269 lines
9.7 KiB
YAML
269 lines
9.7 KiB
YAML
# Copyright 2015 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
---
|
|
- hosts: localhost
|
|
become: yes
|
|
vars:
|
|
rolename: "{{ lookup('pipe', 'pwd') | dirname | basename }}"
|
|
pre_tasks:
|
|
# Make sure OS does not have a stale package cache.
|
|
- name: Update apt cache.
|
|
apt:
|
|
update_cache: yes
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
roles:
|
|
- "{{ rolename }}"
|
|
|
|
post_tasks:
|
|
- name: Ensure nodepool_user_name is nodepool.
|
|
shell: /usr/bin/getent passwd nodepool
|
|
tags: skip_ansible_lint
|
|
|
|
- name: Ensure nodepool_user_group is nodepool.
|
|
shell: /usr/bin/getent group nodepool
|
|
tags: skip_ansible_lint
|
|
|
|
- name: Register nodepool_user_home_getent.
|
|
shell: '/usr/bin/getent passwd nodepool | cut -d: -f6'
|
|
register: nodepool_user_home_getent
|
|
tags: skip_ansible_lint
|
|
|
|
- name: Assert nodepool_user_home is /var/lib/nodepool.
|
|
assert:
|
|
that:
|
|
- nodepool_user_home_getent.stdout == '/var/lib/nodepool'
|
|
|
|
- name: Register /etc/nodepool/nodepool.yaml
|
|
stat:
|
|
path: /etc/nodepool/nodepool.yaml
|
|
register: nodepool_yaml_stat
|
|
|
|
- name: Assert nodepool_yaml_stat tests.
|
|
assert:
|
|
that:
|
|
- nodepool_yaml_stat.stat.exists
|
|
- nodepool_yaml_stat.stat.isreg
|
|
- nodepool_yaml_stat.stat.pw_name == 'nodepool'
|
|
- nodepool_yaml_stat.stat.gr_name == 'nodepool'
|
|
- nodepool_yaml_stat.stat.mode == '0644'
|
|
|
|
- name: Register /etc/nodepool/secure.conf
|
|
stat:
|
|
path: /etc/nodepool/secure.conf
|
|
register: secure_conf_stat
|
|
|
|
- name: Assert secure_conf_stat tests.
|
|
assert:
|
|
that:
|
|
- secure_conf_stat.stat.exists
|
|
- secure_conf_stat.stat.isreg
|
|
- secure_conf_stat.stat.pw_name == 'nodepool'
|
|
- secure_conf_stat.stat.gr_name == 'nodepool'
|
|
- secure_conf_stat.stat.mode == '0600'
|
|
|
|
- name: Register nodepool_elements_dir_dest_stat.
|
|
stat:
|
|
path: /etc/nodepool/elements
|
|
register: nodepool_elements_dir_dest_stat
|
|
|
|
- name: Assert nodepool_elements_dir_dest tests.
|
|
assert:
|
|
that:
|
|
- nodepool_elements_dir_dest_stat.stat.exists
|
|
- nodepool_elements_dir_dest_stat.stat.isdir
|
|
- nodepool_elements_dir_dest_stat.stat.pw_name == 'nodepool'
|
|
- nodepool_elements_dir_dest_stat.stat.gr_name == 'nodepool'
|
|
- nodepool_elements_dir_dest_stat.stat.mode == '0755'
|
|
|
|
- name: Register nodepool_scripts_dir_dest_stat.
|
|
stat:
|
|
path: /etc/nodepool/scripts
|
|
register: nodepool_scripts_dir_dest_stat
|
|
|
|
- name: Assert nodepool_scripts_dir_dest tests.
|
|
assert:
|
|
that:
|
|
- nodepool_scripts_dir_dest_stat.stat.exists
|
|
- nodepool_scripts_dir_dest_stat.stat.isdir
|
|
# NOTE(pabelanger): This means we are hardcoded to the
|
|
# openstack-infra jenkins user in nodepool.
|
|
- nodepool_scripts_dir_dest_stat.stat.pw_name == 'jenkins'
|
|
- nodepool_scripts_dir_dest_stat.stat.gr_name == 'jenkins'
|
|
- nodepool_scripts_dir_dest_stat.stat.mode == '0775'
|
|
|
|
- name: Ensure /etc/nodepool/scripts is empty.
|
|
shell: "ls -1 /etc/nodepool/scripts | wc -l"
|
|
register: result
|
|
failed_when: result.stdout != "0"
|
|
tags: skip_ansible_lint
|
|
|
|
- name: Register nodepool_user_home_stat.
|
|
stat:
|
|
path: /var/lib/nodepool
|
|
register: nodepool_user_home_stat
|
|
|
|
- name: Assert nodepool_user_home tests.
|
|
assert:
|
|
that:
|
|
- nodepool_user_home_stat.stat.exists
|
|
- nodepool_user_home_stat.stat.isdir
|
|
|
|
- name: Register nodepool_git_dest_stat.
|
|
stat:
|
|
path: /opt/ansible-role-nodepool/git/openstack-infra/nodepool
|
|
register: nodepool_git_dest_stat
|
|
|
|
- name: Assert nodepool_git_dest tests.
|
|
assert:
|
|
that:
|
|
- nodepool_git_dest_stat.stat.exists
|
|
- nodepool_git_dest_stat.stat.isdir
|
|
|
|
- name: Register /etc/default/nodepool
|
|
stat:
|
|
path: /etc/default/nodepool
|
|
register: debian_nodepool_sysconfig_stat
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Assert debian_nodepool_sysconfig_stat tests.
|
|
assert:
|
|
that:
|
|
- debian_nodepool_sysconfig_stat.stat.exists
|
|
- debian_nodepool_sysconfig_stat.stat.isreg
|
|
- debian_nodepool_sysconfig_stat.stat.pw_name == 'root'
|
|
- debian_nodepool_sysconfig_stat.stat.gr_name == 'root'
|
|
- debian_nodepool_sysconfig_stat.stat.mode == '0644'
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Register /etc/sysconfig/nodepool
|
|
stat:
|
|
path: /etc/sysconfig/nodepool
|
|
register: redhat_nodepool_sysconfig_stat
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Assert redhat_nodepool_sysconfig_stat tests.
|
|
assert:
|
|
that:
|
|
- redhat_nodepool_sysconfig_stat.stat.exists
|
|
- redhat_nodepool_sysconfig_stat.stat.isreg
|
|
- redhat_nodepool_sysconfig_stat.stat.pw_name == 'root'
|
|
- redhat_nodepool_sysconfig_stat.stat.gr_name == 'root'
|
|
- redhat_nodepool_sysconfig_stat.stat.mode == '0644'
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Register /etc/init.d/nodepool
|
|
stat:
|
|
path: /etc/init.d/nodepool
|
|
register: debian_nodepool_service_stat
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Assert debian_nodepool_service_stat tests.
|
|
assert:
|
|
that:
|
|
- debian_nodepool_service_stat.stat.exists
|
|
- debian_nodepool_service_stat.stat.isreg
|
|
- debian_nodepool_service_stat.stat.pw_name == 'root'
|
|
- debian_nodepool_service_stat.stat.gr_name == 'root'
|
|
- debian_nodepool_service_stat.stat.mode == '0755'
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Register /etc/systemd/system/nodepool.service
|
|
stat:
|
|
path: /etc/systemd/system/nodepool.service
|
|
register: redhat_nodepool_service_stat
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Assert redhat_nodepool_service_stat tests.
|
|
assert:
|
|
that:
|
|
- redhat_nodepool_service_stat.stat.exists
|
|
- redhat_nodepool_service_stat.stat.isreg
|
|
- redhat_nodepool_service_stat.stat.pw_name == 'root'
|
|
- redhat_nodepool_service_stat.stat.gr_name == 'root'
|
|
- redhat_nodepool_service_stat.stat.mode == '0644'
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Ensure nodepoold is running.
|
|
shell: /usr/sbin/service nodepool status
|
|
tags: skip_ansible_lint
|
|
|
|
- name: Register /etc/default/nodepool
|
|
stat:
|
|
path: /etc/default/nodepool
|
|
register: debian_nodepool_builder_sysconfig_stat
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Assert debian_nodepool_builder_sysconfig_stat tests.
|
|
assert:
|
|
that:
|
|
- debian_nodepool_builder_sysconfig_stat.stat.exists
|
|
- debian_nodepool_builder_sysconfig_stat.stat.isreg
|
|
- debian_nodepool_builder_sysconfig_stat.stat.pw_name == 'root'
|
|
- debian_nodepool_builder_sysconfig_stat.stat.gr_name == 'root'
|
|
- debian_nodepool_builder_sysconfig_stat.stat.mode == '0644'
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Register /etc/sysconfig/nodepool-builder
|
|
stat:
|
|
path: /etc/sysconfig/nodepool-builder
|
|
register: redhat_nodepool_builder_sysconfig_stat
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Assert redhat_nodepool_builder_sysconfig_stat tests.
|
|
assert:
|
|
that:
|
|
- redhat_nodepool_builder_sysconfig_stat.stat.exists
|
|
- redhat_nodepool_builder_sysconfig_stat.stat.isreg
|
|
- redhat_nodepool_builder_sysconfig_stat.stat.pw_name == 'root'
|
|
- redhat_nodepool_builder_sysconfig_stat.stat.gr_name == 'root'
|
|
- redhat_nodepool_builder_sysconfig_stat.stat.mode == '0644'
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Register /etc/init.d/nodepool-builder
|
|
stat:
|
|
path: /etc/init.d/nodepool-builder
|
|
register: debian_nodepool_builder_service_stat
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Assert debian_nodepool_builder_service_stat tests.
|
|
assert:
|
|
that:
|
|
- debian_nodepool_builder_service_stat.stat.exists
|
|
- debian_nodepool_builder_service_stat.stat.isreg
|
|
- debian_nodepool_builder_service_stat.stat.pw_name == 'root'
|
|
- debian_nodepool_builder_service_stat.stat.gr_name == 'root'
|
|
- debian_nodepool_builder_service_stat.stat.mode == '0755'
|
|
when: ansible_os_family == 'Debian'
|
|
|
|
- name: Register /etc/systemd/system/nodepool-builder.service
|
|
stat:
|
|
path: /etc/systemd/system/nodepool-builder.service
|
|
register: redhat_nodepool_builder_service_stat
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Assert redhat_nodepool_builder_service_stat tests.
|
|
assert:
|
|
that:
|
|
- redhat_nodepool_builder_service_stat.stat.exists
|
|
- redhat_nodepool_builder_service_stat.stat.isreg
|
|
- redhat_nodepool_builder_service_stat.stat.pw_name == 'root'
|
|
- redhat_nodepool_builder_service_stat.stat.gr_name == 'root'
|
|
- redhat_nodepool_builder_service_stat.stat.mode == '0644'
|
|
when: ansible_os_family == 'RedHat'
|
|
|
|
- name: Ensure nodepool-builder is running.
|
|
shell: /usr/sbin/service nodepool-builder status
|
|
tags: skip_ansible_lint
|