diff --git a/.ansible-lint b/.ansible-lint index ff64212f..55ac0c5d 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -2,11 +2,12 @@ exclude_paths: - ci/ - roles/telemetry_autoscaling + - roles/telemetry_logging + - roles/commmon skip_list: - command-instead-of-module # Using command rather than module - galaxy - meta-no-info # meta/main.yml should contain relevant info - risky-shell-pipe # Shells that use pipes should set the pipefail option - unnamed-task # All tasks should be named - - var-naming[no-role-prefix] # Variables names from within roles should use role_name_ as a prefix - yaml # Violations reported by yamllint diff --git a/roles/common/README.md b/roles/common/README.md new file mode 100644 index 00000000..62f30101 --- /dev/null +++ b/roles/common/README.md @@ -0,0 +1,119 @@ +common +========= + +The tests in this role are not specific to any one functional area but are an aggregate of common tests that can be used in all OSP 18.0/OCP jobs. + +Requirements +------------ + +None + +Role Variables +-------------- +Variable required for all tasks to run: + + For container_tests.yml tasks: + + container_test_id + container_list + - list of containers to validate + + For cred_tests.yml tasks: + + cred_test_id + cred_list + - list of credentials to validate + + For endpoint_tests.yml tasks: + + endpoint_test_id + endpoint_list + - list of endpoints to validate + + For file_tests.yml tasks: + + file_test_id + file_list + - list of files to verify + + For node_tests.yml tasks: + + node_test_id + node_list + - list of nodes to validate + + For proj_test.yml tasks: + + proj_test_id + proj_list + - list of projects to validate + + For pod_tests.yml tasks: + + pod_test_id + pod_list + - list of pods to validate + pod_status_str + - status of pods to check + pod_nspace + - list of projects where pods exist + + For service_tests.yml tasks: + + service_test_id + service_list + - list of services to validate + service_nspace + - project where services are running + + For manifest_tests.yml tasks: + + manifest_test_id + manifest_list + - list of package manifests to validate + + For subscription_tests.yml tasks: + + subscription_polar_id + subscription_list + - list of subscriptions to validate + subscription_nspace + - project where the subscription lives + + +Dependencies +------------ + +None + +Example Playbook +---------------- + +Typically, for this role the tests should *not* use a "main.yml" and import or include all the tests in the role. On the contrary, a tests should explicitly include specific tests needed for a given job. + + + hosts: controller + gather_facts: no + vars: + proj_out_file: verify_logging_projects_exist_lresults.log + proj_list: + - openshift-openstack-infra + - openshift + - openstack-operators + - openshift-logging + + tasks: + - name: Run projects tests + ansible.builtin.import_role: + name: common + + +License +------- + +Apache 2 + +Author Information +------------------ + +alexy@redhat.com diff --git a/roles/common/tasks/container_tests.yml b/roles/common/tasks/container_tests.yml new file mode 100644 index 00000000..21a6b464 --- /dev/null +++ b/roles/common/tasks/container_tests.yml @@ -0,0 +1,9 @@ +--- + +- name: Get container status + ansible.builtin.shell: + cmd: | + podman ps -a --format "{{ '{{.Names}} {{.Status}}' }}" | grep "{{ item }}" | awk '{print $2;}' + changed_when: false + register: container_status + failed_when: container_status.stdout != "Up" diff --git a/roles/common/tasks/cred_tests.yml b/roles/common/tasks/cred_tests.yml new file mode 100644 index 00000000..341514ef --- /dev/null +++ b/roles/common/tasks/cred_tests.yml @@ -0,0 +1,8 @@ +--- + +- name: Verify logging credentials "{{ item }}" + ansible.builtin.shell: + cmd: | + oc get crd "{{ item }}" + changed_when: false + register: output diff --git a/roles/common/tasks/endpoint_tests.yml b/roles/common/tasks/endpoint_tests.yml new file mode 100644 index 00000000..5c9d06bf --- /dev/null +++ b/roles/common/tasks/endpoint_tests.yml @@ -0,0 +1,9 @@ +--- + +- name: Get Endpoint + ansible.builtin.shell: + cmd: | + oc project openstack + kubectl exec openstackclient -- openstack endpoint list --service="{{ item[0] }}" --service="{{ item[1] }}" --interface="{{ item[2] }}" + changed_when: false + register: output diff --git a/roles/common/tasks/file_tests.yml b/roles/common/tasks/file_tests.yml new file mode 100644 index 00000000..275519bf --- /dev/null +++ b/roles/common/tasks/file_tests.yml @@ -0,0 +1,12 @@ +--- + +- name: Get stats for file + ansible.builtin.stat: + path: "{{ item }}" + register: fstats + failed_when: + - fstats.stat.pw_name != "root" + - fstats.stat.size | int < 300 + - not fstats.stat.exists + - not fstats.stat.isreg + diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml new file mode 100644 index 00000000..d8bd13f6 --- /dev/null +++ b/roles/common/tasks/main.yml @@ -0,0 +1,65 @@ +--- +- name: "Verify container - {{ container_test_id }}" + when: container_list is defined + ansible.builtin.include_tasks: "container_tests.yml" + loop: "{{ container_list }}" + + +- name: "Verify credential - {{ cred_test_id }}" + when: cred_list is defined + ansible.builtin.include_tasks: "cred_tests.yml" + loop: "{{ cred_list }}" + + +- name: "Verify endpoint in OSP - {{ endpoint_test_id }}" + when: endpoint_list is defined + ansible.builtin.include_tasks: "endpoint_tests.yml" + loop: "{{ endpoint_list }}" + + +- name: "Verify file - {{ file_test_id }}" + when: file_list is defined + ansible.builtin.include_tasks: "file_tests.yml" + loop: "{{ file_list }}" + + +- name: "Verify manifest - {{ manifest_test_id }}" + when: manifest_list is defined + ansible.builtin.include_tasks: "manifest_tests.yml" + loop: "{{ manifest_list }}" + + +- name: "Verify OSP node - {{ node_test_id }}" + when: node_list is defined + ansible.builtin.include_tasks: node_tests.yml + loop: "{{ node_list }}" + + +- name: "Verify pod - {{ pod_test_id }}" + when: + - pod_list is defined + - pod_nspace is defined + - pod_status_str is defined + ansible.builtin.include_tasks: "pod_tests.yml" + loop: "{{ pod_list }}" + + + +- name: "Verify project - {{ proj_test_id }}" + when: proj_list is defined + ansible.builtin.include_tasks: "proj_tests.yml" + loop: "{{ proj_list }}" + + +- name: "Verify service - {{ service_test_id }}" + when: + - service_list is defined + - service_nspace is defined + ansible.builtin.include_tasks: "service_tests.yml" + loop: "{{ service_list }}" + + +- name: "Verify subscription - {{ subscription_test_id }}" + when: subscription_list is defined + ansible.builtin.include_tasks: "subscription_tests.yml" + loop: "{{ subscription_list }}" diff --git a/roles/common/tasks/manifest_tests.yml b/roles/common/tasks/manifest_tests.yml new file mode 100644 index 00000000..1dbb3ed0 --- /dev/null +++ b/roles/common/tasks/manifest_tests.yml @@ -0,0 +1,23 @@ +--- + +- name: Get number of packages + ansible.builtin.shell: + cmd: | + echo "{{ item }}" | awk '{print $2;}' + register: num_expected + changed_when: false + +- name: Get package name + ansible.builtin.shell: + cmd: | + echo "{{ item }}" | awk '{print $1;}' + register: pack_name + changed_when: false + +- name: Get packagemanifest + ansible.builtin.shell: + cmd: | + oc get packagemanifests | grep "{{ pack_name.stdout }}" | wc -l + register: num_found + changed_when: false + failed_when: num_expected.stdout != num_found.stdout diff --git a/roles/common/tasks/node_tests.yml b/roles/common/tasks/node_tests.yml new file mode 100644 index 00000000..ac0f751c --- /dev/null +++ b/roles/common/tasks/node_tests.yml @@ -0,0 +1,18 @@ +--- + +- name: Get running node + become: true + ansible.builtin.shell: + cmd: | + virsh list --state-running | grep "{{ item }}" | awk '{print $2;}' + register: nodefound + changed_when: false + +- name: Get node status + become: true + ansible.builtin.shell: + cmd: | + virsh list --state-running | grep "{{ item }}" | awk '{print $3;}' + register: output + changed_when: false + failed_when: output.stdout != "running" diff --git a/roles/common/tasks/pod_tests.yml b/roles/common/tasks/pod_tests.yml new file mode 100644 index 00000000..45c13f11 --- /dev/null +++ b/roles/common/tasks/pod_tests.yml @@ -0,0 +1,20 @@ +--- + +- name: Get Pod Instance "{{ pod_status_str }}" + ansible.builtin.shell: + cmd: | + oc get pods -n "{{ pod_nspace }}" | grep "{{ item }}" | grep "{{ pod_status_str }}" | awk '{print $1;}' + register: podinstance + changed_when: false + +- name: Check terminated pod + ansible.builtin.shell: + cmd: | + oc get pod -n "{{ pod_nspace }} {{ podinstance.stdout }}" + register: output + changed_when: false + failed_when: + - output.rc != 0 + - podinstance.stdout == "" + + diff --git a/roles/common/tasks/proj_tests.yml b/roles/common/tasks/proj_tests.yml new file mode 100644 index 00000000..50e2bda8 --- /dev/null +++ b/roles/common/tasks/proj_tests.yml @@ -0,0 +1,8 @@ +--- + +- name: Verify Project exists - "{{ item }}" + ansible.builtin.shell: + cmd: | + oc project "{{ item }}" + register: output + changed_when: false diff --git a/roles/common/tasks/service_tests.yml b/roles/common/tasks/service_tests.yml new file mode 100644 index 00000000..b007ad0e --- /dev/null +++ b/roles/common/tasks/service_tests.yml @@ -0,0 +1,6 @@ +- name: Verify Service Running - "{{ item }}" + ansible.builtin.shell: + cmd: | + oc get service -n "{{ service_nspace }}" "{{ item }}" + register: output + changed_when: false diff --git a/roles/common/tasks/subscription_tests.yml b/roles/common/tasks/subscription_tests.yml new file mode 100644 index 00000000..9e45c198 --- /dev/null +++ b/roles/common/tasks/subscription_tests.yml @@ -0,0 +1,8 @@ +--- + +- name: Verify subscription + ansible.builtin.shell: + cmd: | + oc get subscriptions -n "{{ subscription_nspace }}" "{{ item }}" + register: output + changed_when: false