CI: cv_deploy molecule test to use new infra #4441
Conversation
|
Review docs on Read the Docs To test this pull request: # Create virtual environment for this testing below the current directory
python -m venv test-avd-pr-4441
# Activate the virtual environment
source test-avd-pr-4441/bin/activate
# Install all requirements including PyAVD
pip install "pyavd[ansible] @ git+https://github.com/sugetha24/ansible-avd.git@cv_deploy-molecule-update#subdirectory=python-avd" --force
# Point Ansible collections path to the Python virtual environment
export ANSIBLE_COLLECTIONS_PATH=$VIRTUAL_ENV/ansible_collections
# Install Ansible collection
ansible-galaxy collection install git+https://github.com/sugetha24/ansible-avd.git#/ansible_collections/arista/avd/,cv_deploy-molecule-update --force
# Optional: Install AVD examples
cd test-avd-pr-4441
ansible-playbook arista.avd.install_examples |
github-actions
bot
added
the
state: CI Updated
...ble_collections/arista/avd/molecule/cv_deploy/intended/configs/base_configs/avd-ci-leaf1.cfg
Outdated
Show resolved
Hide resolved
...ions/arista/avd/molecule/cv_deploy/intended/structured_configs/base_configs/avd-ci-leaf2.yml
Show resolved
Hide resolved
sugetha24
force-pushed
the
cv_deploy-molecule-update
branch
from
2994e4b
to
7c58a6f
Compare
sugetha24
force-pushed
the
cv_deploy-molecule-update
branch
2 times, most recently
from
aa4bc59
to
3be537b
Compare
Please test the PR when you get a chance |
gmuloc
added
the
one approval
| run_once: true | ||
| delegate_to: localhost | ||
| ansible.builtin.import_role: | ||
| name: arista.avd.cv_deploy | ||
| vars: | ||
| cv_devices: [ci-s1-leaf1, ci-s1-leaf2, ci-s1-leaf3, ci-s1-leaf4, ci-s1-spine1, ci-s1-spine2, ci-s1-core1 ] | ||
| cv_devices: [ avd-ci-leaf2, avd-ci-core1 ] |
There was a problem hiding this comment.
When trying to follow the guide to run the test I am not successful on the tenant getting issues (twice in a row) for task "Check CPV returns" line 176 below
Can you please investigate? I have the workspaces on the tenant if you want to verify more
Also it is very hard to troubleshoot what step is failing as the names of the task when using import_role are hidden and so I am not sure where we are.
Suggestion would be to separate each "test" in a play in the same playbook or a whole different playbook.
There was a problem hiding this comment.
I guess running cv_deploy with cv_submit_workspace_force = false and expecting workspace submission to fail with Failed to submit workspace may be achieved by stopping streaming on one of the devices first. Otherwise workspace submission just succeeds without any errors
| @@ -158,18 +157,18 @@ | |||
| cv_submit_workspace_force: true | |||
| cv_run_change_control: true | |||
|
|
|||
| - name: Test = Provision with cv_submit_workspace_force = false | |||
| - name: Provision with cv_submit_workspace_force = false | |||
There was a problem hiding this comment.
Stop streaming on core1 and wait to 130s seconds for streaming status turbine to notice (may need up to 2 minutes)
| - name: Provision with cv_submit_workspace_force = false | |
| - name: Force device avd-ci-core1 to stop streaming | |
| arista.eos.eos_command: | |
| commands: | |
| - enable | |
| - configure | |
| - daemon TerminAttr | |
| - shutdown | |
| when: inventory_hostname == "avd-ci-core1" | |
| - name: Pause for 130 seconds for streaming to stop | |
| run_once: true | |
| ansible.builtin.pause: | |
| seconds: 130 | |
| - name: Provision with cv_submit_workspace_force = false |
Once display and check tasks complete - we can then run the following task (before running next Cleanup) to re-enable streaming for core1:
- name: Force device avd-c1i-core1 to start streaming
arista.eos.eos_command:
commands:
- enable
- configure
- daemon TerminAttr
- no shutdown
when: inventory_hostname == "avd-ci-core1"
- name: Pause for 10 seconds for streaming to start
run_once: true
ansible.builtin.pause:
seconds: 10
ansible_collections/arista/avd/molecule/cv_deploy/inventory/inventory.yml
Show resolved
Hide resolved
sugetha24
force-pushed
the
cv_deploy-molecule-update
branch
from
f8aa3a7
to
e19bc32
Compare
|
@gmuloc and @alexeygorbunov |
sugetha24
force-pushed
the
cv_deploy-molecule-update
branch
from
14fc834
to
016d1c6
Compare
|
| avd-ci-core1: | ||
| # ansible_host: "{{ lookup('env', 'AVD_CI_CORE1_FQDN') }}" | ||
| # ansible_user: "{{ lookup('env', 'EOS_EAPI_USERNAME') }}" | ||
| # ansible_password: "{{ lookup('env', 'EOS_EAPI_PASSWORD') }}" | ||
| # ansible_connection: httpapi | ||
| # ansible_httpapi_use_ssl: True | ||
| # ansible_httpapi_validate_certs: False | ||
| # ansible_network_os: eos | ||
| # ansible_httpapi_port: 443 |
There was a problem hiding this comment.
| avd-ci-core1: | |
| # ansible_host: "{{ lookup('env', 'AVD_CI_CORE1_FQDN') }}" | |
| # ansible_user: "{{ lookup('env', 'EOS_EAPI_USERNAME') }}" | |
| # ansible_password: "{{ lookup('env', 'EOS_EAPI_PASSWORD') }}" | |
| # ansible_connection: httpapi | |
| # ansible_httpapi_use_ssl: True | |
| # ansible_httpapi_validate_certs: False | |
| # ansible_network_os: eos | |
| # ansible_httpapi_port: 443 |
| vars: | ||
| cv_server: www.cv-staging.corp.arista.io | ||
| cv_token: "{{ lookup('env', 'CVAAS_AAWG_CI') }}" | ||
| cv_verify_certs: false |
There was a problem hiding this comment.
As we are hitting public CVaaS endpoint - we should let SSL to verify server cert to make sure we are talking to a valid CVaaS endpoint
| cv_verify_certs: false | |
| cv_verify_certs: true |
| ansible.builtin.debug: | ||
| msg: '{{ cv_deploy_results }}' | ||
|
|
||
| - name: Check CVP returns |
There was a problem hiding this comment.
cv_deploy_results is the same for all hosts. Sufficient to perform validations/assertions only once
| - name: Check CVP returns | |
| - name: Check CVP returns | |
| run_once: true |
| - cv_deploy_results.change_control.requested_state == "completed" | ||
| - cv_deploy_results.change_control.description == cv_change_control_description | ||
|
|
||
| - name: Check tags from output |
There was a problem hiding this comment.
| - name: Check tags from output | |
| - name: Check tags from output | |
| run_once: true |
| - item.0.value == item.1.value | ||
| loop: "{{ cv_deploy_results.deployed_device_tags | zip(cv_deploy_results.device_tags) | list }}" | ||
|
|
||
| - name: Extract all device tags from structured configs |
There was a problem hiding this comment.
| - name: Extract all device tags from structured configs | |
| - name: Extract all device tags from structured configs | |
| run_once: true |
| expected_device_tags: "{{ intended_tags.metadata.cv_tags.device_tags }}" | ||
| output_device_tags: "{{ cv_deploy_results.deployed_device_tags }}" | ||
|
|
||
| - name: Check output device tags == intended device tags |
There was a problem hiding this comment.
| - name: Check output device tags == intended device tags | |
| - name: Check output device tags == intended device tags | |
| run_once: true |
| - item.0.value == item.1.value | ||
| loop: "{{ expected_device_tags | zip(output_device_tags) | list }}" | ||
|
|
||
| - name: Extract all interface tags from role output |
There was a problem hiding this comment.
| - name: Extract all interface tags from role output | |
| - name: Extract all interface tags from role output | |
| run_once: true |
| ansible.builtin.set_fact: | ||
| output_interface_tags: "{{ cv_deploy_results.deployed_interface_tags }}" | ||
|
|
||
| - name: Extract all interface tags from structured configs |
There was a problem hiding this comment.
| - name: Extract all interface tags from structured configs | |
| - name: Extract all interface tags from structured configs | |
| run_once: true |
| loop_control: | ||
| label: "{{ item.interface }}" | ||
|
|
||
| - name: Check output interface tags == intended interface tags |
There was a problem hiding this comment.
| - name: Check output interface tags == intended interface tags | |
| - name: Check output interface tags == intended interface tags | |
| run_once: true |
| - item.0.value == item.1.value | ||
| loop: "{{ expected_interface_tags | zip(output_interface_tags) | list }}" | ||
|
|
||
| - name: Convert unstructed data into yaml |
There was a problem hiding this comment.
| - name: Convert unstructed data into yaml | |
| - name: Convert unstructed data into yaml | |
| run_once: true |
| deivces_structure: '{{ cv_deploy_results.deployed_configs | from_yaml }}' | ||
| output_devices: [] | ||
|
|
||
| - name: Extract devices from output |
There was a problem hiding this comment.
| - name: Extract devices from output | |
| - name: Extract devices from output | |
| run_once: true |
| loop_control: | ||
| label: "{{ item.configlet_name }}" | ||
|
|
||
| - name: Check output devices == intended devices |
There was a problem hiding this comment.
| - name: Check output devices == intended devices | |
| - name: Check output devices == intended devices | |
| run_once: true |
| cv_submit_workspace: false | ||
| cv_submit_workspace_force: true | ||
|
|
||
| - name: Check CVP returns |
There was a problem hiding this comment.
| - name: Check CVP returns | |
| - name: Check CVP returns | |
| run_once: true |
| ansible.builtin.assert: | ||
| that: | ||
| # workspace | ||
| - cv_deploy_results.workspace.state == cv_deploy_results.workspace.requested_state |
There was a problem hiding this comment.
We can use the following call to clean/delete WS created on CVP by this test so that they don't accumulate in UI/Aeris in an open state without being eventually submitted
| - cv_deploy_results.workspace.state == cv_deploy_results.workspace.requested_state | |
| - cv_deploy_results.workspace.state == cv_deploy_results.workspace.requested_state | |
| - name: Cleanup orphan workspace | |
| run_once: true | |
| uri: | |
| url: https://{{ cv_server }}/api/resources/workspace/v1/WorkspaceConfig/some | |
| validate_certs: yes | |
| return_content: yes | |
| headers: | |
| Accept: "application/json" | |
| Content-Type: "application/json" | |
| Authorization: "Bearer {{ lookup('env', 'CVAAS_AAWG_CI') }}" | |
| method: POST | |
| body_format: json | |
| body: | |
| { | |
| "values": [ | |
| { | |
| "key": { | |
| "workspaceId": "{{ cv_deploy_results.workspace.id }}" | |
| }, | |
| "request": "REQUEST_ABANDON", | |
| "requestParams": { | |
| "requestId": "{{ r }}" | |
| } | |
| } | |
| ] | |
| } | |
| force_basic_auth: yes | |
| timeout: 10 | |
| register: cvp_abandon_workspace_result | |
| until: cvp_abandon_workspace_result.status == 200 | |
| retries: 3 | |
| delay: 3 | |
| ignore_errors: True |
There was a problem hiding this comment.
we should be careful to clean only our own orphan workspaces - also would it not be better to. make this a part of the action plugin? (so in another PR)
| @@ -0,0 +1,61 @@ | |||
| --- | |||
| - name: Converge - cv_deploy with cv_submit_workspace_force = true | |||
| hosts: SITE1_FABRIC | |||
There was a problem hiding this comment.
Add group INACTIVE to the scope (host avd-ci-core1 is dynamically added to it below)
| hosts: SITE1_FABRIC | |
| hosts: SITE1_FABRIC:INACTIVE |
| vars: | ||
| cv_server: www.cv-staging.corp.arista.io | ||
| cv_token: "{{ lookup('env', 'CVAAS_AAWG_CI') }}" | ||
| cv_verify_certs: false |
There was a problem hiding this comment.
| cv_verify_certs: false | |
| cv_verify_certs: true |
| cv_change_control_name: cc_cv_deploy-{{ r }} | ||
| cv_change_control_description: sample description | ||
| cv_register_detailed_results: true | ||
| run_once: true |
There was a problem hiding this comment.
| run_once: true | |
| run_once: true | |
| - name: Dynamically add inactive device avd-ci-core1 to group INACTIVE | |
| run_once: true | |
| add_host: | |
| name: avd-ci-core1 | |
| groups: INACTIVE |
| ansible.builtin.debug: | ||
| msg: '{{ cv_deploy_results }}' | ||
|
|
||
| - name: Check CVP returns |
There was a problem hiding this comment.
| - name: Check CVP returns | |
| - name: Check CVP returns | |
| run_once: true |
| ansible.builtin.assert: | ||
| that: | ||
| # errors and warnings | ||
| - cv_deploy_results.errors == [] |
There was a problem hiding this comment.
The following call can be used to clean/delete CC created by this task but not approved/executed (due to the nature of the test). This will help to keep UI/Aeris clean
| - cv_deploy_results.errors == [] | |
| - cv_deploy_results.errors == [] | |
| - name: Cleanup orphan CC | |
| run_once: true | |
| uri: | |
| url: https://{{ cv_server }}/api/resources/changecontrol/v1/ChangeControlConfig?key.id={{ cv_deploy_results.change_control.id }} | |
| validate_certs: yes | |
| return_content: yes | |
| headers: | |
| Accept: "application/json" | |
| Content-Type: "application/json" | |
| Authorization: "Bearer {{ lookup('env', 'CVAAS_AAWG_CI') }}" | |
| method: DELETE | |
| body_format: json | |
| force_basic_auth: yes | |
| timeout: 10 | |
| register: cvp_abandon_cc_result | |
| until: cvp_abandon_cc_result.status == 200 | |
| retries: 3 | |
| delay: 3 | |
| ignore_errors: True | |
| when: cv_deploy_results.change_control.state | lower in ['pending approval', 'approved'] |
| @@ -0,0 +1,76 @@ | |||
| --- | |||
| - name: Converge - cv_submit_workspace_force = false | |||
| hosts: SITE1_FABRIC | |||
There was a problem hiding this comment.
| hosts: SITE1_FABRIC | |
| hosts: SITE1_FABRIC:INACTIVE |
| vars: | ||
| cv_server: www.cv-staging.corp.arista.io | ||
| cv_token: "{{ lookup('env', 'CVAAS_AAWG_CI') }}" | ||
| cv_verify_certs: false |
There was a problem hiding this comment.
| cv_verify_certs: false | |
| cv_verify_certs: true |
| cv_change_control_name: cc_cv_deploy-{{ r }} | ||
| cv_change_control_description: sample description | ||
| cv_register_detailed_results: true | ||
| run_once: true |
There was a problem hiding this comment.
Although not needed if this play is run after 'workspace_force_true' (as updated inventory will be inherited by this play as well) - adding it here to be able to run 'workspace_force_false' when 'workspace_force_true' is excluded from converge workflow
| run_once: true | |
| run_once: true | |
| - name: Dynamically add inactive device avd-ci-core1 to group INACTIVE | |
| run_once: true | |
| add_host: | |
| name: avd-ci-core1 | |
| groups: INACTIVE |
| - name: Force device avd-ci-core1 to start streaming | ||
| arista.eos.eos_command: | ||
| commands: | ||
| - enable | ||
| - configure | ||
| - daemon TerminAttr | ||
| - no shutdown | ||
| when: inventory_hostname == "avd-ci-core1" | ||
|
|
||
| - name: Pause for 10 seconds for streaming to start | ||
| run_once: true | ||
| ansible.builtin.pause: | ||
| seconds: 10 | ||
|
|
There was a problem hiding this comment.
Not needed as 'avd-ci-core1' is now in shutdown state, permanently in STEAMING_INACTIVE state. Other plays should not be impacted as we dynamically add avd-ci-core1 only where presence of non-streaming device is needed
| - name: Force device avd-ci-core1 to start streaming | |
| arista.eos.eos_command: | |
| commands: | |
| - enable | |
| - configure | |
| - daemon TerminAttr | |
| - no shutdown | |
| when: inventory_hostname == "avd-ci-core1" | |
| - name: Pause for 10 seconds for streaming to start | |
| run_once: true | |
| ansible.builtin.pause: | |
| seconds: 10 |
| ansible.builtin.debug: | ||
| msg: '{{ cv_deploy_results }}' | ||
|
|
||
| - name: Check CVP returns |
There was a problem hiding this comment.
| - name: Check CVP returns | |
| - name: Check CVP returns | |
| run_once: true |
| ansible.builtin.assert: | ||
| that: | ||
| # errors and warnings | ||
| - "'Failed to submit workspace' in cv_deploy_results.errors[0]" |
There was a problem hiding this comment.
See detailed comments in similar section of *_true.yml
| - "'Failed to submit workspace' in cv_deploy_results.errors[0]" | |
| - "'Failed to submit workspace' in cv_deploy_results.errors[0]" | |
| - name: Cleanup orphan workspace | |
| run_once: true | |
| uri: | |
| url: https://{{ cv_server }}/api/resources/workspace/v1/WorkspaceConfig/some | |
| validate_certs: yes | |
| return_content: yes | |
| headers: | |
| Accept: "application/json" | |
| Content-Type: "application/json" | |
| Authorization: "Bearer {{ lookup('env', 'CVAAS_AAWG_CI') }}" | |
| method: POST | |
| body_format: json | |
| body: | |
| { | |
| "values": [ | |
| { | |
| "key": { | |
| "workspaceId": "{{ cv_deploy_results.workspace.id }}" | |
| }, | |
| "request": "REQUEST_ABANDON", | |
| "requestParams": { | |
| "requestId": "{{ r }}" | |
| } | |
| } | |
| ] | |
| } | |
| force_basic_auth: yes | |
| timeout: 10 | |
| register: cvp_abandon_workspace_result | |
| until: cvp_abandon_workspace_result.status == 200 | |
| retries: 3 | |
| delay: 3 | |
| ignore_errors: True |
| vars: | ||
| cv_server: www.cv-staging.corp.arista.io | ||
| cv_token: "{{ lookup('env', 'CVAAS_AAWG_CI') }}" | ||
| cv_verify_certs: false |
There was a problem hiding this comment.
| cv_verify_certs: false | |
| cv_verify_certs: true |
| ansible.builtin.debug: | ||
| msg: '{{ cv_deploy_results }}' | ||
|
|
||
| - name: Check CVP returns |
There was a problem hiding this comment.
| - name: Check CVP returns | |
| - name: Check CVP returns | |
| run_once: true |
| ansible.builtin.assert: | ||
| that: | ||
| # Change control | ||
| - cv_deploy_results.change_control.requested_state == "pending approval" |
There was a problem hiding this comment.
| - cv_deploy_results.change_control.requested_state == "pending approval" | |
| - cv_deploy_results.change_control.requested_state == "pending approval" | |
| - name: Cleanup orphan CC | |
| run_once: true | |
| uri: | |
| url: https://{{ cv_server }}/api/resources/changecontrol/v1/ChangeControlConfig?key.id={{ cv_deploy_results.change_control.id }} | |
| validate_certs: yes | |
| return_content: yes | |
| headers: | |
| Accept: "application/json" | |
| Content-Type: "application/json" | |
| Authorization: "Bearer {{ lookup('env', 'CVAAS_AAWG_CI') }}" | |
| method: DELETE | |
| body_format: json | |
| force_basic_auth: yes | |
| timeout: 10 | |
| register: cvp_abandon_cc_result | |
| until: cvp_abandon_cc_result.status == 200 | |
| retries: 3 | |
| delay: 3 | |
| ignore_errors: True | |
| when: cv_deploy_results.change_control.state | lower in ['pending approval', 'approved'] |
Change Summary
Updated molecule tests to use the new EVE-NG lab