Skip to content
Snippets Groups Projects
Commit 3d685b98 authored by Antoine SCHILDKNECHT's avatar Antoine SCHILDKNECHT
Browse files

Merge branch 't35464-ovh-ci-migration' into 'main' 

CI migration to OVH public cloud | refs #35464

See merge request sys/ansible-public!17
parents d7500b00 124941a1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 75 additions and 938 deletions
.docker/Dockerfile deleted 100644 → 0
+ 0
18
View file @ d7500b00
FROM registry.ubicast.net/docker/dind-compose:latest
# Set locale
ENV LANG="C.UTF-8" LC_ALL="C.UTF-8" LANGUAGE="C.UTF-8"
# Copy requirement files
COPY requirements.txt .
COPY requirements.dev.txt .
COPY requirements.dev.apk.txt .
# Install required apk packages
RUN apk add $(grep -v '^#' requirements.dev.apk.txt | cut -d ' ' -f1 | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/ /g')
# Install ansible tools
RUN \
pip install -U pip wheel && \
pip install -r requirements.txt && \
pip install -r requirements.dev.txt
.gitlab-ci.yml
+ 34
75
View file @ 3d685b98
---
variables:
GIT_SUBMODULE_STRATEGY: recursive
DOCKER_IMAGE_NAME: registry.ubicast.net/sys/ansible-public
default:
image: registry.ubicast.net/sys/ansible-public
stages:
- lint
- docker
- test-pf-std
- test-pf-ha
- test-pgsql
# * * * * * * * * * * * * *
lint:verify:
stage: lint
rules:
# Avoid duplicate CI on merge request commits
- if: '$CI_MERGE_REQUEST_EVENT_TYPE == "detached"'
when: never
# Ignore linting on docker image build
- if: '$DOCKER_BUILD != "True"'
when: always
- when: never
script:
- make lint
# * * * * * * * * * * * * *
# Docker image build job
docker:image:
image: docker:stable
stage: docker
checkpf:
# https://docs.gitlab.com/ee/ci/pipelines/multi_project_pipelines.html
trigger:
project: sys/ubicast-environment
strategy: depend
# Sends the current branch to the ubicast-environment triggered pipeline as a variable
variables:
ANSIBLE_BRANCH: "$CI_COMMIT_BRANCH"
DEPLOY_STD: "$DEPLOY_STD"
DEPLOY_HA: "$DEPLOY_HA"
DESTROY_STD: "$DESTROY_STD"
DESTROY_HA: "$DESTROY_HA"
# Register the job in a resource group to prevent having multiple running pipelines in parallel
resource_group: deployment
rules:
# Build docker image for schedule pipelines only
- if: '$DOCKER_BUILD == "True"'
before_script:
- apk add bash make
- docker login -u gitlab-ci-token -p $CI_JOB_TOKEN registry.ubicast.net
script:
- make docker-build
- make docker-push
# * * * * * * * * * * * * *
.test-template:
retry: 2
timeout: 4h
rules:
# Run deployment for schedule pipelines
- if: '$CI_PIPELINE_SOURCE == "schedule" && $PF_DEPLOY_TEST == "True"'
when: always
# Run deployment for manual pipelines
# Only triggers the pipeline if it's launched manually from the GitLab webinterface
- if: '$CI_PIPELINE_SOURCE == "web"'
when: always
- when: never
test:pf-std:
extends: .test-template
stage: test-pf-std
script:
- echo $CI_PIPELINE_SOURCE
- make test pf-std=1
test:pf-ha:
extends: .test-template
stage: test-pf-ha
script:
- make test pf-ha=1
test:pgsql-ha:
extends: .test-template
stage: test-pgsql
script:
- make test pgsql-ha=1 debug=1
# Only triggers the pipeline if it's launched by a scheduled job
- if: '$CI_PIPELINE_SOURCE == "schedule"'
# Only if push on the main branch
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main"'
lint:
# https://docs.gitlab.com/ee/ci/pipelines/multi_project_pipelines.html
trigger:
project: sys/ubicast-environment
strategy: depend
# Sends the current branch to the ubicast-environment triggered pipeline as a variable
variables:
ANSIBLE_BRANCH: "$CI_COMMIT_BRANCH"
DEPLOY_STD: "false"
DEPLOY_HA: "false"
resource_group: deployment
rules:
# Only if push in a branch other than main
- if: '$CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != "main"'
...
.lint/ansible-apt-block-check.sh
+ 1
0
View file @ 3d685b98
......@@ -3,6 +3,7 @@
# config
exclude_pattern=()
exclude_pattern+=('^./roles/elastic.elasticsearch')
exclude_pattern+=('^./.venv')
apt_regex='^[^#]*apt:'
until_regex='^[^#]*until: apt_status is success'
......
.lint/ansible-lint.conf
+ 5
7
View file @ 3d685b98
---
exclude_paths:
- playbooks/_*.yml
- roles/_*/
- roles/elastic.elasticsearch/
- .cache/
- ${HOME}/.cache/
skip_list:
- '701'
- '403'
- '208'
- '106'
- meta-no-info # Skip warnings for missing galaxy_info in roles
- role-name # Skip role name pattern verification ("-" should not be used)
- package-latest # Skip warning when package installation state is set to latest
...
.lint/flake8.conf deleted 100644 → 0
+ 0
10
View file @ d7500b00
[flake8]
ignore =
E501
E265
W503
W505
per-file-ignores =
roles/elastic.elasticsearch/*:E713
.lint/yamllint.conf deleted 100644 → 0
+ 0
29
View file @ d7500b00
---
extends: default
ignore: |
.venv/
roles/elastic.elasticsearch/
rules:
braces:
min-spaces-inside-empty: 0
max-spaces-inside-empty: 0
min-spaces-inside: 1
max-spaces-inside: 1
level: error
brackets:
min-spaces-inside-empty: 0
max-spaces-inside-empty: 0
min-spaces-inside: 1
max-spaces-inside: 1
level: error
truthy:
level: error
line-length: disable
indentation:
spaces: consistent
indent-sequences: true
check-multi-line-strings: false
...
Makefile
+ 32
102
View file @ 3d685b98
# expose .env variables globally
# Import .env variables if the file exist
-include .env
export
DOCKER_IMAGE_NAME ?= ansible-public
SHELL := /bin/bash
VENV := /tmp/pyvensetup
ANSIBLE_CONFIG := ansible.cfg
PIP_BIN = $(shell command -v $(VENV)/bin/pip3 || command -v pip3 || echo pip3)
PIP_COMPILE_BIN = $(shell command -v $(VENV)/bin/pip-compile || command -v pip-compile)
ANSIBLE_BIN = $(shell command -v ansible || command -v $(VENV)/bin/ansible)
ANSIBLE_PLAYBOOK_BIN = $(shell command -v ansible-playbook || command -v $(VENV)/bin/ansible-playbook)
ANSIBLE_LINT_BIN = $(shell command -v ansible-lint || command -v $(VENV)/bin/ansible-lint)
ANSIBLE_GALAXY_BIN = $(shell command -v ansible-galaxy || command -v $(VENV)/bin/ansible-galaxy || echo ansible-galaxy)
YAMLLINT_BIN = $(shell command -v yamllint || command -v $(VENV)/bin/yamllint)
FLAKE8_BIN = $(shell command -v flake8 || command -v $(VENV)/bin/flake8)
VENV ?= .venv
ANSIBLE_CONFIG ?= ansible.cfg
PYTHON := $(VENV)/bin/python
ANSIBLE := ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(VENV)/bin/ansible
ANSIBLE_GALAXY := ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(VENV)/bin/ansible-galaxy
ANSIBLE_LINT := ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(VENV)/bin/ansible-lint
ANSIBLE_PLAYBOOK := ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(VENV)/bin/ansible-playbook
# molecule tests flags
ifdef debug
MOLECULE_FLAGS += --debug
endif
ifdef keep
MOLECULE_TEST_FLAGS += --destroy=never
endif
ifdef pf-std
MOLECULE_TEST_FLAGS += --scenario-name pf-std
endif
ifdef pf-ha
MOLECULE_TEST_FLAGS += --scenario-name pf-ha
endif
ifdef pgsql-ha
MOLECULE_TEST_FLAGS += --scenario-name pgsql-ha
endif
# https://www.gnu.org/software/make/manual/html_node/Phony-Targets.html
.PHONY: all clean update_venv venv install install-galaxy install-dev lint deploy help
.PHONY: all
## TARGET: DESCRIPTION: ARGS
all: help
.PHONY: venv
## venv: Install python3-venv and create a temporary virtualenv
venv:
-@command -v apt-get >/dev/null && apt-get update && apt-get install -y python3-venv
python3 -m venv $(VENV)
## requirements.txt: Update requirements and their dependencies
## requirements.dev.txt: Update development requirements and their dependencies
%.txt: %.in
$(PIP_COMPILE_BIN) -U $^ -o $@
chmod 644 $@
## venv: Prepare the python virtual environment
venv: $(VENV)/bin/activate
.PHONY: install
## install: Install requirements
install: venv
$(PIP_BIN) install -U pip wheel
$(PIP_BIN) install -r requirements.txt
${VENV}/bin/activate: requirements.txt requirements.dev.txt
test -d $(VENV) || python3 -m venv $(VENV)
$(PYTHON) -m pip install -U pip
$(PYTHON) -m pip install -r requirements.txt -r requirements.dev.txt
touch $(VENV)/bin/activate
.PHONY: install-galaxy
install-galaxy:
ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(ANSIBLE_GALAXY_BIN) install -r requirements.yml
## update_venv: Updates the virtual environment
update_venv: clean venv
.PHONY: install-dev
## install-dev: Install development requirements
install-dev: install
$(PIP_BIN) install -r requirements.dev.txt
[ -d .git/hooks ] || mkdir .git/hooks
ln -sfv .githooks/pre-commit .git/hooks/ || echo "Failed to create pre-commit link"
## install-galaxy: Install ansible galaxy requirements
install-galaxy: venv
$(ANSIBLE_GALAXY) install -r requirements.yml
.PHONY: lint
## lint: Run linters on the project
lint:
$(FLAKE8_BIN) --config .lint/flake8.conf
$(YAMLLINT_BIN) --config-file .lint/yamllint.conf .
ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(ANSIBLE_LINT_BIN) -c .lint/ansible-lint.conf playbooks/site.yml
lint: venv
$(ANSIBLE_LINT) -c .lint/ansible-lint.conf
.lint/ansible-apt-block-check.sh
.PHONY: test
## test: Run development tests on the project : SKYREACH_SYSTEM_KEY=<xxx>, debug=1, keep=1, pf-std=1, pgsql-ha=1
test:
molecule $(MOLECULE_FLAGS) test $(MOLECULE_TEST_FLAGS)
.PHONY: deploy-test-container
## deploy-test-container: Run deployment using ansible in a docker container
deploy-test-container:
ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(ANSIBLE_PLAYBOOK_BIN) -vvvv -i inventories/test-container playbooks/site_docker.yml
.PHONY: enter-test-container
## enter-test-container: Enter the docker test container
enter-test-container:
docker exec -it ansibletest /bin/bash
.PHONY: deploy
## deploy: Run deployment playbooks : i=<inventory-path>, l=<host-or-group>, t=<tag>
deploy:
deploy: venv
ifndef i
$(error i is undefined)
endif
......@@ -100,31 +47,14 @@ endif
ifndef t
$(eval t=all)
endif
ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(ANSIBLE_BIN) -i $(i) -l $(l) -m ping all
ANSIBLE_CONFIG=$(ANSIBLE_CONFIG) $(ANSIBLE_PLAYBOOK_BIN) -i $(i) playbooks/site.yml -e conf_update=true -l $(l) -t $(t)
.PHONY: docker-build
## docker-build: Run docker image build for.docker
docker-build:
docker build -t $(DOCKER_IMAGE_NAME) -f .docker/Dockerfile .
.PHONY: docker-rebuild
## docker-rebuild: Force docker image rebuild
docker-rebuild:
docker build --pull --no-cache -t $(DOCKER_IMAGE_NAME) -f .docker/Dockerfile .
.PHONY: docker-pull
## docker-pull: Pull Docker image from registry
docker-pull:
-docker pull $(DOCKER_IMAGE_NAME)
$(ANSIBLE) -i $(i) -l $(l) -m ping all
$(ANSIBLE_PLAYBOOK) -i $(i) playbooks/site.yml -e conf_update=true -l $(l) -t $(t)
.PHONY: docker-push
## docker-push: Push Docker image to registry
docker-push:
docker push $(DOCKER_IMAGE_NAME)
## clean: Cleans the virtual environment
clean:
rm -r $(VENV)
.PHONY: help
## help: Print this help message
help:
@echo -e "Usage: \n"
@sed -n 's/^##//p' ${MAKEFILE_LIST} | column -t -s ':' | sed -e 's/^/ /'
@echo "Usage: \n"
@sed -n 's/^##//p' $(MAKEFILE_LIST) | column -t -s ':' | sed -e 's/^/ /'
doc/contrib.md
+ 2
58
View file @ 3d685b98
# Contributing guide
## External software
Please read the tools documentations and the associated best practices.
- [Ansible documentation](https://docs.ansible.com/ansible/latest/)
- [Molecule documentation](https://molecule.readthedocs.io/en/latest/)
- [TestInfra documentation](https://testinfra.readthedocs.io/en/latest/)
## Developpement environment
Install all [required tools](requirements.md) and then execute:
```sh
cd /root/ansible-public
make requirements-dev
```
Then install [docker](https://docs.docker.com/engine/install/debian/) (it is used to deploy components in container).
## Test
To check that your "code" is compliant:
```sh
make lint
```
To run Ansible tests, you will need the same configuration as in the CI, then run:
```sh
# run default test
make test
# show debug logs
DEBUG=1 make test
# do not destroy tests containers
KEEP=1 make test
```
If you add/modify a role, please write relevants tests in `molecule/default/tests`.
## Test changes in a docker container
A command is available in the make file to deploy the full product in a docker container.
First, you need to set a correct value for `skyreach_system_key` in this file:
`inventories/test-container/host_vars/ansibletest.yml`
To instantiate the docker container and to run the deployment, start this command:
```sh
make deploy-test-container
```
The docker container is named "ansibletest".
To access the container:
## Communication
```sh
make enter-test-container
```
Once you made sure to test your modifications, you can open an issue on the UbiCast support tool (Zendesk) or send an email to us.
doc/requirements.md
+ 1
30
View file @ 3d685b98
# Prepare deployment environment
This installation has only been tested on Linux. But it should (with some adjustements) work for MacOS or Windows WSL.
There are 2 installations possibilities :
- setup tools
- docker image
This installation has only been tested on Debian Linux.
## Setup tools
......@@ -56,32 +53,6 @@ ansible-galaxy install -r requirements.yml
```
## Docker
If you do not want to bother with tools installation, you can use [Docker](https://docs.docker.com/install/).
```sh
docker run \
`# run an interactive pseudo-TTY` \
-it \
`# remove the container once you leave it` \
--rm \
`# share the current directory` \
-v $(pwd):/workspace \
`# share your SSH configuration` \
-v $HOME/.ssh:/home/code/.ssh:ro \
`# share your SSH agent` \
-v $SSH_AUTH_SOCK:/ssh-agent:ro \
`# let container know where is mapped the SSH agent` \
-e SSH_AUTH_SOCK=/ssh-agent \
`# container image to use` \
registry.ubicast.net/sys/ansible-public \
`# executable to run` \
bash
```
Make sur to share your SSH configuration with the Docker container, this may require to adapt the example command.
## Testing
To make sure Ansible is properly installed, run this command:
......
molecule/default/converge.yml deleted 100644 → 0
+ 0
68
View file @ d7500b00
#!/usr/bin/env ansible-playbook
---
- name: PYTHON
hosts: all
gather_facts: false
tasks:
- name: ensure python3 is installed
register: python_install
changed_when: "'es_pyinstall' in python_install.stdout_lines"
raw: command -v python3 || echo es_pyinstall && apt update && apt install -y python3-minimal python3-apt
- name: Converge
hosts: all
environment:
HOSTALIASES: /etc/hosts.aliases
pre_tasks:
- name:
stat: "path=/etc/hosts.aliases"
register: etc_hosts_debian
- debug:
msg: "{{ etc_hosts_debian }}"
- name: add all hosts to hostaliases
loop: "{{ query('inventory_hostnames', 'all:!localhost') }}"
lineinfile:
path: /etc/hosts.aliases
line: "{{ hostvars[item]['ansible_default_ipv4']['address'] }} {{ item }}"
backup: true
create: true
tags: always
when: not etc_hosts_debian.stat.exists
- name: add all hosts to hostfile
shell: "/bin/cat /etc/hosts.aliases >> /etc/hosts"
when: not etc_hosts_debian.stat.exists
tags: always
- name: check running in a docker container
register: check_if_docker
stat:
path: /.dockerenv
- name: set docker flag variable
set_fact:
in_docker: "{{ check_if_docker.stat.exists | d(false) }}"
post_tasks:
- name: deploy letsencrypt certificate
when: letsencrypt_enabled | d(false)
include_role:
name: letsencrypt
- name: configure network
when: network_apply | d(false)
include_role:
name: network
- name: configure proxy
when: proxy_apply | d(false)
include_role:
name: proxy
- import_playbook: ../../playbooks/site.yml
...
molecule/default/molecule.yml deleted 100644 → 0
+ 0
52
View file @ d7500b00
---
driver:
name: docker
platforms:
- name: ms-prep-${CI_PIPELINE_ID:-default}
image: registry.ubicast.net/docker/debian-systemd:buster
command: /lib/systemd/systemd
privileged: true
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
tmpfs:
- /tmp
- /run
groups:
- mediaserver
- mediaworker
- mirismanager
- live
- celerity
- postgres
- mediaimport
- mediavault
- netcapture
- msmonitor
- munin_server
- munin_node
provisioner:
name: ansible
options:
D: true
env:
ANSIBLE_ROLES_PATH: ../../roles
ANSIBLE_LIBRARY: ../../library
ANSIBLE_ACTION_PLUGINS: ../../plugins/action
ANSIBLE_PYTHON_INTERPRETER: /usr/bin/python3
SKYREACH_SYSTEM_KEY: ${SKYREACH_SYSTEM_KEY_STD}
inventory:
group_vars:
all:
customer_short_name: customer
verifier:
name: testinfra
options:
verbose: true
...
molecule/default/tests/test_celerity.py deleted 100644 → 0
+ 0
35
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_celerity_is_installed(host):
p = host.package("celerity-server")
assert p.is_installed
def test_celerity_config(host):
f = host.file("/etc/celerity/config.py")
assert f.exists
assert f.contains("SIGNING_KEY =")
assert f.contains("MEDIASERVERS =")
def test_celerity_service(host):
s = host.service("celerity-server")
assert s.is_running
assert s.is_enabled
def test_celerity_socket(host):
s = host.socket("tcp://0.0.0.0:6200")
assert s.is_listening
molecule/default/tests/test_conf.py deleted 100644 → 0
+ 0
63
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_git_is_installed(host):
p = host.package("git")
assert p.is_installed
def test_envsetup_repo(host):
f = host.file("/root/envsetup")
assert f.exists
assert f.is_directory
assert f.user == "root"
assert f.group == "root"
def test_root_privkey(host):
f = host.file("/root/.ssh/id_ed25519")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
assert f.mode == 0o600
def test_root_pubkey(host):
f = host.file("/root/.ssh/id_ed25519.pub")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
assert f.mode == 0o644
def test_generated_conf_sh_file(host):
f = host.file("/root/envsetup/auto-generated-conf.sh")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
assert f.contains("Generated by")
assert f.contains("SKYREACH_API_KEY=")
def test_conf_sh_file(host):
f = host.file("/root/envsetup/conf.sh")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
molecule/default/tests/test_init.py deleted 100644 → 0
+ 0
80
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_apt_source_skyreach_file(host):
f = host.file("/etc/apt/sources.list.d/ubicast.list")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
assert f.contains("deb http")
def test_requests_is_installed(host):
p = host.package("python3-requests")
assert p.is_installed
assert p.version.startswith("2.")
def test_locale_file(host):
f = host.file("/etc/default/locale")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
assert f.contains("LANGUAGE=")
def test_ubicast_user(host):
u = host.user("ubicast")
assert u.name == "ubicast"
assert u.home == "/home/ubicast"
assert "sudo" in u.groups
assert u.expiration_date is None
def test_bashrc_file(host):
f = host.file("/root/.bashrc")
assert f.exists
def test_vimrc_file(host):
f = host.file("/root/.vimrc")
assert f.exists
def test_authorized_keys_file(host):
f = host.file("/root/.ssh/authorized_keys")
assert f.exists
assert f.is_file
assert f.user == "root"
assert f.group == "root"
assert f.contains(
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr2IJlzvLlLxa2PyGhydAlz/PAOj240g8anQmY5"
"8X+llirLHIOlkdJXBqf94jAeZkweWpoE41RdmKPUQEz4pCO09dGJaZD4lv1NtDhrhNwTmoOnyFcko"
"PimR6DX6+UMM9wUmfti/ytljbVEVVo/pRacXmczeumDaci3uYTURyliuAR9h3zbIMQ6D2COESXjpt"
"WmEwawE9grsTfJi84Q+XIBPvXRHjjceB5hejUMWuf7xc6GH9WIo5REh3qTUvgtxHtIGLQ3ImOzrbC"
"sEhENrBWds0qH0pIuH0lykWGR6pumpPxLzXcVho+e/UJgUrEg5u6/58aizqJTkxFJMa8ciYz "
"support@ubicast"
)
def test_journal_file(host):
f = host.file("/var/log/journal")
assert f.exists
assert f.is_directory
molecule/default/tests/test_mediaimport.py deleted 100644 → 0
+ 0
84
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
# TODO: ubicast-mediaimport when released
def test_import_is_installed(host):
p = host.package("ubicast-mediaimport")
assert p.is_installed
def test_ftp_is_installed(host):
p = host.package("pure-ftpd")
assert p.is_installed
def test_ssh_is_installed(host):
p = host.package("openssh-server")
assert p.is_installed
def test_sftp_is_installed(host):
p = host.package("mysecureshell")
assert p.is_installed
def test_mediaimport_conf(host):
f = host.file("/etc/mediaserver/mediaimport.json")
assert f.exists
def test_mediaimport_service(host):
s = host.service("mediaimport")
assert s.is_running
assert s.is_enabled
def test_ftp_service(host):
s = host.service("pure-ftpd")
assert s.is_running
assert s.is_enabled
def test_sftp_service(host):
s = host.service("mysecureshell")
assert s.is_running
assert s.is_enabled
def test_ftp_socket(host):
s = host.socket("tcp://0.0.0.0:21")
assert s.is_listening
def test_sftp_socket(host):
s = host.socket("tcp://0.0.0.0:22")
assert s.is_listening
def test_fail2ban_conf(host):
f = host.file("/etc/fail2ban/jail.d/pure-ftpd.conf")
assert f.exists
def test_fail2ban_service(host):
s = host.service("fail2ban")
assert s.is_running
molecule/default/tests/test_mediaserver.py deleted 100644 → 0
+ 0
57
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_server_is_installed(host):
p = host.package("ubicast-mediaserver")
assert p.is_installed
def test_server_user(host):
u = host.user("msuser")
assert u.name == "msuser"
def test_server_nginx(host):
f = host.file("/etc/nginx/sites-available/mediaserver-msuser.conf")
assert f.exists
def test_server_service(host):
s = host.service("mediaserver")
assert s.is_running
assert s.is_enabled
def test_server_socket(host):
s = host.socket("tcp://0.0.0.0:443")
assert s.is_listening
def test_fail2ban_conf(host):
f = host.file("/etc/fail2ban/jail.d/mediaserver.conf")
assert f.exists
def test_fail2ban_service(host):
s = host.service("fail2ban")
assert s.is_running
def test_postfix_service(host):
s = host.service("postfix")
assert s.is_running
molecule/default/tests/test_mediavault.py deleted 100644 → 0
+ 0
20
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_rsync_is_installed(host):
p = host.package("rsync")
assert p.is_installed
def test_rsync_tmbackup_is_installed(host):
r = host.file("/usr/bin/rsync_tmbackup")
assert r.exists
molecule/default/tests/test_mediaworker.py deleted 100644 → 0
+ 0
30
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_celerity_is_installed(host):
p = host.package("celerity-workers")
assert p.is_installed
def test_celerity_config(host):
f = host.file("/etc/celerity/config.py")
assert f.exists
assert f.contains("SIGNING_KEY =")
assert f.contains("SERVER_URL =")
assert f.contains("QUEUES_PER_WORKER =")
def test_celerity_service(host):
s = host.service("celerity-workers")
assert s.is_running
assert s.is_enabled
molecule/default/tests/test_mirismanager.py deleted 100644 → 0
+ 0
57
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_manager_is_installed(host):
p = host.package("ubicast-skyreach")
assert p.is_installed
def test_manager_user(host):
u = host.user("skyreach")
assert u.name == "skyreach"
def test_manager_nginx(host):
f = host.file("/etc/nginx/sites-available/skyreach.conf")
assert f.exists
def test_manager_service(host):
s = host.service("skyreach")
assert s.is_running
assert s.is_enabled
def test_manager_socket(host):
s = host.socket("tcp://0.0.0.0:443")
assert s.is_listening
def test_fail2ban_conf(host):
f = host.file("/etc/fail2ban/jail.d/skyreach.conf")
assert f.exists
def test_fail2ban_service(host):
s = host.service("fail2ban")
assert s.is_running
def test_postfix_service(host):
s = host.service("postfix")
assert s.is_running
molecule/default/tests/test_msmonitor.py deleted 100644 → 0
+ 0
63
View file @ d7500b00
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")
def test_munin_is_installed(host):
p = host.package("munin-node")
assert p.is_installed
def test_monitor_is_installed(host):
p = host.package("ubicast-monitor")
assert p.is_installed
def test_monitor_runtime_is_installed(host):
p = host.package("ubicast-monitor-runtime")
assert p.is_installed
def test_monitor_user(host):
u = host.user("msmonitor")
assert u.name == "msmonitor"
def test_monitor_nginx(host):
f = host.file("/etc/nginx/sites-available/msmonitor.conf")
assert f.exists
def test_monitor_service(host):
s = host.service("msmonitor")
assert s.is_running
assert s.is_enabled
def test_monitor_socket(host):
s = host.socket("tcp://0.0.0.0:443")
assert s.is_listening
def test_fail2ban_conf(host):
f = host.file("/etc/fail2ban/jail.d/monitor.conf")
assert f.exists
def test_fail2ban_service(host):
s = host.service("fail2ban")
assert s.is_running
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment