New validation: ensure we have access to the right package version
This validation takes a list of dict describing the packages we want to
verify.
The main goal is to ensure we are avoiding issues at some point with
particularly sensitive packages, such as podman.
We can't use the "package_facts" ansible module, since we're allowing to
check available packages - i.e. versions that aren't installed on the
system.
With the current default, we ensure we get podman 1.6.4 on every nodes
(overcloud and undercloud).
This can be used during an upgrade in order to ensure we're not using
the wrong podman version - either as an inflight validation, or as a
manual step.
Also, it supports the full version number, with the release itself.
This means you can pass "1.6.4-15" for podman, in order to ensure you
get the precise version you want.
Please check the molecule tests in order to see how this validation can
be used.
Please note, the "yum list" part is slow since it will check on the
remote repositories for the available versions!
Last note, we're using "yum" here since the validation might be needed
on pre-dnf releases (namely, centos-7 or rhel-7).
Change-Id: I021a7ad03902ca506885769c1cadc4a449bebbfb
(cherry picked from commit 1c03c9fc56
)
This commit is contained in:
parent
cebe0b4a2b
commit
a947d7ecb4
|
@ -0,0 +1,6 @@
|
|||
======================
|
||||
Role - package_version
|
||||
======================
|
||||
|
||||
.. ansibleautoplugin::
|
||||
:role: roles/package_version
|
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
- hosts: all
|
||||
vars:
|
||||
metadata:
|
||||
name: The Validation name goes here
|
||||
description: >-
|
||||
Write a description of your validations
|
||||
groups:
|
||||
- prep
|
||||
- pre-deployment
|
||||
- post-deployment
|
||||
- pre-upgrade
|
||||
- post-upgrade
|
||||
- pre-ceph
|
||||
- post-ceph
|
||||
package_version_debug: false
|
||||
roles:
|
||||
- package_version
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
package_version_packages: []
|
|
@ -0,0 +1,37 @@
|
|||
# Molecule managed
|
||||
# Copyright 2019 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
{% if item.registry is defined %}
|
||||
FROM {{ item.registry.url }}/{{ item.image }}
|
||||
{% else %}
|
||||
FROM {{ item.image }}
|
||||
{% endif %}
|
||||
|
||||
RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
|
||||
elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install sudo python*-devel python*-dnf bash {{ item.pkg_extras | default('') }} && dnf clean all; \
|
||||
elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl python-setuptools bash {{ item.pkg_extras | default('') }} && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
|
||||
elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml {{ item.pkg_extras | default('') }} && zypper clean -a; \
|
||||
elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates {{ item.pkg_extras | default('') }}; \
|
||||
elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates {{ item.pkg_extras | default('') }} && xbps-remove -O; fi
|
||||
|
||||
{% for pkg in item.easy_install | default([]) %}
|
||||
# install pip for centos where there is no python-pip rpm in default repos
|
||||
RUN easy_install {{ pkg }}
|
||||
{% endfor %}
|
||||
|
||||
|
||||
CMD ["sh", "-c", "while true; do sleep 10000; done"]
|
|
@ -0,0 +1,58 @@
|
|||
---
|
||||
# Copyright 2019 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
- name: Converge
|
||||
hosts: all
|
||||
gather_facts: false
|
||||
|
||||
tasks:
|
||||
- name: Check a simple existing package
|
||||
vars:
|
||||
package_version_packages:
|
||||
- name: bash
|
||||
version: 1.0
|
||||
comparison: '>='
|
||||
state: installed
|
||||
include_role:
|
||||
name: package_version
|
||||
|
||||
- name: Ensure we fail if something is wrong
|
||||
vars:
|
||||
package_version_packages:
|
||||
- name: bash
|
||||
version: 1.0
|
||||
comparison: '<'
|
||||
state: available
|
||||
block:
|
||||
- name: Run check
|
||||
include_role:
|
||||
name: package_version
|
||||
rescue:
|
||||
- name: Clear host errors
|
||||
meta: clear_host_errors
|
||||
|
||||
- name: Test output
|
||||
debug:
|
||||
msg: The validation works! End play
|
||||
|
||||
- name: End play
|
||||
meta: end_play
|
||||
|
||||
- name: Fail playbook if reached
|
||||
fail:
|
||||
msg: |
|
||||
The package_version validation didn't properly detect the failure!
|
|
@ -0,0 +1,46 @@
|
|||
---
|
||||
driver:
|
||||
name: docker
|
||||
|
||||
log: true
|
||||
|
||||
platforms:
|
||||
- name: centos7
|
||||
hostname: centos7
|
||||
image: centos:7
|
||||
pkg_extras: python-setuptools python-enum34 python-netaddr ruby epel-release PyYAML
|
||||
easy_install:
|
||||
- pip
|
||||
volumes:
|
||||
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
|
||||
environment: &env
|
||||
http_proxy: "{{ lookup('env', 'http_proxy') }}"
|
||||
https_proxy: "{{ lookup('env', 'https_proxy') }}"
|
||||
|
||||
- name: centos8
|
||||
hostname: centos8
|
||||
image: centos:8
|
||||
pkg_extras: python*-setuptools python*-enum34 python*-netaddr ruby python*-PyYAML
|
||||
volumes:
|
||||
- /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
|
||||
environment:
|
||||
<<: *env
|
||||
|
||||
provisioner:
|
||||
name: ansible
|
||||
log: true
|
||||
env:
|
||||
ANSIBLE_STDOUT_CALLBACK: yaml
|
||||
ANSIBLE_LIBRARY: "../../../../library"
|
||||
|
||||
scenario:
|
||||
test_sequence:
|
||||
- destroy
|
||||
- create
|
||||
- prepare
|
||||
- converge
|
||||
- verify
|
||||
- destroy
|
||||
|
||||
verifier:
|
||||
name: testinfra
|
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
- name: Get wanted package
|
||||
set_fact:
|
||||
wanted: "{{ (package_version_packages|selectattr('name', 'equalto', item)|list)[0] }}"
|
||||
ok_versions: "{{ ok_versions |combine({item: []}) }}"
|
||||
|
||||
- name: Do the comparison
|
||||
when:
|
||||
- (pkg.version ~ '-' ~ pkg.release) is version(wanted.version, wanted.comparison)
|
||||
- (wanted.state == 'any' or wanted.state == pkg.yumstate)
|
||||
set_fact:
|
||||
ok_versions: "{{ ok_versions |combine({pkg.name: [ pkg.version ]}) }}"
|
||||
loop: "{{ (repo_packages.results|selectattr('item', 'equalto', item)|map(attribute='results')|list)[0] }}"
|
||||
loop_control:
|
||||
label: "{{ pkg.name }}"
|
||||
loop_var: 'pkg'
|
|
@ -0,0 +1,67 @@
|
|||
---
|
||||
# Copyright 2019 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
- name: Ensure we get needed facts
|
||||
setup:
|
||||
gather_subset:
|
||||
- '!all'
|
||||
- '!any'
|
||||
- '!min'
|
||||
- distribution
|
||||
- os_family
|
||||
|
||||
# find within the "vars/" path. If no OS files are found the task will skip.
|
||||
- name: Gather variables for each operating system
|
||||
include_vars: "{{ item }}"
|
||||
with_first_found:
|
||||
- skip: true
|
||||
files:
|
||||
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_version | lower }}.yml"
|
||||
- "{{ ansible_distribution | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
||||
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_major_version | lower }}.yml"
|
||||
- "{{ ansible_distribution | lower }}.yml"
|
||||
- "{{ ansible_os_family | lower }}-{{ ansible_distribution_version.split('.')[0] }}.yml"
|
||||
- "{{ ansible_os_family | lower }}.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Get repositories packages versions
|
||||
yum:
|
||||
list: "{{ item }}"
|
||||
register: repo_packages
|
||||
loop: "{{ package_version_packages|map(attribute='name')|list }}"
|
||||
|
||||
- name: Initialiaze ok_versions
|
||||
set_fact:
|
||||
ok_versions: {}
|
||||
|
||||
- name: Compare versions
|
||||
include_tasks: compare.yaml
|
||||
loop: "{{ package_version_packages|map(attribute='name')|list }}"
|
||||
loop_control:
|
||||
label: "{{ item }}"
|
||||
|
||||
- name: Fail if we lack a version for any package
|
||||
fail:
|
||||
msg: >-
|
||||
Unable to find a matching version for {{ item.key }}.
|
||||
Should get {{ (package_version_packages|selectattr('name', 'equalto', item.key)|list)[0].version }}
|
||||
as {{ (package_version_packages|selectattr('name', 'equalto', item.key)|list)[0].state }}.
|
||||
when:
|
||||
- item.value|length == 0
|
||||
loop: "{{ ok_versions | dict2items }}"
|
||||
loop_control:
|
||||
label: "{{ item.key }}"
|
|
@ -0,0 +1,2 @@
|
|||
---
|
||||
package_version_packages: []
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
package_version_packages:
|
||||
- name: podman
|
||||
version: 1.6.4-15.module+el8.2.0+7290+954fb593
|
||||
comparison: '=='
|
||||
state: installed
|
|
@ -13,6 +13,7 @@
|
|||
- tripleo-validations-centos-8-molecule-image_serve
|
||||
- tripleo-validations-centos-8-molecule-nova_status
|
||||
- tripleo-validations-centos-8-molecule-nova_svirt
|
||||
- tripleo-validations-centos-8-molecule-package_version
|
||||
- tripleo-validations-centos-8-molecule-rabbitmq_limits
|
||||
- tripleo-validations-centos-8-molecule-repos
|
||||
- tripleo-validations-centos-8-molecule-stonith_exists
|
||||
|
@ -37,6 +38,7 @@
|
|||
- tripleo-validations-centos-8-molecule-image_serve
|
||||
- tripleo-validations-centos-8-molecule-nova_status
|
||||
- tripleo-validations-centos-8-molecule-nova_svirt
|
||||
- tripleo-validations-centos-8-molecule-package_version
|
||||
- tripleo-validations-centos-8-molecule-rabbitmq_limits
|
||||
- tripleo-validations-centos-8-molecule-repos
|
||||
- tripleo-validations-centos-8-molecule-stonith_exists
|
||||
|
@ -390,13 +392,6 @@
|
|||
parent: tripleo-validations-centos-8-base
|
||||
vars:
|
||||
tripleo_validations_role_name: ceph
|
||||
- job:
|
||||
files:
|
||||
- ^roles/system_encoding/.*
|
||||
name: tripleo-validations-centos-8-molecule-system_encoding
|
||||
parent: tripleo-validations-centos-8-base
|
||||
vars:
|
||||
tripleo_validations_role_name: system_encoding
|
||||
- job:
|
||||
files:
|
||||
- ^roles/nova_svirt/.*
|
||||
|
@ -404,3 +399,10 @@
|
|||
parent: tripleo-validations-centos-8-base
|
||||
vars:
|
||||
tripleo_validations_role_name: nova_svirt
|
||||
- job:
|
||||
files:
|
||||
- ^roles/package_version/.*
|
||||
name: tripleo-validations-centos-8-molecule-package_version
|
||||
parent: tripleo-validations-centos-8-base
|
||||
vars:
|
||||
tripleo_validations_role_name: package_version
|
||||
|
|
Loading…
Reference in New Issue