Add check/audit to gate testing

Checking or auditing an existing environment is a first class feature in the security role, but we're not currently checking that feature in the gate. A few users of the role have come forward with some bugs around the check mode functionality and we should test this more regularly. This patch adds a quick audit check right before the functional test runs. This adds about 30-60 seconds onto the gate test, but it should help with catching these bugs. Change-Id: I5f4adc292f027b2eb7429be843c167d152c0169d
2016-06-02 15:34:49 -05:00 · 2016-06-02 15:34:49 -05:00 · ee00627b7a
parent 2683e5679a
commit ee00627b7a
2 changed files with 31 additions and 0 deletions
--- a/tests/test_check.yml
+++ b/tests/test_check.yml
@ -0,0 +1,19 @@
+---
+# Copyright 2015, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Playbook for role testing (check mode)
+  hosts: localhost
+  roles:
+    - role: "{{ rolename }}"
--- a/tox.ini
+++ b/tox.ini
@ -88,6 +88,13 @@ commands =
    rm -rf {homedir}/.ansible
    git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
              {homedir}/.ansible/plugins
+    ansible-playbook --check \
+                     -i {toxinidir}/tests/inventory \
+                     --syntax-check \
+                     --list-tasks \
+                     -e "rolename={toxinidir}" \
+                     -t ssh \
+                     {toxinidir}/tests/test_check.yml
    ansible-playbook -i {toxinidir}/tests/inventory \
                     --syntax-check \
                     --list-tasks \
@ -109,6 +116,11 @@ commands =
    rm -rf {homedir}/.ansible
    git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
              {homedir}/.ansible/plugins
+    ansible-playbook --check \
+                     -i {toxinidir}/tests/inventory \
+                     -e "rolename={toxinidir}" \
+                     --skip-tag V-38462,V-38574,V-38674 \
+                     {toxinidir}/tests/test_check.yml
    ansible-playbook -i {toxinidir}/tests/inventory \
                     -e "rolename={toxinidir}" \
                     --skip-tag V-38462 \