Fix lint and molecule jobs after release of cryptography3.4
Molecule job fails with: ModuleNotFoundError: No module named 'setuptools_rust' This error appeared following the release of cryptography 3.4, which now includes Rust code. It can be installed without Rust using a Python wheel, but only with more recent pip than version 9.0.3 available as RPM on CentOS 8. The cryptography bug report [1] recommends pip>=19.1.1 The new pip is not supported on Python 2 / CentOS 7, so this change also upgrades to CentOS 8 images. This change also upgrades and fixes the ansible-lint job dependencies and configuration. [1] https://github.com/pyca/cryptography/issues/5753 Change-Id: I923020e7ec1f2ecbd7089096f22dd92fb36254a5
This commit is contained in:
parent
c77c8d352d
commit
e65f11baed
8
.ansible-lint
Normal file
8
.ansible-lint
Normal file
@ -0,0 +1,8 @@
|
||||
skip_list:
|
||||
- experimental # all rules tagged as experimental
|
||||
- no-changed-when # Commands should not change things if nothing needs doing
|
||||
|
||||
warn_list:
|
||||
- literal-compare # Don't compare to literal True/False
|
||||
- unnamed-task # All tasks should be named
|
||||
- var-spacing # Variables should have spaces before and after: {{ var_name }}
|
@ -25,9 +25,11 @@ repos:
|
||||
types: [file, yaml]
|
||||
entry: yamllint --strict -f parsable
|
||||
- repo: https://github.com/ansible/ansible-lint
|
||||
rev: v4.1.1a2
|
||||
rev: v4.3.5
|
||||
hooks:
|
||||
- id: ansible-lint
|
||||
additional_dependencies:
|
||||
- 'ansible<2.10'
|
||||
files: \.(yaml|yml)$
|
||||
entry: >-
|
||||
ansible-lint --force-color -v -x "ANSIBLE0006,ANSIBLE0007,ANSIBLE0010,ANSIBLE0012,ANSIBLE0013,ANSIBLE0016"
|
||||
|
8
tox.ini
8
tox.ini
@ -1,4 +1,5 @@
|
||||
[tox]
|
||||
basepython = python3
|
||||
minversion = 2.0
|
||||
# add docs to the list of environments once we actually have docs to generate
|
||||
envlist = py36,pep8,molecule,linters
|
||||
@ -31,7 +32,7 @@ commands = molecule test --all
|
||||
[testenv:ansible-lint]
|
||||
deps = {[testenv:linters]deps}
|
||||
commands =
|
||||
ansible-lint {toxinidir}/tripleo_ipa
|
||||
ansible-lint -c .ansible-lint {toxinidir}/tripleo_ipa
|
||||
|
||||
[testenv:yamllint]
|
||||
deps = {[testenv:linters]deps}
|
||||
@ -39,7 +40,12 @@ commands =
|
||||
yamllint -c {toxinidir}/tripleo_ipa/.yamllint {toxinidir}/tripleo_ipa
|
||||
|
||||
[testenv:linters]
|
||||
setenv =
|
||||
ANSIBLE_FILTER_PLUGINS={toxinidir}/tripleo_ipa/ansible_plugins/filter
|
||||
ANSIBLE_LIBRARY={toxinidir}/tripleo_ipa/roles.galaxy/config_template/library:{toxinidir}/tripleo_ipa/ansible_plugins/modules
|
||||
ANSIBLE_ROLES_PATH={toxinidir}/tripleo_ipa/roles.galaxy:{toxinidir}/tripleo_ipa/roles
|
||||
deps =
|
||||
-r {toxinidir}/ansible-requirements.txt
|
||||
-r {toxinidir}/test-requirements.txt
|
||||
commands =
|
||||
{[testenv:ansible-lint]commands}
|
||||
|
@ -22,7 +22,7 @@ FROM {{ item.image }}
|
||||
{% endif %}
|
||||
|
||||
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
|
||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
|
||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
|
||||
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
|
||||
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
|
||||
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
|
||||
|
@ -5,9 +5,11 @@ driver:
|
||||
log: true
|
||||
|
||||
platforms:
|
||||
- name: centos7
|
||||
- name: centos8
|
||||
hostname: test-0.example.test
|
||||
image: centos:7
|
||||
image: centos/centos:centos8
|
||||
registry:
|
||||
url: quay.io
|
||||
security_opts:
|
||||
- seccomp=unconfined
|
||||
command: /sbin/init
|
||||
@ -16,10 +18,9 @@ platforms:
|
||||
- /tmp
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- /etc/pki/rpm-gpg:/etc/pki/rpm-gpg
|
||||
dockerfile: Dockerfile
|
||||
network_mode: host
|
||||
easy_install:
|
||||
- pip
|
||||
environment: &env
|
||||
http_proxy: "{{ lookup('env', 'http_proxy') }}"
|
||||
https_proxy: "{{ lookup('env', 'https_proxy') }}"
|
||||
@ -32,6 +33,12 @@ provisioner:
|
||||
ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH:-/usr/share/ansible/roles}:${HOME}/zuul-jobs/roles"
|
||||
ANSIBLE_LIBRARY: "${ANSIBLE_LIBRARY:-/usr/share/ansible/plugins/modules}"
|
||||
ANSIBLE_FILTER_PLUGINS: "${ANSIBLE_FILTER_PLUGINS:-/usr/share/ansible/plugins/filter}"
|
||||
inventory:
|
||||
hosts:
|
||||
all:
|
||||
hosts:
|
||||
centos8:
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
scenario:
|
||||
test_sequence:
|
||||
|
@ -61,7 +61,7 @@
|
||||
-h ipa.{{ domain }}
|
||||
--read-only --tmpfs /run --tmpfs /tmp
|
||||
-v /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
-v /tmp/ipa-data:/data:Z freeipa/freeipa-server:fedora-28 exit-on-finished
|
||||
-v /tmp/ipa-data:/data:Z freeipa/freeipa-server:fedora-28 no-exit
|
||||
-U -r {{ domain | upper }} --setup-dns --no-reverse --no-ntp
|
||||
--forwarder={{ unbound_primary_nameserver_v4 | default('1.1.1.1') }}
|
||||
--forwarder={{ unbound_secondary_nameserver_v4 | default('8.8.8.8') }} &
|
||||
@ -72,3 +72,22 @@
|
||||
search_regex: "(INFO The ipa-server-install command was successful|ERROR The ipa-server-install command failed)"
|
||||
timeout: 900
|
||||
become: true
|
||||
|
||||
- name: Wait for FreeIPA LDAP port to open
|
||||
wait_for:
|
||||
host=172.18.0.22
|
||||
port=389
|
||||
delay=1
|
||||
timeout=300
|
||||
ignore_errors: true
|
||||
|
||||
- name: Check the status of ipactl to make sure all services are started
|
||||
command: "docker exec freeipa-server-container ipactl status"
|
||||
retries: 10
|
||||
delay: 3
|
||||
register: result
|
||||
until: result.rc == 0
|
||||
|
||||
- name: Print ipactl status
|
||||
debug:
|
||||
msg: "{{result.stdout}}"
|
||||
|
@ -22,7 +22,7 @@ FROM {{ item.image }}
|
||||
{% endif %}
|
||||
|
||||
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
|
||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
|
||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
|
||||
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
|
||||
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
|
||||
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
|
||||
|
@ -274,5 +274,5 @@
|
||||
- include_role:
|
||||
name: tripleo_ipa_cleanup
|
||||
vars:
|
||||
tripleo_ipa_hosts_to_delete: [ 'test-1.example.test' ]
|
||||
tripleo_ipa_hosts_to_delete: ['test-1.example.test']
|
||||
tripleo_ipa_keytab: "/etc/novajoin/krb5.keytab"
|
||||
|
@ -5,9 +5,11 @@ driver:
|
||||
log: true
|
||||
|
||||
platforms:
|
||||
- name: centos7
|
||||
- name: centos8
|
||||
hostname: test-0.example.test
|
||||
image: centos:7
|
||||
image: centos/centos:centos8
|
||||
registry:
|
||||
url: quay.io
|
||||
security_opts:
|
||||
- seccomp=unconfined
|
||||
command: /sbin/init
|
||||
@ -16,10 +18,9 @@ platforms:
|
||||
- /tmp
|
||||
volumes:
|
||||
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
||||
- /etc/pki/rpm-gpg:/etc/pki/rpm-gpg
|
||||
dockerfile: Dockerfile
|
||||
network_mode: host
|
||||
easy_install:
|
||||
- pip
|
||||
environment: &env
|
||||
http_proxy: "{{ lookup('env', 'http_proxy') }}"
|
||||
https_proxy: "{{ lookup('env', 'https_proxy') }}"
|
||||
@ -32,6 +33,12 @@ provisioner:
|
||||
ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH:-/usr/share/ansible/roles}:${HOME}/zuul-jobs/roles"
|
||||
ANSIBLE_LIBRARY: "${ANSIBLE_LIBRARY:-/usr/share/ansible/plugins/modules}"
|
||||
ANSIBLE_FILTER_PLUGINS: "${ANSIBLE_FILTER_PLUGINS:-/usr/share/ansible/plugins/filter}"
|
||||
inventory:
|
||||
hosts:
|
||||
all:
|
||||
hosts:
|
||||
centos8:
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
scenario:
|
||||
test_sequence:
|
||||
|
@ -73,7 +73,7 @@
|
||||
ipaadmin_password: "{{ ipa_server_password }}"
|
||||
ansible_user: "{{ undercloud_ansible_user }}"
|
||||
ansible_ssh_extra_args: "-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: Add host to ipaservers group
|
||||
add_host:
|
||||
@ -110,7 +110,7 @@
|
||||
stdin: "{{ ipa_server_password }}"
|
||||
register: kinit
|
||||
changed_when: kinit.rc == 0
|
||||
no_log: True
|
||||
no_log: true
|
||||
|
||||
- name: setup the undercloud and get keytab
|
||||
include_role:
|
||||
|
@ -2,4 +2,4 @@
|
||||
- hosts: localhost
|
||||
remote_user: root
|
||||
roles:
|
||||
- tripleo_ipa
|
||||
- tripleo_ipa
|
||||
|
@ -15,6 +15,12 @@
|
||||
include_role:
|
||||
name: ensure-pip
|
||||
|
||||
- name: Ensure a recent version of pip is installed in virtualenv
|
||||
pip:
|
||||
name: "pip>=19.1.1"
|
||||
virtualenv: "{{ ansible_user_dir }}/test-python"
|
||||
virtualenv_command: "{{ ensure_pip_virtualenv_command }}"
|
||||
|
||||
- name: Setup test-python
|
||||
pip:
|
||||
requirements: "{{ tripleo_ipa_project_path }}/molecule-requirements.txt"
|
||||
|
Loading…
Reference in New Issue
Block a user