From b04bf138e4406fbe6c8fede0f7d74d4736189c57 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Fri, 23 Feb 2024 10:21:39 +0100
Subject: [PATCH] Add ebgp policy definition for tests
According to RFC-8212 policies must be described in order to allow
announce/accept routes. Without policies being described, no routes
will be announced/recieved by default.
This patch fixes current CI failures.
Change-Id: Ia033cc7c3ed3146860ab96452bec988f3c3069bf
---
.ansible-lint | 7 +++++++
handlers/main.yml | 2 +-
meta/main.yml | 9 +++++++++
tasks/frr_install_apt.yml | 6 +++---
tasks/frr_post_install.yml | 3 ++-
tasks/frr_vlans.yml | 7 ++++---
tests/host_vars/primary | 9 +++++++--
tests/host_vars/secondary | 9 +++++++--
tests/test.yml | 12 ++++++++++--
tox.ini | 7 ++++++-
10 files changed, 56 insertions(+), 15 deletions(-)
create mode 100644 .ansible-lint
create mode 100644 meta/main.yml
diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000..b7e9ff1
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,7 @@
+---
+mock_roles:
+ - multi-node-bridge
+ - clear-firewall
+
+skip_list:
+ - fqcn
diff --git a/handlers/main.yml b/handlers/main.yml
index 820a248..68a7293 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -19,4 +19,4 @@
service:
name: frr
state: restarted
- enabled: yes
+ enabled: true
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..e1d9ad3
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,9 @@
+---
+galaxy_info:
+ author: vexxhost
+ description: Installation and setup of FRRouting
+ company: Vexxhost
+ license: Apache2
+ role_name: frrouting
+ namespace: vexxhost
+ min_ansible_version: "2.10"
diff --git a/tasks/frr_install_apt.yml b/tasks/frr_install_apt.yml
index 4575403..535be62 100644
--- a/tasks/frr_install_apt.yml
+++ b/tasks/frr_install_apt.yml
@@ -42,15 +42,15 @@
repo: "{{ repo.repo }}"
state: "{{ repo.state | default('present') }}"
filename: "{{ repo.filename | default(omit) }}"
- update_cache: no
+ update_cache: false
with_items: "{{ frr_repos }}"
loop_control:
loop_var: repo
register: _adding_apt_repo
-- name: Update Apt cache
+- name: Update Apt cache # noqa: no-handler
apt:
- update_cache: yes
+ update_cache: true
when:
- _adding_apt_repo is changed
register: _update_apt_cache
diff --git a/tasks/frr_post_install.yml b/tasks/frr_post_install.yml
index e6ecd1e..f616b05 100644
--- a/tasks/frr_post_install.yml
+++ b/tasks/frr_post_install.yml
@@ -19,10 +19,11 @@
block:
- name: Enable integrated config
lineinfile:
- create: yes
+ create: true
path: /etc/frr/vtysh.conf
regexp: '^(no)?\s?service integrated-vtysh-config$'
line: "service integrated-vtysh-config"
+ mode: "0640"
notify: Restart frr
- name: Write down integrated config
diff --git a/tasks/frr_vlans.yml b/tasks/frr_vlans.yml
index 30dc36b..2b5ba82 100644
--- a/tasks/frr_vlans.yml
+++ b/tasks/frr_vlans.yml
@@ -26,7 +26,7 @@
retries: 5
delay: 2
- - name: Load vlan modules
+ - name: Load vlan modules # noqa: no-handler
modprobe:
name: 8021q
state: present
@@ -36,16 +36,17 @@
template:
src: vlans.cfg.j2
dest: "/etc/network/interfaces.d/vlan-{{ item.id }}.cfg"
+ mode: "0644"
with_items: "{{ frr_vlans }}"
register: distribute_vlans
- - name: Stop interface
+ - name: Stop interface # noqa: no-handler
command: "ifdown {{ item.item['vlan-raw-device'] }}.{{ item.item.id }}"
with_items: "{{ distribute_vlans.results }}"
when: item is changed
changed_when: false
- - name: Start interface
+ - name: Start interface # noqa: no-handler
command: "ifup {{ item.item['vlan-raw-device'] }}.{{ item.item.id }}"
with_items: "{{ distribute_vlans.results }}"
when: item is changed
diff --git a/tests/host_vars/primary b/tests/host_vars/primary
index 8fbe9ad..bed6750 100644
--- a/tests/host_vars/primary
+++ b/tests/host_vars/primary
@@ -11,6 +11,11 @@ frr_staticd_routes:
frr_bgpd_config:
- router bgp 1234
- - "bgp router-id {{ hostvars['primary']['ansible_br_infra']['ipv4']['address'] }}"
- - "neighbor {{ hostvars['secondary']['ansible_br_infra']['ipv4']['address'] }} remote-as 5678"
+ - "bgp router-id {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }}"
+ - "neighbor {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} remote-as 5678"
- network 192.168.1.0/24
+ - address-family ipv4 unicast
+ - " neighbor {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} prefix-list pl-allowed-adv out"
+ - "exit-address-family"
+ - ip prefix-list pl-allowed-adv seq 5 permit 192.168.1.0/24
+ - ip prefix-list pl-allowed-adv seq 10 deny any
diff --git a/tests/host_vars/secondary b/tests/host_vars/secondary
index acaba8b..be3c356 100644
--- a/tests/host_vars/secondary
+++ b/tests/host_vars/secondary
@@ -1,4 +1,9 @@
frr_bgpd_config:
- router bgp 5678
- - "bgp router-id {{ hostvars['secondary']['ansible_br_infra']['ipv4']['address'] }}"
- - "neighbor {{ hostvars['primary']['ansible_br_infra']['ipv4']['address'] }} remote-as 1234"
+ - "bgp router-id {{ hostvars['secondary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }}"
+ - "neighbor {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} remote-as 1234"
+ - address-family ipv4 unicast
+ - " neighbor {{ hostvars['primary']['ansible_' ~ bridge_name | replace('-', '_')]['ipv4']['address'] }} prefix-list pl-allowed-adv in"
+ - exit-address-family
+ - ip prefix-list pl-allowed-adv seq 5 permit 192.168.1.0/24
+ - ip prefix-list pl-allowed-adv seq 10 deny any
diff --git a/tests/test.yml b/tests/test.yml
index eeaf748..060f1a6 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -15,6 +15,8 @@
- name: Installing frr
hosts: all
+ vars:
+ bridge_name: br-infra
roles:
- multi-node-bridge
@@ -22,7 +24,7 @@
- frrouting
post_tasks:
- - name: wait after service restart
+ - name: Wait after service restart
pause:
seconds: 10
@@ -46,6 +48,13 @@
msg: frr is not up
when: ansible_facts.services['frr'].state != 'running'
+ - name: Get summary
+ become: true
+ become_user: root
+ command: "vtysh -c 'show bgp summary'"
+ register: _frr_get_summary
+ changed_when: false
+
- name: Get routes
become: true
become_user: root
@@ -53,7 +62,6 @@
register: _frr_get_routes
changed_when: false
-
- name: Fail if we're missing static routes
fail:
msg: "We can't find route {{ item }}"
diff --git a/tox.ini b/tox.ini
index d65313e..aa53b5d 100644
--- a/tox.ini
+++ b/tox.ini
@@ -23,7 +23,7 @@ passenv =
TESTING_BRANCH
TESTING_HOME
USER
-whitelist_externals =
+allowlist_externals =
bash
setenv =
PYTHONUNBUFFERED=1
@@ -32,5 +32,10 @@ setenv =
WORKING_DIR={toxinidir}
[testenv:linters]
+setenv =
+ {[testenv]setenv}
+ ANSIBLE_ROLES_PATH={envdir}
commands =
+ bash -c 'printf -- "- name: frrouting\n src: git+file://{toxinidir}\n" > {envdir}/test-requirements.yml'
+ ansible-galaxy install -r {envdir}/test-requirements.yml --roles-path {envdir} --force
ansible-lint {toxinidir}/tests/test.yml