Add support for shutdown cluster.

.github/workflows/test_ansible.yml

@@ -1,6 +1,5 @@
 ---
-name: test-freeipa-matrix
-run-name: Test Distro Matrix
+name: Test Distro Matrix
 on:
   - push
   - pull_request
@@ -20,9 +19,14 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Run FreeIPA tests
-        uses: rjeffman/[email protected]
+        # uses: rjeffman/FreeIPA-Cluster-Test@<version|main>
+        uses: ./
         with:
           cluster_configuration: tests/environments/server_only.yaml
           distro: ${{ matrix.test_distro }}
           test_playbooks: >-
             tests/playbooks/test_hbac.yaml
+          shutdown: true
+
+      - name: Check if cluster is down
+        run: test -z "$(podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}")"

.github/workflows/test_pytest.yml

@@ -0,0 +1,53 @@
+---
+name: Test Environment Reuse
+on:
+  - push
+  - pull_request
+
+jobs:
+  test-environment-reuse:
+    name: Test environment reuse
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Clone the repository
+        uses: actions/checkout@v4
+
+      - name: Deploy environment
+        # uses: rjeffman/FreeIPA-Cluster-Test@<version|main>
+        uses: ./
+        with:
+          cluster_configuration: tests/environments/server_only.yaml
+          shutdown: false
+
+      - name: Check if cluster is up
+        run: |
+          podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}"
+          test -n "$(podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}")"
+
+      - name: Update /etc/hosts
+        run: |
+          podman ps
+          host_entry="$(podman exec server bash -c 'echo "$(hostname -I)  $(hostname)"')"
+          echo "${host_entry}" | sudo tee -a /etc/hosts
+
+      - name: Install test dependencies
+        run: |
+          pip install pytest requests
+
+      - name: Run Pytest
+        # note that any command that needs to access the pod network
+        # should be executed with `podman unshare --rootless-netns`
+        run: |
+          podman unshare --rootless-netns pytest
+
+      - name: Shutdown environment
+        # uses: rjeffman/FreeIPA-Cluster-Test@<version|main>
+        uses: ./
+        with:
+          cluster_configuration: tests/environments/server_only.yaml
+          shutdown: true
+
+      - name: Check if cluster is down
+        run: |
+          podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}"
+          test -z "$(podman ps -f "name=server" -f "pod=pod_ipa-lab" --format="{{ .Names }}")"

README.md

@@ -26,6 +26,7 @@ The available input options are:
 | `distro`         | The default distro image to use. Defaults to `fedora-latest` | no |
 | `ansible_vars`   | Path to a file with variables to be used when running the playbooks. | no |
 | `ansible_requirements` | An Ansible requirements file for the test playbooks. | no |
+| `shutdown` | Shutdown the compose after tests are executed. Default is `false` to keep original behavior. | no |
 
 An example usage in a workflow with a `distro` matrix and multiple test playbooks:
 
@@ -59,6 +60,7 @@ jobs:
           test_playbooks: >-
             tests/playbooks/test_hbac.yaml
             tests/playbooks/test_rbac.yaml
+          shutdown: true
 ```
 
 Note that in the previous example it was used the folded strip block scalar `>-` that will produce a single line, space separated list of files.
@@ -80,3 +82,52 @@ ipa_deployments:
       clients:
         - name: cli-01
 ```
+
+Testing without Ansible
+-----------------------
+
+The original goal of this action was to run Ansible playbooks to test software (mostly Ansible roles and modules), and this section shows an exampel on how to use this action with other testing frameworks.
+
+```yaml
+---
+name: test-freeipa-action
+run-name: Test FreeIPA using a Github Action
+on:
+  - push
+  - pull_request
+
+jobs:
+  test-freeipa-hbac
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Clone the repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+
+      - name: Install test dependencies
+        run: |
+          pip install coverage pytest
+
+      - name: Run FreeIPA tests
+        uses: rjeffman/[email protected]
+        with:
+          cluster_configuration: tests/evironments/basic_cluster.yaml
+
+      - name: Test with pytest
+        run: |
+          podman unshare --rootless-netns coverage run -m pytest
+
+      - name: Generate Coverage report
+        run: |
+          coverage report -m
+
+      - name: Shutdown FreeIPA environment
+        uses: rjeffman/[email protected]
+        with:
+          cluster_configuration: tests/evironments/basic_cluster.yaml
+          shutdown: true
+```
+
+Note the use of `podman unshare --rootless-netns` to access the node namespace.

action.yml

@@ -22,6 +22,11 @@ inputs:
     description: "An Ansible requirements file for the test playbooks."
     required: false
 
+  shutdown:
+    description: "Shutdown environment."
+    required: false
+    type: boolean
+
 runs:
   using: "composite"
   steps:
@@ -61,43 +66,82 @@ runs:
         sudo apt install software-properties-common
         sudo apt install ansible-core podman
 
+    - name: Prepare virtual environment
+      shell: bash
+      run: |
+        if [ ! -f venv/bin/activate ]
+        then
+            python3 -m venv venv
+            source venv/bin/activate
+            pip3 install "podman-compose"
+        fi
+
     - name: Setup ipalab config
       shell: bash
       run: |
-        python3 -m venv venv
         source venv/bin/activate
         pip3 install "ipalab-config>=0.6"
-        ipalab-config -d ${{ inputs.distro || 'fedora-latest' }} -o CONFIG_DIR ${{ inputs.cluster_configuration }}
+        ipalab-config \
+          -d ${{ inputs.distro || 'fedora-latest' }} \
+          -o CONFIG_DIR ${{ inputs.cluster_configuration }}
+
+    - name: Check if compose is running
+      id: check_compose
+      shell: bash
+      run: |
+        source venv/bin/activate
+        echo "compose_up=\
+            $([ -n "$(podman-compose ps | grep -v "CONTAINER ID")" ] \
+            && echo "YES" \
+            || echo "NO")" >> $GITHUB_OUTPUT
 
     - name: Create cluster pod
+      if: ${{ steps.check_compose.vars.output.compose_up }} == "NO"
       shell: bash
       run: |
         source venv/bin/activate
-        pip3 install podman-compose
         cd CONFIG_DIR
         podman-compose -f compose.yml up -d
 
     - name: Ensure '/ect/shadow' is readable
+      if: ${{ steps.check_compose.vars.output.compose_up }} == "NO"
       shell: bash
-      run: ansible -i CONFIG_DIR/inventory.yml -m "ansible.builtin.shell" -a "chmod u+r /etc/shadow" -vvvv all
+      run: |
+        source venv/bin/activate
+        ansible -i CONFIG_DIR/inventory.yml \
+          -m "ansible.builtin.shell" \
+          -a "chmod u+r /etc/shadow" all
 
     - name: Deploy cluster
+      if: ${{ steps.check_compose.vars.output.compose_up }} == "NO"
       shell: bash
       run: |
+        source venv/bin/activate
         ansible-galaxy collection install -r CONFIG_DIR/requirements.yml
         ansible-playbook -i CONFIG_DIR/inventory.yml CONFIG_DIR/playbooks/install-cluster.yml
 
     - name: Install Ansible collections
       if: ${{ inputs.ansible_requirements }}
       shell: bash
-      run: ansible-galaxy collection install -r ${{ inputs.ansible_requirements }}
+      run: |
+        source venv/bin/activate
+        ansible-galaxy collection install -r ${{ inputs.ansible_requirements }}
 
     - name: Run Ansible test playboooks
+      if: ${{ inputs.test_playbooks }}
       shell: bash
       run: |
+        source venv/bin/activate
         for playbook in ${{ inputs.test_playbooks }}
         do
           echo "Running playbook: ${playbook}"
           [ -n "${{ inputs.ansible_vars }}" ] && extra_opts="-e '@${{ inputs.ansible_vars}}'"
           ansible-playbook -i CONFIG_DIR/inventory.yml ${extra_opts} "${playbook}"
         done
+
+    - name: Shutdown environment
+      shell: bash
+      run: |
+        source venv/bin/activate
+        cd CONFIG_DIR
+        [ "${{ inputs.shutdown }}" == "true" ] && podman-compose -f compose.yml down ||:

tests/test_request.py

@@ -0,0 +1,10 @@
+import requests
+
+
+def test_connection_to_webui():
+    resp = requests.get("https://server.ipa.test", verify=False)
+    assert resp.url == "https://server.ipa.test/ipa/ui/"
+    assert resp.status_code == 200
+    assert resp.reason == "OK"
+    assert "<title>Identity Management</title>" in resp.text
+