Improve CI (#539)

* Update CI scripts to be more close to the ones in ansible-core. * Extend CI matrix. * Mark more VMs. * Revert "Mark more VMs." This reverts commit 8bc79af636. * Disable alpine VMs for get_certificate due to httptester problems. * Improve retrieval of cryptsetup version. * ACME 'emulator' won't work on Alpine either. * Improve luks test setup. * Make sure wipefs is installed on Alpine. * dmsetup (from device-mapper) is used by the tests. * Fix bcrypt install failure handling. * String, not float. * openssl_privatekey_convert is not an action module. * Update Python info. * Try out which VMs can be used by now. * Enable ACME tests on all VMs but Alpine; update comment. * Adjust acme-tiny shebang. * Remove new entries from CI matrix.
2022-12-11 19:55:47 +01:00 · 2022-12-11 19:55:47 +01:00 · ca23b2ed9a
parent 664f34f2ac
commit ca23b2ed9a
21 changed files with 115 additions and 61 deletions
--- a/.azure-pipelines/azure-pipelines.yml
+++ b/.azure-pipelines/azure-pipelines.yml
@ -173,7 +173,7 @@ stages:
              test: debian-bullseye/3.9
            - name: ArchLinux
              test: archlinux/3.10
-            - name: CentOS Stream 8
+            - name: CentOS Stream 8 w/ Python 3.9
              test: centos-stream8/3.9
 ### Remote
--- a/tests/integration/targets/acme_account/aliases
+++ b/tests/integration/targets/acme_account/aliases
@ -6,9 +6,5 @@ azp/generic/1
 azp/posix/1
 cloud/acme
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/acme_account_info/aliases
+++ b/tests/integration/targets/acme_account_info/aliases
@ -6,9 +6,5 @@ azp/generic/1
 azp/posix/1
 cloud/acme
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/acme_certificate/aliases
+++ b/tests/integration/targets/acme_certificate/aliases
@ -6,9 +6,5 @@ azp/generic/1
 azp/posix/1
 cloud/acme
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/acme_certificate_revoke/aliases
+++ b/tests/integration/targets/acme_certificate_revoke/aliases
@ -6,9 +6,5 @@ azp/generic/1
 azp/posix/1
 cloud/acme
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/acme_challenge_cert_helper/aliases
+++ b/tests/integration/targets/acme_challenge_cert_helper/aliases
@ -6,9 +6,5 @@ azp/generic/1
 azp/posix/1
 cloud/acme
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/acme_inspect/aliases
+++ b/tests/integration/targets/acme_inspect/aliases
@ -6,9 +6,5 @@ azp/generic/1
 azp/posix/1
 cloud/acme
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/get_certificate/aliases
+++ b/tests/integration/targets/get_certificate/aliases
@ -6,3 +6,6 @@ azp/generic/1
 azp/posix/1
 destructive
 needs/httptester
 # For some reason connecting to helper containers does not work on the Alpine VMs
 skip/alpine
--- a/tests/integration/targets/luks_device/tasks/main.yml
+++ b/tests/integration/targets/luks_device/tasks/main.yml
@ -15,29 +15,66 @@
  loop:
    - keyfile1
    - keyfile2
 - name: Include OS-specific variables
  include_vars: '{{ lookup("first_found", search) }}'
  vars:
    search:
      files:
      - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
      - '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
      - '{{ ansible_distribution }}.yml'
      - '{{ ansible_os_family }}.yml'
      - default.yml
      paths:
      - vars
 - name: Make sure cryptsetup is installed
  package:
    name: cryptsetup
    state: present
-  become: yes
+  become: true
 - name: Install additionally required packages
  package:
    name: '{{ luks_extra_packages }}'
    state: present
  become: true
  when: luks_extra_packages | length > 0
 - name: Determine cryptsetup version
  command: cryptsetup --version
  register: cryptsetup_version
 - name: Extract cryptsetup version
  set_fact:
    cryptsetup_version: >-
      {{ cryptsetup_version.stdout_lines[0] | regex_search('cryptsetup ([0-9]+\.[0-9]+\.[0-9]+)') | split | last }}
 - name: Create cryptfile
  command: dd if=/dev/zero of={{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile bs=1M count=32
 - name: Figure out next loopback device
  command: losetup -f
  become: true
  register: cryptfile_device_output
 - name: Create lookback device
  command: losetup -f {{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile
-  become: yes
+  become: true
- name: Determine loop device name
+
-  command: losetup -j {{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile --output name
+- name: Store some common data for tests
-  become: yes
+  set_fact:
-  register: cryptfile_device_output
+    cryptfile_device: "{{ cryptfile_device_output.stdout_lines[0] }}"
 - set_fact:
    cryptfile_device: "{{ cryptfile_device_output.stdout_lines[1] }}"
    cryptfile_passphrase1: "uNiJ9vKG2mUOEWDiQVuBHJlfMHE"
    cryptfile_passphrase2: "HW4Ak2HtE2vvne0qjJMPTtmbV4M"
    cryptfile_passphrase3: "qQJqsjabO9pItV792k90VvX84MM"
 - block:
  - include_tasks: run-test.yml
    with_fileglob:
    - "tests/*.yml"
  always:
  - name: Make sure LUKS device is gone
    luks_device:
@ -45,8 +82,10 @@
      state: absent
    become: yes
    ignore_errors: yes
  - command: losetup -d "{{ cryptfile_device }}"
    become: yes
  - file:
-      dest: "{{ remote_tmp_dir }}/cryptfile"
+      dest: "{{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile"
      state: absent
--- a/tests/integration/targets/luks_device/tasks/tests/performance.yml
+++ b/tests/integration/targets/luks_device/tasks/tests/performance.yml
@ -3,10 +3,6 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 - name: Gather package facts
  package_facts:
    manager: auto
 - name: On kernel >= 5.9 use performance flags
  block:
    - name: Create and open (check)
@ -104,4 +100,4 @@
  when:
    - ansible_facts.kernel is version('5.9.0', '>=')
-    - ansible_facts.packages['cryptsetup'][0].version is version('2.3.4', '>=')
+    - cryptsetup_version is version('2.3.4', '>=')
--- a/tests/integration/targets/luks_device/vars/Alpine.yml
+++ b/tests/integration/targets/luks_device/vars/Alpine.yml
@ -0,0 +1,10 @@
 ---
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 cryptsetup_package: cryptsetup
 luks_extra_packages:
  - device-mapper
  - wipefs
--- a/tests/integration/targets/luks_device/vars/default.yml
+++ b/tests/integration/targets/luks_device/vars/default.yml
@ -0,0 +1,8 @@
 ---
 # Copyright (c) Ansible Project
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 cryptsetup_package: cryptsetup
 luks_extra_packages: []
--- a/tests/integration/targets/openssl_privatekey_convert/aliases
+++ b/tests/integration/targets/openssl_privatekey_convert/aliases
@ -2,7 +2,6 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 context/controller
 azp/generic/1
 azp/posix/1
 destructive
--- a/tests/integration/targets/setup_bcrypt/tasks/main.yml
+++ b/tests/integration/targets/setup_bcrypt/tasks/main.yml
@ -24,5 +24,5 @@
 - name: Ensure bcrypt_version is defined
  set_fact:
    bcrypt_version:
-      stdout: 0.0
+      stdout: "0.0"
-  when: bcrypt_version is not defined
+  when: bcrypt_version is failed
--- a/tests/integration/targets/setup_python_info/vars/main.yml
+++ b/tests/integration/targets/setup_python_info/vars/main.yml
@ -22,6 +22,10 @@ system_python_version_data:
      - '3.9'
    '34':
      - '3.9'
    '35':
      - '3.10'
    '36':
      - '3.10'
  Ubuntu:
    '16':
      - '2.7'
@ -29,6 +33,8 @@ system_python_version_data:
      - '3.6'
    '20':
      - '3.8'
    '22':
      - '3.10'
  Darwin:
    '10.11':
      - '2.7'
@ -67,6 +73,8 @@ system_python_version_data:
    '11':
      - '3.9'
  Alpine:
    '3.16':
      - '3.10'
    '3.15':
      - '3.9'
    '3.12':
--- a/tests/integration/targets/x509_certificate-acme/aliases
+++ b/tests/integration/targets/x509_certificate-acme/aliases
@ -7,9 +7,5 @@ azp/posix/1
 cloud/acme
 context/target
-# Skip all VMs, since we cannot talk to the ACME simulator from these:
+# For some reason connecting to helper containers does not work on the Alpine VMs
-skip/aix
+skip/alpine
 skip/freebsd
 skip/macos
 skip/osx
 skip/rhel
--- a/tests/integration/targets/x509_certificate-acme/tasks/main.yml
+++ b/tests/integration/targets/x509_certificate-acme/tasks/main.yml
@ -95,6 +95,12 @@
      except ImportError:
          from urllib2 import Request # Python 2
 - name: "Monkey-patch acme-tiny: adjust shebang"
  replace:
    path: "{{ remote_tmp_dir }}/acme-tiny"
    regexp: '^\#\!/usr/bin/env .*$'
    replace: '#!{{ ansible_python_interpreter }}'
 - name: "Monkey-patch acme-tiny: Disable check that challenge file is reachable via HTTP"
  replace:
    path: "{{ remote_tmp_dir }}/acme-tiny"
--- a/tests/utils/shippable/alpine.sh
+++ b/tests/utils/shippable/alpine.sh
@ -0,0 +1 @@
 remote.sh
--- a/tests/utils/shippable/fedora.sh
+++ b/tests/utils/shippable/fedora.sh
@ -0,0 +1 @@
 remote.sh
--- a/tests/utils/shippable/remote.sh
+++ b/tests/utils/shippable/remote.sh
@ -10,6 +10,16 @@ IFS='/:' read -ra args <<< "$1"
 platform="${args[0]}"
 version="${args[1]}"
 pyver=default
 # check for explicit python version like 8.3@3.8
 declare -a splitversion
 IFS='@' read -ra splitversion <<< "$version"
 if [ "${#splitversion[@]}" -gt 1 ]; then
    version="${splitversion[0]}"
    pyver="${splitversion[1]}"
 fi
 if [ "${#args[@]}" -gt 2 ]; then
    target="azp/posix/${args[2]}/"
@ -22,4 +32,4 @@ provider="${P:-default}"
 # shellcheck disable=SC2086
 ansible-test integration --color -v --retry-on-error "${target}" ${COVERAGE:+"$COVERAGE"} ${CHANGED:+"$CHANGED"} ${UNSTABLE:+"$UNSTABLE"} \
-    --remote "${platform}/${version}" --remote-terminate always --remote-stage "${stage}" --remote-provider "${provider}"
+    --python "${pyver}" --remote "${platform}/${version}" --remote-terminate always --remote-stage "${stage}" --remote-provider "${provider}"
--- a/tests/utils/shippable/ubuntu.sh
+++ b/tests/utils/shippable/ubuntu.sh
@ -0,0 +1 @@
 remote.sh