Merge "Add system-config-run-eavesdrop"
This commit is contained in:
commit
2a51a493e0
25
.zuul.yaml
25
.zuul.yaml
@ -131,14 +131,6 @@
|
||||
label: ubuntu-bionic
|
||||
- name: centos7
|
||||
label: centos-7
|
||||
groups:
|
||||
# We test puppet installation on this group. Note bionic not
|
||||
# in here as we have no bionic puppeted nodes (yet?)
|
||||
- name: puppet
|
||||
nodes:
|
||||
- trusty
|
||||
- xenial
|
||||
- centos7
|
||||
host-vars:
|
||||
trusty:
|
||||
ansible_python_interpreter: python2
|
||||
@ -153,6 +145,21 @@
|
||||
- roles/.*
|
||||
- testinfra/.*
|
||||
|
||||
- job:
|
||||
name: system-config-run-eavesdrop
|
||||
nodeset:
|
||||
nodes:
|
||||
- name: bridge.openstack.org
|
||||
label: ubuntu-bionic
|
||||
- name: eavesdrop01.openstack.org
|
||||
label: ubuntu-xenial
|
||||
pre-run: playbooks/zuul/run-base-pre.yaml
|
||||
run: playbooks/zuul/run-base.yaml
|
||||
files:
|
||||
- .zuul.yaml
|
||||
- playbooks/group_vars/eavesdrop.yaml
|
||||
- testinfra/test_eavesdrop.py
|
||||
|
||||
- project:
|
||||
templates:
|
||||
- system-config-zuul-role-integration
|
||||
@ -163,6 +170,7 @@
|
||||
- puppet-beaker-rspec-puppet-4-infra-system-config
|
||||
- puppet-beaker-rspec-puppet-4-centos-7-infra-system-config
|
||||
- system-config-run-base
|
||||
- system-config-run-eavesdrop
|
||||
gate:
|
||||
jobs:
|
||||
- puppet-beaker-rspec-infra-system-config
|
||||
@ -170,3 +178,4 @@
|
||||
- puppet-beaker-rspec-puppet-4-infra-system-config
|
||||
- puppet-beaker-rspec-puppet-4-centos-7-infra-system-config
|
||||
- system-config-run-base
|
||||
- system-config-run-eavesdrop
|
||||
|
@ -32,7 +32,7 @@ groups:
|
||||
ns: inventory_hostname.startswith('ns')
|
||||
paste: inventory_hostname.startswith('paste')
|
||||
pbx: inventory_hostname.startswith('pbx')
|
||||
puppet: not inventory_hostname.startswith('bridge')
|
||||
puppet: not (inventory_hostname.startswith('bridge') or inventory_hostname.startswith('bionic'))
|
||||
refstack: inventory_hostname.startswith('refstack')
|
||||
review-dev: inventory_hostname is match('review-dev\d+\.openstack\.org')
|
||||
review: inventory_hostname is match('review\d+\.openstack\.org')
|
||||
|
@ -12,17 +12,17 @@
|
||||
write_inventory_dest: /etc/ansible/hosts/inventory.yaml
|
||||
write_inventory_exclude_hostvars:
|
||||
- ansible_user
|
||||
- name: Update ansible.cfg to use job inventory
|
||||
ini_file:
|
||||
path: /etc/ansible/ansible.cfg
|
||||
section: defaults
|
||||
option: inventory
|
||||
value: /etc/ansible/hosts/inventory.yaml
|
||||
- name: Set up /opt/system-config repo
|
||||
git:
|
||||
repo: /home/zuul/src/git.openstack.org/openstack-infra/system-config
|
||||
dest: /opt/system-config
|
||||
force: yes
|
||||
- name: Update ansible.cfg to use job inventory
|
||||
ini_file:
|
||||
path: /etc/ansible/ansible.cfg
|
||||
section: defaults
|
||||
option: inventory
|
||||
value: /etc/ansible/hosts/inventory.yaml,/opt/system-config/inventory/groups.yaml
|
||||
- name: Make host_vars directory
|
||||
file:
|
||||
path: "/etc/ansible/hosts/host_vars"
|
||||
@ -42,6 +42,8 @@
|
||||
dest: "/etc/ansible/hosts/{{ item }}"
|
||||
loop:
|
||||
- group_vars/all.yaml
|
||||
- name: Display group membership
|
||||
command: ansible localhost -m debug -a 'var=groups'
|
||||
- name: Run base.yaml
|
||||
command: ansible-playbook /home/zuul/src/git.openstack.org/openstack-infra/system-config/playbooks/base.yaml
|
||||
- name: Run testinfra to validate configuration
|
||||
@ -49,4 +51,3 @@
|
||||
name: tox
|
||||
vars:
|
||||
tox_envlist: testinfra
|
||||
tox_extra_args: testinfra/test_base.py
|
||||
|
@ -8,6 +8,3 @@ ansible-lint
|
||||
openstacksdk
|
||||
zuul-sphinx>=0.2.3
|
||||
testinfra
|
||||
# pytest-xdist is a plugin for pytest which allows parallel execution,
|
||||
# used by testinfra
|
||||
pytest-xdist
|
||||
|
@ -15,6 +15,9 @@
|
||||
import socket
|
||||
|
||||
|
||||
testinfra_hosts = ['all']
|
||||
|
||||
|
||||
def get_ips(value, family=None):
|
||||
ret = set()
|
||||
try:
|
||||
|
25
testinfra/test_eavesdrop.py
Normal file
25
testinfra/test_eavesdrop.py
Normal file
@ -0,0 +1,25 @@
|
||||
# Copyright 2018 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
testinfra_hosts = ['eavesdrop01.openstack.org']
|
||||
|
||||
|
||||
def test_eavesdrop(host):
|
||||
rules = host.iptables.rules()
|
||||
rules = [x.strip() for x in rules]
|
||||
|
||||
web = ('-A openstack-INPUT -p tcp -m state --state NEW'
|
||||
' -m tcp --dport 80 -j ACCEPT')
|
||||
assert web in rules
|
2
tox.ini
2
tox.ini
@ -32,7 +32,7 @@ deps = -r{toxinidir}/doc/requirements.txt
|
||||
commands = sphinx-build -W -E -b html doc/source doc/build/html
|
||||
|
||||
[testenv:testinfra]
|
||||
commands = py.test -n 5 --junit-xml junit.xml --connection=ansible --ansible-inventory=/etc/ansible/hosts/inventory.yaml --hosts=all -v {posargs}
|
||||
commands = py.test --junit-xml junit.xml --connection=ansible --ansible-inventory=/etc/ansible/hosts/inventory.yaml -v testinfra {posargs}
|
||||
|
||||
[flake8]
|
||||
show-source = True
|
||||
|
Loading…
x
Reference in New Issue
Block a user