From efc9d57e2c6369a242e264196fe0b43be90cbafc Mon Sep 17 00:00:00 2001
From: Paul Belanger <pabelanger@redhat.com>
Date: Tue, 14 Aug 2018 22:52:50 -0400
Subject: [PATCH] Switch to testinfra for role validation

We can switch to using testinfra to help ensure ansible did everything
properly.

Change-Id: I9e21cd16f1149d76308043a97658c93e7f14ac42
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
---
 .zuul.yaml                |   4 +-
 test-requirements.txt     |   1 +
 tests/collect-logs.yaml   |  10 +++
 tests/playbooks/post.yaml |  17 +++++
 tests/playbooks/run.yaml  | 137 --------------------------------------
 tests/test_role.py        | 106 +++++++++++++++++++++++++++++
 tox.ini                   |   6 ++
 7 files changed, 143 insertions(+), 138 deletions(-)
 create mode 100644 tests/playbooks/post.yaml
 create mode 100644 tests/test_role.py

diff --git a/.zuul.yaml b/.zuul.yaml
index eb54f95..ba9c219 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -2,7 +2,9 @@
     name: ansible-role-nodepool-base
     pre-run: tests/playbooks/pre.yaml
     run: tests/playbooks/run.yaml
-    post-run: tests/collect-logs.yaml
+    post-run:
+      - tests/playbooks/post.yaml
+      - tests/collect-logs.yaml
     roles:
       - zuul: openstack/ansible-role-nodepool
       - zuul: openstack/zuul-jobs
diff --git a/test-requirements.txt b/test-requirements.txt
index 4c4414f..bea5a9f 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,2 +1,3 @@
 ansible-lint
 hacking<0.11,>=0.10
+junit2html
diff --git a/tests/collect-logs.yaml b/tests/collect-logs.yaml
index 263a6c3..9bc3850 100644
--- a/tests/collect-logs.yaml
+++ b/tests/collect-logs.yaml
@@ -13,6 +13,16 @@
         - nodepool-builder
         - nodepool-launcher
 
+    - name: Collect testinfra reports
+      synchronize:
+        dest: "{{ zuul_output_dir }}/logs"
+        src: "{{ item }}"
+        verify_host: true
+      delegate_to: "{{ inventory_hostname }}"
+      with_items:
+        - "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}/junit.xml"
+        - "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}/junit.xml.html"
+
     - name: Prepare nodepool log files
       become: yes
       synchronize:
diff --git a/tests/playbooks/post.yaml b/tests/playbooks/post.yaml
new file mode 100644
index 0000000..f9d1a11
--- /dev/null
+++ b/tests/playbooks/post.yaml
@@ -0,0 +1,17 @@
+- hosts: all
+  tasks:
+    - block:
+      - name: Run testinfra validation
+        include_role:
+          name: tox
+        vars:
+          tox_envlist: testinfra
+          tox_install_siblings: false
+      always:
+      - name: Run junit2html
+        include_role:
+          name: tox
+        vars:
+          tox_envlist: venv
+          tox_extra_args: -vv junit2html junit.xml
+          tox_install_siblings: false
diff --git a/tests/playbooks/run.yaml b/tests/playbooks/run.yaml
index 6bfcbcd..915330b 100644
--- a/tests/playbooks/run.yaml
+++ b/tests/playbooks/run.yaml
@@ -34,105 +34,6 @@
           - nodepool_service_nodepool_builder
           - nodepool_service_nodepool_launcher
 
-    - name: Ensure nodepool_user_name is nodepool.
-      shell: /usr/bin/getent passwd nodepool
-      tags: skip_ansible_lint
-
-    - name: Ensure nodepool_user_group is nodepool.
-      shell: /usr/bin/getent group nodepool
-      tags: skip_ansible_lint
-
-    - name: Register nodepool_user_home_getent.
-      shell: '/usr/bin/getent passwd nodepool | cut -d: -f6'
-      register: nodepool_user_home_getent
-      tags: skip_ansible_lint
-
-    - name: Assert nodepool_user_home is /var/lib/nodepool.
-      assert:
-        that:
-          - nodepool_user_home_getent.stdout == '/var/lib/nodepool'
-
-    - name: Register /opt/nodepool/images
-      stat:
-        path: /opt/nodepool/images
-      register: _nodepool_images_dir_stat
-
-    - name: Assert /opt/nodepool/images tests.
-      assert:
-        that:
-          - _nodepool_images_dir_stat.stat.exists
-          - _nodepool_images_dir_stat.stat.isdir
-          - _nodepool_images_dir_stat.stat.pw_name == 'nodepool'
-          - _nodepool_images_dir_stat.stat.gr_name == 'nodepool'
-          - _nodepool_images_dir_stat.stat.mode == '0755'
-
-    - name: Register /etc/nodepool/nodepool.yaml
-      stat:
-        path: /etc/nodepool/nodepool.yaml
-      register: nodepool_yaml_stat
-
-    - name: Assert nodepool_yaml_stat tests.
-      assert:
-        that:
-          - nodepool_yaml_stat.stat.exists
-          - nodepool_yaml_stat.stat.isreg
-          - nodepool_yaml_stat.stat.pw_name == 'nodepool'
-          - nodepool_yaml_stat.stat.gr_name == 'nodepool'
-          - nodepool_yaml_stat.stat.mode == '0644'
-
-    - name: Register /etc/nodepool/builder-logging.conf
-      stat:
-        path: /etc/nodepool/builder-logging.conf
-      register: builder_logging_conf_stat
-
-    - name: Assert buidler_logging_conf_stat tests.
-      assert:
-        that:
-          - builder_logging_conf_stat.stat.exists
-          - builder_logging_conf_stat.stat.isreg
-          - builder_logging_conf_stat.stat.pw_name == 'nodepool'
-          - builder_logging_conf_stat.stat.gr_name == 'nodepool'
-          - builder_logging_conf_stat.stat.mode == '0644'
-
-    - name: Register /etc/nodepool/launcher-logging.conf
-      stat:
-        path: /etc/nodepool/launcher-logging.conf
-      register: launcher_logging_conf_stat
-
-    - name: Assert buidler_logging_conf_stat tests.
-      assert:
-        that:
-          - launcher_logging_conf_stat.stat.exists
-          - launcher_logging_conf_stat.stat.isreg
-          - launcher_logging_conf_stat.stat.pw_name == 'nodepool'
-          - launcher_logging_conf_stat.stat.gr_name == 'nodepool'
-          - launcher_logging_conf_stat.stat.mode == '0644'
-
-    - name: Register /etc/nodepool/secure.conf
-      stat:
-        path: /etc/nodepool/secure.conf
-      register: secure_conf_stat
-
-    - name: Assert secure_conf_stat tests.
-      assert:
-        that:
-          - secure_conf_stat.stat.exists
-          - secure_conf_stat.stat.isreg
-          - secure_conf_stat.stat.pw_name == 'nodepool'
-          - secure_conf_stat.stat.gr_name == 'nodepool'
-          - secure_conf_stat.stat.mode == '0600'
-
-    - name: Register nodepool_user_home_stat.
-      stat:
-        path: /var/lib/nodepool
-      register: nodepool_user_home_stat
-
-    - name: Assert nodepool_user_home tests.
-      assert:
-        that:
-          - nodepool_user_home_stat.stat.exists
-          - nodepool_user_home_stat.stat.isdir
-
     - name: Register nodepool_git_dest_stat.
       stat:
         path: /home/zuul/src/git.openstack.org/openstack-infra/nodepool
@@ -145,41 +46,3 @@
           - nodepool_git_dest_stat.stat.exists
           - nodepool_git_dest_stat.stat.isdir
       when: nodepool_install_method == 'git'
-
-    - name: Register /etc/systemd/system/nodepool-builder.service
-      stat:
-        path: /etc/systemd/system/nodepool-builder.service
-      register: _nodepool_builder_service_systemd_stat
-
-    - name: Assert _nodepool_builder_service_systemd_stat tests.
-      assert:
-        that:
-          - _nodepool_builder_service_systemd_stat.stat.exists
-          - _nodepool_builder_service_systemd_stat.stat.isreg
-          - _nodepool_builder_service_systemd_stat.stat.pw_name == 'root'
-          - _nodepool_builder_service_systemd_stat.stat.gr_name == 'root'
-          - _nodepool_builder_service_systemd_stat.stat.mode == '0644'
-
-    - name: Ensure nodepool-builder is running.
-      become: yes
-      shell: /usr/sbin/service nodepool-builder status
-      tags: skip_ansible_lint
-
-    - name: Register /etc/systemd/system/nodepool-launcher.service
-      stat:
-        path: /etc/systemd/system/nodepool-launcher.service
-      register: _nodepool_launcher_service_systemd_stat
-
-    - name: Assert _nodepool_launcher_service_systemd_stat tests.
-      assert:
-        that:
-          - _nodepool_launcher_service_systemd_stat.stat.exists
-          - _nodepool_launcher_service_systemd_stat.stat.isreg
-          - _nodepool_launcher_service_systemd_stat.stat.pw_name == 'root'
-          - _nodepool_launcher_service_systemd_stat.stat.gr_name == 'root'
-          - _nodepool_launcher_service_systemd_stat.stat.mode == '0644'
-
-    - name: Ensure nodepool-launcher is running.
-      become: yes
-      shell: /usr/sbin/service nodepool-launcher status
-      tags: skip_ansible_lint
diff --git a/tests/test_role.py b/tests/test_role.py
new file mode 100644
index 0000000..edf219e
--- /dev/null
+++ b/tests/test_role.py
@@ -0,0 +1,106 @@
+# Copyright 2018 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+def test_nodepool_user(host):
+    user = host.user('nodepool')
+    assert user.exists
+    assert user.name == 'nodepool'
+    assert user.group == 'nodepool'
+    assert user.home == '/var/lib/nodepool'
+
+    f = host.file('/var/lib/nodepool')
+    assert f.exists
+    assert f.is_directory
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    # TODO(pabelanger): Validate mode
+
+
+def test_nodepool_config(host):
+    f = host.file('/etc/nodepool')
+    assert f.exists
+    assert f.is_directory
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    # TODO(pabelanger): Validate mode
+    del f
+
+    f = host.file('/etc/nodepool/nodepool.yaml')
+    assert f.exists
+    assert f.is_file
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    assert f.mode == 0o644
+    del f
+
+    f = host.file('/etc/nodepool/secure.conf')
+    assert f.exists
+    assert f.is_file
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    assert f.mode == 0o600
+
+
+def test_nodepool_images_directory(host):
+    f = host.file('/opt/nodepool/images')
+    assert f.exists
+    assert f.is_directory
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    assert f.mode == 0o755
+
+
+def test_nodepool_builder_logging_config(host):
+    f = host.file('/etc/nodepool/builder-logging.conf')
+    assert f.exists
+    assert f.is_file
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    assert f.mode == 0o644
+
+
+def test_nodepool_builder_service(host):
+    f = host.file('/etc/systemd/system/nodepool-builder.service')
+    assert f.exists
+    assert f.is_file
+    assert f.user == 'root'
+    assert f.group == 'root'
+    assert f.mode == 0o644
+
+    service = host.service('nodepool-builder')
+    assert service.is_running
+    assert service.is_enabled
+
+
+def test_nodepool_launcher_logging_config(host):
+    f = host.file('/etc/nodepool/launcher-logging.conf')
+    assert f.exists
+    assert f.is_file
+    assert f.user == 'nodepool'
+    assert f.group == 'nodepool'
+    assert f.mode == 0o644
+
+
+def test_nodepool_launcher_service(host):
+    f = host.file('/etc/systemd/system/nodepool-launcher.service')
+    assert f.exists
+    assert f.is_file
+    assert f.user == 'root'
+    assert f.group == 'root'
+    assert f.mode == 0o644
+
+    service = host.service('nodepool-launcher')
+    assert service.is_running
+    assert service.is_enabled
diff --git a/tox.ini b/tox.ini
index dc90799..9c9fccf 100644
--- a/tox.ini
+++ b/tox.ini
@@ -16,6 +16,12 @@ commands=
   doc8 doc
   sphinx-build -b html doc/source doc/build/html
 
+[testenv:testinfra]
+deps =
+  testinfra
+commands =
+  pytest --sudo --junit-xml junit.xml tests/test_role.py
+
 [testenv:venv]
 commands = {posargs}