import rhel-system-roles-1.0-20.el8

This commit is contained in:
CentOS Sources 2020-11-03 07:10:23 -05:00 committed by Andrew Lukoshko
parent fe1303163e
commit 287e02c51d
15 changed files with 1526 additions and 1729 deletions

11
.gitignore vendored
View File

@ -1,6 +1,13 @@
SOURCES/certificate-fedef6e.tar.gz
SOURCES/kdump-0c2bb28.tar.gz
SOURCES/network-d5891d4.tar.gz
SOURCES/kernel_settings-901a73a.tar.gz
SOURCES/logging-fe3f658.tar.gz
SOURCES/metrics-7f94b49.tar.gz
SOURCES/nbde_client-6306def.tar.gz
SOURCES/nbde_server-4b6cfca.tar.gz
SOURCES/network-bf4501b.tar.gz
SOURCES/postfix-0.1.tar.gz
SOURCES/selinux-6cd1ec8.tar.gz
SOURCES/storage-1594e25.tar.gz
SOURCES/storage-81f30ab.tar.gz
SOURCES/timesync-924650d.tar.gz
SOURCES/tlog-cfa70b6.tar.gz

View File

@ -1,6 +1,13 @@
5aa98ec9e109c5ebfae327718e5cad1d3c837e4f SOURCES/certificate-fedef6e.tar.gz
36b200d1c6a8d1cb1ea87e3e9aa8c4f6bbd8155d SOURCES/kdump-0c2bb28.tar.gz
530aaa9302d90c278b9e1c8d8513e516494e3380 SOURCES/network-d5891d4.tar.gz
263a6bbe7b25fbbc13c60b6b30861b63ec2648cd SOURCES/kernel_settings-901a73a.tar.gz
9f365ee569d0d6e542983842ffd7c81c82e2c3ca SOURCES/logging-fe3f658.tar.gz
3c25f49356e9325ba694d14ece036c8ea3aa16f6 SOURCES/metrics-7f94b49.tar.gz
435fed277e03b6c409ebbfa421c15f97ba15e8c8 SOURCES/nbde_client-6306def.tar.gz
e936390ddc7440e25190d6ff98cf5e5b3bf1fc3b SOURCES/nbde_server-4b6cfca.tar.gz
d1e3e5cd724e7a61a9b3f4eb2bf669d6ed6f9cde SOURCES/network-bf4501b.tar.gz
66c82331f4ac9598c506c3999965b4d07dbfe49d SOURCES/postfix-0.1.tar.gz
246383bd6823533ed3a51a0501b75e38ba852908 SOURCES/selinux-6cd1ec8.tar.gz
aa1c37b04cef831148d9834033fe414156ba62df SOURCES/storage-1594e25.tar.gz
d1ba125b693ac5b8705e79d92b13f24c01c51a86 SOURCES/storage-81f30ab.tar.gz
ffd2a706e4e3007684aa9874c8457ad5c8920050 SOURCES/timesync-924650d.tar.gz
66538d3279cb5972f73a70960a4407d2abe56883 SOURCES/tlog-cfa70b6.tar.gz

View File

@ -0,0 +1,13 @@
diff --git a/meta/main.yml b/meta/main.yml
index 2478fa6..ad8f4c6 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -7,6 +7,6 @@ galaxy_info:
min_ansible_version: 2.4
platforms:
- name: Fedora
- versions: [ 27, 28 ]
+ versions: [ 31, 32 ]
- name: EL
- versions: [ 6, 7 ]
+ versions: [ 6, 7, 8 ]

View File

@ -45,30 +45,25 @@ index 0000000..2035dfc
+ with_items: "{{ restore_services }}"
+ tags: tests::cleanup
diff --git a/tests/tests_default.yml b/tests/tests_default.yml
index 4c93830..60d7967 100644
index 4c93830..9e7743a 100644
--- a/tests/tests_default.yml
+++ b/tests/tests_default.yml
@@ -1,6 +1,18 @@
- name: Ensure that the rule runs with default parameters
+ tags:
+ - 'tests::tier1'
hosts: all
@@ -4,3 +4,13 @@
roles:
- kdump
+
+ pre_tasks:
+ - name: Import tasks
+ tags: tests::tier1::cleanup
+# tags: tests::tier1::cleanup
+ import_tasks: get_services_state.yml
+
+ post_tasks:
+ - name: Import tasks
+ tags: tests::tier1::cleanup
+# tags: tests::tier1::cleanup
+ import_tasks: restore_services_state.yml
diff --git a/tests/tests_default_wrapper.yml b/tests/tests_default_wrapper.yml
index 2763fbd..617acb3 100644
index 2763fbd..95b3886 100644
--- a/tests/tests_default_wrapper.yml
+++ b/tests/tests_default_wrapper.yml
@@ -1,6 +1,9 @@
@ -76,7 +71,7 @@ index 2763fbd..617acb3 100644
- name: Create static inventory from hostvars
hosts: all
+ tags:
+ - 'tests::tier1'
+# - 'tests::tier1'
+ - 'tests::slow'
tasks:
- name: create temporary file
@ -86,15 +81,62 @@ index 2763fbd..617acb3 100644
- name: Run tests_default.yml normally
+ tags:
+ - 'tests::tier1'
+# - 'tests::tier1'
+ - 'tests::slow'
import_playbook: tests_default.yml
- name: Run tests_default.yml in check_mode
hosts: all
+ tags:
+ - 'tests::tier1'
+# - 'tests::tier1'
+ - 'tests::slow'
tasks:
- name: Run ansible-playbook with tests_default.yml in check mode
command: ansible-playbook -vvv -i {{ tempinventory.path }} --check tests_default.yml
diff --git a/tests/tests_ssh.yml b/tests/tests_ssh.yml
index 14a59d9..23bc7eb 100644
--- a/tests/tests_ssh.yml
+++ b/tests/tests_ssh.yml
@@ -11,6 +11,13 @@
# this is the address at which the ssh dump server can be reached
# from the managed host. Dumps will be uploaded there.
kdump_ssh_server_inside: "{{ kdump_ssh_source if kdump_ssh_source in hostvars[kdump_ssh_server_outside]['ansible_all_ipv4_addresses'] + hostvars[kdump_ssh_server_outside]['ansible_all_ipv6_addresses'] else hostvars[kdump_ssh_server_outside]['ansible_default_ipv4']['address'] }}"
+ tags:
+ # this test executes some tasks on localhost and relies on
+ # localhost being a different host than the managed host
+ # (localhost is being used as a second host in multihost
+ # scenario). This also means that localhost must be capable
+ # enough (not just a container - must be runnign a sshd).
+ - 'tests::multihost_localhost'
tasks:
- name: gather facts from {{ kdump_ssh_server_outside }}
diff --git a/tests/tests_ssh_wrapper.yml b/tests/tests_ssh_wrapper.yml
index 9a8ecfd..1a6db73 100644
--- a/tests/tests_ssh_wrapper.yml
+++ b/tests/tests_ssh_wrapper.yml
@@ -1,6 +1,8 @@
---
- name: Create static inventory from hostvars
hosts: all
+ tags:
+ - 'tests::slow'
tasks:
- name: create temporary file
tempfile:
@@ -17,10 +19,15 @@
- name: Run tests_ssh.yml normally
+ tags:
+ - 'tests::slow'
import_playbook: tests_ssh.yml
- name: Run tests_ssh.yml in check_mode
hosts: all
+ tags:
+ - 'tests::slow'
+ - 'tests::multihost_localhost'
tasks:
- name: Run ansible-playbook with tests_ssh.yml in check mode
command: ansible-playbook -vvv -i {{ tempinventory.path }} --check tests_ssh.yml

View File

@ -1,6 +1,10 @@
#!/bin/bash
set -euxo pipefail
for file in "$@"; do
pandoc -f markdown_github "${file}" -t asciidoc -o "${file%.md}.tmp.adoc" ||exit $?
touch -r "${file}" "${file%.md}.tmp.adoc" ||exit $?
TZ=UTC asciidoc -o "${file%.md}.html" -a footer-style=none -a toc2 -a source-highlighter=highlight "${file%.md}.tmp.adoc" ||exit $?
pandoc -f markdown_github "${file}" -t asciidoc -o "${file%.md}.tmp.adoc"
touch -r "${file}" "${file%.md}.tmp.adoc"
TZ=UTC asciidoc -o "${file%.md}.html" -a footer-style=none -a toc2 -a source-highlighter=highlight "${file%.md}.tmp.adoc"
rm "${file%.md}.tmp.adoc"
done

View File

@ -1,59 +1,290 @@
diff --git a/tests/commonvars.yml b/tests/commonvars.yml
new file mode 100644
index 0000000..50452f7
--- /dev/null
+++ b/tests/commonvars.yml
@@ -0,0 +1,2 @@
+restore_services:
+ - NetworkManager
diff --git a/tests/get_services_state.yml b/tests/get_services_state.yml
new file mode 100644
index 0000000..4fe5d36
--- /dev/null
+++ b/tests/get_services_state.yml
@@ -0,0 +1,4 @@
+- name: Get initial state of services
+ tags: tests::cleanup
+ service_facts:
+ register: initial_state
diff --git a/tests/playbooks/tests_states.yml b/tests/playbooks/tests_states.yml
index 7a1e207..3c1f65d 100644
--- a/tests/playbooks/tests_states.yml
+++ b/tests/playbooks/tests_states.yml
@@ -1,6 +1,8 @@
diff --git a/tests/playbooks/tests_802_1x.yml b/tests/playbooks/tests_802_1x.yml
index 9cce1ae..76d99e9 100644
--- a/tests/playbooks/tests_802_1x.yml
+++ b/tests/playbooks/tests_802_1x.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
+ tags:
+ - 'tests::tier1'
vars:
interface: statebr
profile: "{{ interface }}"
@@ -22,6 +24,8 @@
ip:
dhcp4: false
auto6: false
+ tags:
+ - 'tests::net::bridge'
- include_tasks: tasks/assert-device_present.yml
- include_tasks: tasks/assert-profile_present.yml
interface: 802-1x-test
@@ -122,3 +127,8 @@
command: update-ca-trust
tags:
- "tests::cleanup"
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_bond.yml b/tests/playbooks/tests_bond.yml
index ab3ee43..d646a0b 100644
--- a/tests/playbooks/tests_bond.yml
+++ b/tests/playbooks/tests_bond.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
vars:
master_profile: bond0
@@ -94,3 +99,8 @@
- import_tasks: tasks/remove_test_interfaces_with_dhcp.yml
tags:
- "tests::cleanup"
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_bridge.yml b/tests/playbooks/tests_bridge.yml
index d79d6ad..c8cf3cd 100644
--- a/tests/playbooks/tests_bridge.yml
+++ b/tests/playbooks/tests_bridge.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- name: Test configuring bridges
hosts: all
vars:
@@ -14,6 +19,8 @@
@@ -47,3 +51,28 @@
state: down
- include_tasks: tasks/assert-device_absent.yml
- include_tasks: tasks/assert-profile_absent.yml
- name: Add test bridge
hosts: all
+ tags:
+ - 'tests::net::bridge'
vars:
network_connections:
- name: "{{ interface }}"
@@ -36,11 +43,15 @@
task: tasks/assert_profile_present.yml
- import_playbook: down_profile.yml
+ tags:
+ - 'tests::net::bridge'
vars:
profile: "{{ interface }}"
# FIXME: assert profile/device down
- import_playbook: remove_profile.yml
+ tags:
+ - 'tests::net::bridge'
vars:
profile: "{{ interface }}"
@@ -51,5 +62,19 @@
# FIXME: Devices might still be left when profile is absent
# - import_playbook: run_tasks.yml
-# vars:
+# vars:
# task: tasks/assert_device_absent.yml
+
+- name: Remove test bridge
+ hosts: all
+ tags:
+ - 'tests::cleanup'
+ - 'tests::net::bridge::cleanup'
+ tasks:
+ - command: 'ip link delete "{{ interface }}"'
+ ignore_errors: yes
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_checkpoint_cleanup.yml b/tests/playbooks/tests_checkpoint_cleanup.yml
index 18e3fd7..3b5a41a 100644
--- a/tests/playbooks/tests_checkpoint_cleanup.yml
+++ b/tests/playbooks/tests_checkpoint_cleanup.yml
@@ -4,6 +4,11 @@
# mark a device as unmanaged for NM and then tries to activiate it using NM.
# This failed without removing the checkpoint.
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
vars:
interface: cptstbr
@@ -80,3 +85,8 @@
ignore_errors: true
tags:
- "tests::cleanup"
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_ethernet.yml b/tests/playbooks/tests_ethernet.yml
index cd02579..adcffee 100644
--- a/tests/playbooks/tests_ethernet.yml
+++ b/tests/playbooks/tests_ethernet.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
tasks:
- debug:
@@ -9,6 +14,8 @@
- name: Test configuring ethernet devices
hosts: all
+ tags:
+ - 'tests::net::veth'
vars:
type: veth
interface: lsr27
@@ -26,6 +33,8 @@
- name: Test static interface up
hosts: all
+ tags:
+ - 'tests::net::reconf'
vars:
network_connections:
- name: "{{ interface }}"
@@ -48,17 +57,29 @@
# FIXME: assert profile present
# FIXME: assert profile/device up + IP address
- import_playbook: down_profile.yml
+ tags:
+ - 'tests::cleanup'
vars:
profile: "{{ interface }}"
# FIXME: assert profile/device down
- import_playbook: remove_profile.yml
+ tags:
+ - 'tests::cleanup'
vars:
profile: "{{ interface }}"
# FIXME: assert profile away
- name: Remove interfaces
hosts: all
+ tags:
+ - 'tests::cleanup'
+ - 'tests::net::veth::cleanup'
tasks:
- include_tasks: tasks/manage_test_interface.yml
vars:
state: absent
- include_tasks: tasks/assert_device_absent.yml
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_ethtool_features.yml b/tests/playbooks/tests_ethtool_features.yml
index 43fddc3..d1a87fe 100644
--- a/tests/playbooks/tests_ethtool_features.yml
+++ b/tests/playbooks/tests_ethtool_features.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
vars:
interface: testnic1
@@ -198,3 +203,8 @@
state: absent
tags:
- "tests::cleanup"
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_provider.yml b/tests/playbooks/tests_provider.yml
index 1db2d08..e097b4b 100644
--- a/tests/playbooks/tests_provider.yml
+++ b/tests/playbooks/tests_provider.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
vars:
interface: testnic1
@@ -33,3 +38,8 @@
- tasks/cleanup_profile+device.yml
tags:
- tests::provider:initscripts_to_nm
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_reapply.yml b/tests/playbooks/tests_reapply.yml
index 4b1cb09..6995607 100644
--- a/tests/playbooks/tests_reapply.yml
+++ b/tests/playbooks/tests_reapply.yml
@@ -4,6 +4,11 @@
# of via Ansible. Until there is better test support for this, just check the
# log output for the respective log message.
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
vars:
interface: rpltstbr
@@ -64,3 +69,8 @@
ignore_errors: true
tags:
- "tests::cleanup"
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_states.yml b/tests/playbooks/tests_states.yml
index eec27c0..a8d0ecd 100644
--- a/tests/playbooks/tests_states.yml
+++ b/tests/playbooks/tests_states.yml
@@ -135,3 +135,23 @@
- tasks/cleanup_profile+device.yml
tags:
- tests::states:remove_down_twice
+
+ pre_tasks:
+ - name: Save host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: "../save_state.yml"
+ import_tasks: tasks/save_state.yml
+
+ post_tasks:
+ - name: Remove test profile
+ tags:
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::bridge::cleanup'
+ import_role:
+ name: linux-system-roles.network
@ -64,72 +295,97 @@ index 7a1e207..3c1f65d 100644
+ persistent_state: absent
+
+ - name: Restore host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: "../restore_state.yml"
+ import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_vlan_mtu.yml b/tests/playbooks/tests_vlan_mtu.yml
index ae0322e..bf6e518 100644
index 029b599..378d5fe 100644
--- a/tests/playbooks/tests_vlan_mtu.yml
+++ b/tests/playbooks/tests_vlan_mtu.yml
@@ -1,6 +1,8 @@
# SPDX-License-Identifier: BSD-3-Clause
---
- hosts: all
+ tags:
+ - 'tests::tier1'
vars:
type: veth
interface: lsr101
@@ -10,6 +12,8 @@
- include_tasks: tasks/manage-test-interface.yml
@@ -10,6 +10,8 @@
- include_tasks: tasks/manage_test_interface.yml
vars:
state: present
+ tags:
+ - 'tests::net::veth'
- include_tasks: tasks/assert-device_present.yml
- name: "TEST: I can configure the MTU for a vlan interface without autoconnect."
debug:
@@ -37,6 +41,8 @@
- include_tasks: tasks/assert_device_present.yml
- name: >-
TEST: I can configure the MTU for a vlan interface without autoconnect.
@@ -38,6 +40,8 @@
ip:
dhcp4: false
auto6: false
+ tags:
+ - 'tests::net::reconf'
- include_tasks: tasks/assert-device_present.yml
- include_tasks: tasks/assert_device_present.yml
vars:
interface: "{{ vlan_interface }}"
@@ -61,6 +67,26 @@
@@ -62,6 +66,20 @@
persistent_state: absent
state: down
ignore_errors: true
+ tags:
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::veth::cleanup'
- include_tasks: tasks/manage-test-interface.yml
- include_tasks: tasks/manage_test_interface.yml
vars:
state: absent
+ tags:
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::veth::cleanup'
+
+ pre_tasks:
+ - name: Save host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: "../save_state.yml"
+ import_tasks: tasks/save_state.yml
+
+ post_tasks:
+ - name: Restore host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: "../restore_state.yml"
diff --git a/tests/restore_services_state.yml b/tests/restore_services_state.yml
+ import_tasks: tasks/restore_state.yml
diff --git a/tests/playbooks/tests_wireless.yml b/tests/playbooks/tests_wireless.yml
index 822a15e..52661bd 100644
--- a/tests/playbooks/tests_wireless.yml
+++ b/tests/playbooks/tests_wireless.yml
@@ -1,5 +1,10 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/save_state.yml
+
- hosts: all
vars:
interface: wlan0
@@ -86,3 +91,8 @@
- include_tasks: tasks/cleanup_mock_wifi.yml
tags:
- "tests::cleanup"
+
+- name: Restore host state
+ hosts: all
+ tasks:
+ - import_tasks: tasks/restore_state.yml
diff --git a/tests/tasks/commonvars.yml b/tests/tasks/commonvars.yml
new file mode 100644
index 0000000..50452f7
--- /dev/null
+++ b/tests/tasks/commonvars.yml
@@ -0,0 +1,2 @@
+restore_services:
+ - NetworkManager
diff --git a/tests/tasks/get_services_state.yml b/tests/tasks/get_services_state.yml
new file mode 100644
index 0000000..4fe5d36
--- /dev/null
+++ b/tests/tasks/get_services_state.yml
@@ -0,0 +1,4 @@
+- name: Get initial state of services
+ tags: tests::cleanup
+ service_facts:
+ register: initial_state
diff --git a/tests/tasks/restore_services_state.yml b/tests/tasks/restore_services_state.yml
new file mode 100644
index 0000000..2035dfc
--- /dev/null
+++ b/tests/restore_services_state.yml
+++ b/tests/tasks/restore_services_state.yml
@@ -0,0 +1,22 @@
+- block:
+ - name: load common vars
@ -153,11 +409,11 @@ index 0000000..2035dfc
+ sname: "{{ item + '.service' }}"
+ with_items: "{{ restore_services }}"
+ tags: tests::cleanup
diff --git a/tests/restore_state.yml b/tests/restore_state.yml
diff --git a/tests/tasks/restore_state.yml b/tests/tasks/restore_state.yml
new file mode 100644
index 0000000..f4e3d5f
--- /dev/null
+++ b/tests/restore_state.yml
+++ b/tests/tasks/restore_state.yml
@@ -0,0 +1,24 @@
+---
+- name: Remove /etc/sysconfig/network if there was no one
@ -183,11 +439,11 @@ index 0000000..f4e3d5f
+ - final_state.ansible_facts.services[sname]['state'] == 'running'
+ vars:
+ sname: NetworkManager.service
diff --git a/tests/save_state.yml b/tests/save_state.yml
diff --git a/tests/tasks/save_state.yml b/tests/tasks/save_state.yml
new file mode 100644
index 0000000..5690aed
--- /dev/null
+++ b/tests/save_state.yml
+++ b/tests/tasks/save_state.yml
@@ -0,0 +1,11 @@
+---
+- name: Get services state
@ -200,352 +456,76 @@ index 0000000..5690aed
+ path: /etc/sysconfig/network
+ register: etc_sysconfig_network_stat
+ ignore_errors: yes
diff --git a/tests/tests_bridge.yml b/tests/tests_bridge.yml
index 9ead308..394d392 100644
--- a/tests/tests_bridge.yml
+++ b/tests/tests_bridge.yml
@@ -1,7 +1,17 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::tier1::cleanup'
+ tasks:
+ - import_tasks: save_state.yml
+
- name: Test configuring bridges
hosts: all
+ tags:
+ - 'tests::tier1'
vars:
interface: LSR-TST-br31
@@ -14,6 +24,9 @@
- name: Add test bridge
hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::net::bridge'
vars:
network_connections:
- name: "{{ interface }}"
@@ -27,24 +40,40 @@
- linux-system-roles.network
- import_playbook: run-tasks.yml
+ tags:
+ - 'tests::tier1'
vars:
task: tasks/assert-device_present.yml
- import_playbook: run-tasks.yml
+ tags:
+ - 'tests::tier1'
vars:
profile: "{{ interface }}"
task: tasks/assert-profile_present.yml
- import_playbook: down-profile.yml
+ tags:
+ - 'tests::tier1'
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::bridge::cleanup'
vars:
profile: "{{ interface }}"
# FIXME: assert profile/device down
- import_playbook: remove-profile.yml
+ tags:
+ - 'tests::tier1'
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::bridge::cleanup'
vars:
profile: "{{ interface }}"
- import_playbook: run-tasks.yml
+ tags:
+ - 'tests::tier1'
vars:
profile: "{{ interface }}"
task: tasks/assert-profile_absent.yml
@@ -53,3 +82,22 @@
#- import_playbook: run-tasks.yml
# vars:
# task: tasks/assert-device_absent.yml
+
+- name: Remove test bridge
+ hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::bridge::cleanup'
+ tasks:
+ - command: 'ip link delete "{{ interface }}"'
+ ignore_errors: yes
+
+- name: Restore host state
+ hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::tier1::cleanup'
+ tasks:
+ - import_tasks: restore_state.yml
diff --git a/tests/tests_bridge_other_provider.yml b/tests/tests_bridge_other_provider.yml
index e5a4ad7..4d1d2dd 100644
--- a/tests/tests_bridge_other_provider.yml
+++ b/tests/tests_bridge_other_provider.yml
@@ -1,6 +1,8 @@
---
diff --git a/tests/tests_802_1x_nm.yml b/tests/tests_802_1x_nm.yml
index 3bd0719..77cf2d9 100644
--- a/tests/tests_802_1x_nm.yml
+++ b/tests/tests_802_1x_nm.yml
@@ -4,6 +4,8 @@
# set network provider and gather facts
- hosts: all
name: Run playbook 'tests_bridge.yml' with non-default provider
name: Run playbook 'playbooks/tests_802_1x.yml' with nm as provider
+ tags:
+ - 'tests::tier1'
+ - tests::expfail
tasks:
- name: Get service facts
service_facts: null
- name: Set network provider to 'nm'
set_fact:
@@ -21,3 +23,5 @@
- import_playbook: playbooks/tests_802_1x.yml
when:
- ansible_distribution_major_version != '6'
+ tags:
+ - tests::expfail
diff --git a/tests/tests_802_1x_updated_nm.yml b/tests/tests_802_1x_updated_nm.yml
index 0d4c741..ca666a6 100644
--- a/tests/tests_802_1x_updated_nm.yml
+++ b/tests/tests_802_1x_updated_nm.yml
@@ -4,6 +4,8 @@
# set network provider and gather facts
- hosts: all
name: Run playbook 'playbooks/tests_802_1x_updated.yml' with nm as provider
+ tags:
+ - tests::expfail
tasks:
- name: Set network provider to 'nm'
set_fact:
@@ -21,3 +23,5 @@
- import_playbook: playbooks/tests_802_1x_updated.yml
when:
- ansible_distribution_major_version != '6'
+ tags:
+ - tests::expfail
diff --git a/tests/tests_default.yml b/tests/tests_default.yml
index fda6ed5..0ce3ab9 100644
index f6f7550..98e3c7e 100644
--- a/tests/tests_default.yml
+++ b/tests/tests_default.yml
@@ -2,5 +2,19 @@
---
- name: Test executing the role with default parameters
hosts: all
+ tags:
+ - 'tests::tier1'
roles:
- linux-system-roles.network
@@ -10,3 +10,11 @@
that:
- "'warnings' not in __network_connections_result"
msg: "There are warnings"
+
+ pre_tasks:
+ - name: Save host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: save_state.yml
+ import_tasks: tasks/save_state.yml
+
+ post_tasks:
+ - name: Restore host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: restore_state.yml
diff --git a/tests/tests_default_other_provider.yml b/tests/tests_default_other_provider.yml
index 697bc57..0c70dac 100644
--- a/tests/tests_default_other_provider.yml
+++ b/tests/tests_default_other_provider.yml
@@ -1,6 +1,8 @@
---
- hosts: all
name: Run playbook 'tests_default.yml' with non-default provider
+ tags:
+ - 'tests::tier1'
tasks:
- name: Get service facts
service_facts: null
diff --git a/tests/tests_ethernet.yml b/tests/tests_ethernet.yml
index 25f117d..c85f853 100644
--- a/tests/tests_ethernet.yml
+++ b/tests/tests_ethernet.yml
@@ -1,6 +1,16 @@
# SPDX-License-Identifier: BSD-3-Clause
---
+- name: Save host state
+ hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::tier1::cleanup'
+ tasks:
+ - import_tasks: save_state.yml
+
- hosts: all
+ tags:
+ - 'tests::tier1'
tasks:
- debug:
msg: Inside ethernet tests
@@ -9,6 +19,9 @@
- name: Test configuring ethernet devices
hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::net::veth'
vars:
type: veth
interface: lsr27
@@ -18,6 +31,7 @@
set_fact:
type: "{{ type }}"
interface: "{{ interface }}"
+# cacheable: yes
- include_tasks: tasks/show-interfaces.yml
- include_tasks: tasks/manage-test-interface.yml
vars:
@@ -26,6 +40,9 @@
- name: Test static interface up
hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::net::reconf'
vars:
network_connections:
- name: "{{ interface }}"
@@ -39,6 +56,8 @@
- linux-system-roles.network
- hosts: all
+ tags:
+ - 'tests::tier1'
tasks:
- debug:
var: network_provider
@@ -46,17 +65,38 @@
# FIXME: assert profile present
# FIXME: assert profile/device up + IP address
- import_playbook: down-profile.yml
+ tags:
+ - 'tests::tier1'
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
vars:
profile: "{{ interface }}"
# FIXME: assert profile/device down
- import_playbook: remove-profile.yml
+ tags:
+ - 'tests::tier1'
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
vars:
profile: "{{ interface }}"
# FIXME: assert profile away
- name: Remove interfaces
hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::cleanup'
+ - 'tests::tier1::cleanup'
+ - 'tests::net::veth::cleanup'
tasks:
- include_tasks: tasks/manage-test-interface.yml
vars:
state: absent
- include_tasks: tasks/assert-device_absent.yml
+
+- name: Restore host state
+ hosts: all
+ tags:
+ - 'tests::tier1'
+ - 'tests::tier1::cleanup'
+ tasks:
+ - import_tasks: restore_state.yml
diff --git a/tests/tests_ethernet_other_provider.yml b/tests/tests_ethernet_other_provider.yml
index 456b052..5a5dbb0 100644
--- a/tests/tests_ethernet_other_provider.yml
+++ b/tests/tests_ethernet_other_provider.yml
@@ -1,6 +1,8 @@
---
- hosts: all
name: Run playbook 'tests_ethernet.yml' with non-default provider
+ tags:
+ - 'tests::tier1'
tasks:
- name: Get service facts
service_facts: null
diff --git a/tests/tests_helpers-and-asserts.yml b/tests/tests_helpers-and-asserts.yml
index 36f02c2..b44599a 100644
--- a/tests/tests_helpers-and-asserts.yml
+++ b/tests/tests_helpers-and-asserts.yml
@@ -2,6 +2,8 @@
---
- name: Check that creating and removing test devices and assertions work
hosts: all
+ tags:
+ - 'tests::tier1'
tasks:
- name: test veth interface management
include_tasks: tasks/create-and-remove-interface.yml
@@ -15,6 +17,18 @@
+ import_tasks: tasks/restore_state.yml
diff --git a/tests/tests_helpers_and_asserts.yml b/tests/tests_helpers_and_asserts.yml
index 5514182..d9bfa11 100644
--- a/tests/tests_helpers_and_asserts.yml
+++ b/tests/tests_helpers_and_asserts.yml
@@ -15,6 +15,14 @@
type: dummy
interface: dummy1298
+ pre_tasks:
+ - name: Save host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: save_state.yml
+ import_tasks: tasks/save_state.yml
+
+ post_tasks:
+ - name: Restore host state
+ tags:
+ - 'tests::tier1::cleanup'
+ import_tasks: restore_state.yml
+ import_tasks: tasks/restore_state.yml
+
# FIXME: when: does not seem to work with include_tasks, therefore this cannot be safely tested for now
# FIXME: when: does not seem to work with include_tasks, therefore this cannot
# be safely tested for now
# - name: test tap interfaces
# include_tasks: tasks/create-and-remove-interface.yml
diff --git a/tests/tests_states.yml b/tests/tests_states.yml
index eff3436..46cfe87 100644
--- a/tests/tests_states.yml
+++ b/tests/tests_states.yml
@@ -1,6 +1,8 @@
---
# empty playbook to gather facts for import_playbook when clause
- hosts: all
+ tags:
+ - 'tests::tier1'
# workaround for: https://github.com/ansible/ansible/issues/27973
# There is no way in Ansible to abort a playbook hosts with specific OS
diff --git a/tests/tests_unit.yml b/tests/tests_unit.yml
index c6ea4ef..8d56cf4 100644
--- a/tests/tests_unit.yml
+++ b/tests/tests_unit.yml
@@ -2,6 +2,8 @@
---
- hosts: all
name: Setup for test running
+ tags:
+ - 'tests::tier1'
tasks:
- name: Install EPEL on enterprise Linux for python2-mock
command: yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-{{ ansible_distribution_major_version }}.noarch.rpm
@@ -27,6 +29,8 @@
- hosts: all
name: execute python unit tests
+ tags:
+ - 'tests::tier1'
tasks:
- name: Copy python modules
copy:
diff --git a/tests/tests_vlan_mtu_initscripts.yml b/tests/tests_vlan_mtu_initscripts.yml
index a57db4b..d3a48c7 100644
--- a/tests/tests_vlan_mtu_initscripts.yml
+++ b/tests/tests_vlan_mtu_initscripts.yml
@@ -1,6 +1,8 @@
---
# set network provider and gather facts
- hosts: all
+ tags:
+ - 'tests::tier1'
tasks:
- name: Set network provider to 'initscripts'
set_fact:
diff --git a/tests/tests_vlan_mtu_nm.yml b/tests/tests_vlan_mtu_nm.yml
index d830817..68b61b5 100644
--- a/tests/tests_vlan_mtu_nm.yml
+++ b/tests/tests_vlan_mtu_nm.yml
@@ -1,6 +1,8 @@
---
# set network provider and gather facts
- hosts: all
+ tags:
+ - 'tests::tier1'
tasks:
- name: Set network provider to 'nm'
set_fact:

View File

@ -0,0 +1,16 @@
diff --git a/meta/main.yml b/meta/main.yml
index a0ef6f4..da22270 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -7,8 +7,8 @@ galaxy_info:
min_ansible_version: 2.2
platforms:
- name: Fedora
- versions: [ 24, 25 ]
+ versions: [ 31, 32 ]
- name: EL
- versions: [ 6, 7 ]
+ versions: [ 6, 7, 8 ]

View File

@ -1,62 +0,0 @@
diff --git a/library/network_connections.py b/library/network_connections.py
index 39e81e8..6fa5e2f 100644
--- a/library/network_connections.py
+++ b/library/network_connections.py
@@ -1369,6 +1369,13 @@ class NMUtil:
finally:
ac.handler_disconnect(ac_id)
+ def reapply(self, device, connection=None):
+ version_id = 0
+ flags = 0
+ return Util.call_async_method(
+ device, "reapply", [connection, version_id, flags]
+ )
+
###############################################################################
@@ -2088,6 +2095,9 @@ class Cmd_nm(Cmd):
)
self.connections_data_set_changed(idx)
if self.check_mode == CheckMode.REAL_RUN:
+ if self._try_reapply(idx, con):
+ return
+
try:
ac = self.nmutil.connection_activate(con)
except MyError as e:
@@ -2102,6 +2112,33 @@ class Cmd_nm(Cmd):
except MyError as e:
self.log_error(idx, "up connection failed while waiting: %s" % (e))
+ def _try_reapply(self, idx, con):
+ """ Try to reapply a connection
+
+ If there is exactly one active connection with the same UUID activated
+ on exactly one device, ask the device to reapply the connection.
+
+ :returns: `True`, when the connection was reapplied, `False` otherwise
+ :rtype: bool
+ """
+ NM = Util.NM()
+
+ acons = list(self.nmutil.active_connection_list(connections=[con]))
+ if len(acons) != 1:
+ return False
+
+ active_connection = acons[0]
+ if active_connection.get_state() == NM.ActiveConnectionState.ACTIVATED:
+ devices = active_connection.get_devices()
+ if len(devices) == 1:
+ try:
+ self.nmutil.reapply(devices[0])
+ self.log_info(idx, "connection reapplied")
+ return True
+ except MyError as error:
+ self.log_info(idx, "connection reapply failed: %s" % (error))
+ return False
+
def run_action_down(self, idx):
connection = self.connections[idx]

View File

@ -1,45 +1,94 @@
diff --git a/examples/bond-with-vlan.yml b/examples/bond-with-vlan.yml
diff --git a/examples/bond_simple.yml b/examples/bond_simple.yml
index 4ca9811..f6f5897 100644
--- a/examples/bond_simple.yml
+++ b/examples/bond_simple.yml
@@ -32,5 +32,5 @@
interface_name: eth2
master: bond0
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
...
diff --git a/examples/bond_with_vlan.yml b/examples/bond_with_vlan.yml
index 2e6be23..3b7a6dc 100644
--- a/examples/bond-with-vlan.yml
+++ b/examples/bond-with-vlan.yml
--- a/examples/bond_with_vlan.yml
+++ b/examples/bond_with_vlan.yml
@@ -35,4 +35,4 @@
- "192.0.2.{{ network_iphost }}/24"
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/bridge-with-vlan.yml b/examples/bridge-with-vlan.yml
diff --git a/examples/bridge_with_vlan.yml b/examples/bridge_with_vlan.yml
index 037ff8e..83c586d 100644
--- a/examples/bridge-with-vlan.yml
+++ b/examples/bridge-with-vlan.yml
--- a/examples/bridge_with_vlan.yml
+++ b/examples/bridge_with_vlan.yml
@@ -33,4 +33,4 @@
- "192.0.2.{{ network_iphost }}/24"
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/eth-simple-auto.yml b/examples/eth-simple-auto.yml
diff --git a/examples/eth_simple_auto.yml b/examples/eth_simple_auto.yml
index 0ba168a..e4c4a54 100644
--- a/examples/eth-simple-auto.yml
+++ b/examples/eth-simple-auto.yml
--- a/examples/eth_simple_auto.yml
+++ b/examples/eth_simple_auto.yml
@@ -15,4 +15,4 @@
mtu: 1450
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/eth-with-vlan.yml b/examples/eth-with-vlan.yml
--- a/examples/eth-with-vlan.yml 2018-08-21 20:47:38.000000000 +0200
+++ b/examples/eth-with-vlan.yml 2018-11-06 22:29:14.591770335 +0100
diff --git a/examples/eth_with_802_1x.yml b/examples/eth_with_802_1x.yml
index 92a93a9..7731b7d 100644
--- a/examples/eth_with_802_1x.yml
+++ b/examples/eth_with_802_1x.yml
@@ -27,4 +27,4 @@
- client.pem
- cacert.pem
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/eth_with_vlan.yml b/examples/eth_with_vlan.yml
index 69da673..e0c2f11 100644
--- a/examples/eth_with_vlan.yml
+++ b/examples/eth_with_vlan.yml
@@ -26,4 +26,4 @@
- "192.0.2.{{ network_iphost }}/24"
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/ethtool_features.yml b/examples/ethtool_features.yml
index c580f89..0881316 100644
--- a/examples/ethtool_features.yml
+++ b/examples/ethtool_features.yml
@@ -3,7 +3,7 @@
- hosts: all
tasks:
- include_role:
- name: linux-system-roles.network
+ name: rhel-system-roles.network
vars:
network_connections:
- name: "{{ network_interface_name1 }}"
diff --git a/examples/ethtool_features_default.yml b/examples/ethtool_features_default.yml
index 78965e6..3cdd731 100644
--- a/examples/ethtool_features_default.yml
+++ b/examples/ethtool_features_default.yml
@@ -3,7 +3,7 @@
- hosts: all
tasks:
- include_role:
- name: linux-system-roles.network
+ name: rhel-system-roles.network
vars:
network_connections:
- name: "{{ network_interface_name1 }}"
diff --git a/examples/infiniband.yml b/examples/infiniband.yml
--- a/examples/infiniband.yml 2018-08-21 20:47:38.000000000 +0200
+++ b/examples/infiniband.yml 2018-11-06 22:29:14.591770335 +0100
index 22603d9..9e7e267 100644
--- a/examples/infiniband.yml
+++ b/examples/infiniband.yml
@@ -23,4 +23,4 @@
- 198.51.100.133/30
@ -47,6 +96,7 @@ diff --git a/examples/infiniband.yml b/examples/infiniband.yml
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/macvlan.yml b/examples/macvlan.yml
index 90cd09d..0064ad4 100644
--- a/examples/macvlan.yml
+++ b/examples/macvlan.yml
@@ -26,4 +26,4 @@
@ -55,29 +105,44 @@ diff --git a/examples/macvlan.yml b/examples/macvlan.yml
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/examples/ethtool-features-default.yml b/examples/ethtool-features-default.yml
index 78965e6..3cdd731 100644
--- a/examples/ethtool-features-default.yml
+++ b/examples/ethtool-features-default.yml
@@ -3,7 +3,7 @@
- hosts: all
tasks:
- include_role:
- name: linux-system-roles.network
+ name: rhel-system-roles.network
vars:
network_connections:
- name: "{{ network_interface_name1 }}"
diff --git a/examples/ethtool-features.yml b/examples/ethtool-features.yml
index d8842c2..b32ad0b 100644
--- a/examples/ethtool-features.yml
+++ b/examples/ethtool-features.yml
@@ -3,7 +3,7 @@
- hosts: all
tasks:
- include_role:
- name: linux-system-roles.network
+ name: rhel-system-roles.network
vars:
network_connections:
- name: "{{ network_interface_name1 }}"
diff --git a/examples/remove+down_profile.yml b/examples/remove+down_profile.yml
index da2b1b8..f2d93e8 100644
--- a/examples/remove+down_profile.yml
+++ b/examples/remove+down_profile.yml
@@ -8,5 +8,5 @@
persistent_state: absent
state: down
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
...
diff --git a/examples/wireless_wpa_psk.yml b/examples/wireless_wpa_psk.yml
index eeec22f..60b0d83 100644
--- a/examples/wireless_wpa_psk.yml
+++ b/examples/wireless_wpa_psk.yml
@@ -12,4 +12,4 @@
# see https://docs.ansible.com/ansible/latest/user_guide/vault.html
password: "p@55w0rD"
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/tests/playbooks/down_profile.yml b/tests/playbooks/down_profile.yml
index 5087240..65e542d 100644
--- a/tests/playbooks/down_profile.yml
+++ b/tests/playbooks/down_profile.yml
@@ -7,4 +7,4 @@
- name: "{{ profile }}"
state: down
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network
diff --git a/tests/playbooks/remove_profile.yml b/tests/playbooks/remove_profile.yml
index a50e848..b6e6796 100644
--- a/tests/playbooks/remove_profile.yml
+++ b/tests/playbooks/remove_profile.yml
@@ -7,4 +7,4 @@
- name: "{{ profile }}"
persistent_state: absent
roles:
- - linux-system-roles.network
+ - rhel-system-roles.network

View File

@ -2,7 +2,7 @@ diff --git a/README.md b/README.md
index c2debc9..d9e40b3 100644
--- a/README.md
+++ b/README.md
@@ -81,7 +81,7 @@ Example Playbook
@@ -154,7 +154,7 @@ Example Playbook
- hosts: all
roles:

View File

@ -15,14 +15,42 @@ index f294101..7571066 100644
- name: Get local modifications - boolean
command: /usr/sbin/semanage boolean -l -n -C
register: selinux_role_boolean
diff --git a/tests/tests_all_purge.yml b/tests/tests_all_purge.yml
index 03dfe05..c686837 100644
--- a/tests/tests_all_purge.yml
+++ b/tests/tests_all_purge.yml
@@ -14,7 +14,9 @@
name:
- policycoreutils-python-utils
state: present
- when: ansible_distribution == "Fedora"
+ when: ansible_distribution == "Fedora" or
+ ( ansible_distribution_major_version > "7" and
+ ( ansible_distribution == "CentOS" or ansible_distribution == "RedHat" ))
- name: Add a Linux System Roles SELinux User
user:
diff --git a/tests/tests_all_transitions.yml b/tests/tests_all_transitions.yml
index f608a42..d0d209b 100644
--- a/tests/tests_all_transitions.yml
+++ b/tests/tests_all_transitions.yml
@@ -1,6 +1,8 @@
- name: Test all the possible selinux_state transitions
hosts: all
become: true
+ tags:
+ - 'tests::reboot'
vars:
states:
- permissive
diff --git a/tests/tests_boolean.yml b/tests/tests_boolean.yml
index 47eafc0..ca85922 100644
index 47eafc0..2aa0025 100644
--- a/tests/tests_boolean.yml
+++ b/tests/tests_boolean.yml
@@ -1,5 +1,6 @@
- name: Check if selinux role sets SELinux booleans
+ tags: [ 'tests::tier1', 'tests::expfail' ]
+ tags: tests::expfail
hosts: all
become: true
@ -35,39 +63,11 @@ index 47eafc0..ca85922 100644
- name: save state after initial changes and before other changes
set_fact:
boolean_before: "{{ selinux_role_boolean.stdout_lines }}"
diff --git a/tests/tests_default.yml b/tests/tests_default.yml
index a837c73..25bf39d 100644
--- a/tests/tests_default.yml
+++ b/tests/tests_default.yml
@@ -1,5 +1,6 @@
- name: Ensure that the role runs with default parameters
+ tags: tests::tier1
hosts: all
roles:
diff --git a/tests/tests_default_vars.yml b/tests/tests_default_vars.yml
index b6a6b5a..7cd321d 100644
--- a/tests/tests_default_vars.yml
+++ b/tests/tests_default_vars.yml
@@ -1,4 +1,5 @@
- name: Ensure that the role declares all paremeters in defaults
+ tags: tests::tier1
hosts: all
roles:
diff --git a/tests/tests_fcontext.yml b/tests/tests_fcontext.yml
index 0a411fb..f4a3923 100644
index 0a411fb..f6f1bf4 100644
--- a/tests/tests_fcontext.yml
+++ b/tests/tests_fcontext.yml
@@ -1,5 +1,6 @@
- name: Check if selinux role sets SELinux fcontext mappings
+ tags: tests::tier1
hosts: all
become: true
@@ -13,7 +14,7 @@
@@ -13,7 +13,7 @@
selinux_fcontexts:
- { target: '/tmp/test_dir1(/.*)?', setype: 'user_home_dir_t', ftype: 'd' }
@ -77,17 +77,10 @@ index 0a411fb..f4a3923 100644
set_fact:
fcontext_before: "{{ selinux_role_fcontext.stdout }}"
diff --git a/tests/tests_login.yml b/tests/tests_login.yml
index efa826d..e4f55ca 100644
index efa826d..c7ce462 100644
--- a/tests/tests_login.yml
+++ b/tests/tests_login.yml
@@ -1,5 +1,6 @@
- name: Check if selinux role sets SELinux login mappings
+ tags: tests::tier1
hosts: all
become: true
@@ -18,7 +19,7 @@
@@ -18,7 +18,7 @@
- { login: 'sar-user', seuser: 'staff_u', serange: 's0-s0:c0.c1023', state: 'present' }
@ -97,17 +90,10 @@ index efa826d..e4f55ca 100644
set_fact:
login_before: "{{ selinux_role_login.stdout }}"
diff --git a/tests/tests_port.yml b/tests/tests_port.yml
index 446f79d..03276b5 100644
index 446f79d..7bb112e 100644
--- a/tests/tests_port.yml
+++ b/tests/tests_port.yml
@@ -1,5 +1,6 @@
- name: Check if selinux role sets SELinux port mapping
+ tags: tests::tier1
hosts: all
become: true
@@ -29,7 +30,7 @@
@@ -29,7 +29,7 @@
selinux_ports:
- { ports: '22022', proto: 'tcp', setype: 'ssh_port_t', state: 'present' }
@ -117,10 +103,10 @@ index 446f79d..03276b5 100644
set_fact:
port_after: "{{ selinux_role_port.stdout }}"
diff --git a/tests/tests_selinux_disabled.yml b/tests/tests_selinux_disabled.yml
index afd23e4..d30de2b 100644
index afd23e4..706882f 100644
--- a/tests/tests_selinux_disabled.yml
+++ b/tests/tests_selinux_disabled.yml
@@ -18,7 +19,9 @@
@@ -18,7 +18,9 @@
name:
- policycoreutils-python-utils
state: present
@ -131,7 +117,7 @@ index afd23e4..d30de2b 100644
- name: Add a Linux System Roles SELinux User
user:
@@ -67,17 +71,28 @@
@@ -67,17 +69,28 @@
assert:
that: "{{ ansible_selinux.config_mode == 'enforcing' }}"
msg: "SELinux config mode should be enforcing instead of {{ ansible_selinux.config_mode }}"

View File

@ -0,0 +1,602 @@
diff --git a/library/blivet.py b/library/blivet.py
index cb48e71..e1903f3 100644
--- a/library/blivet.py
+++ b/library/blivet.py
@@ -167,11 +167,16 @@ class BlivetBase(object):
raise NotImplementedError()
def _manage_one_encryption(self, device):
+ global safe_mode
ret = device
# Make sure to handle adjusting both existing stacks and future stacks.
if device == device.raw_device and self._spec_dict['encryption']:
# add luks
luks_name = "luks-%s" % device._name
+ if safe_mode and (device.original_format.type is not None or
+ device.original_format.name != get_format(None).name):
+ raise BlivetAnsibleError("cannot remove existing formatting on device '%s' in safe mode due to adding encryption" %
+ device._name)
if not device.format.exists:
fmt = device.format
else:
@@ -196,6 +201,10 @@ class BlivetBase(object):
ret = luks_device
elif device != device.raw_device and not self._spec_dict['encryption']:
# remove luks
+ if safe_mode and (device.original_format.type is not None or
+ device.original_format.name != get_format(None).name):
+ raise BlivetAnsibleError("cannot remove existing formatting on device '%s' in safe mode due to encryption removal" %
+ device._name)
if not device.format.exists:
fmt = device.format
else:
@@ -823,17 +832,21 @@ class BlivetPool(BlivetBase):
def manage(self):
""" Schedule actions to configure this pool according to the yaml input. """
+ global safe_mode
# look up the device
self._look_up_disks()
self._look_up_device()
# schedule destroy if appropriate, including member type change
- if not self.ultimately_present or self._member_management_is_destructive():
- if not self.ultimately_present:
- self._manage_volumes()
+ if not self.ultimately_present:
+ self._manage_volumes()
self._destroy()
- if not self.ultimately_present:
- return
+ return
+ elif self._member_management_is_destructive():
+ if safe_mode:
+ raise BlivetAnsibleError("cannot remove and recreate existing pool '%s' in safe mode" % self._pool['name'])
+ else:
+ self._destroy()
# schedule create if appropriate
self._create()
diff --git a/tests/create-test-file.yml b/tests/create-test-file.yml
new file mode 100644
index 0000000..d1091e2
--- /dev/null
+++ b/tests/create-test-file.yml
@@ -0,0 +1,13 @@
+# Create a file to be checked that it still exists and no data loss has occured.
+# To use:
+# - set testfile to a path under the mountpoint being tested
+# - include this file (create-test-file.yml) before executing the
+# operation to be tested
+# - execute the operation that could potentially result in a loss of
+# data in the filesystem where testfile is located
+# - include verify-data-preservation.yml
+
+- name: create a file
+ file:
+ path: "{{ testfile }}"
+ state: touch
diff --git a/tests/tests_luks.yml b/tests/tests_luks.yml
index f93efe5..f733714 100644
--- a/tests/tests_luks.yml
+++ b/tests/tests_luks.yml
@@ -2,8 +2,8 @@
- hosts: all
become: true
vars:
- storage_safe_mode: false
mount_location: '/opt/test1'
+ testfile: "{{ mount_location }}/quux"
volume_size: '5g'
tasks:
@@ -64,10 +64,47 @@
- include_tasks: verify-role-results.yml
+ - import_tasks: create-test-file.yml
+
+ - name: Test for correct handling of safe_mode
+ block:
+ - name: Remove the encryption layer
+ include_role:
+ name: storage
+ vars:
+ storage_volumes:
+ - name: foo
+ type: disk
+ disks: "{{ unused_disks }}"
+ mount_point: "{{ mount_location }}"
+ encryption: false
+ encryption_password: 'yabbadabbadoo'
+ - name: unreachable task
+ fail:
+ msg: UNREACH
+ rescue:
+ - name: Check that we failed in the role
+ assert:
+ that:
+ - ansible_failed_result.msg != 'UNREACH'
+ msg: "Role has not failed when it should have"
+
+ - name: Verify the output of the safe_mode test
+ assert:
+ that: "blivet_output.failed and
+ blivet_output.msg
+ |regex_search('cannot remove existing
+ formatting.*in safe mode due to encryption removal')
+ and not blivet_output.changed"
+ msg: "Unexpected behavior w/ existing filesystem in safe mode"
+
+ - import_tasks: verify-data-preservation.yml
+
- name: Remove the encryption layer
include_role:
name: storage
vars:
+ storage_safe_mode: false
storage_volumes:
- name: foo
type: disk
@@ -78,10 +115,47 @@
- include_tasks: verify-role-results.yml
+ - import_tasks: create-test-file.yml
+
+ - name: Test for correct handling of safe_mode
+ block:
+ - name: Add encryption to the volume
+ include_role:
+ name: storage
+ vars:
+ storage_volumes:
+ - name: foo
+ type: disk
+ disks: "{{ unused_disks }}"
+ mount_point: "{{ mount_location }}"
+ encryption: true
+ encryption_password: 'yabbadabbadoo'
+ - name: unreachable task
+ fail:
+ msg: UNREACH
+ rescue:
+ - name: Check that we failed in the role
+ assert:
+ that:
+ - ansible_failed_result.msg != 'UNREACH'
+ msg: "Role has not failed when it should have"
+
+ - name: Verify the output of the safe_mode test
+ assert:
+ that: "blivet_output.failed and
+ blivet_output.msg
+ |regex_search('cannot remove existing
+ formatting.*in safe mode due to adding encryption')
+ and not blivet_output.changed"
+ msg: "Unexpected behavior w/ existing filesystem in safe mode"
+
+ - import_tasks: verify-data-preservation.yml
+
- name: Add encryption to the volume
include_role:
name: storage
vars:
+ storage_safe_mode: false
storage_volumes:
- name: foo
type: disk
@@ -102,6 +176,7 @@
include_role:
name: storage
vars:
+ storage_safe_mode: false
storage_pools:
- name: foo
type: partition
@@ -135,6 +210,7 @@
include_role:
name: storage
vars:
+ storage_safe_mode: false
storage_pools:
- name: foo
type: partition
@@ -149,10 +225,51 @@
- include_tasks: verify-role-results.yml
+ - import_tasks: create-test-file.yml
+
+ - name: Test for correct handling of safe_mode
+ block:
+ - name: Remove the encryption layer
+ include_role:
+ name: storage
+ vars:
+ storage_pools:
+ - name: foo
+ type: partition
+ disks: "{{ unused_disks }}"