opendev/system-config
Code Issues Proposed changes
system-config/testinfra/test_bridge.py
Ian Wienand 7e9229c86d
bootstrap-bridge: drop pip3 role, add venv 
The pip3 role installs the latest upstream pip, overwriting the
packaged versions.  We would prefer to install things in
venv/virtualenvs moving forward to keep better isolation.

Unfortunately thanks to time the Bionic era packaged pip is so old
that it can't install anything modern like Ansible.  Thus we have to
squash installing Ansible into a separate venv into this change as
well.

Although the venv created by default on the Bionic host also has an
old pip, luckily we already worked around that in
I81fd268a9354685496a75e33a6f038a32b686352 which provides a create-venv
role that creates a fully updated venv for us.

To minimise other changes, this symlinks ansible/ansible-playbook into
/usr/local/bin.  On our current production bastion host this will make
a bit of a mess -- but we are looking at replacing that with a fresh
system soon.  The idea is that this new system will not be
bootstrapped with a globally installed Ansible, so we won't have
things lying around in multiple places.

Change-Id: I7551eb92bb6dc5918c367cc347f046ff562eab0c
2022-10-11 15:09:40 +11:00

105 lines
2.8 KiB
Python
Raw Blame History

# Copyright 2018 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import platform
import pytest
testinfra_hosts = ['bridge.openstack.org']
def test_zuul_data(host, zuul_data):
# Test the zuul_data fixture that picks up things set by Zuul
assert 'inventory' in zuul_data
assert 'extra' in zuul_data
assert 'zuul' in zuul_data['extra']
def test_clouds_yaml(host):
clouds_yaml = host.file('/etc/openstack/clouds.yaml')
assert clouds_yaml.exists
assert b'password' in clouds_yaml.content
def test_openstacksdk_config(host):
f = host.file('/etc/openstack')
assert f.exists
assert f.is_directory
assert f.user == 'root'
assert f.group == 'root'
assert f.mode == 0o750
del f
f = host.file('/etc/openstack/limestone_cacert.pem')
assert f.exists
assert f.is_file
assert f.user == 'root'
assert f.group == 'root'
assert f.mode == 0o640
def test_root_authorized_keys(host):
authorized_keys = host.file('/root/.ssh/authorized_keys')
assert authorized_keys.exists
content = authorized_keys.content.decode('utf8')
lines = content.split('\n')
assert len(lines) >= 2
def test_ara(host):
ara = host.run('/usr/ansible-venv/bin/ara-manage migrate')
assert ara.rc == 0
database = host.file('/root/.ara/server/ansible.sqlite')
assert database.exists
def test_kube_config(host):
if platform.machine() != 'x86_64':
pytest.skip()
kubeconfig = host.file('/root/.kube/config')
assert kubeconfig.exists
assert b'Z2l0ZWFfazhzX2tleQ==' in kubeconfig.content
def test_kubectl(host):
if platform.machine() != 'x86_64':
pytest.skip()
kube = host.run('kubectl help')
assert kube.rc == 0
def test_zuul_authorized_keys(host):
authorized_keys = host.file('/home/zuul/.ssh/authorized_keys')
assert authorized_keys.exists
content = authorized_keys.content.decode('utf8')
lines = content.split('\n')
# Remove empty lines
keys = list(filter(None, lines))
assert len(keys) >= 2
for key in keys:
assert 'ssh-rsa' in key
def test_rax_dns_backup(host):
config_file = host.file('/etc/rax-dns-auth.conf')
assert config_file.exists
tool_file = host.file('/usr/local/bin/rax-dns-backup')
assert tool_file.exists
output_dir = host.file('/var/lib/rax-dns-backup')
assert output_dir.exists
View Git Blame Copy Permalink