Mirrors/network
1
0
Fork 0
mirror of https://github.com/linux-system-roles/network.git synced 2026-01-23 02:15:17 +00:00
Code Issues Projects Releases Wiki Activity

Create separate github actions for various checks; get rid of monolithic tox.yml

Browse source 
There are now separate github actions for the various tests, instead of all of
them being done as part of the tox tests in tox.yml - ansible-lint,
ansible-test, etc.

Use the officially supported github actions e.g. for ansible-lint, ansible-test,
rather than using our own from `tox-lsr` and trying to keep up with the latest
changes.  Developers will still be able to use `tox-lsr` on their local
development environments to run these tests in the same way that they are run in
github actions, so that errors found when submitting PRs can be reproduced and
corrected locally without too many github UI roundtrips.

Using separate github actions, and especially the official github actions which
generally have support for in-line comments, should help greatly with
readability and troubleshooting test results.

Python tests are removed from roles that do not use python.

Python tests are now done by python-unit-tests.yml which also does the black,
flake8, and pylint tests.

Signed-off-by: Rich Megginson <rmeggins@redhat.com>
This commit is contained in:
Rich Megginson 2023-01-24 18:09:42 -07:00 committed by Richard Megginson
parent b0e3981b23
commit 9ee0e98b77
11 changed files with 327 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

24
.ansible-lint
View file

@ -1,15 +1,8 @@
---
skip_list:
- role-name
- fqcn-builtins
warn_list:
- load-failure # allow include_tasks with tasks/ directory
exclude_paths:
- tests/
- tests/roles/
- .github/
- examples/roles/
profile: production
kinds:
- yaml: "**/meta/collection-requirements.yml"
- yaml: "**/tests/collection-requirements.yml"
- playbook: "**/tests/tests_*.yml"
- playbook: "**/tests/setup-snapshot.yml"
- tasks: "**/tests/*.yml"
@ -18,3 +11,14 @@ kinds:
- tasks: "**/tests/tasks/*/*.yml"
- vars: "**/tests/vars/*.yml"
- playbook: "**/examples/*.yml"
skip_list:
- fqcn-builtins
warn_list:
- load-failure
exclude_paths:
- tests/roles/
- .github/
- examples/roles/
- tests/
mock_roles:
- linux-system-roles.network

33
.github/workflows/ansible-lint.yml vendored Normal file
View file

@ -0,0 +1,33 @@
---
name: Ansible Lint
on: # yamllint disable-line rule:truthy
pull_request:
push:
branches:
- main
workflow_dispatch:
jobs:
ansible_lint:
runs-on: ubuntu-latest
steps:
- name: Update pip, git
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install -y git
- name: Checkout repo
uses: actions/checkout@v3
- name: Fix up role meta/main.yml namespace and name
run: |
set -euxo pipefail
mm=meta/main.yml
if [ -f "$mm" ]; then
if ! grep -q '^ *namespace:' "$mm"; then
sed "/galaxy_info:/a\ namespace: linux_system_roles" -i "$mm"
fi
if ! grep -q '^ *role_name:' "$mm"; then
sed "/galaxy_info:/a\ role_name: network" -i "$mm"
fi
fi
- name: Run ansible-lint
uses: ansible-community/ansible-lint-action@v6

28
.github/workflows/ansible-managed-var-comment.yml vendored Normal file
View file

@ -0,0 +1,28 @@
---
name: Check for ansible_managed variable use in comments
on: # yamllint disable-line rule:truthy
pull_request:
push:
branches:
- main
workflow_dispatch:
jobs:
ansible_managed_var_comment:
runs-on: ubuntu-latest
steps:
- name: Update pip, git
run: |
set -euxo pipefail
python3 -m pip install --upgrade pip
sudo apt-get update
sudo apt-get install -y git
- name: Checkout repo
uses: actions/checkout@v3
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@2.13.1"
- name: Run ansible-plugin-scan
run: |
set -euxo pipefail
TOXENV=ansible-managed-var-comment lsr_ci_runtox

28
.github/workflows/ansible-plugin-scan.yml vendored Normal file
View file

@ -0,0 +1,28 @@
---
name: Ansible Plugin Scan
on: # yamllint disable-line rule:truthy
pull_request:
push:
branches:
- main
workflow_dispatch:
jobs:
ansible_plugin_scan:
runs-on: ubuntu-latest
steps:
- name: Update pip, git
run: |
set -euxo pipefail
python3 -m pip install --upgrade pip
sudo apt-get update
sudo apt-get install -y git
- name: Checkout repo
uses: actions/checkout@v3
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@2.13.1"
- name: Run ansible-plugin-scan
run: |
set -euxo pipefail
TOXENV=ansible-plugin-scan lsr_ci_runtox

50
.github/workflows/ansible-test.yml vendored Normal file
View file

@ -0,0 +1,50 @@
---
name: Ansible Test
on: # yamllint disable-line rule:truthy
pull_request:
push:
branches:
- main
workflow_dispatch:
env:
LSR_ROLE2COLL_NAMESPACE: fedora
LSR_ROLE2COLL_NAME: linux_system_roles
jobs:
ansible_test:
runs-on: ubuntu-latest
steps:
- name: Update pip, git
run: |
set -euxo pipefail
python3 -m pip install --upgrade pip
sudo apt-get update
sudo apt-get install -y git
- name: Checkout repo
uses: actions/checkout@v3
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@2.13.1"
- name: Convert role to collection format
run: |
set -euxo pipefail
TOXENV=collection lsr_ci_runtox
# copy the ignore files
coll_dir=".tox/ansible_collections/$LSR_ROLE2COLL_NAMESPACE/$LSR_ROLE2COLL_NAME"
# wokeignore:rule=sanity
ignore_dir="$coll_dir/tests/sanity"
if [ ! -d "$ignore_dir" ]; then
mkdir -p "$ignore_dir"
fi
# wokeignore:rule=sanity
for file in .sanity-ansible-ignore-*.txt; do
if [ -f "$file" ]; then
# wokeignore:rule=sanity
cp "$file" "$ignore_dir/${file//*.sanity-ansible-}"
fi
done
- name: Run ansible-test
uses: ansible-community/ansible-test-gh-action@release/v1
with:
testing-type: sanity # wokeignore:rule=sanity
collection-src-directory: .tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}

11
.github/workflows/changelog_to_tag.yml vendored
View file

@ -1,10 +1,10 @@
---
# yamllint disable rule:line-length
name: Pushing CHANGELOG.md triggers tag, release, and Galaxy publish
name: Tag, release, and publish role based on CHANGELOG.md push
on: # yamllint disable-line rule:truthy
push:
branches:
- main
- master
paths:
- CHANGELOG.md
env:
@ -13,8 +13,13 @@ jobs:
tag_release_publish:
runs-on: ubuntu-latest
steps:
- name: Update pip, git
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install -y git
- name: checkout PR
uses: actions/checkout@v2
uses: actions/checkout@v3
- name: Get tag and message from the latest CHANGELOG.md commit
id: tag
run: |

43
.github/workflows/codeql.yml vendored Normal file
View file

@ -0,0 +1,43 @@
---
name: CodeQL
on: # yamllint disable-line rule:truthy
push:
branches: ["main"]
pull_request:
branches: ["main"]
schedule:
- cron: 39 10 * * 0
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [python]
steps:
- name: Update pip, git
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install -y git
- name: Checkout
uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
queries: +security-and-quality
- name: Autobuild
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{ matrix.language }}"

63
.github/workflows/tox.yml → .github/workflows/python-unit-test.yml vendored
View file

@ -1,34 +1,38 @@
---
# yamllint disable rule:line-length
name: tox
name: Python Unit Tests
on: # yamllint disable-line rule:truthy
- pull_request
- push
pull_request:
push:
branches:
- main
workflow_dispatch:
env:
TOX_LSR: "git+https://github.com/linux-system-roles/tox-lsr@2.13.1"
LSR_ANSIBLE_TEST_DOCKER: "true"
LSR_ANSIBLES: 'ansible==2.9.*'
LSR_MSCENARIOS: default
# LSR_EXTRA_PACKAGES: "libdbus-1-dev libgirepository1.0-dev python3-dev"
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
python:
strategy:
matrix:
pyver_os:
- ver: '2.7'
- ver: "2.7"
os: ubuntu-20.04
- ver: '3.6'
- ver: "3.6"
os: ubuntu-20.04
- ver: '3.8'
- ver: "3.8"
os: ubuntu-latest
- ver: '3.9'
- ver: "3.9"
os: ubuntu-latest
- ver: '3.10'
- ver: "3.10"
os: ubuntu-latest
- ver: '3.11'
- ver: "3.11"
os: ubuntu-latest
runs-on: ${{ matrix.pyver_os.os }}
steps:
- name: Update git
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install -y git
- name: checkout PR
uses: actions/checkout@v3
- name: Set up Python
@ -39,28 +43,25 @@ jobs:
run: |
set -euxo pipefail
python -m pip install --upgrade pip
sudo apt-get update
sudo apt-get install -y git
pip install "$TOX_LSR"
lsr_ci_preinstall
- name: Run tox tests
pip install "git+https://github.com/linux-system-roles/tox-lsr@2.13.1"
# If you have additional OS dependency packages e.g. libcairo2-dev
# then put them in .github/config/ubuntu-requirements.txt, one
# package per line.
if [ -f .github/config/ubuntu-requirements.txt ]; then
sudo apt-get install -y $(cat .github/config/ubuntu-requirements.txt)
fi
- name: Run unit tests
run: |
set -euxo pipefail
toxpyver=$(echo "${{ matrix.pyver_os.ver }}" | tr -d .)
toxenvs="py${toxpyver}"
# NOTE: The use of flake8, pylint, black with specific
# python envs is arbitrary and must be changed in tox-lsr
# We really should either do those checks using the latest
# version of python, or in every version of python
case "$toxpyver" in
27) toxenvs="${toxenvs},coveralls,flake8,pylint" ;;
36) toxenvs="${toxenvs},coveralls,ensure_provider_tests,black,yamllint" ;;
38) toxenvs="${toxenvs},coveralls,ansible-lint,ansible-plugin-scan,collection,ansible-test" ;;
39) toxenvs="${toxenvs},coveralls,ansible-managed-var-comment" ;;
310) toxenvs="${toxenvs},coveralls,check-meta-versions" ;;
311) toxenvs="${toxenvs},coveralls" ;;
36) toxenvs="${toxenvs},coveralls,black" ;;
*) toxenvs="${toxenvs},coveralls" ;;
esac
TOXENV="$toxenvs" lsr_ci_runtox
python-26:
runs-on: ubuntu-latest
steps:
- name: checkout PR
uses: actions/checkout@v2
- name: Run py26 tests
uses: linux-system-roles/lsr-gh-action-py26@1.0.2

29
.github/workflows/shellcheck.yml vendored Normal file
View file

@ -0,0 +1,29 @@
---
name: ShellCheck
on: # yamllint disable-line rule:truthy
pull_request:
push:
branches:
- main
workflow_dispatch:
env:
# some scripts source tox-lsr scripts - suppress that check
SHELLCHECK_OPTS: -e SC1091
jobs:
shellcheck:
runs-on: ubuntu-latest
steps:
- name: Update git
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install -y git
- name: Checkout repo
uses: actions/checkout@v3
- name: Run ShellCheck
id: shellcheck_id
uses: ludeeus/action-shellcheck@master
- name: Show file paths scanned
run: |
echo Files scanned:
echo "${{ steps.shellcheck_id.outputs.files }}"

69
.github/workflows/weekly_ci.yml vendored
View file

@ -2,64 +2,69 @@
name: Weekly CI trigger
on: # yamllint disable-line rule:truthy
workflow_dispatch:
schedule:
- cron: 0 12 * * 6
env:
BRANCH_NAME: "weekly-ci"
COMMIT_MESSAGE: "Weekly CI check"
BRANCH_NAME: weekly-ci
COMMIT_MESSAGE: This PR is to trigger periodic CI testing
BODY_MESSAGE: >-
This PR is for the purpose of triggering periodic CI testing.
We don't currently have a way to trigger CI without a PR,
so this PR serves that purpose.
COMMENT: "[citest]"
jobs:
weekly_ci:
runs-on: ubuntu-latest
steps:
- name: Delete the previous branch if exists
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const response = await github.rest.git.listMatchingRefs({
owner: context.repo.owner,
repo: context.repo.repo,
branch: "heads/${{ env.BRANCH_NAME }}",
});
for (ref in response.data){
if (response.data[ref].ref == "refs/heads/${{ env.BRANCH_NAME }}"){
console.log("deleting branch");
console.log(response.data[ref]);
await github.rest.git.deleteRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: "heads/${{ env.BRANCH_NAME }}",
});
}
}
- name: Update pip, git
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install -y git
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Create and push empty commit
run: |
set -euxo pipefail
git config --global user.name "github-actions[bot]"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git checkout -b weekly-ci
git checkout ${{ env.BRANCH_NAME }} || git checkout -b ${{ env.BRANCH_NAME }}
git rebase main
git commit --allow-empty -m "${{ env.COMMIT_MESSAGE }}"
git push --set-upstream origin ${{ env.BRANCH_NAME }}
git push -f --set-upstream origin ${{ env.BRANCH_NAME }}
- name: Create and comment pull request
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GH_PUSH_TOKEN }}
script: |
const response = await github.rest.pulls.create({
const head = [context.repo.owner, ":", "${{ env.BRANCH_NAME }}"].join("");
const response = await github.rest.pulls.list({
owner: context.repo.owner,
repo: context.repo.repo,
title: "${{ env.COMMIT_MESSAGE }}",
head: "${{ env.BRANCH_NAME }}",
base: context.ref
head: head,
base: context.ref,
state: "open"
});
if (response.data.length === 0) {
const response = await github.rest.pulls.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: "${{ env.COMMIT_MESSAGE }}",
body: "${{ env.BODY_MESSAGE }}",
head: "${{ env.BRANCH_NAME }}",
base: context.ref,
draft: true
});
var pr_number = response.data.number;
} else {
var pr_number = response.data[0].number;
}
github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: response.data.number,
issue_number: pr_number,
body: "${{ env.COMMENT }}",
});

45
.yamllint.yml
View file

@ -1,50 +1,55 @@
# SPDX-License-Identifier: MIT
---
extends: default
# possible customizations over the base yamllint config
# skip the yaml files in the /tests/ directory
# NOTE: If you want to customize `ignore` you'll have to
# copy in all of the config from .yamllint.yml, then
# add your own - so if you want to just add /tests/ to
# be ignored, you'll have to add the ignores from the base
# ignore: |
# /tests/
# /.tox/
# skip checking line length
# NOTE: the above does not apply to `rules` - you do not
# have to copy all of the rules from the base config
# rules:
# line-length: disable
ignore: |
/.tox/
tests/roles/
.tox/
rules:
braces:
max-spaces-inside: 1
level: error
max-spaces-inside: 1
brackets:
max-spaces-inside: 1
level: error
truthy: disable
max-spaces-inside: 1
document-start: disable
line-length:
ignore: |
/tests/tasks/setup_mock_wifi_wpa3_owe.yml
ignore: '/tests/tasks/setup_mock_wifi_wpa3_owe.yml
/tests/tasks/setup_mock_wifi_wpa3_sae.yml
/tests/tests_ethtool_coalesce_initscripts.yml
/tests/tests_ethtool_ring_initscripts.yml
/tests/tests_team_plugin_installation_nm.yml
/tests/tests_wireless_plugin_installation_nm.yml
/tests/tests_wireless_wpa3_owe_nm.yml
/tests/tasks/setup_mock_wifi_wpa3_owe.yml
/tests/tests_auto_gateway_initscripts.yml
/tests/tests_bond_deprecated_initscripts.yml
/tests/tests_ethtool_features_initscripts.yml
/tests/tests_wireless_wpa3_sae_nm.yml
/tests/tests_eth_pci_address_match_nm.yml
/tests/playbooks/tests_eth_pci_address_match.yml
/tests/tasks/setup_802_1x_server.yml
/tests/tests_bond_removal_initscripts.yml
/tests/tests_bond_cloned_mac_initscripts.yml
/tests/tests_bridge_cloned_mac_initscripts.yml
/tests/tests_bridge_cloned_mac_nm.yml
'
truthy: disable