Skip to content

Commit

Permalink
Make sure that ansible params check the playbook
Browse files Browse the repository at this point in the history
The ansible provisioning supports using a separate yaml playbook,
so check this file (but only the top playbook) for any parameters...

The `ansible-playbook` command does not run remotely so it does not
use the param.env, which means that the env is set on the command.

Signed-off-by: Anders F Björklund <[email protected]>
  • Loading branch information
afbjorklund committed Oct 3, 2024
1 parent 996b340 commit d1d8189
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 8 deletions.
2 changes: 1 addition & 1 deletion hack/ansible-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@
tasks:
- name: Create test file
file:
path: /tmp/ansible
path: "/tmp/param-{{ lookup('ansible.builtin.env', 'PARAM_ANSIBLE') }}"
state: touch
8 changes: 1 addition & 7 deletions hack/test-templates.sh
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ declare -A CHECKS=(
["disk"]=""
["user-v2"]=""
["mount-path-with-spaces"]=""
["provision-ansible"]=""
["param-env-variables"]=""
)

Expand Down Expand Up @@ -64,7 +63,6 @@ case "$NAME" in
CHECKS["snapshot-online"]="1"
CHECKS["snapshot-offline"]="1"
CHECKS["mount-path-with-spaces"]="1"
CHECKS["provision-ansible"]="1"
CHECKS["param-env-variables"]="1"
;;
"net-user-v2")
Expand Down Expand Up @@ -149,13 +147,9 @@ if [[ -n ${CHECKS["mount-path-with-spaces"]} ]]; then
[ "$(limactl shell "$NAME" cat "/tmp/lima test dir with spaces/test file")" = "test file content" ]
fi

if [[ -n ${CHECKS["provision-ansible"]} ]]; then
INFO 'Testing that /tmp/ansible was created successfully on provision'
limactl shell "$NAME" test -e /tmp/ansible
fi

if [[ -n ${CHECKS["param-env-variables"]} ]]; then
INFO 'Testing that PARAM env variables are exported to all types of provisioning scripts and probes'
limactl shell "$NAME" test -e /tmp/param-ansible
limactl shell "$NAME" test -e /tmp/param-boot
limactl shell "$NAME" test -e /tmp/param-dependency
limactl shell "$NAME" test -e /tmp/param-probe
Expand Down
1 change: 1 addition & 0 deletions hack/test-templates/test-misc.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ mounts:
writable: true

param:
ANSIBLE: ansible
BOOT: boot
DEPENDENCY: dependency
PROBE: probe
Expand Down
11 changes: 11 additions & 0 deletions pkg/instance/ansible.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package instance

import (
"context"
"fmt"
"os"
"os/exec"
"path/filepath"
Expand Down Expand Up @@ -33,6 +34,7 @@ func runAnsiblePlaybook(ctx context.Context, inst *store.Instance, playbook stri
logrus.Debugf("ansible-playbook -i %q %q", inventory, playbook)
args := []string{"-i", inventory, playbook}
cmd := exec.CommandContext(ctx, "ansible-playbook", args...)
cmd.Env = getAnsibleEnvironment(inst)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
return cmd.Run()
Expand Down Expand Up @@ -60,3 +62,12 @@ func createAnsibleInventory(inst *store.Instance) (string, error) {
inventory := filepath.Join(inst.Dir, filenames.AnsibleInventoryYAML)
return inventory, os.WriteFile(inventory, bytes, 0o644)
}

func getAnsibleEnvironment(inst *store.Instance) []string {
env := []string{}
env = append(env, os.Environ()...)
for key, val := range inst.Config.Param {
env = append(env, fmt.Sprintf("PARAM_%s=%s", key, val))
}
return env
}
10 changes: 10 additions & 0 deletions pkg/limayaml/validate.go
Original file line number Diff line number Diff line change
Expand Up @@ -445,6 +445,16 @@ func ValidateParamIsUsed(y *LimaYAML) error {
keyIsUsed = true
break
}
if p.Playbook != "" {
playbook, err := os.ReadFile(p.Playbook)
if err != nil {
return err
}
if re.Match(playbook) {
keyIsUsed = true
break
}
}
}
for _, p := range y.Probes {
if re.MatchString(p.Script) {
Expand Down

0 comments on commit d1d8189

Please sign in to comment.