Add ebgp policy definition for tests

According to RFC-8212 policies must be described in order to allow announce/accept routes. Without policies being described, no routes will be announced/recieved by default. This patch fixes current CI failures. Change-Id: Ia033cc7c3ed3146860ab96452bec988f3c3069bf
2024-02-23 10:21:39 +01:00 · 2024-02-23 10:21:39 +01:00 · b04bf138e4
commit b04bf138e4
parent 00534ccaf8
10 changed files with 56 additions and 15 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@ -0,0 +1,7 @@
 ---
 mock_roles:
  - multi-node-bridge
  - clear-firewall
 skip_list:
  - fqcn
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -19,4 +19,4 @@
  service:
    name: frr
    state: restarted
-    enabled: yes
+    enabled: true
--- a/meta/main.yml
+++ b/meta/main.yml
@ -0,0 +1,9 @@
 ---
 galaxy_info:
  author: vexxhost
  description: Installation and setup of FRRouting
  company: Vexxhost
  license: Apache2
  role_name: frrouting
  namespace: vexxhost
  min_ansible_version: "2.10"
--- a/tasks/frr_install_apt.yml
+++ b/tasks/frr_install_apt.yml
@ -42,15 +42,15 @@
    repo: "{{ repo.repo }}"
    state: "{{ repo.state | default('present') }}"
    filename: "{{ repo.filename | default(omit) }}"
-    update_cache: no
+    update_cache: false
  with_items: "{{ frr_repos }}"
  loop_control:
    loop_var: repo
  register: _adding_apt_repo
- name: Update Apt cache
+- name: Update Apt cache  # noqa: no-handler
  apt:
-    update_cache: yes
+    update_cache: true
  when:
    - _adding_apt_repo is changed
  register: _update_apt_cache
--- a/tasks/frr_post_install.yml
+++ b/tasks/frr_post_install.yml
@ -19,10 +19,11 @@
  block:
    - name: Enable integrated config
      lineinfile:
-        create: yes
+        create: true
        path: /etc/frr/vtysh.conf
        regexp: '^(no)?\s?service integrated-vtysh-config$'
        line: "service integrated-vtysh-config"
        mode: "0640"
      notify: Restart frr
    - name: Write down integrated config
--- a/tasks/frr_vlans.yml
+++ b/tasks/frr_vlans.yml
@ -26,7 +26,7 @@
      retries: 5
      delay: 2
-    - name: Load vlan modules
+    - name: Load vlan modules  # noqa: no-handler
      modprobe:
        name: 8021q
        state: present
@ -36,16 +36,17 @@
      template:
        src: vlans.cfg.j2
        dest: "/etc/network/interfaces.d/vlan-{{ item.id }}.cfg"
        mode: "0644"
      with_items: "{{ frr_vlans }}"
      register: distribute_vlans
-    - name: Stop interface
+    - name: Stop interface  # noqa: no-handler
      command: "ifdown {{ item.item['vlan-raw-device'] }}.{{ item.item.id }}"
      with_items: "{{ distribute_vlans.results }}"
      when: item is changed
      changed_when: false
-    - name: Start interface
+    - name: Start interface  # noqa: no-handler
      command: "ifup {{ item.item['vlan-raw-device'] }}.{{ item.item.id }}"
      with_items: "{{ distribute_vlans.results }}"
      when: item is changed
--- a/tests/host_vars/primary
+++ b/tests/host_vars/primary
@ -11,6 +11,11 @@ frr_staticd_routes:
 frr_bgpd_config:
  - router bgp 1234
-  - "bgp router-id {{ hostvars['primary']['ansible_br_infra']['ipv4']['address'] }}"
+  - "bgp router-id {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }}"
-  - "neighbor {{ hostvars['secondary']['ansible_br_infra']['ipv4']['address'] }} remote-as 5678"
+  - "neighbor {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} remote-as 5678"
  - network 192.168.1.0/24
  - address-family ipv4 unicast
  - "  neighbor {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} prefix-list pl-allowed-adv out"
  - "exit-address-family"
  - ip prefix-list pl-allowed-adv seq 5 permit 192.168.1.0/24
  - ip prefix-list pl-allowed-adv seq 10 deny any
--- a/tests/host_vars/secondary
+++ b/tests/host_vars/secondary
@ -1,4 +1,9 @@
 frr_bgpd_config:
  - router bgp 5678
-  - "bgp router-id {{ hostvars['secondary']['ansible_br_infra']['ipv4']['address'] }}"
+  - "bgp router-id {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }}"
-  - "neighbor {{ hostvars['primary']['ansible_br_infra']['ipv4']['address'] }} remote-as 1234"
+  - "neighbor {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} remote-as 1234"
  - address-family ipv4 unicast
  - "  neighbor {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} prefix-list pl-allowed-adv in"
  - exit-address-family
  - ip prefix-list pl-allowed-adv seq 5 permit 192.168.1.0/24
  - ip prefix-list pl-allowed-adv seq 10 deny any
--- a/tests/test.yml
+++ b/tests/test.yml
@ -15,6 +15,8 @@
 - name: Installing frr
  hosts: all
  vars:
    bridge_name: br-infra
  roles:
    - multi-node-bridge
@ -22,7 +24,7 @@
    - frrouting
  post_tasks:
-    - name: wait after service restart
+    - name: Wait after service restart
      pause:
        seconds: 10
@ -46,6 +48,13 @@
        msg: frr is not up
      when: ansible_facts.services['frr'].state != 'running'
    - name: Get summary
      become: true
      become_user: root
      command: "vtysh -c 'show bgp summary'"
      register: _frr_get_summary
      changed_when: false
    - name: Get routes
      become: true
      become_user: root
@ -53,7 +62,6 @@
      register: _frr_get_routes
      changed_when: false
    - name: Fail if we're missing static routes
      fail:
        msg: "We can't find route {{ item }}"
--- a/tox.ini
+++ b/tox.ini
@ -23,7 +23,7 @@ passenv =
    TESTING_BRANCH
    TESTING_HOME
    USER
-whitelist_externals =
+allowlist_externals =
    bash
 setenv =
    PYTHONUNBUFFERED=1
@ -32,5 +32,10 @@ setenv =
    WORKING_DIR={toxinidir}
 [testenv:linters]
 setenv =
    {[testenv]setenv}
    ANSIBLE_ROLES_PATH={envdir}
 commands =
    bash -c 'printf -- "- name: frrouting\n  src: git+file://{toxinidir}\n" > {envdir}/test-requirements.yml'
    ansible-galaxy install -r {envdir}/test-requirements.yml --roles-path {envdir} --force
    ansible-lint {toxinidir}/tests/test.yml