Skip to content
Commits on Source (12)
Expand all Hide whitespace changes
Inline Side-by-side
.github/workflows/lint.yml
View file @ 48c0fd0a
......@@ -16,7 +16,7 @@ jobs:
python-version: "3.x"
- name: Run ansible-lint
run: |
pip install "ansible-core >=2.15,<2.16" 'ansible-lint<6.21'
pip install "ansible-core>=2.16,<2.17" 'ansible-lint>=6.21'
utils/build-galaxy-release.sh -ki
cd .galaxy-build
ansible-lint --profile production --exclude tests/integration/ --exclude tests/unit/ --parseable --nocolor
......@@ -76,7 +76,7 @@ jobs:
python-version: "3.x"
- name: Run pylint
run: |
pip install pylint==2.17.2
pip install 'pylint>=3.0'
pylint plugins roles --disable=import-error
shellcheck:
......
.pre-commit-config.yaml
View file @ 48c0fd0a
---
repos:
- repo: https://github.com/ansible/ansible-lint.git
rev: v6.17.2
rev: v6.22.0
hooks:
- id: ansible-lint
always_run: false
......@@ -34,7 +34,7 @@ repos:
hooks:
- id: pydocstyle
- repo: https://github.com/pycqa/pylint
rev: v2.17.2
rev: v3.0.2
hooks:
- id: pylint
args:
......
plugins/modules/ipaidoverridegroup.py
View file @ 48c0fd0a
......@@ -332,7 +332,7 @@ def main():
merge_dicts(
{
"ipaanchoruuid": anchor,
"continue": delete_continue
"continue": delete_continue or False
},
runtime_args
)]
......
plugins/modules/ipaidoverrideuser.py
View file @ 48c0fd0a
......@@ -572,7 +572,7 @@ def main():
merge_dicts(
{
"ipaanchoruuid": anchor,
"continue": delete_continue
"continue": delete_continue or False
},
runtime_args
)]
......
tests/azure/build-containers.yml
View file @ 48c0fd0a
......@@ -13,34 +13,49 @@ trigger: none
pool:
vmImage: 'ubuntu-20.04'
jobs:
- template: templates/build_container.yml
parameters:
job_name_suffix: Centos7
container_name: centos-7
build_scenario_name: centos-7-build
- template: templates/build_container.yml
parameters:
job_name_suffix: C8S
container_name: c8s
build_scenario_name: c8s-build
- template: templates/build_container.yml
parameters:
job_name_suffix: C9S
container_name: c9s
build_scenario_name: c9s-build
- template: templates/build_container.yml
parameters:
job_name_suffix: FedoraLatest
container_name: fedora-latest
build_scenario_name: fedora-latest-build
- template: templates/build_container.yml
parameters:
job_name_suffix: FedoraRawhide
container_name: fedora-rawhide
build_scenario_name: fedora-rawhide-build
stages:
- stage: CentOS_7
dependsOn: []
jobs:
- template: templates/build_container.yml
parameters:
job_name_suffix: Centos7
container_name: centos-7
build_scenario_name: centos-7-build
- stage: CentOS_8_Stream
dependsOn: []
jobs:
- template: templates/build_container.yml
parameters:
job_name_suffix: C8S
container_name: c8s
build_scenario_name: c8s-build
- stage: CentOS_9_Stream
dependsOn: []
jobs:
- template: templates/build_container.yml
parameters:
job_name_suffix: C9S
container_name: c9s
build_scenario_name: c9s-build
- stage: Fedora_Latest
dependsOn: []
jobs:
- template: templates/build_container.yml
parameters:
job_name_suffix: FedoraLatest
container_name: fedora-latest
build_scenario_name: fedora-latest-build
- stage: Fedora_Rawhide
dependsOn: []
jobs:
- template: templates/build_container.yml
parameters:
job_name_suffix: FedoraRawhide
container_name: fedora-rawhide
build_scenario_name: fedora-rawhide-build
tests/host/test_host.yml
View file @ 48c0fd0a
......@@ -32,6 +32,26 @@
update_dns: yes
state: absent
- name: Ensure leftover DNS records for test hosts are not present.
ipadnsrecord:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
zone_name: "{{ ipaserver_domain }}"
records:
- name: "host1"
del_all: true
- name: "host2"
del_all: true
- name: "host3"
del_all: true
- name: "host4"
del_all: true
- name: "host5"
del_all: true
- name: "host6"
del_all: true
state: absent
- name: Get IPv4 address prefix from server node
ansible.builtin.set_fact:
ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
......
tests/idoverridegroup/test_idoverridegroup.yml
View file @ 48c0fd0a
......@@ -18,16 +18,21 @@
# CLEANUP TEST ITEMS
- name: Ensure test group test_group does not exist
- name: Ensure test groups test_group1..3 do not exist
ipagroup:
name: test_group
name:
- test_group1
- test_group2
- test_group3
state: absent
- name: Ensure test group test_group is absent in idview test_idview
- name: Ensure test groups test_group1..3 are absent in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group
continue: true
anchor:
- test_group1
- test_group2
- test_group3
state: absent
- name: Ensure test idview test_idview does not exist
......@@ -37,9 +42,17 @@
# CREATE TEST ITEMS
- name: Ensure test group test_group exists
- name: Ensure test group test_group1 exists
ipagroup:
name: test_group
name: test_group1
- name: Ensure test group test_group2 exists
ipagroup:
name: test_group2
- name: Ensure test group test_group3 exists
ipagroup:
name: test_group3
- name: Ensure test idview test_idview exists
ipaidview:
......@@ -47,118 +60,146 @@
# TESTS
- name: Ensure test group test_group is present in idview test_idview
- name: Ensure test group test_group1 is present in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group1
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group1 is present in idview test_idview, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group1
register: result
failed_when: result.changed or result.failed
- name: Ensure test group test_group2 is present in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group2
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group2 is present in idview test_idview, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group2
register: result
failed_when: result.changed or result.failed
- name: Ensure test group test_group3 is present in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group3
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview, again
- name: Ensure test group test_group3 is present in idview test_idview, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group3
register: result
failed_when: result.changed or result.failed
# description
- name: Ensure test group test_group is present in idview test_idview with description
- name: Ensure test group test_group1 is present in idview test_idview with description
ipaidoverridegroup:
idview: test_idview
anchor: test_group
description: "test_group description"
anchor: test_group1
description: "test_group1 description"
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview with description, again
- name: Ensure test group test_group1 is present in idview test_idview with description, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
description: "test_group description"
anchor: test_group1
description: "test_group1 description"
register: result
failed_when: result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview without description
- name: Ensure test group test_group1 is present in idview test_idview without description
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
description: ""
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview without description, again
- name: Ensure test group test_group1 is present in idview test_idview without description, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
description: ""
register: result
failed_when: result.changed or result.failed
# name
- name: Ensure test group test_group is present in idview test_idview with internal name test_123_group
- name: Ensure test group test_group1 is present in idview test_idview with internal name test_123_group
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
name: test_123_group
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview with internal name test_123_group, again
- name: Ensure test group test_group1 is present in idview test_idview with internal name test_123_group, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
name: test_123_group
register: result
failed_when: result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview without internal name
- name: Ensure test group test_group1 is present in idview test_idview without internal name
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
name: ""
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview without internal name, again
- name: Ensure test group test_group1 is present in idview test_idview without internal name, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
name: ""
register: result
failed_when: result.changed or result.failed
# gid
- name: Ensure test group test_group is present in idview test_idview with gid 20001
- name: Ensure test group test_group1 is present in idview test_idview with gid 20001
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
gid: 20001
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview with gid 20001, again
- name: Ensure test group test_group1 is present in idview test_idview with gid 20001, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
gid: 20001
register: result
failed_when: result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview without gid
- name: Ensure test group test_group1 is present in idview test_idview without gid
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
gid: ""
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is present in idview test_idview without gid, again
- name: Ensure test group test_group1 is present in idview test_idview without gid, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
anchor: test_group1
gid: ""
register: result
failed_when: result.changed or result.failed
......@@ -167,36 +208,56 @@
# absent
- name: Ensure test group test_group is absent in idview test_idview
- name: Ensure test group test_group1 is absent in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group1
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group1 is absent in idview test_idview, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group1
state: absent
register: result
failed_when: result.changed or result.failed
- name: Ensure test groups test_group2,3 are absent in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group
continue: true
anchor:
- test_group2
- test_group3
state: absent
register: result
failed_when: not result.changed or result.failed
- name: Ensure test group test_group is absent in idview test_idview, again
- name: Ensure test groups test_group2,3 are absent in idview test_idview, again
ipaidoverridegroup:
idview: test_idview
anchor: test_group
continue: true
anchor:
- test_group2
- test_group3
state: absent
register: result
failed_when: result.changed or result.failed
# CLEANUP TEST ITEMS
- name: Ensure test group test_group does not exist
- name: Ensure test group test_group1 does not exist
ipagroup:
name: test_group
name: test_group1
state: absent
- name: Ensure test group test_group is absent in idview test_idview
- name: Ensure test groups test_group1..3 are absent in idview test_idview
ipaidoverridegroup:
idview: test_idview
anchor: test_group
continue: true
anchor:
- test_group1
- test_group2
- test_group3
state: absent
- name: Ensure test idview test_idview does not exist
......
tests/pwpolicy/test_pwpolicy.yml
View file @ 48c0fd0a
......@@ -176,21 +176,10 @@
minlength: ""
register: result
failed_when:
result.changed or
(result.failed and not
("an internal error has occurred" in result.msg or
"int() argument must be" in result.msg))
when: ipa_version is version("4.9", ">=")
- name: Ensure minlength is not cleared due to FreeIPA issue
ipapwpolicy:
ipaadmin_password: SomeADMINpassword
ipaapi_context: "{{ ipa_context | default(omit) }}"
name: ops
minlength: ""
register: result
failed_when: not result.changed or result.failed
when: ipa_version is version("4.7", "<")
("an internal error has occurred" in result.msg or
"int() argument must be" in result.msg))
or (not result.failed and not result.changed)
- name: Execute tests if ipa_version >= 4.9.0
when: ipa_version is version("4.9", ">=")
......
utils/run-tests.sh
View file @ 48c0fd0a
......@@ -32,7 +32,7 @@ interrupt_exception() {
usage() {
local prog="${0##*/}"
cat <<EOF
usage: ${prog} [-h] [-l] [-e] [-g] [-s TESTS_SUITE] [-i IMAGE] [TEST...]
usage: ${prog} [-h] [-l] [-e] [-K] [-c CONTAINER] [-s TESTS_SUITE] [-x] [-A SEED.GRP] [-i IMAGE] [-m MEMORY] [-v...] [TEST...]
${prog} runs playbook(s) TEST using an ansible-freeipa testing image.
EOF
......@@ -51,10 +51,13 @@ optional arguments:
-K keep container, even if tests succeed
-l list available images
-e force recreation of the virtual environment
-i select image to run the tests (default: fedora-latest)
-i IMAGE select image to run the tests (default: fedora-latest)
-m container memory, in GiB (default: 3)
-s TEST_SUITE run all playbooks for test suite, which is a directory
under ${WHITE}tests${RST}
-A SEED.GROUP Replicate Azure's test group and seed (seed is YYYYMMDD)
-v Increase Ansible verbosity (can be used multiple times)
-x Stop on first error.
EOF
)"
}
......@@ -179,15 +182,29 @@ IMAGE_TAG="fedora-latest"
scenario=""
MEMORY=3
hostname="ipaserver.test.local"
SEED=""
GROUP=0
SPLITS=0
ANSIBLE_COLLECTIONS=${ANSIBLE_COLLECTIONS:-"containers.podman"}
EXTRA_OPTIONS=""
# Process command options
while getopts ":hc:ei:Klms:v" option
while getopts ":hA:c:ei:Klms:vx" option
do
case "$option" in
h) help && exit 0 ;;
A)
[ ${#ENABLED_MODULES[@]} -eq 0 ] || die -u "Can't use '-A' with '-s'"
SEED="$(cut -d. -f1 <<< "${OPTARG}" | tr -d "-")"
GROUP="$(cut -d. -f2 <<< "${OPTARG}")"
if [ -z "${SEED}" ] || [ -z "${GROUP}" ]
then
die -u "Seed for '-A' must have the format YYYYMMDD.N"
fi
SPLITS=3
;;
c) scenario="${OPTARG}" ;;
e) FORCE_ENV="Y" ;;
i) IMAGE_TAG="${OPTARG}" ;;
......@@ -195,6 +212,7 @@ do
l) list_images && exit 0 || exit 1;;
m) MEMORY="${OPTARG}" ;;
s)
[ ${SPLITS} -ne 0 ] && die -u "Can't use '-A' with '-s'"
if [ -d "${TOPDIR}/tests/${OPTARG}" ]
then
ENABLED_MODULES+=("${OPTARG}")
......@@ -203,6 +221,7 @@ do
fi
;;
v) verbose=${verbose:--}${option} ;;
x) EXTRA_OPTIONS="$EXTRA_OPTIONS --exitfirst" ;;
*) die -u "Invalid option: ${OPTARG}" ;;
esac
done
......@@ -212,13 +231,14 @@ do
# shellcheck disable=SC2207
if stat "$test" >/dev/null 2>&1
then
[ ${SPLITS} -ne 0 ] && die -u "Can't define tests and use '-A'"
ENABLED_TESTS+=($(basename "${test}" .yml))
else
log error "Test not found: ${test}"
fi
done
[ ${#ENABLED_MODULES[@]} -eq 0 ] && [ ${#ENABLED_TESTS[@]} -eq 0 ] && die -u "No test defined."
[ ${SPLITS} -eq 0 ] && [ ${#ENABLED_MODULES[@]} -eq 0 ] && [ ${#ENABLED_TESTS[@]} -eq 0 ] && die -u "No test defined."
# Prepare virtual environment
VENV=$(in_python_virtualenv && echo Y || echo N)
......@@ -373,23 +393,31 @@ EOF
# run tests
RESULT=0
# shellcheck disable=SC2086
export RUN_TESTS_IN_DOCKER=${engine}
export IPA_SERVER_HOST="${scenario}"
joined="$(printf "%s," "${ENABLED_MODULES[@]}")"
# shelcheck disable=SC2178
IPA_ENABLED_MODULES="${joined%,}"
joined="$(printf "%s," "${ENABLED_TESTS[@]}")"
# shelcheck disable=SC2178
IPA_ENABLED_TESTS="${joined%,}"
export IPA_ENABLED_MODULES IPA_ENABLED_TESTS
[ -n "${IPA_ENABLED_MODULES}" ] && log info "Test suites: ${IPA_ENABLED_MODULES}"
[ -n "${IPA_ENABLED_TESTS}" ] && log info "Individual tests: ${IPA_ENABLED_TESTS}"
if [ ${SPLITS} -ne 0 ]
then
EXTRA_OPTIONS="${EXTRA_OPTIONS} --splits=${SPLITS} --group=${GROUP} --randomly-seed=${SEED}"
log info "Running tests for group ${GROUP} of ${SPLITS} with seed ${SEED}"
else
# shellcheck disable=SC2086
joined="$(printf "%s," "${ENABLED_MODULES[@]}")"
# shelcheck disable=SC2178
IPA_ENABLED_MODULES="${joined%,}"
joined="$(printf "%s," "${ENABLED_TESTS[@]}")"
# shelcheck disable=SC2178
IPA_ENABLED_TESTS="${joined%,}"
export IPA_ENABLED_MODULES IPA_ENABLED_TESTS
[ -n "${IPA_ENABLED_MODULES}" ] && log info "Test suites: ${IPA_ENABLED_MODULES}"
[ -n "${IPA_ENABLED_TESTS}" ] && log info "Individual tests: ${IPA_ENABLED_TESTS}"
fi
IPA_VERBOSITY="${verbose}"
[ -n "${IPA_VERBOSITY}" ] && export IPA_VERBOSITY
if ! pytest -m "playbook" --verbose --color=yes
# shellcheck disable=SC2086
if ! pytest -m "playbook" --verbose --color=yes ${EXTRA_OPTIONS}
then
RESULT=2
log error "Container not stopped for verification: ${scenario}"
......