a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve docker test setups (#1161) 

* Improve readability.

* Move common code to new file.
pull/1176/head
Felix Fontein 2020-10-26 08:33:04 +01:00 committed by GitHub
parent a93fce6755
commit 167153bff5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 131 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tests/integration/targets/setup_docker/handlers/main.yml
View File

@ -1,11 +1,11 @@
- name: remove pip packages - name: Remove pip packages
pip: pip:
state: present state: present
name: "{{ [docker_pip_package] | union(docker_pip_extra_packages) }}" name: "{{ [docker_pip_package] | union(docker_pip_extra_packages) }}"
listen: cleanup docker listen: cleanup docker
when: not docker_skip_cleanup | bool when: not docker_skip_cleanup | bool
- name: remove docker pagkages - name: Remove docker pagkages
action: "{{ ansible_facts.pkg_mgr }}" action: "{{ ansible_facts.pkg_mgr }}"
args: args:
name: "{{ docker_cleanup_packages }}" name: "{{ docker_cleanup_packages }}"

7
tests/integration/targets/setup_docker/tasks/Debian.yml
View File

@ -2,16 +2,20 @@
- name: Get OS version - name: Get OS version
shell: uname -r shell: uname -r
register: os_version register: os_version
- name: Install pre-reqs - name: Install pre-reqs
apt: apt:
name: '{{ docker_prereq_packages }}' name: '{{ docker_prereq_packages }}'
state: present state: present
update_cache: true update_cache: true
notify: cleanup docker notify: cleanup docker
- name: Add gpg key - name: Add gpg key
shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg >key && apt-key add key shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg >key && apt-key add key
- name: Add Docker repo - name: Add Docker repo
shell: add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" shell: add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
- block: - block:
- name: Prevent service restart - name: Prevent service restart
copy: copy:
@ -20,16 +24,19 @@
backup: true backup: true
mode: '0755' mode: '0755'
register: policy_rc_d register: policy_rc_d
- name: Install Docker CE - name: Install Docker CE
apt: apt:
name: '{{ docker_packages }}' name: '{{ docker_packages }}'
state: present state: present
update_cache: true update_cache: true
always: always:
- name: Restore /usr/sbin/policy-rc.d (if needed) - name: Restore /usr/sbin/policy-rc.d (if needed)
command: mv {{ policy_rc_d.backup_file }} /usr/sbin/policy-rc.d command: mv {{ policy_rc_d.backup_file }} /usr/sbin/policy-rc.d
when: when:
- '''backup_file'' in policy_rc_d' - '''backup_file'' in policy_rc_d'
- name: Remove /usr/sbin/policy-rc.d (if needed) - name: Remove /usr/sbin/policy-rc.d (if needed)
file: file:
path: /usr/sbin/policy-rc.d path: /usr/sbin/policy-rc.d

8
tests/integration/targets/setup_docker_registry/handlers/cleanup.yml
View File

@ -4,33 +4,40 @@
name: "{{ item }}" name: "{{ item }}"
state: absent state: absent
with_items: "{{ docker_registry_setup_inames }}" with_items: "{{ docker_registry_setup_inames }}"
- name: "Get registry logs" - name: "Get registry logs"
command: "docker logs {{ docker_registry_container_name_registry }}" command: "docker logs {{ docker_registry_container_name_registry }}"
register: registry_logs register: registry_logs
no_log: yes no_log: yes
ignore_errors: yes ignore_errors: yes
- name: "Printing registry logs" - name: "Printing registry logs"
debug: debug:
var: registry_logs.stdout_lines var: registry_logs.stdout_lines
when: registry_logs is not failed when: registry_logs is not failed
- name: "Get nginx logs for first instance" - name: "Get nginx logs for first instance"
command: "docker logs {{ docker_registry_container_name_nginx }}" command: "docker logs {{ docker_registry_container_name_nginx }}"
register: nginx_logs register: nginx_logs
no_log: yes no_log: yes
ignore_errors: yes ignore_errors: yes
- name: "Get nginx logs for second instance" - name: "Get nginx logs for second instance"
command: "docker logs {{ docker_registry_container_name_nginx2 }}" command: "docker logs {{ docker_registry_container_name_nginx2 }}"
register: nginx2_logs register: nginx2_logs
no_log: yes no_log: yes
ignore_errors: yes ignore_errors: yes
- name: "Printing nginx logs for first instance" - name: "Printing nginx logs for first instance"
debug: debug:
var: nginx_logs.stdout_lines var: nginx_logs.stdout_lines
when: nginx_logs is not failed when: nginx_logs is not failed
- name: "Printing nginx logs for second instance" - name: "Printing nginx logs for second instance"
debug: debug:
var: nginx2_logs.stdout_lines var: nginx2_logs.stdout_lines
when: nginx_logs is not failed when: nginx_logs is not failed
- name: "Make sure all containers are removed" - name: "Make sure all containers are removed"
docker_container: docker_container:
name: "{{ item }}" name: "{{ item }}"
@ -41,6 +48,7 @@
retries: 3 retries: 3
delay: 3 delay: 3
until: result is success until: result is success
- name: "Make sure all volumes are removed" - name: "Make sure all volumes are removed"
command: "docker rm -f {{ item }}" command: "docker rm -f {{ item }}"
with_items: "{{ docker_registry_setup_vnames }}" with_items: "{{ docker_registry_setup_vnames }}"

85
tests/integration/targets/setup_docker_registry/tasks/setup-frontend.yml Normal file
View File

@ -0,0 +1,85 @@
---
# Set up first nginx frontend for registry
- name: Start nginx frontend for registry
docker_volume:
name: '{{ docker_registry_container_name_frontend }}'
state: present
- name: Create container for nginx frontend for registry
docker_container:
state: stopped
name: '{{ docker_registry_container_name_frontend }}'
image: nginx:alpine
ports: 5000
links:
- '{{ docker_registry_container_name_registry }}:real-registry'
volumes:
- '{{ docker_registry_container_name_frontend }}:/etc/nginx/'
register: nginx_container
- name: Copy static files into volume
command: docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_frontend }}:/etc/nginx/{{ item }}
loop:
- nginx.conf
- nginx.htpasswd
register: can_copy_files
ignore_errors: yes
- when: can_copy_files is not failed
block:
- name: Create private key for frontend certificate
community.crypto.openssl_privatekey:
path: '{{ output_dir }}/cert.key'
type: ECC
curve: secp256r1
force: yes
- name: Create CSR for frontend certificate
community.crypto.openssl_csr:
path: '{{ output_dir }}/cert.csr'
privatekey_path: '{{ output_dir }}/cert.key'
subject_alt_name:
- DNS:test-registry.ansible.com
- name: Create frontend certificate
community.crypto.openssl_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/cert.csr'
privatekey_path: '{{ output_dir }}/cert.key'
provider: selfsigned
- name: Copy dynamic files into volume
command: docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_frontend }}:/etc/nginx/{{ item }}
loop:
- cert.pem
- cert.key
- name: Start nginx frontend for registry
docker_container:
name: '{{ docker_registry_container_name_frontend }}'
state: started
register: nginx_container
- name: Output nginx container network settings
debug:
var: nginx_container.container.NetworkSettings
- name: Wait for registry frontend
uri:
url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/
url_username: testuser
url_password: hunter2
validate_certs: false
register: result
until: result is success
retries: 5
delay: 1
- name: Get registry URL
set_fact:
docker_registry_frontend_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
- set_fact:
docker_registry_frontend_address: 'n/a'
when: can_copy_files is failed

170
tests/integration/targets/setup_docker_registry/tasks/setup.yml
View File

@ -1,17 +1,23 @@
--- ---
- name: Register registry cleanup - name: Register registry cleanup
# This must be done **before** docker is set up (see next task), to ensure that the
# registry is removed **before** docker itself is removed. This is necessary as the
# registry and its frontends run as docker containers.
command: 'true' command: 'true'
notify: Remove test registry notify: Remove test registry
- name: Setup Docker - name: Setup Docker
# Please note that we do setup_docker here and not via meta/main.yml to avoid the problem that # Please note that we do setup_docker here and not via meta/main.yml to avoid the problem that
# our cleanup is called **after** setup_docker's cleanup has been called! # our cleanup is called **after** setup_docker's cleanup has been called!
include_role: include_role:
name: setup_docker name: setup_docker
- name: Create random name prefix and test registry name - name: Create random name prefix and test registry name
set_fact: set_fact:
docker_registry_container_name_registry: '{{ ''ansible-test-registry-%0x'' % ((2**32) | random) }}' docker_registry_container_name_registry: '{{ ''ansible-test-registry-%0x'' % ((2**32) | random) }}'
docker_registry_container_name_nginx: '{{ ''ansible-test-registry-frontend-%0x'' % ((2**32) | random) }}' docker_registry_container_name_nginx: '{{ ''ansible-test-registry-frontend-%0x'' % ((2**32) | random) }}'
docker_registry_container_name_nginx2: '{{ ''ansible-test-registry-frontend2-%0x'' % ((2**32) | random) }}' docker_registry_container_name_nginx2: '{{ ''ansible-test-registry-frontend2-%0x'' % ((2**32) | random) }}'
- name: Create image and container list - name: Create image and container list
set_fact: set_fact:
docker_registry_setup_inames: [] docker_registry_setup_inames: []
@ -22,9 +28,15 @@
docker_registry_setup_vnames: docker_registry_setup_vnames:
- '{{ docker_registry_container_name_nginx }}' - '{{ docker_registry_container_name_nginx }}'
- '{{ docker_registry_container_name_nginx2 }}' - '{{ docker_registry_container_name_nginx2 }}'
- debug: - debug:
msg: Using test registry name {{ docker_registry_container_name_registry }} and nginx frontend name {{ docker_registry_container_name_nginx }} msg: Using test registry name {{ docker_registry_container_name_registry }} and nginx frontend names {{ docker_registry_container_name_nginx }} and {{ docker_registry_container_name_nginx2 }}
- block:
- fail: msg="Too old docker / docker-py version to set up docker registry!"
when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)
- when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')
block:
# Set up registry container # Set up registry container
- name: Start test registry - name: Start test registry
@ -33,151 +45,27 @@
image: registry:2.6.1 image: registry:2.6.1
ports: 5000 ports: 5000
register: registry_container register: registry_container
- name: Get registry URL - name: Get registry URL
set_fact: set_fact:
registry_address: localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }} registry_address: localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
# Set up first nginx frontend for registry # Set up first nginx frontend for registry
- name: Start nginx frontend for registry - include_tasks: setup-frontend.yml
docker_volume: vars:
name: '{{ docker_registry_container_name_nginx }}' docker_registry_container_name_frontend: '{{ docker_registry_container_name_nginx }}'
state: present
- name: Create container for nginx frontend for registry
docker_container:
state: stopped
name: '{{ docker_registry_container_name_nginx }}'
image: nginx:alpine
ports: 5000
links:
- '{{ docker_registry_container_name_registry }}:real-registry'
volumes:
- '{{ docker_registry_container_name_nginx }}:/etc/nginx/'
register: nginx_container
- name: Copy static files into volume
command: docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_nginx }}:/etc/nginx/{{ item }}
loop:
- nginx.conf
- nginx.htpasswd
register: can_copy_files
ignore_errors: yes
- block:
- name: Create private key for frontend certificate
community.crypto.openssl_privatekey:
path: '{{ output_dir }}/cert.key'
type: ECC
curve: secp256r1
- name: Create CSR for frontend certificate
community.crypto.openssl_csr:
path: '{{ output_dir }}/cert.csr'
privatekey_path: '{{ output_dir }}/cert.key'
subject_alt_name:
- DNS:test-registry.ansible.com
- name: Create frontend certificate
community.crypto.openssl_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/cert.csr'
privatekey_path: '{{ output_dir }}/cert.key'
provider: selfsigned
- name: Copy dynamic files into volume
command: docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_nginx }}:/etc/nginx/{{ item }}
loop:
- cert.pem
- cert.key
- name: Start nginx frontend for registry
docker_container:
name: '{{ docker_registry_container_name_nginx }}'
state: started
register: nginx_container
- debug: var=nginx_container.container.NetworkSettings
- name: Wait for registry frontend
uri:
url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/
url_username: testuser
url_password: hunter2
validate_certs: false
register: result
until: result is success
retries: 5
delay: 1
- name: Get registry URL
set_fact:
registry_frontend_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
when: can_copy_files is not failed
- set_fact: - set_fact:
registry_frontend_address: 'n/a' registry_frontend_address: '{{ docker_registry_frontend_address }}'
when: can_copy_files is failed
# Set up second nginx frontend for registry # Set up second nginx frontend for registry
- name: Start nginx frontend for registry - include_tasks: setup-frontend.yml
docker_volume: vars:
name: '{{ docker_registry_container_name_nginx2 }}' docker_registry_container_name_frontend: '{{ docker_registry_container_name_nginx2 }}'
state: present
- name: Create container for nginx frontend for registry
docker_container:
state: stopped
name: '{{ docker_registry_container_name_nginx2 }}'
image: nginx:alpine
ports: 5000
links:
- '{{ docker_registry_container_name_registry }}:real-registry'
volumes:
- '{{ docker_registry_container_name_nginx2 }}:/etc/nginx/'
register: nginx_container
- name: Copy static files into volume
command: docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_nginx2 }}:/etc/nginx/{{ item }}
loop:
- nginx.conf
- nginx.htpasswd
register: can_copy_files
ignore_errors: yes
- block:
- name: Create private key for frontend certificate
community.crypto.openssl_privatekey:
path: '{{ output_dir }}/cert.key'
type: ECC
curve: secp256r1
- name: Create CSR for frontend certificate
community.crypto.openssl_csr:
path: '{{ output_dir }}/cert.csr'
privatekey_path: '{{ output_dir }}/cert.key'
subject_alt_name:
- DNS:test-registry.ansible.com
- name: Create frontend certificate
community.crypto.openssl_certificate:
path: '{{ output_dir }}/cert.pem'
csr_path: '{{ output_dir }}/cert.csr'
privatekey_path: '{{ output_dir }}/cert.key'
provider: selfsigned
- name: Copy dynamic files into volume
command: docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_nginx2 }}:/etc/nginx/{{ item }}
loop:
- cert.pem
- cert.key
- name: Start nginx frontend for registry
docker_container:
name: '{{ docker_registry_container_name_nginx2 }}'
state: started
register: nginx_container
- debug: var=nginx_container.container.NetworkSettings
- name: Wait for registry frontend
uri:
url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/
url_username: testuser
url_password: hunter2
validate_certs: false
register: result
until: result is success
retries: 5
delay: 1
- name: Get registry URL
set_fact:
registry_frontend2_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
when: can_copy_files is not failed
- set_fact:
registry_frontend2_address: 'n/a'
when: can_copy_files is failed
- debug: msg="Registry available under {{ registry_address }}, NGINX frontends available under {{ registry_frontend_address }} and {{ registry_frontend2_address }}" - set_fact:
when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=') registry_frontend2_address: '{{ docker_registry_frontend_address }}'
- fail: msg="Too old docker / docker-py version to run docker_image tests!"
when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6) # Print addresses for registry and frontends
- debug:
msg: "Registry available under {{ registry_address }}, NGINX frontends available under {{ registry_frontend_address }} and {{ registry_frontend2_address }}"