forked from CCCHH/ansible-infra
Vendor Galaxy Roles and Collections
This commit is contained in:
parent
c1e1897cda
commit
2aed20393f
3553 changed files with 387444 additions and 2 deletions
|
|
@ -0,0 +1,7 @@
|
|||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
azp/1
|
||||
destructive
|
||||
needs/root
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
dependencies:
|
||||
- setup_docker
|
||||
- setup_docker_sdk_for_python
|
||||
- setup_openssl
|
||||
- setup_remote_tmp_dir
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
- name: CLEANUP | Leave Docker Swarm
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
ignore_errors: true
|
||||
register: leave_swarm
|
||||
|
||||
- name: CLEANUP | Kill Docker and cleanup
|
||||
when: leave_swarm is failed
|
||||
block:
|
||||
- name: CLEANUP | Kill docker daemon
|
||||
ansible.builtin.command: systemctl kill -s 9 docker
|
||||
become: true
|
||||
|
||||
- name: CLEANUP | Clear out /var/lib/docker
|
||||
ansible.builtin.shell: rm -rf /var/lib/docker/*
|
||||
|
||||
- name: CLEANUP | Start docker daemon
|
||||
ansible.builtin.service:
|
||||
name: docker
|
||||
state: started
|
||||
become: true
|
||||
|
||||
- name: CLEANUP | Wait for docker daemon to be fully started
|
||||
ansible.builtin.command: docker ps
|
||||
register: result
|
||||
until: result is success
|
||||
retries: 10
|
||||
|
||||
- name: CLEANUP | Leave Docker Swarm
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
####################################################################
|
||||
# WARNING: These are designed specifically for Ansible tests #
|
||||
# and should not be used as examples of how to write Ansible roles #
|
||||
####################################################################
|
||||
|
||||
- name: Run Docker Swarm tests
|
||||
when:
|
||||
- docker_py_version is version('1.10.0', '>=')
|
||||
- docker_api_version is version('1.25', '>=')
|
||||
|
||||
block:
|
||||
- ansible.builtin.include_tasks: run-test.yml
|
||||
with_fileglob:
|
||||
- "tests/*.yml"
|
||||
loop_control:
|
||||
loop_var: test_name
|
||||
|
||||
always:
|
||||
- ansible.builtin.import_tasks: cleanup.yml
|
||||
|
||||
- ansible.builtin.fail:
|
||||
msg: "Too old docker / docker-py version to run docker_swarm tests!"
|
||||
when:
|
||||
- not(docker_py_version is version('1.10.0', '>=') and docker_api_version is version('1.25', '>='))
|
||||
- (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
- name: "Loading tasks from {{ test_name }}"
|
||||
ansible.builtin.include_tasks: "{{ test_name }}"
|
||||
|
|
@ -0,0 +1,163 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
- ansible.builtin.debug:
|
||||
msg: Running tests/basic.yml
|
||||
|
||||
####################################################################
|
||||
## Errors ##########################################################
|
||||
####################################################################
|
||||
- name: Test parameters with state=join
|
||||
community.docker.docker_swarm: # noqa: args[module]
|
||||
state: join
|
||||
ignore_errors: true
|
||||
register: output
|
||||
|
||||
- name: assert failure when called with state=join and no remote_addrs,join_token
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output.failed'
|
||||
- 'output.msg == "state is join but all of the following are missing: remote_addrs, join_token"'
|
||||
|
||||
- name: Test parameters with state=remove
|
||||
community.docker.docker_swarm: # noqa: args[module]
|
||||
state: remove
|
||||
ignore_errors: true
|
||||
register: output
|
||||
|
||||
- name: assert failure when called with state=remove and no node_id
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output.failed'
|
||||
- 'output.msg == "state is remove but all of the following are missing: node_id"'
|
||||
|
||||
####################################################################
|
||||
## Creation ########################################################
|
||||
####################################################################
|
||||
|
||||
- name: Create a Swarm cluster (check mode)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_1
|
||||
|
||||
- name: Create a Swarm cluster
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
|
||||
diff: true
|
||||
register: output_2
|
||||
|
||||
- name: Create a Swarm cluster (idempotent)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
|
||||
diff: true
|
||||
register: output_3
|
||||
|
||||
- name: Create a Swarm cluster (idempotent, check mode)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_4
|
||||
|
||||
- name: Create a Swarm cluster (force re-create)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
|
||||
force: true
|
||||
diff: true
|
||||
register: output_5
|
||||
|
||||
- name: Create a Swarm cluster (force re-create, check mode)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
|
||||
force: true
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_6
|
||||
|
||||
- name: assert changed when create a new swarm cluster
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output_1 is changed'
|
||||
- 'output_1.diff.before is defined'
|
||||
- 'output_1.diff.after is defined'
|
||||
- 'output_2 is changed'
|
||||
- '(output_2.actions[0] | regex_search("New Swarm cluster created: ")) is truthy'
|
||||
- 'output_2.swarm_facts.JoinTokens.Manager is truthy'
|
||||
- 'output_2.swarm_facts.JoinTokens.Worker is truthy'
|
||||
- 'output_2.diff.before is defined'
|
||||
- 'output_2.diff.after is defined'
|
||||
- 'output_3 is not changed'
|
||||
- 'output_3.diff.before is defined'
|
||||
- 'output_3.diff.after is defined'
|
||||
- 'output_4 is not changed'
|
||||
- 'output_4.diff.before is defined'
|
||||
- 'output_4.diff.after is defined'
|
||||
- 'output_5 is changed'
|
||||
- 'output_5.diff.before is defined'
|
||||
- 'output_5.diff.after is defined'
|
||||
- 'output_6 is changed'
|
||||
- 'output_6.diff.before is defined'
|
||||
- 'output_6.diff.after is defined'
|
||||
|
||||
####################################################################
|
||||
## Removal #########################################################
|
||||
####################################################################
|
||||
|
||||
- name: Remove a Swarm cluster (check mode)
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_1
|
||||
|
||||
- name: Remove a Swarm cluster
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
diff: true
|
||||
register: output_2
|
||||
|
||||
- name: Remove a Swarm cluster (idempotent)
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
diff: true
|
||||
register: output_3
|
||||
|
||||
- name: Remove a Swarm cluster (idempotent, check mode)
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_4
|
||||
|
||||
- name: assert changed when remove a swarm cluster
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output_1 is changed'
|
||||
- 'output_1.diff.before is defined'
|
||||
- 'output_1.diff.after is defined'
|
||||
- 'output_2 is changed'
|
||||
- 'output_2.actions[0] == "Node has left the swarm cluster"'
|
||||
- 'output_2.diff.before is defined'
|
||||
- 'output_2.diff.after is defined'
|
||||
- 'output_3 is not changed'
|
||||
- 'output_3.diff.before is defined'
|
||||
- 'output_3.diff.after is defined'
|
||||
- 'output_4 is not changed'
|
||||
- 'output_4.diff.before is defined'
|
||||
- 'output_4.diff.after is defined'
|
||||
|
||||
- ansible.builtin.include_tasks: cleanup.yml
|
||||
|
|
@ -0,0 +1,133 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
- ansible.builtin.debug:
|
||||
msg: Running tests/options-ca.yml
|
||||
- name: options-ca
|
||||
when: cryptography_version.stdout is version('1.6', '>=')
|
||||
block:
|
||||
- name: Generate privatekey
|
||||
loop:
|
||||
- key1
|
||||
- key2
|
||||
loop_control:
|
||||
loop_var: key
|
||||
community.crypto.openssl_privatekey:
|
||||
path: '{{ remote_tmp_dir }}/ansible_{{ key }}.key'
|
||||
size: 2048
|
||||
mode: '0666'
|
||||
- name: Generate CSR
|
||||
loop:
|
||||
- key1
|
||||
- key2
|
||||
loop_control:
|
||||
loop_var: key
|
||||
community.crypto.openssl_csr:
|
||||
path: '{{ remote_tmp_dir }}/ansible_{{ key }}.csr'
|
||||
privatekey_path: '{{ remote_tmp_dir }}/ansible_{{ key }}.key'
|
||||
basic_constraints:
|
||||
- CA:TRUE
|
||||
key_usage:
|
||||
- keyCertSign
|
||||
- name: Generate self-signed certificate
|
||||
loop:
|
||||
- key1
|
||||
- key2
|
||||
loop_control:
|
||||
loop_var: key
|
||||
community.crypto.x509_certificate:
|
||||
path: '{{ remote_tmp_dir }}/ansible_{{ key }}.pem'
|
||||
privatekey_path: '{{ remote_tmp_dir }}/ansible_{{ key }}.key'
|
||||
csr_path: '{{ remote_tmp_dir }}/ansible_{{ key }}.csr'
|
||||
provider: selfsigned
|
||||
- name: Load certificates
|
||||
ansible.builtin.slurp:
|
||||
src: '{{ remote_tmp_dir }}/{{ item }}'
|
||||
loop:
|
||||
- ansible_key1.pem
|
||||
- ansible_key2.pem
|
||||
register: ansible_certificates
|
||||
- name: Load certificate keys
|
||||
ansible.builtin.slurp:
|
||||
src: '{{ remote_tmp_dir }}/{{ item }}'
|
||||
loop:
|
||||
- ansible_key1.key
|
||||
- ansible_key2.key
|
||||
register: ansible_keys
|
||||
- name: signing_ca_cert and signing_ca_key (check mode)
|
||||
community.docker.docker_swarm:
|
||||
advertise_addr: '{{ ansible_default_ipv4.address | default("127.0.0.1") }}'
|
||||
state: present
|
||||
signing_ca_cert: '{{ ansible_certificates.results[0].content | b64decode }}'
|
||||
signing_ca_key: '{{ ansible_keys.results[0].content | b64decode }}'
|
||||
timeout: 120
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_1
|
||||
ignore_errors: true
|
||||
- name: signing_ca_cert and signing_ca_key
|
||||
community.docker.docker_swarm:
|
||||
advertise_addr: '{{ ansible_default_ipv4.address | default("127.0.0.1") }}'
|
||||
state: present
|
||||
signing_ca_cert: '{{ ansible_certificates.results[0].content | b64decode }}'
|
||||
signing_ca_key: '{{ ansible_keys.results[0].content | b64decode }}'
|
||||
timeout: 120
|
||||
diff: true
|
||||
register: output_2
|
||||
ignore_errors: true
|
||||
- name: Private key
|
||||
ansible.builtin.debug: msg="{{ ansible_keys.results[0].content | b64decode }}"
|
||||
- name: Cert
|
||||
ansible.builtin.debug: msg="{{ ansible_certificates.results[0].content | b64decode }}"
|
||||
- community.docker.docker_swarm_info:
|
||||
register: output
|
||||
ignore_errors: true
|
||||
- ansible.builtin.debug: var=output
|
||||
- name: signing_ca_cert and signing_ca_key (change, check mode)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
signing_ca_cert: '{{ ansible_certificates.results[1].content | b64decode }}'
|
||||
signing_ca_key: '{{ ansible_keys.results[1].content | b64decode }}'
|
||||
timeout: 120
|
||||
check_mode: true
|
||||
diff: true
|
||||
register: output_5
|
||||
ignore_errors: true
|
||||
- name: signing_ca_cert and signing_ca_key (change)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
signing_ca_cert: '{{ ansible_certificates.results[1].content | b64decode }}'
|
||||
signing_ca_key: '{{ ansible_keys.results[1].content | b64decode }}'
|
||||
timeout: 120
|
||||
diff: true
|
||||
register: output_6
|
||||
ignore_errors: true
|
||||
- name: assert signing_ca_cert and signing_ca_key
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- output_1 is changed
|
||||
- '(output_1.actions[0] | regex_search("New Swarm cluster created: ")) is truthy'
|
||||
- output_1.diff.before is defined
|
||||
- output_1.diff.after is defined
|
||||
- output_2 is changed
|
||||
- '(output_2.actions[0] | regex_search("New Swarm cluster created: ")) is truthy'
|
||||
- output_2.diff.before is defined
|
||||
- output_2.diff.after is defined
|
||||
- output_5 is changed
|
||||
- output_5.actions[0] == "Swarm cluster updated"
|
||||
- output_5.diff.before is defined
|
||||
- output_5.diff.after is defined
|
||||
- output_6 is changed
|
||||
- output_6.actions[0] == "Swarm cluster updated"
|
||||
- output_6.diff.before is defined
|
||||
- output_6.diff.after is defined
|
||||
when: docker_py_version is version('2.6.0', '>=')
|
||||
- ansible.builtin.assert:
|
||||
that:
|
||||
- output_1 is failed
|
||||
- ('version is ' ~ docker_py_version ~ ' ') in output_1.msg
|
||||
- '"Minimum version required is 2.6.0 " in output_1.msg'
|
||||
when: docker_py_version is version('2.6.0', '<')
|
||||
- ansible.builtin.include_tasks: cleanup.yml
|
||||
File diff suppressed because it is too large
Load diff
|
|
@ -0,0 +1,95 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
- ansible.builtin.debug:
|
||||
msg: Running tests/remote-addr-pool.yml
|
||||
|
||||
####################################################################
|
||||
## default_addr_pool ###############################################
|
||||
####################################################################
|
||||
|
||||
- name: default_addr_pool
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
default_addr_pool:
|
||||
- "2.0.0.0/16"
|
||||
diff: true
|
||||
register: output_1
|
||||
ignore_errors: true
|
||||
|
||||
- name: default_addr_pool (idempotent)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
default_addr_pool:
|
||||
- "2.0.0.0/16"
|
||||
diff: true
|
||||
register: output_2
|
||||
ignore_errors: true
|
||||
|
||||
- name: assert default_addr_pool
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output_1 is changed'
|
||||
- 'output_2 is not changed'
|
||||
- 'output_2.swarm_facts.DefaultAddrPool == ["2.0.0.0/16"]'
|
||||
when:
|
||||
- docker_api_version is version('1.39', '>=')
|
||||
- docker_py_version is version('4.0.0', '>=')
|
||||
|
||||
- name: assert default_addr_pool failed when unsupported
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output_1 is failed'
|
||||
- "'Minimum version required' in output_1.msg"
|
||||
when: docker_api_version is version('1.39', '<') or
|
||||
docker_py_version is version('4.0.0', '<')
|
||||
|
||||
####################################################################
|
||||
## subnet_size #####################################################
|
||||
####################################################################
|
||||
- name: Leave swarm
|
||||
community.docker.docker_swarm:
|
||||
state: absent
|
||||
force: true
|
||||
default_addr_pool:
|
||||
- "2.0.0.0/16"
|
||||
diff: true
|
||||
|
||||
- name: subnet_size
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
force: true
|
||||
subnet_size: 26
|
||||
diff: true
|
||||
register: output_1
|
||||
ignore_errors: true
|
||||
|
||||
- name: subnet_size (idempotent)
|
||||
community.docker.docker_swarm:
|
||||
state: present
|
||||
subnet_size: 26
|
||||
diff: true
|
||||
register: output_2
|
||||
ignore_errors: true
|
||||
|
||||
- name: assert subnet_size
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- 'output_1 is changed'
|
||||
- 'output_2 is not changed'
|
||||
- 'output_2.swarm_facts.SubnetSize == 26'
|
||||
when:
|
||||
- docker_api_version is version('1.39', '>=')
|
||||
- docker_py_version is version('4.0.0', '>=')
|
||||
|
||||
- name: assert subnet_size failed when unsupported
|
||||
ansible.builtin.assert:
|
||||
that:
|
||||
- output_1 is failed
|
||||
- "'Minimum version required' in output_1.msg"
|
||||
when: docker_api_version is version('1.39', '<') or
|
||||
docker_py_version is version('4.0.0', '<')
|
||||
|
||||
- ansible.builtin.include_tasks: cleanup.yml
|
||||
Loading…
Add table
Add a link
Reference in a new issue