784a38ec4c
Instead of breaking up package installations and removals into separate tasks, this patch moves them all under one task that does two execution steps. In addition, the security_enable_chrony variable was added to control the installation and configuration of chrony. The tox tests for the role were configured to skip chrony in the gate using a skipped tag, but this caused the package install/removal task to get skipped. Docs/release notes are included for the chrony change. Change-Id: I1def033953b50be3911cd932fd17b10dd2c658b7
154 lines
4.0 KiB
INI
154 lines
4.0 KiB
INI
[tox]
|
|
minversion = 2.0
|
|
skipsdist = True
|
|
envlist = docs,linters,functional
|
|
|
|
|
|
[testenv]
|
|
usedevelop = True
|
|
install_command =
|
|
pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
|
|
deps =
|
|
-r{toxinidir}/test-requirements.txt
|
|
commands =
|
|
/usr/bin/find . -type f -name "*.pyc" -delete
|
|
passenv =
|
|
HOME
|
|
http_proxy
|
|
HTTP_PROXY
|
|
https_proxy
|
|
HTTPS_PROXY
|
|
no_proxy
|
|
NO_PROXY
|
|
whitelist_externals =
|
|
bash
|
|
setenv =
|
|
PYTHONUNBUFFERED=1
|
|
ROLE_NAME=openstack-ansible-security
|
|
TEST_CHECK_MODE=true
|
|
TEST_IDEMPOTENCE=true
|
|
VIRTUAL_ENV={envdir}
|
|
WORKING_DIR={toxinidir}
|
|
|
|
|
|
[testenv:docs]
|
|
commands=
|
|
bash -c "rm -rf doc/build"
|
|
doc8 doc
|
|
python setup.py build_sphinx
|
|
|
|
|
|
[doc8]
|
|
# Settings for doc8:
|
|
extensions = .rst
|
|
allow-long-titles=1
|
|
|
|
|
|
[testenv:releasenotes]
|
|
commands =
|
|
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|
|
|
|
|
|
# environment used by the -infra templated docs job
|
|
[testenv:venv]
|
|
commands =
|
|
{posargs}
|
|
|
|
|
|
[testenv:tests_clone]
|
|
commands =
|
|
bash -c "if [ ! -d "{toxinidir}/tests/common" ]; then \
|
|
git clone https://git.openstack.org/openstack/openstack-ansible-tests {toxinidir}/tests/common; \
|
|
fi"
|
|
|
|
|
|
[testenv:pep8]
|
|
commands =
|
|
{[testenv:tests_clone]commands}
|
|
bash -c "{toxinidir}/tests/common/test-pep8.sh"
|
|
|
|
|
|
[flake8]
|
|
# Ignores the following rules due to how ansible modules work in general
|
|
# F403 'from ansible.module_utils.basic import *' used;
|
|
# unable to detect undefined names
|
|
# H303 No wildcard (*) import.
|
|
ignore=F403,H303
|
|
|
|
|
|
[testenv:bashate]
|
|
commands =
|
|
{[testenv:tests_clone]commands}
|
|
bash -c "{toxinidir}/tests/common/test-bashate.sh"
|
|
|
|
|
|
[testenv:ansible]
|
|
deps =
|
|
{[testenv]deps}
|
|
-rhttp://git.openstack.org/cgit/openstack/openstack-ansible-tests/plain/test-ansible-deps.txt
|
|
|
|
|
|
[testenv:ansible-syntax]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
commands =
|
|
{[testenv:tests_clone]commands}
|
|
bash -c "{toxinidir}/tests/common/test-ansible-syntax.sh"
|
|
|
|
|
|
[testenv:ansible-lint]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
commands =
|
|
{[testenv:tests_clone]commands}
|
|
bash -c "{toxinidir}/tests/common/test-ansible-lint.sh"
|
|
|
|
|
|
[testenv:functional]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
setenv =
|
|
{[testenv]setenv}
|
|
# NOTE(odyssey4me): We have to skip V-38462 as openstack-infra are now
|
|
# building images with apt config
|
|
# Apt::Get::AllowUnauthenticated set to true.
|
|
# NOTE(mhayden): Skipping V-38660 since openstack-infra has SNMP v1/2 in
|
|
# the images. This can be added back in once
|
|
# https://review.openstack.org/354819 merges.
|
|
# NOTE(mhayden): Skipping V-38620 since chrony cannot start with ntpd
|
|
# running in the gate images.
|
|
ANSIBLE_PARAMETERS=--skip-tags V-38462,V-38660 -e security_enable_chrony=no
|
|
commands =
|
|
{[testenv:tests_clone]commands}
|
|
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
|
|
|
|
|
[testenv:func_rhel7]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
setenv =
|
|
{[testenv]setenv}
|
|
# NOTE(odyssey4me): We have to skip V-38462 as openstack-infra are now
|
|
# building images with apt config
|
|
# Apt::Get::AllowUnauthenticated set to true.
|
|
# NOTE(mhayden): Skipping V-38660 since openstack-infra has SNMP v1/2 in
|
|
# the images. This can be added back in once
|
|
# https://review.openstack.org/354819 merges.
|
|
# NOTE(mhayden): Skipping V-38620 since chrony cannot start with ntpd
|
|
# running in the gate images.
|
|
ANSIBLE_PARAMETERS=-e stig_version=rhel7
|
|
commands =
|
|
{[testenv:tests_clone]commands}
|
|
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
|
|
|
|
|
|
[testenv:linters]
|
|
deps =
|
|
{[testenv:ansible]deps}
|
|
commands =
|
|
{[testenv:pep8]commands}
|
|
{[testenv:bashate]commands}
|
|
{[testenv:ansible-lint]commands}
|
|
{[testenv:ansible-syntax]commands}
|
|
{[testenv:docs]commands}
|