Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge qe_common role #123

Open
wants to merge 65 commits into
base: master
Choose a base branch
from
Open

Merge qe_common role #123

Show file tree
Hide file tree
Changes from 64 commits
Commits
Show all changes
65 commits
Select commit Hold shift + click to select a range
8c98ef2
Create README.md
ayefimov-1 Jul 3, 2024
46a758f
Create container_tests.yml
ayefimov-1 Jul 3, 2024
71c049f
Adding new playbooks to this testing role
ayefimov-1 Jul 3, 2024
cdae659
Delete roles/qe_common/tasks/credential_tests.yml
ayefimov-1 Jul 5, 2024
3dc4358
Create service_tests.yml
ayefimov-1 Jul 5, 2024
245c2a1
Create main.yml
ayefimov-1 Jul 5, 2024
f72fd4d
Update main.yml
ayefimov-1 Jul 5, 2024
2bf3caa
Update main.yml
ayefimov-1 Jul 8, 2024
76c49d2
Update container_tests.yml
ayefimov-1 Jul 8, 2024
37fa0d9
Update cred_tests.yml
ayefimov-1 Jul 8, 2024
da302a4
Update container_tests.yml
ayefimov-1 Jul 8, 2024
02e3e31
Update endpoint_tests.yml
ayefimov-1 Jul 8, 2024
904235b
Update file_tests.yml
ayefimov-1 Jul 8, 2024
f15fcb8
Update manifest_tests.yml
ayefimov-1 Jul 8, 2024
9cdb01e
Update node_tests.yml
ayefimov-1 Jul 8, 2024
f024c30
Update pod_tests.yml
ayefimov-1 Jul 8, 2024
3e339eb
Update proj_tests.yml
ayefimov-1 Jul 8, 2024
66c3cae
Update service_tests.yml
ayefimov-1 Jul 8, 2024
822132c
Update subscription_tests.yml
ayefimov-1 Jul 8, 2024
9afdba5
Update container_tests.yml
ayefimov-1 Jul 8, 2024
3c5da9d
Update cred_tests.yml
ayefimov-1 Jul 8, 2024
083b4cf
Update endpoint_tests.yml
ayefimov-1 Jul 8, 2024
33f737c
Update file_tests.yml
ayefimov-1 Jul 8, 2024
3469919
Update manifest_tests.yml
ayefimov-1 Jul 8, 2024
139e9bc
Update node_tests.yml
ayefimov-1 Jul 8, 2024
67efe0d
Update pod_tests.yml
ayefimov-1 Jul 8, 2024
36f184a
Update proj_tests.yml
ayefimov-1 Jul 8, 2024
26ce391
Update service_tests.yml
ayefimov-1 Jul 8, 2024
6951245
Update subscription_tests.yml
ayefimov-1 Jul 8, 2024
7239334
Update main.yml
ayefimov-1 Jul 8, 2024
b5997ef
Update main.yml
ayefimov-1 Jul 8, 2024
f8557fd
Update .ansible-lint
ayefimov-1 Jul 8, 2024
fdc11fc
Update main.yml
ayefimov-1 Jul 9, 2024
23ef3d7
Update README.md
ayefimov-1 Jul 9, 2024
5e84642
Update README.md
ayefimov-1 Jul 9, 2024
0e20dda
Update README.md
ayefimov-1 Jul 9, 2024
664ddc5
Update README.md
ayefimov-1 Jul 9, 2024
abb808b
Update pod_tests.yml
ayefimov-1 Jul 9, 2024
79f004d
Update service_tests.yml
ayefimov-1 Jul 9, 2024
31a702f
Update subscription_tests.yml
ayefimov-1 Jul 9, 2024
bfbe01c
Update README.md
ayefimov-1 Jul 9, 2024
2155f88
Update main.yml
ayefimov-1 Jul 9, 2024
b42f3e1
Update main.yml
ayefimov-1 Jul 10, 2024
d6527b5
Update README.md
ayefimov-1 Jul 10, 2024
a836f64
Fix linter errors
elfiesmelfie Jul 12, 2024
e325278
Update main.yml
ayefimov-1 Jul 12, 2024
dbce856
Update README.md
ayefimov-1 Jul 12, 2024
9b55e78
Create README.md
ayefimov-1 Jul 12, 2024
5ec4c85
Update README.md
ayefimov-1 Jul 12, 2024
3bda671
Create main.yml
ayefimov-1 Jul 12, 2024
86bc4c4
role name change
ayefimov-1 Jul 12, 2024
cc8994b
Update README.md
ayefimov-1 Jul 12, 2024
606fc82
Delete roles/qe_common directory
ayefimov-1 Jul 12, 2024
7e50ef4
Update .ansible-lint
ayefimov-1 Jul 12, 2024
ffb00b3
Update README.md
ayefimov-1 Jul 12, 2024
d47e091
Update cred_tests.yml
ayefimov-1 Jul 12, 2024
39c2ff1
Update endpoint_tests.yml
ayefimov-1 Jul 12, 2024
705a2cd
Update proj_tests.yml
ayefimov-1 Jul 12, 2024
9b3451a
Update service_tests.yml
ayefimov-1 Jul 12, 2024
f8c40ad
Update subscription_tests.yml
ayefimov-1 Jul 12, 2024
6e3283c
Update README.md
ayefimov-1 Jul 12, 2024
44884f5
Add telemetry_logging role (#124) (#138)
ayefimov-1 Aug 6, 2024
5db5aba
Merge branch 'master' into alexy_logging2
elfiesmelfie Aug 7, 2024
ac94272
Fix syntax error: change_when -> changed_when
elfiesmelfie Aug 14, 2024
a8891d4
[common] Rename var: nspace -> pod_nspace, service_nspace
elfiesmelfie Aug 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .ansible-lint
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,12 @@
exclude_paths:
- ci/
- roles/telemetry_autoscaling
- roles/telemetry_logging
- roles/commmon
Comment on lines +5 to +6
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- roles/telemetry_logging
- roles/commmon

skip_list:
- command-instead-of-module # Using command rather than module
- galaxy
- meta-no-info # meta/main.yml should contain relevant info
- risky-shell-pipe # Shells that use pipes should set the pipefail option
- unnamed-task # All tasks should be named
- var-naming[no-role-prefix] # Variables names from within roles should use role_name_ as a prefix
- yaml # Violations reported by yamllint
119 changes: 119 additions & 0 deletions roles/common/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
common
=========
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
=========
======


The tests in this role are not specific to any one functional area but are an aggregate of common tests that can be used in all OSP 18.0/OCP jobs.

Requirements
------------

None

Role Variables
--------------
Variable required for all tasks to run:

For container_tests.yml tasks:

container_test_id
container_list
- list of containers to validate

For cred_tests.yml tasks:

cred_test_id
cred_list
- list of credentials to validate

For endpoint_tests.yml tasks:

endpoint_test_id
endpoint_list
- list of endpoints to validate

For file_tests.yml tasks:

file_test_id
file_list
- list of files to verify

For node_tests.yml tasks:

node_test_id
node_list
- list of nodes to validate

For proj_test.yml tasks:

proj_test_id
proj_list
- list of projects to validate

For pod_tests.yml tasks:

pod_test_id
pod_list
- list of pods to validate
pod_status_str
- status of pods to check
pod_nspace
- list of projects where pods exist

For service_tests.yml tasks:

service_test_id
service_list
- list of services to validate
service_nspace
- project where services are running

For manifest_tests.yml tasks:

manifest_test_id
manifest_list
- list of package manifests to validate

For subscription_tests.yml tasks:

subscription_polar_id
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These var names need to be updated to match the updated var names (*_test_id)

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
subscription_polar_id
subscription_test_id

subscription_list
- list of subscriptions to validate
subscription_nspace
- project where the subscription lives


Dependencies
------------

None

Example Playbook
----------------

Typically, for this role the tests should *not* use a "main.yml" and import or include all the tests in the role. On the contrary, a tests should explicitly include specific tests needed for a given job.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be removed.

The behaviour has changed to work by setting appropriate vars to select the tests that run. The vars are set and then used by the role on import.

Ideally, the vars would have the <role_name>_ prefix to them

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Typically, for this role the tests should *not* use a "main.yml" and import or include all the tests in the role. On the contrary, a tests should explicitly include specific tests needed for a given job.



hosts: controller
gather_facts: no
vars:
proj_out_file: verify_logging_projects_exist_lresults.log
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The project_out_file is not mentioned elsewhere.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
proj_out_file: verify_logging_projects_exist_lresults.log

proj_list:
- openshift-openstack-infra
- openshift
- openstack-operators
- openshift-logging

tasks:
- name: Run projects tests
ansible.builtin.import_role:
name: common


License
-------

Apache 2

Author Information
------------------

[email protected]
9 changes: 9 additions & 0 deletions roles/common/tasks/container_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---

- name: Get container status
ansible.builtin.shell:
cmd: |
podman ps -a --format "{{ '{{.Names}} {{.Status}}' }}" | grep "{{ item }}" | awk '{print $2;}'
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For readability, I recommend using something instead of item.

You can use a useful variable name, and tell the loop in main to use that same var name for its loop var.

The syntax would be similar to: https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_loops.html#stacking-loops-via-include-tasks, but without the nested loops.
I would suggest container_name as the loop var here, so that reading this task is easier.

Here's an example playbook:

---
- hosts: localhost
  tasks:
    - ansible.builtin.debug:
        msg: "{{ item }}"
      loop:
        - "first"
        - "second"

    - ansible.builtin.debug:
        msg: "{{ my_var }}"
      loop:
        - "third"
        - "fourth"
      loop_control:
        loop_var: my_var

changed_when: false
register: container_status
failed_when: container_status.stdout != "Up"
8 changes: 8 additions & 0 deletions roles/common/tasks/cred_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---

- name: Verify logging credentials "{{ item }}"
ansible.builtin.shell:
cmd: |
oc get crd "{{ item }}"
changed_when: false
register: output
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a fail condition for this? Does it need one?

9 changes: 9 additions & 0 deletions roles/common/tasks/endpoint_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---

- name: Get Endpoint
ansible.builtin.shell:
cmd: |
oc project openstack
kubectl exec openstackclient -- openstack endpoint list --service="{{ item[0] }}" --service="{{ item[1] }}" --interface="{{ item[2] }}"
Comment on lines +6 to +7
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use oc rsh openstackclient openstack endpoint list ....

the -n openstack should be included to specify the project/namespace

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens if the endpoint doesn't exist? Does the openstackclient return a non-zero return code?

changed_when: false
register: output
12 changes: 12 additions & 0 deletions roles/common/tasks/file_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---

- name: Get stats for file
ansible.builtin.stat:
path: "{{ item }}"
register: fstats
failed_when:
- fstats.stat.pw_name != "root"
- fstats.stat.size | int < 300
- not fstats.stat.exists
- not fstats.stat.isreg

65 changes: 65 additions & 0 deletions roles/common/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
---
- name: "Verify container - {{ container_test_id }}"
when: container_list is defined
ansible.builtin.include_tasks: "container_tests.yml"
loop: "{{ container_list }}"


- name: "Verify credential - {{ cred_test_id }}"
when: cred_list is defined
ansible.builtin.include_tasks: "cred_tests.yml"
loop: "{{ cred_list }}"


- name: "Verify endpoint in OSP - {{ endpoint_test_id }}"
when: endpoint_list is defined
ansible.builtin.include_tasks: "endpoint_tests.yml"
loop: "{{ endpoint_list }}"


- name: "Verify file - {{ file_test_id }}"
when: file_list is defined
ansible.builtin.include_tasks: "file_tests.yml"
loop: "{{ file_list }}"


- name: "Verify manifest - {{ manifest_test_id }}"
when: manifest_list is defined
ansible.builtin.include_tasks: "manifest_tests.yml"
loop: "{{ manifest_list }}"


- name: "Verify OSP node - {{ node_test_id }}"
when: node_list is defined
ansible.builtin.include_tasks: node_tests.yml
loop: "{{ node_list }}"


- name: "Verify pod - {{ pod_test_id }}"
when:
- pod_list is defined
- nspace is defined
elfiesmelfie marked this conversation as resolved.
Show resolved Hide resolved
- pod_status_str is defined
ansible.builtin.include_tasks: "pod_tests.yml"
loop: "{{ pod_list }}"



- name: "Verify project - {{ proj_test_id }}"
when: proj_list is defined
ansible.builtin.include_tasks: "proj_tests.yml"
loop: "{{ proj_list }}"


- name: "Verify service - {{ service_test_id }}"
when:
- service_list is defined
- nspace is defined
elfiesmelfie marked this conversation as resolved.
Show resolved Hide resolved
ansible.builtin.include_tasks: "service_tests.yml"
loop: "{{ service_list }}"


- name: "Verify subscription - {{ subscription_test_id }}"
when: subscription_list is defined
ansible.builtin.include_tasks: "subscription_tests.yml"
loop: "{{ subscription_list }}"
23 changes: 23 additions & 0 deletions roles/common/tasks/manifest_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---

- name: Get number of packages
ansible.builtin.shell:
cmd: |
echo "{{ item }}" | awk '{print $2;}'
register: num_expected
changed_when: false

- name: Get package name
ansible.builtin.shell:
cmd: |
echo "{{ item }}" | awk '{print $1;}'
register: pack_name
changed_when: false

- name: Get packagemanifest
ansible.builtin.shell:
cmd: |
oc get packagemanifests | grep "{{ pack_name.stdout }}" | wc -l
register: num_found
changed_when: false
failed_when: num_expected.stdout != num_found.stdout
18 changes: 18 additions & 0 deletions roles/common/tasks/node_tests.yml
View file
Open in desktop
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't believe these tests are valid.
Zuul doesn't know or care that the nodes are VMs, and the executer, which run the playbooks for the job, does not have these VMs running.
We pass nodesets into the jobs, but these are for zuul to give to nodepool, which provides the test servers.
In the case of the Zuul instance on rdo, nodepool talks to various cloud providers, which then provision VMs, based on the nodeset labels.
The only information that Zuul has/needs about the hosts (crc, computes, controller, etc) is the ansible inv file, which has the hostname, IP address, etc that zuul needs to run the playbooks that we pass to it.

Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---

- name: Get running node
become: true
ansible.builtin.shell:
cmd: |
virsh list --state-running | grep "{{ item }}" | awk '{print $2;}'
register: nodefound
changed_when: false

- name: Get node status
become: true
ansible.builtin.shell:
cmd: |
virsh list --state-running | grep "{{ item }}" | awk '{print $3;}'
register: output
changed_when: false
failed_when: output.stdout != "running"
20 changes: 20 additions & 0 deletions roles/common/tasks/pod_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---

- name: Get Pod Instance "{{ pod_status_str }}"
ansible.builtin.shell:
cmd: |
oc get pods -n "{{ pod_nspace }}" | grep "{{ item }}" | grep "{{ pod_status_str }}" | awk '{print $1;}'
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this fails, there is no indication until the next task.
There is also no helpful information to see what might have caused the error.

The next task will fail if there is nothing returned from here.

Suggested change
oc get pods -n "{{ pod_nspace }}" | grep "{{ item }}" | grep "{{ pod_status_str }}" | awk '{print $1;}'
oc get pods -n "{{ pod_nspace }}" | grep "{{ item }}" | grep "{{ pod_status_str }}" | awk '{print $1;}'
failed_when:
- podinstance.stdout_lines | length == 0

register: podinstance
changed_when: false

- name: Check terminated pod
ansible.builtin.shell:
cmd: |
oc get pod -n "{{ pod_nspace }} {{ podinstance.stdout }}"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
oc get pod -n "{{ pod_nspace }} {{ podinstance.stdout }}"
oc get pod -n "{{ pod_nspace }}" "{{ podinstance.stdout }}"

Please don't apply these suggestions, they are reflective of what is going on in PR#149

register: output
changed_when: false
failed_when:
- output.rc != 0
- podinstance.stdout == ""


8 changes: 8 additions & 0 deletions roles/common/tasks/proj_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---

- name: Verify Project exists - "{{ item }}"
ansible.builtin.shell:
cmd: |
oc project "{{ item }}"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will switch to a different project. This may cause unexpected behaviour of subsequent commands are run without a --namespace/-n argument.
A better check would be

oc project list | grep "{{ item}}"

(please verify that this command is correct)

A more efficient approach might be to get the project list and then loop through the output to make sure that all the expected project are there.

register: output
changed_when: false
6 changes: 6 additions & 0 deletions roles/common/tasks/service_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
- name: Verify Service Running - "{{ item }}"
ansible.builtin.shell:
cmd: |
oc get service -n "{{ service_nspace }}" "{{ item }}"
register: output
changed_when: false
8 changes: 8 additions & 0 deletions roles/common/tasks/subscription_tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---

- name: Verify subscription
ansible.builtin.shell:
cmd: |
oc get subscriptions -n "{{ subscription_nspace }}" "{{ item }}"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO, this should have a similar format to the endpoint tests, so that a single loop can cover multiple namespaces.

register: output
changed_when: false
Loading