Improve bond test failure debugging
* put test setup into block/always so that cleanup happens for setup failures
* trace shell commands so that we can determine exactly which command failed
* add error reporting so that when certain commands fail, we can determine the error code
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Without purging the DNS testing config at the end
`tests_network_state.yml`, the managed hosts can not properly resolve
certain hosts (e.g. mirrors.fedoraproject.org, mirrors.centos.org )
in the package installation task of other tests.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
In order to guarantee each test is cleaned up properly in the end, it
is important to add a post-test check to each test checking that:
- Routes and DNS are restored.
- Network connectivity to certain hosts are preserved.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Sometimes the rpm download returns a 403, which is likely caused by
too many parallel jobs attempt the download from the same controller in
too short a period of time, so the epel server throttles additional
downloads - use a retry here to mitigate.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
This is fixed by tox-lsr 3.2.2 - all actions that use tox-lsr are updated to
3.2.2, not just the python unit tests, even though the fix is only related to
pytest. All roles are updated to use tox-lsr 3.2.2 for the sake of consistency
even if not affected by the pytest issue.
Something changed recently in the way github actions provisions systems which
means some of the directories are not readable by the python unit test actions.
In addition, the python unit tests were causing a lot of unnecessary directory
traversal doing collection/discovery of unit test files, because of using
`pytest -c /path/to/tox-lsr/pytest.ini` Unfortunately, with `pytest`, the
directory of the config file is the root directory for the tests and tests
discovery, and there is no way around this.
Therefore, the only solution is to copy the tox-lsr `pytest.ini` to the
`tests/unit` directory, which makes that the test root directory.
See also https://github.com/linux-system-roles/tox-lsr/pull/160
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Baseos CI runs different wireless tests in a sequence, the mock wifi
needs to be cleaned up properly at the end of each wireless test,
otherwise, it will cause the failure during the setup of mock wifi
for the next wireless test.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
It is useful and common practice to configure the routes with blackhole,
prohibit, and unreachable route types when users have BGP routing
setups.
Notice that this feature is only for nm provider using
`network_connections` variable. Configuring blackhole, prohibit, and
unreachable route types is also supported by using `network_state` since
nmstate version 2.2.20 (the setting name is `route-type`).
Resolves: https://issues.redhat.com/browse/RHEL-19579
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
The old ansible-community ansible-lint is deprecated. There is a
new ansible-lint github action.
The latest Ansible repo gating tests run ansible-lint against
the collection format instead of against individual roles.
We have to convert the role to collection format before running
ansible-test.
This also requires tox-lsr 3.2.1 - bump other actions to use 3.2.1
Role developers can run this locally using
`tox -e collection,ansible-lint-collection`
See https://github.com/linux-system-roles/tox-lsr/pull/125
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
The old ansible-community ansible-lint is deprecated. There is a
new ansible-lint github action. The new ansible-lint has several checks
related to ansible-test and the ignore files. Many of our ignore settings
are not allowed any more and are required to be fixed or addressed in the
Ansible preferred way.
The python imports have to be wrapped in a try/except ImportError, and
where possible, an error must be returned from the module explaining
what was not able to be imported.
The module documentation must comply with the Ansible standards. One
aspect of this is the `version_added` must be a valid ansible-core
version in X.Y.Z format. Note that this version isn't really used
anywhere, so it doesn't matter for users of the role, it is purely
an `ansible-test` and import gating issue.
The result of this is that the .sanity files can be reduced to the
bare minimum which will greatly reduce the maintenance burden of
those files, make it easier to support newer versions of Ansible,
and make it easier to import the system roles collection into Galaxy
and Automation Hub.
The latest Ansible repo gating tests run ansible-lint against
the collection format instead of against individual roles.
We have to convert the role to collection format before running
ansible-test.
Role developers can run this locally using
`tox -e collection,ansible-lint-collection`
See https://github.com/linux-system-roles/tox-lsr/pull/125
Add `---` doc start to .markdownlint.yaml
The file `examples/down_profile+delete_interface.yml`
was not used and was causing ansible-lint errors.
ansible-lint enforces the order of keywords in plays - `name`,
then `hosts`, then `vars`, then `tasks`.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Use the `#!/usr/bin/env bash` shebang which is ansible-test friendly.
This means we can remove get_ostree_data.sh from the .sanity* files.
This also means we can remove the .sanity* files if we do not need
them otherwise. Fix other shell scripts to use the friendly shebang
and remove from the .sanity* files.
Rename `pth` to `path` in honor of nscott
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Some variables used in the module code are not meaningful at all, which
might be hard to read and understand. Therefore, replace them with
meaningful variables.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Since the merge of nmstate commit 'nm dns: Support appending static DNS
before dynamic DNS' (https://github.com/nmstate/nmstate/pull/2438),
nmstate treats interface with `auto-dns: true` as valid to store DNS
and tries to use NetworkManager global DNS as much as possible. However,
in NM, `dns=systemd-resolved` does not support global DNS configuration,
because systemd-resolved only supports per-interface DNS servers (via
the D-Bus API). Therefore, write and validate the DNS configuration in
/run/NetworkManager/no-stub-resolv.conf, which contains the original
DNS settings pushed to the DNS plugin.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
The dependency on `ansible.utils.update_fact` is causing issue with
some users who now must install that collection in order to run
the role, even if they do not care about ostree.
The fix is to stop trying to set `ansible_facts.pkg_mgr`, and instead
force the use of the ostree package manager with the `package:` module
`use:` option. The strategy is - on ostree systems, set the flag
`__$ROLENAME_is_ostree` if the system is an ostree system. The flag
will either be undefined or `false` on non-ostree systems.
Then, change every invocation of the `package:` module like this:
```yaml
- name: Ensure required packages are present
package:
name: "{{ __$ROLENAME_packages }}"
state: present
use: "{{ (__$ROLENAME_is_ostree | d(false)) |
ternary('ansible.posix.rhel_rpm_ostree', omit) }}"
```
This should ensure that the `use:` parameter is not used if the system
is non-ostree. The goal is to make the ostree support as unobtrusive
as possible for non-ostree systems.
The user can also set `__$ROLENAME_is_ostree: true` in the inventory or play
if the user knows that ostree is being used and wants to skip the check.
Or, the user is concerned about the performance hit for ostree detection
on non-ostree systems, and sets `__$ROLENAME_is_ostree: false` to skip
the check.
The flag `__$ROLENAME_is_ostree` can also be used in the role or tests to
include or exclude tasks from being run on ostree systems.
This fix also improves error reporting in the `get_ostree_data.sh` script
when included roles cannot be found.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
`from 0.0.0.0/0` means from all IPv4 addresses, `from ::/0` means from
all IPv6 addresses. In NM, if `from` property is not specified in a
routing rule, NM still appends `from 0.0.0.0/0` or `from ::/0` to the
rule. NM also allows to specify `to 0.0.0.0/0` or `to ::/0` in a
routing rule, but the connection profiles will only show the `from`
setting for the rule.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
The changelog update for version 1.13.2 contains wrongly formatted
content which makes the changelog file update inconsistent from
previous release.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
This is primarily for the update to ansible-plugin-scan to
work with the upcoming ostree changes, but also includes
some minor fixes which affect ci.
3.1.0 was released but not used due to a bug fixed in 3.1.1
See full release notes for 3.1.0 and 3.1.1
https://github.com/linux-system-roles/tox-lsr/releases
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
This adds the dump_packages.py callback which will dump the
arguments to the `package` module (except for `state: absent`)
to the integration test run logs. The output looks like this:
`lsrpackages: pkg-a pkg-b ...`
We will have tooling which will scrape the logs to extract the
packages used at runtime and testing for all of the supported
combinations of distribution and version.
This also ensures the weekly-ci PR git commit message conforms
to commitlint.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
Since the root cause of the bond tests failure is already found and
fixed (by the commit 'fix: Add dhcp client package dependency for
initscripts provider'). Therefore, remove the bond tests tag `expfail`
and enable the bond tests in the downstream testing.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
Initscripts provider requires `/sbin/dhclient` to obtain DHCP address,
which is shipped in dhcp client package. But the managed hosts may not
already install the dhcp client package, thus, add it as the dependency
package for initscripts provider.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
`yum-config-manager` is provided by the yum-utils package, thus, install
the package as the dependency before using `yum-config-manager`.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
To avoid hard coded interface name used all over the place in
`tests_infiniband.yml`, specify a variable to hold the infiniband
interface name instead.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
- Consistently generate badges for GH workflows in README RHELPLAN-146921
- Run markdownlint on all .md files
- Add custom-woke-action if not used already
- Use woke from linux-system-roles/lsr-woke-action
Signed-off-by: Sergei Petrosian <spetrosi@redhat.com>
- markdownlint runs against README.md to avoid any issues with
converting it to HTML
- test_converting_readme converts README.md > HTML and uploads this test
artifact to ensure that conversion works fine
- build_docs converts README.md > HTML and pushes the result to the
docs branch to publish dosc to GitHub pages site.
- Fix markdown issues in README.md
Signed-off-by: Sergei Petrosian <spetrosi@redhat.com>
Cause: The comparison of the present facts with the required facts is
being done on unsorted lists.
Consequence: The comparison may fail if the only difference is the
order. Facts are gathered unnecessarily.
Fix: Use `difference` which works no matter what the order is. Ensure
that the fact gathering subsets used are the absolute minimum required.
Result: The role gathers only the facts it requires, and does
not unnecessarily gather facts.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
ansible-lint has recently added a check for this. It flags a lot of our test
code, and some of our role code that uses nested roles.
There is no easy way to disable it for these cases only. It would be a
tremendous amount of work to add `# noqa` comments everywhere.
The use of `.ansible-lint-ignore` would be a maintenance burden (cannot use
tests/tests_*.yml or other similar wildcard to match all test files), would
still issue a lot of warning messages, and would not solve all of the problems.
The only way for now is to skip this rule.
Signed-off-by: Rich Megginson <rmeggins@redhat.com>
