Enable deployment roles testing #1328
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch sets 'become: false' usage in the tests:
tests/group/test_group.yml
tests/hbacrule/test_hbacrule.yml
tests/host/test_host.yml
tests/user/test_user.yml
With this setting, the tests can be executed with Ubuntu 24.04 runners
in Github workflows.
There's a still unknown issue with Ubuntu 24.04 and Github workflows
that does not allow 'sudo' tu execute properly, so 'become' fails in
Ansible, even for common tasks like 'gather_facts'.
While there's no workaround, and as we should only use 'become: false'
when really required (least privileges principle), these tests will be
changed so they can be used to test cluster deployment.
Signed-off-by: Rafael Guterres Jeffman <[email protected]>
The variable 'ipaserver_realm' is optional, even for deploymente roles. When running test playbooks, depending on the inventory configuration, the value is not set causing tests to fail during setup. This patch sets 'ipaserver_relam' in 'env_freeipa_facts.yml', only if the variable is not set.
rjeffman
force-pushed
the
test_deployment_roles
branch
2 times, most recently
from
7b4261f to
fe38a77
Compare
This patch enables testing deployment roles using FreeIPA-Cluster-Test action (https://github.com/rjeffman/freeipa/cluster-tests). The tests require a cluster configuration to be used with ipalab-config (https://pypi.org/project/ipalab-config) and a list of Ansible playbooks. To ensure the proper host runs the tests, 'ipa-test-host' is set using a vars file, and passed to the action. The tests run on Github actions, only if one of the deployment roles are modified by the PR.
rjeffman
force-pushed
the
test_deployment_roles
branch
from
fe38a77 to
3edf0a6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR enables deployment roles testing using Github workflows.
The tests run only when one of the roles (ipaclient, ipaserver or ipareplica) is modified and run some basic tests against the deployed role.
There's still an issue either with the combination of the software stack used (Github's Ubuntu 24.04 + our images), or the tooling used to enable the tests, that required a few changes in the tests.
See the individual commits for more details.