Skip to content

Commit

Permalink
upstream ci: Add support for testing ipaserver deployment
Browse files Browse the repository at this point in the history
This patch provides the base for testing ipaserver role using Azure's
infrastructure.

By using containers prepared to thave FreeIPA installed, but
unconfigured, allows the use of a test matrix to test the behavior of
modules in differnt IPA configurations. It also improves tests by
allowing the creation of a test matrix of FreeIPA deployment.

A new pipeline script is provided, which can be used as a standalone
pipeline, os as part of an existing pipeline.

The script 'tests/server_role/inventory.py' is used to create inventory
files for the tests, which should be executed using the existing
'install-server.yml' playbook.

More information on how to generate different inventories can be found
in the accompanying README file 'tests/server_role/README.md'.
  • Loading branch information
rjeffman committed Mar 9, 2024
1 parent c952ab2 commit 7cf7167
Show file tree
Hide file tree
Showing 4 changed files with 230 additions and 0 deletions.
53 changes: 53 additions & 0 deletions tests/azure/deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
---
schedules:
- cron: "0 19 * * *"
displayName: Nightly Builds
branches:
include:
- master
always: true

trigger: none

pool:
vmImage: 'ubuntu-22.04'

stages:

# Fedora

- stage: FedoraLatest_Ansible_Core_2_13
dependsOn: []
jobs:
- template: templates/deployment_tests.yml
parameters:
build_number: $(Build.BuildNumber)
scenario: fedora-latest
ansible_version: "-core >=2.13,<2.14"

- stage: FedoraLatest_Ansible_Core_2_14
dependsOn: []
jobs:
- template: templates/deployment_tests.yml
parameters:
build_number: $(Build.BuildNumber)
scenario: fedora-latest
ansible_version: "-core >=2.14,<2.15"

- stage: FedoraLatest_Ansible_Core_2_15
dependsOn: []
jobs:
- template: templates/deployment_tests.yml
parameters:
build_number: $(Build.BuildNumber)
scenario: fedora-latest
ansible_version: "-core >=2.15,<2.16"

- stage: FedoraLatest_Ansible_latest
dependsOn: []
jobs:
- template: templates/deployment_tests.yml
parameters:
build_number: $(Build.BuildNumber)
scenario: fedora-latest
ansible_version: ""
65 changes: 65 additions & 0 deletions tests/azure/templates/deployment_tests.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
---
parameters:
- name: scenario
type: string
default: fedora-latest
- name: ansible_version
type: string
default: ""
- name: python_version
type: string
default: 3.x
- name: build_number
type: string

jobs:
- job: Test_Deployment
displayName: Run deployment tests ${{ parameters.scenario }}
timeoutInMinutes: 240
steps:
- task: UsePythonVersion@0
inputs:
versionSpec: '${{ parameters.python_version }}'

- script: |
pip install "ansible${{ parameters.ansible_version }}"
retryCountOnTaskFailure: 5
displayName: Install Ansible
- script: ansible-galaxy collection install community.docker ansible.posix
retryCountOnTaskFailure: 5
displayName: Install Ansible collections

- script: pip install -r requirements-tests.txt
retryCountOnTaskFailure: 5
displayName: Install dependencies

- script: |
mkdir -p ~/.ansible/roles ~/.ansible/library ~/.ansible/module_utils
cp -a roles/* ~/.ansible/roles
cp -a plugins/modules/* ~/.ansible/library
cp -a plugins/module_utils/* ~/.ansible/module_utils
docker pull ${SCENARIO_IMAGE}
env:
SCENARIO_IMAGE: quay.io/ansible-freeipa/upstream-tests:raw-${{ parameters.scenario }}
retryCountOnTaskFailure: 5
displayName: Setup test environment
- script: |
docker rm --force ${{ parameters.scenario }}
tests/server_role/inventory.py | tee inventory.yml
docker run -d --privileged --name ${IPA_CONTAINER} --hostname ${IPA_HOSTNAME} ${SCENARIO_IMAGE}
ansible-playbook -i inventory.yml playbooks/install-server.yml
docker stop ${{ parameters.scenario }}
docker rm ${{ parameters.scenario }}
displayName: Run deployment tests
env:
SCENARIO_IMAGE: quay.io/ansible-freeipa/upstream-tests:raw-${{ parameters.scenario }}
IPA_CONTAINER: ipaserver_test_container
IPA_HOSTNAME: ipaserver.test.local
- task: PublishTestResults@2
inputs:
mergeTestResults: true
testRunTitle: DeploymentTests-Build${{ parameters.build_number }}
condition: succeededOrFailed()
1 change: 1 addition & 0 deletions tests/server_role/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
This file should include how to test ipaserver.
111 changes: 111 additions & 0 deletions tests/server_role/inventory.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
#!/usr/bin/env python
"""Dynamic inventory to test ipaserver role."""

import os
import sys
from collections import namedtuple

try:
import yaml

inventory_to_string = yaml.dump
except ImportError:
import json

inventory_to_string = json.dumps

Config = namedtuple(
"Config",
"""
engine
container
hostname
ipa_domain
ipa_realm
setup_kra
setup_dns
dns_no_forwarders
dns_auto_reverse
setup_adtrust
ipa_netbios_name
""",
)


def to_boolean(value):
return value.lower() == "true"


def get_inventory_data(config):
"""Generate inventory based on given configuration."""
return {
"all": {
"children": {
"ipaserver": {
"hosts": {
"ipa_server": {
"ansible_connection": config.engine,
"ansible_host": config.container,
},
},
"vars": {
# KRA
"ipaserver_setup_kra": config.setup_kra,
# DNS
"ipaserver_setup_dns": config.setup_dns,
"ipaserver_no_forwarders": config.dns_no_forwarders,
"ipaserver_auto_reverse": config.dns_auto_reverse,
# AD Trust
"ipaserver_setup_adtrust": config.setup_adtrust,
"ipaserver_netbios_name": config.ipa_netbios_name,
# adjtimex fails on container, so do not set ntp
"ipaclient_no_ntp": True,
# server configuration
"ipaserver_hostname": config.hostname,
},
},
},
"vars": {
# server/realm
"ipaserver_domain": config.ipa_domain,
"ipaserver_realm": config.ipa_realm,
# passwords
"ipaadmin_password": "SomeADMINpassword",
"ipadm_password": "SomeDMpassword",
},
},
}


def gen_default_inventory():
default_hostname = "ipaserver.test.local"
ipa_hostname = os.environ.get("IPA_HOSTNAME", default_hostname).split(".")

setup_dns = to_boolean(os.environ.get("SETUP_DNS", "False"))

config = Config(
engine=(
"containers.podman.podman"
if "--podman" in sys.argv
else "community.docker.docker"
),
container=os.environ.get("IPA_CONTAINER", "ipaserver_test_container"),
hostname=".".join(ipa_hostname),
ipa_domain=os.environ.get("IPA_DOMAIN", ".".join(ipa_hostname[1:])),
ipa_realm=os.environ.get(
"IPA_REALM", ".".join(ipa_hostname[1:]).upper()
),
setup_kra=to_boolean(os.environ.get("SETUP_KRA", "False")),
setup_dns=setup_dns,
dns_no_forwarders=os.environ.get("DNS_NO_FORWARDERS", setup_dns),
dns_auto_reverse=os.environ.get("DNS_AUTO_REVERSE", setup_dns),
setup_adtrust=to_boolean(os.environ.get("SETUP_ADTRUST", "False")),
ipa_netbios_name=os.environ.get("IPA_NETBIOS_NAME", "IPA"),
)
print(inventory_to_string(get_inventory_data(config)))


if "--matrix" in sys.argv: # pylint: disable=no-else-raise
raise NotImplementedError("Test matrix not implemented yet.")
else:
gen_default_inventory()

0 comments on commit 7cf7167

Please sign in to comment.