diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..b7e9ff1 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,7 @@ +--- +mock_roles: + - multi-node-bridge + - clear-firewall + +skip_list: + - fqcn diff --git a/handlers/main.yml b/handlers/main.yml index 820a248..68a7293 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -19,4 +19,4 @@ service: name: frr state: restarted - enabled: yes + enabled: true diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..e1d9ad3 --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,9 @@ +--- +galaxy_info: + author: vexxhost + description: Installation and setup of FRRouting + company: Vexxhost + license: Apache2 + role_name: frrouting + namespace: vexxhost + min_ansible_version: "2.10" diff --git a/tasks/frr_install_apt.yml b/tasks/frr_install_apt.yml index 4575403..535be62 100644 --- a/tasks/frr_install_apt.yml +++ b/tasks/frr_install_apt.yml @@ -42,15 +42,15 @@ repo: "{{ repo.repo }}" state: "{{ repo.state | default('present') }}" filename: "{{ repo.filename | default(omit) }}" - update_cache: no + update_cache: false with_items: "{{ frr_repos }}" loop_control: loop_var: repo register: _adding_apt_repo -- name: Update Apt cache +- name: Update Apt cache # noqa: no-handler apt: - update_cache: yes + update_cache: true when: - _adding_apt_repo is changed register: _update_apt_cache diff --git a/tasks/frr_post_install.yml b/tasks/frr_post_install.yml index e6ecd1e..f616b05 100644 --- a/tasks/frr_post_install.yml +++ b/tasks/frr_post_install.yml @@ -19,10 +19,11 @@ block: - name: Enable integrated config lineinfile: - create: yes + create: true path: /etc/frr/vtysh.conf regexp: '^(no)?\s?service integrated-vtysh-config$' line: "service integrated-vtysh-config" + mode: "0640" notify: Restart frr - name: Write down integrated config diff --git a/tasks/frr_vlans.yml b/tasks/frr_vlans.yml index 30dc36b..2b5ba82 100644 --- a/tasks/frr_vlans.yml +++ b/tasks/frr_vlans.yml @@ -26,7 +26,7 @@ retries: 5 delay: 2 - - name: Load vlan modules + - name: Load vlan modules # noqa: no-handler modprobe: name: 8021q state: present @@ -36,16 +36,17 @@ template: src: vlans.cfg.j2 dest: "/etc/network/interfaces.d/vlan-{{ item.id }}.cfg" + mode: "0644" with_items: "{{ frr_vlans }}" register: distribute_vlans - - name: Stop interface + - name: Stop interface # noqa: no-handler command: "ifdown {{ item.item['vlan-raw-device'] }}.{{ item.item.id }}" with_items: "{{ distribute_vlans.results }}" when: item is changed changed_when: false - - name: Start interface + - name: Start interface # noqa: no-handler command: "ifup {{ item.item['vlan-raw-device'] }}.{{ item.item.id }}" with_items: "{{ distribute_vlans.results }}" when: item is changed diff --git a/tests/host_vars/primary b/tests/host_vars/primary index 8fbe9ad..bed6750 100644 --- a/tests/host_vars/primary +++ b/tests/host_vars/primary @@ -11,6 +11,11 @@ frr_staticd_routes: frr_bgpd_config: - router bgp 1234 - - "bgp router-id {{ hostvars['primary']['ansible_br_infra']['ipv4']['address'] }}" - - "neighbor {{ hostvars['secondary']['ansible_br_infra']['ipv4']['address'] }} remote-as 5678" + - "bgp router-id {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }}" + - "neighbor {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} remote-as 5678" - network 192.168.1.0/24 + - address-family ipv4 unicast + - " neighbor {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} prefix-list pl-allowed-adv out" + - "exit-address-family" + - ip prefix-list pl-allowed-adv seq 5 permit 192.168.1.0/24 + - ip prefix-list pl-allowed-adv seq 10 deny any diff --git a/tests/host_vars/secondary b/tests/host_vars/secondary index acaba8b..be3c356 100644 --- a/tests/host_vars/secondary +++ b/tests/host_vars/secondary @@ -1,4 +1,9 @@ frr_bgpd_config: - router bgp 5678 - - "bgp router-id {{ hostvars['secondary']['ansible_br_infra']['ipv4']['address'] }}" - - "neighbor {{ hostvars['primary']['ansible_br_infra']['ipv4']['address'] }} remote-as 1234" + - "bgp router-id {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }}" + - "neighbor {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} remote-as 1234" + - address-family ipv4 unicast + - " neighbor {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} prefix-list pl-allowed-adv in" + - exit-address-family + - ip prefix-list pl-allowed-adv seq 5 permit 192.168.1.0/24 + - ip prefix-list pl-allowed-adv seq 10 deny any diff --git a/tests/test.yml b/tests/test.yml index eeaf748..060f1a6 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -15,6 +15,8 @@ - name: Installing frr hosts: all + vars: + bridge_name: br-infra roles: - multi-node-bridge @@ -22,7 +24,7 @@ - frrouting post_tasks: - - name: wait after service restart + - name: Wait after service restart pause: seconds: 10 @@ -46,6 +48,13 @@ msg: frr is not up when: ansible_facts.services['frr'].state != 'running' + - name: Get summary + become: true + become_user: root + command: "vtysh -c 'show bgp summary'" + register: _frr_get_summary + changed_when: false + - name: Get routes become: true become_user: root @@ -53,7 +62,6 @@ register: _frr_get_routes changed_when: false - - name: Fail if we're missing static routes fail: msg: "We can't find route {{ item }}" diff --git a/tox.ini b/tox.ini index d65313e..aa53b5d 100644 --- a/tox.ini +++ b/tox.ini @@ -23,7 +23,7 @@ passenv = TESTING_BRANCH TESTING_HOME USER -whitelist_externals = +allowlist_externals = bash setenv = PYTHONUNBUFFERED=1 @@ -32,5 +32,10 @@ setenv = WORKING_DIR={toxinidir} [testenv:linters] +setenv = + {[testenv]setenv} + ANSIBLE_ROLES_PATH={envdir} commands = + bash -c 'printf -- "- name: frrouting\n src: git+file://{toxinidir}\n" > {envdir}/test-requirements.yml' + ansible-galaxy install -r {envdir}/test-requirements.yml --roles-path {envdir} --force ansible-lint {toxinidir}/tests/test.yml