88bf46c65c
Change-Id: Ia8249da40bf5eb0e09b5d7811eb126b60dc5dc73 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
159 lines
5.5 KiB
YAML
159 lines
5.5 KiB
YAML
---
|
|
# Copyright 2018, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- import_playbook: run-setup.yml
|
|
|
|
- name: Basic setup
|
|
hosts: "all"
|
|
become: true
|
|
|
|
environment:
|
|
# ZUUL_PROJECT is used by tests/get-ansible-role-requirements to
|
|
# determine when CI provided repos should be used.
|
|
ZUUL_PROJECT: "{{ zuul.project.short_name }}"
|
|
ANSIBLE_PACKAGE: "{{ ansible_package | default('') }}"
|
|
ANSIBLE_HOST_KEY_CHECKING: "False"
|
|
ANSIBLE_LOG_PATH: "/tmp/osquery-logs/ansible-osquery-test.log"
|
|
|
|
vars:
|
|
inventory_file: "inventory/test-{{ (contianer_inventory | bool) | ternary('container', 'metal') }}-inventory.yml"
|
|
|
|
pre_tasks:
|
|
- name: Create swap file
|
|
command: "dd if=/dev/zero of=/swap.img bs=1M count=4096"
|
|
args:
|
|
creates: /swap.img
|
|
register: swap_create
|
|
|
|
- name: Format the swap file
|
|
command: mkswap /swap.img
|
|
when:
|
|
- swap_create is changed
|
|
tags:
|
|
- swap-format
|
|
- skip_ansible_lint
|
|
|
|
- name: Enable swap file
|
|
command: swapon /swap.img
|
|
failed_when: false
|
|
tags:
|
|
- swap-format
|
|
- skip_ansible_lint
|
|
|
|
- name: Set system swappiness
|
|
sysctl:
|
|
name: vm.swappiness
|
|
value: 10
|
|
state: present
|
|
reload: "yes"
|
|
sysctl_file: /etc/sysctl.d/99-elasticsearch.conf
|
|
|
|
- name: Create tmp osquery dir
|
|
file:
|
|
path: "/tmp/osquery-logs"
|
|
state: directory
|
|
|
|
- name: Flush iptables rules
|
|
command: "{{ item }}"
|
|
args:
|
|
creates: "/tmp/osquery-logs/iptables.flushed"
|
|
with_items:
|
|
- "iptables -F"
|
|
- "iptables -X"
|
|
- "iptables -t nat -F"
|
|
- "iptables -t nat -X"
|
|
- "iptables -t mangle -F"
|
|
- "iptables -t mangle -X"
|
|
- "iptables -P INPUT ACCEPT"
|
|
- "iptables -P FORWARD ACCEPT"
|
|
- "iptables -P OUTPUT ACCEPT"
|
|
- "touch /tmp/osquery-logs/iptables.flushed"
|
|
|
|
- name: First ensure apt cache is always refreshed
|
|
apt:
|
|
update_cache: yes
|
|
when:
|
|
- ansible_pkg_mgr == 'apt'
|
|
|
|
tasks:
|
|
- name: Run embedded ansible installation
|
|
become: yes
|
|
become_user: root
|
|
command: "./bootstrap-embedded-ansible.sh"
|
|
args:
|
|
chdir: "src/{{ current_test_repo }}/osquery"
|
|
|
|
- name: Run ansible-galaxy (tests)
|
|
become: yes
|
|
become_user: root
|
|
command: "/root/ansible25/bin/ansible-galaxy install --force --ignore-errors --roles-path=/root/ansible25/repositories/roles -r ansible-role-requirements.yml"
|
|
args:
|
|
chdir: "src/{{ current_test_repo }}/osquery/tests"
|
|
|
|
- name: Run ansible-galaxy (osquery)
|
|
become: yes
|
|
become_user: root
|
|
command: "/root/ansible25/bin/ansible-galaxy install --force --ignore-errors --roles-path=/root/ansible25/repositories/roles -r ansible-role-requirements.yml"
|
|
args:
|
|
chdir: "src/{{ current_test_repo }}/osquery"
|
|
|
|
- name: Run environment setup
|
|
become: yes
|
|
become_user: root
|
|
command: "/root/ansible25/bin/ansible-playbook -i {{ inventory_file }} -e @test-vars.yml _key-setup.yml"
|
|
environment:
|
|
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
|
|
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
|
|
ANSIBLE_LOG_PATH: "/tmp/osquery-logs/ansible-osquery-test-container-setup.log"
|
|
ANSIBLE_ROLES_PATH: /root/ansible25/repositories/roles
|
|
args:
|
|
chdir: "src/{{ current_test_repo }}/osquery/tests"
|
|
when:
|
|
- ansible_service_mgr != 'systemd' or
|
|
not (contianer_inventory | bool)
|
|
|
|
- name: Run environment setup
|
|
become: yes
|
|
become_user: root
|
|
command: "/root/ansible25/bin/ansible-playbook -i {{ inventory_file }} -e @test-vars.yml _container-setup.yml"
|
|
environment:
|
|
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
|
|
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
|
|
ANSIBLE_LOG_PATH: "/tmp/osquery-logs/ansible-osquery-test-container-setup.log"
|
|
ANSIBLE_ROLES_PATH: /root/ansible25/repositories/roles
|
|
args:
|
|
chdir: "src/{{ current_test_repo }}/osquery/tests"
|
|
when:
|
|
- ansible_service_mgr == 'systemd'
|
|
- contianer_inventory | bool
|
|
|
|
- name: Wait 15 seconds
|
|
command: "sleep 15"
|
|
changed_when: false
|
|
when:
|
|
- ansible_service_mgr == 'systemd'
|
|
|
|
- name: Run functional test
|
|
become: yes
|
|
become_user: root
|
|
command: "/root/ansible25/bin/ansible-playbook -i tests/{{ inventory_file }} -e @tests/test-vars.yml site.yml"
|
|
environment:
|
|
ANSIBLE_ACTION_PLUGINS: "/root/ansible25/repositories/ansible-config_template/action"
|
|
ANSIBLE_CONNECTION_PLUGINS: "/root/ansible25/repositories/openstack-ansible-plugins/connection"
|
|
ANSIBLE_LOG_PATH: "/tmp/osquery-logs/ansible-osquery-test-deployment.log"
|
|
ANSIBLE_ROLES_PATH: /root/ansible25/repositories/roles
|
|
args:
|
|
chdir: "src/{{ current_test_repo }}/osquery"
|