From 1583d5400010cdb7cd20fd575fce8f19362d31ae Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Tue, 14 Jan 2025 16:20:18 -0300 Subject: [PATCH 1/3] workflows: Use branch head to run tests Signed-off-by: Rafael Guterres Jeffman --- .github/workflows/test_ansible.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test_ansible.yml b/.github/workflows/test_ansible.yml index ad24731..6934166 100644 --- a/.github/workflows/test_ansible.yml +++ b/.github/workflows/test_ansible.yml @@ -1,6 +1,5 @@ --- -name: test-freeipa-matrix -run-name: Test Distro Matrix +name: Test Distro Matrix on: - push - pull_request @@ -20,7 +19,8 @@ jobs: uses: actions/checkout@v4 - name: Run FreeIPA tests - uses: rjeffman/FreeIPA-Cluster-Test@v1.2.0 + # uses: rjeffman/FreeIPA-Cluster-Test@ + uses: ./ with: cluster_configuration: tests/environments/server_only.yaml distro: ${{ matrix.test_distro }} From 77049e0d58e890120f59f31a89f031311742c1d7 Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Tue, 14 Jan 2025 16:05:35 -0300 Subject: [PATCH 2/3] Add support for option to shutdown environment When running several steps in might be important to shutdown the environment before the runner is decomissioned. This patch adds input option 'shutdown', and when set to 'true', shuts down the compose created, and allows multiple runs of the action, with the compose only being recreated if needed. Signed-off-by: Rafael Guterres Jeffman --- .github/workflows/test_ansible.yml | 1 + .github/workflows/test_pytest.yml | 53 +++++++++++++++++++++++++++++ README.md | 51 ++++++++++++++++++++++++++++ action.yml | 54 +++++++++++++++++++++++++++--- tests/test_request.py | 10 ++++++ 5 files changed, 164 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/test_pytest.yml create mode 100644 tests/test_request.py diff --git a/.github/workflows/test_ansible.yml b/.github/workflows/test_ansible.yml index 6934166..fd1dbfc 100644 --- a/.github/workflows/test_ansible.yml +++ b/.github/workflows/test_ansible.yml @@ -26,3 +26,4 @@ jobs: distro: ${{ matrix.test_distro }} test_playbooks: >- tests/playbooks/test_hbac.yaml + shutdown: true diff --git a/.github/workflows/test_pytest.yml b/.github/workflows/test_pytest.yml new file mode 100644 index 0000000..9e3735d --- /dev/null +++ b/.github/workflows/test_pytest.yml @@ -0,0 +1,53 @@ +--- +name: Test Environment Reuse +on: + - push + - pull_request + +jobs: + test-environment-reuse: + name: Test environment reuse + runs-on: ubuntu-24.04 + steps: + - name: Clone the repository + uses: actions/checkout@v4 + + - name: Deploy environment + # uses: rjeffman/FreeIPA-Cluster-Test@ + uses: ./ + with: + cluster_configuration: tests/environments/server_only.yaml + shutdown: false + + - name: Check if cluster is up + run: | + podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}" + test -n "$(podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}")" + + - name: Update /etc/hosts + run: | + podman ps + host_entry="$(podman exec server bash -c 'echo "$(hostname -I) $(hostname)"')" + echo "${host_entry}" | sudo tee -a /etc/hosts + + - name: Install test dependencies + run: | + pip install pytest requests + + - name: Run Pytest + # note that any command that needs to access the pod network + # should be executed with `podman unshare --rootless-netns` + run: | + podman unshare --rootless-netns pytest + + - name: Shutdown environment + # uses: rjeffman/FreeIPA-Cluster-Test@ + uses: ./ + with: + cluster_configuration: tests/environments/server_only.yaml + shutdown: true + + - name: Check if cluster is down + run: | + podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}" + test -z "$(podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}")" diff --git a/README.md b/README.md index 880adca..38fc81b 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,7 @@ The available input options are: | `distro` | The default distro image to use. Defaults to `fedora-latest` | no | | `ansible_vars` | Path to a file with variables to be used when running the playbooks. | no | | `ansible_requirements` | An Ansible requirements file for the test playbooks. | no | +| `shutdown` | Shutdown the compose after tests are executed. Default is `false` to keep original behavior. | no | An example usage in a workflow with a `distro` matrix and multiple test playbooks: @@ -59,6 +60,7 @@ jobs: test_playbooks: >- tests/playbooks/test_hbac.yaml tests/playbooks/test_rbac.yaml + shutdown: true ``` Note that in the previous example it was used the folded strip block scalar `>-` that will produce a single line, space separated list of files. @@ -80,3 +82,52 @@ ipa_deployments: clients: - name: cli-01 ``` + +Testing without Ansible +----------------------- + +The original goal of this action was to run Ansible playbooks to test software (mostly Ansible roles and modules), and this section shows an exampel on how to use this action with other testing frameworks. + +```yaml +--- +name: test-freeipa-action +run-name: Test FreeIPA using a Github Action +on: + - push + - pull_request + +jobs: + test-freeipa-hbac + runs-on: ubuntu-24.04 + steps: + - name: Clone the repository + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v4 + + - name: Install test dependencies + run: | + pip install coverage pytest + + - name: Run FreeIPA tests + uses: rjeffman/FreeIPA-Cluster-Test@v1.0.0 + with: + cluster_configuration: tests/evironments/basic_cluster.yaml + + - name: Test with pytest + run: | + podman unshare --rootless-netns coverage run -m pytest + + - name: Generate Coverage report + run: | + coverage report -m + + - name: Shutdown FreeIPA environment + uses: rjeffman/FreeIPA-Cluster-Test@v1.0.0 + with: + cluster_configuration: tests/evironments/basic_cluster.yaml + shutdown: true +``` + +Note the use of `podman unshare --rootless-netns` to access the node namespace. diff --git a/action.yml b/action.yml index ac34b90..70d1193 100644 --- a/action.yml +++ b/action.yml @@ -22,6 +22,11 @@ inputs: description: "An Ansible requirements file for the test playbooks." required: false + shutdown: + description: "Shutdown environment." + required: false + type: boolean + runs: using: "composite" steps: @@ -61,43 +66,82 @@ runs: sudo apt install software-properties-common sudo apt install ansible-core podman + - name: Prepare virtual environment + shell: bash + run: | + if [ ! -f venv/bin/activate ] + then + python3 -m venv venv + source venv/bin/activate + pip3 install "podman-compose" + fi + - name: Setup ipalab config shell: bash run: | - python3 -m venv venv source venv/bin/activate pip3 install "ipalab-config>=0.6" - ipalab-config -d ${{ inputs.distro || 'fedora-latest' }} -o CONFIG_DIR ${{ inputs.cluster_configuration }} + ipalab-config \ + -d ${{ inputs.distro || 'fedora-latest' }} \ + -o CONFIG_DIR ${{ inputs.cluster_configuration }} + + - name: Check if compose is running + id: check_compose + shell: bash + run: | + source venv/bin/activate + echo "compose_up=\ + $([ -n "$(podman-compose ps | grep -v "CONTAINER ID")" ] \ + && echo "YES" \ + || echo "NO")" >> $GITHUB_OUTPUT - name: Create cluster pod + if: ${{ steps.check_compose.vars.output.compose_up }} == "NO" shell: bash run: | source venv/bin/activate - pip3 install podman-compose cd CONFIG_DIR podman-compose -f compose.yml up -d - name: Ensure '/ect/shadow' is readable + if: ${{ steps.check_compose.vars.output.compose_up }} == "NO" shell: bash - run: ansible -i CONFIG_DIR/inventory.yml -m "ansible.builtin.shell" -a "chmod u+r /etc/shadow" -vvvv all + run: | + source venv/bin/activate + ansible -i CONFIG_DIR/inventory.yml \ + -m "ansible.builtin.shell" \ + -a "chmod u+r /etc/shadow" all - name: Deploy cluster + if: ${{ steps.check_compose.vars.output.compose_up }} == "NO" shell: bash run: | + source venv/bin/activate ansible-galaxy collection install -r CONFIG_DIR/requirements.yml ansible-playbook -i CONFIG_DIR/inventory.yml CONFIG_DIR/playbooks/install-cluster.yml - name: Install Ansible collections if: ${{ inputs.ansible_requirements }} shell: bash - run: ansible-galaxy collection install -r ${{ inputs.ansible_requirements }} + run: | + source venv/bin/activate + ansible-galaxy collection install -r ${{ inputs.ansible_requirements }} - name: Run Ansible test playboooks + if: ${{ inputs.test_playbooks }} shell: bash run: | + source venv/bin/activate for playbook in ${{ inputs.test_playbooks }} do echo "Running playbook: ${playbook}" [ -n "${{ inputs.ansible_vars }}" ] && extra_opts="-e '@${{ inputs.ansible_vars}}'" ansible-playbook -i CONFIG_DIR/inventory.yml ${extra_opts} "${playbook}" done + + - name: Shutdown environment + shell: bash + run: | + source venv/bin/activate + cd CONFIG_DIR + [ "${{ inputs.shutdown }}" == "true" ] && podman-compose -f compose.yml down ||: diff --git a/tests/test_request.py b/tests/test_request.py new file mode 100644 index 0000000..10b94f3 --- /dev/null +++ b/tests/test_request.py @@ -0,0 +1,10 @@ +import requests + + +def test_connection_to_webui(): + resp = requests.get("https://server.ipa.test", verify=False) + assert resp.url == "https://server.ipa.test/ipa/ui/" + assert resp.status_code == 200 + assert resp.reason == "OK" + assert "Identity Management" in resp.text + From 9d73c2fc42c7c5addb19cf91847ead20dc7f9f6b Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Wed, 15 Jan 2025 09:20:46 -0300 Subject: [PATCH 3/3] tests: Check Ansible test environment shutdown Signed-off-by: Rafael Guterres Jeffman --- .github/workflows/test_ansible.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/test_ansible.yml b/.github/workflows/test_ansible.yml index fd1dbfc..0f60e1c 100644 --- a/.github/workflows/test_ansible.yml +++ b/.github/workflows/test_ansible.yml @@ -27,3 +27,6 @@ jobs: test_playbooks: >- tests/playbooks/test_hbac.yaml shutdown: true + + - name: Check if cluster is down + run: test -z "$(podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}")"