From d13fe1f850a4f4c12a2b0310e8488b2f6545897e Mon Sep 17 00:00:00 2001 From: Sergey Date: Sun, 15 Aug 2021 20:04:51 +0300 Subject: [PATCH] Run tests with podman secret (#287) --- .github/workflows/podman_secret.yml | 194 ++++++++++++++++++ ci/playbooks/containers/podman_secret.yml | 9 + .../targets/podman_secret/tasks/main.yml | 8 +- 3 files changed, 210 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/podman_secret.yml create mode 100644 ci/playbooks/containers/podman_secret.yml diff --git a/.github/workflows/podman_secret.yml b/.github/workflows/podman_secret.yml new file mode 100644 index 0000000..1b01a4d --- /dev/null +++ b/.github/workflows/podman_secret.yml @@ -0,0 +1,194 @@ +name: Podman secret + +on: + push: + paths: + - '.github/workflows/podman_secret.yml' + - 'ci/*.yml' + - 'ci/run_containers_tests.sh' + - 'ci/playbooks/containers/podman_secret.yml' + - 'plugins/modules/podman_secret.py' + - 'plugins/modules/podman_container.py' + - 'plugins/module_utils/podman/podman_container_lib.py' + branches: + - master + pull_request: + paths: + - '.github/workflows/podman_secret.yml' + - 'ci/*.yml' + - 'ci/run_containers_tests.sh' + - 'ci/playbooks/containers/podman_secret.yml' + - 'plugins/modules/podman_secret.py' + - 'plugins/modules/podman_container.py' + - 'plugins/module_utils/podman/podman_container_lib.py' + schedule: + - cron: 4 0 * * * # Run daily at 0:03 UTC + +jobs: + + test_podman_secret: + name: Podman secret ${{ matrix.ansible-version }}-${{ matrix.os || 'ubuntu-latest' }} + runs-on: ${{ matrix.os || 'ubuntu-latest' }} + defaults: + run: + shell: bash + strategy: + fail-fast: false + matrix: + ansible-version: + - ansible<2.10 + - git+https://github.com/ansible/ansible.git@stable-2.11 + - git+https://github.com/ansible/ansible.git@devel + os: + - ubuntu-20.04 + python-version: + - 3.7 + + steps: + + - name: Check out repository + uses: actions/checkout@v2 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + + - name: Upgrade pip and display Python and PIP versions + run: | + sudo apt-get update + sudo apt-get install -y python*-wheel python*-yaml + python -m pip install --upgrade pip + python -V + pip --version + + - name: Set up pip cache + uses: actions/cache@v1 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ github.ref }}-units-VMs + restore-keys: | + ${{ runner.os }}-pip- + ${{ runner.os }}- + + - name: Install Ansible ${{ matrix.ansible-version }} + run: python3 -m pip install --user --force-reinstall --upgrade '${{ matrix.ansible-version }}' + + - name: Build and install the collection tarball + run: | + export PATH=~/.local/bin:$PATH + + echo "Run ansible version" + command -v ansible + ansible --version + rm -rf /tmp/just_new_collection + ~/.local/bin/ansible-galaxy collection build --output-path /tmp/just_new_collection --force + ~/.local/bin/ansible-galaxy collection install -vvv --force /tmp/just_new_collection/*.tar.gz + + - name: Run collection tests for podman secret + run: | + export PATH=~/.local/bin:$PATH + + if [[ '${{ matrix.ansible-version }}' == 'git+https://github.com/ansible/ansible.git@devel' ]]; then + export ANSIBLE_CONFIG=$(pwd)/ci/ansible-dev.cfg + elif [[ '${{ matrix.ansible-version }}' == 'ansible<2.10' ]]; then + export ANSIBLE_CONFIG=$(pwd)/ci/ansible-2.9.cfg + fi + + echo $ANSIBLE_CONFIG + command -v ansible-playbook + pip --version + python --version + ansible-playbook --version + + ansible-playbook -vv ci/playbooks/pre.yml \ + -e host=localhost \ + -i localhost, \ + -e ansible_connection=local \ + -e setup_python=false + + TEST2RUN=podman_secret ./ci/run_containers_tests.sh + shell: bash + + test_podman_secret_with_pip: + name: Podman secret w/ pip ${{ matrix.ansible-version }}-${{ matrix.os || 'ubuntu-latest' }} + runs-on: ${{ matrix.os || 'ubuntu-latest' }} + defaults: + run: + shell: bash + strategy: + fail-fast: false + matrix: + ansible-version: + - ansible<2.10 + #- git+https://github.com/ansible/ansible.git@stable-2.10 + os: + - ubuntu-20.04 + python-version: + - 3.7 + + steps: + + - name: Check out repository + uses: actions/checkout@v2 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + + - name: Upgrade pip and display Python and PIP versions + run: | + sudo apt-get update + sudo apt-get install -y python*-wheel python*-yaml + python -m pip install --upgrade pip + python -V + pip --version + + - name: Set up pip cache + uses: actions/cache@v1 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ github.ref }}-units-VMs + restore-keys: | + ${{ runner.os }}-pip- + ${{ runner.os }}- + + - name: Install Ansible ${{ matrix.ansible-version }} + run: python3 -m pip install --user --force-reinstall --upgrade '${{ matrix.ansible-version }}' + + - name: Build and install the collection tarball + run: | + export PATH=~/.local/bin:$PATH + + echo "Run ansible version" + command -v ansible + ansible --version + python3 -m pip install --user --force-reinstall --upgrade . + + + - name: Run collection tests for podman secret + run: | + export PATH=~/.local/bin:$PATH + export ANSIBLE_COLLECTIONS_PATHS=~/.local/share/ansible/collections + + if [[ '${{ matrix.ansible-version }}' == 'git+https://github.com/ansible/ansible.git@devel' ]]; then + export ANSIBLE_CONFIG=$(pwd)/ci/ansible-dev.cfg + elif [[ '${{ matrix.ansible-version }}' == 'ansible<2.10' ]]; then + export ANSIBLE_CONFIG=$(pwd)/ci/ansible-2.9.cfg + fi + + echo $ANSIBLE_CONFIG + command -v ansible-playbook + pip --version + python --version + ansible-playbook --version + + ansible-playbook -vv ci/playbooks/pre.yml \ + -e host=localhost \ + -i localhost, \ + -e ansible_connection=local \ + -e setup_python=false + + TEST2RUN=podman_secret ./ci/run_containers_tests.sh + shell: bash diff --git a/ci/playbooks/containers/podman_secret.yml b/ci/playbooks/containers/podman_secret.yml new file mode 100644 index 0000000..0c35079 --- /dev/null +++ b/ci/playbooks/containers/podman_secret.yml @@ -0,0 +1,9 @@ +--- +- hosts: all + gather_facts: true + tasks: + - include_role: + name: podman_secret + vars: + idem_image: idempotency_test + ansible_python_interpreter: "{{ _ansible_python_interpreter }}" diff --git a/tests/integration/targets/podman_secret/tasks/main.yml b/tests/integration/targets/podman_secret/tasks/main.yml index 6340731..2b9c7d7 100644 --- a/tests/integration/targets/podman_secret/tasks/main.yml +++ b/tests/integration/targets/podman_secret/tasks/main.yml @@ -20,7 +20,7 @@ - name: Create container that uses secret containers.podman.podman_container: name: showmysecret - image: docker.io/alpine:3.14 + image: alpine:3.7 secrets: - mysecret command: cat /run/secrets/mysecret @@ -58,3 +58,9 @@ assert: that: - removed is not changed + + always: + - name: Remove container that uses secret + containers.podman.podman_container: + name: showmysecret + state: absent