 # a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.
 testinfra_hosts = ['eavesdrop01.openstack.org']
 def test_eavesdrop(host):
    rules = host.iptables.rules()
    rules = [x.strip() for x in rules]
    web = ('-A openstack-INPUT -p tcp -m state --state NEW'
           ' -m tcp --dport 80 -j ACCEPT')
    assert web in rules
--- a/tox.ini
+++ b/tox.ini
@ -32,7 +32,7 @@ deps = -r{toxinidir}/doc/requirements.txt
 commands = sphinx-build -W -E -b html doc/source doc/build/html
 [testenv:testinfra]
-commands = py.test -n 5 --junit-xml junit.xml --connection=ansible --ansible-inventory=/etc/ansible/hosts/inventory.yaml --hosts=all -v {posargs}
+commands = py.test --junit-xml junit.xml --connection=ansible --ansible-inventory=/etc/ansible/hosts/inventory.yaml -v testinfra {posargs}
 [flake8]
 show-source = True