summaryrefslogtreecommitdiffstats
path: root/roles/openshift_master_facts
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2018-01-11 18:43:36 -0500
committerGitHub <noreply@github.com>2018-01-11 18:43:36 -0500
commitfa649787c6a19bbfffb16d9cce3f8e3f7de5a8a1 (patch)
tree6c891a58fb0642d9e0f7399f139940fe46c919e9 /roles/openshift_master_facts
parentfdc5829d6ca252e1574278cd1dc50e932378d98d (diff)
parentd3fefc32a727fe3c13159c4e9fe4399f35b487a8 (diff)
downloadopenshift-fa649787c6a19bbfffb16d9cce3f8e3f7de5a8a1.tar.gz
openshift-fa649787c6a19bbfffb16d9cce3f8e3f7de5a8a1.tar.bz2
openshift-fa649787c6a19bbfffb16d9cce3f8e3f7de5a8a1.tar.xz
openshift-fa649787c6a19bbfffb16d9cce3f8e3f7de5a8a1.zip
Merge pull request #6614 from mgugino-upstream-stage/plugins-to-lib-utils
Move more plugins to lib_utils
Diffstat (limited to 'roles/openshift_master_facts')
-rw-r--r--roles/openshift_master_facts/filter_plugins/openshift_master.py532
-rw-r--r--roles/openshift_master_facts/tasks/main.yml3
-rw-r--r--roles/openshift_master_facts/test/conftest.py54
-rw-r--r--roles/openshift_master_facts/test/openshift_master_facts_bad_input_tests.py57
-rw-r--r--roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py193
-rw-r--r--roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py167
6 files changed, 3 insertions, 1003 deletions
diff --git a/roles/openshift_master_facts/filter_plugins/openshift_master.py b/roles/openshift_master_facts/filter_plugins/openshift_master.py
deleted file mode 100644
index ff15f693b..000000000
--- a/roles/openshift_master_facts/filter_plugins/openshift_master.py
+++ /dev/null
@@ -1,532 +0,0 @@
-#!/usr/bin/python
-# -*- coding: utf-8 -*-
-'''
-Custom filters for use in openshift-master
-'''
-import copy
-import sys
-
-from ansible import errors
-from ansible.parsing.yaml.dumper import AnsibleDumper
-from ansible.plugins.filter.core import to_bool as ansible_bool
-
-# ansible.compat.six goes away with Ansible 2.4
-try:
- from ansible.compat.six import string_types, u
-except ImportError:
- from ansible.module_utils.six import string_types, u
-
-import yaml
-
-
-class IdentityProviderBase(object):
- """ IdentityProviderBase
-
- Attributes:
- name (str): Identity provider Name
- login (bool): Is this identity provider a login provider?
- challenge (bool): Is this identity provider a challenge provider?
- provider (dict): Provider specific config
- _idp (dict): internal copy of the IDP dict passed in
- _required (list): List of lists of strings for required attributes
- _optional (list): List of lists of strings for optional attributes
- _allow_additional (bool): Does this provider support attributes
- not in _required and _optional
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- # disabling this check since the number of instance attributes are
- # necessary for this class
- # pylint: disable=too-many-instance-attributes
- def __init__(self, api_version, idp):
- if api_version not in ['v1']:
- raise errors.AnsibleFilterError("|failed api version {0} unknown".format(api_version))
-
- self._idp = copy.deepcopy(idp)
-
- if 'name' not in self._idp:
- raise errors.AnsibleFilterError("|failed identity provider missing a name")
-
- if 'kind' not in self._idp:
- raise errors.AnsibleFilterError("|failed identity provider missing a kind")
-
- self.name = self._idp.pop('name')
- self.login = ansible_bool(self._idp.pop('login', False))
- self.challenge = ansible_bool(self._idp.pop('challenge', False))
- self.provider = dict(apiVersion=api_version, kind=self._idp.pop('kind'))
-
- mm_keys = ('mappingMethod', 'mapping_method')
- mapping_method = None
- for key in mm_keys:
- if key in self._idp:
- mapping_method = self._idp.pop(key)
- if mapping_method is None:
- mapping_method = self.get_default('mappingMethod')
- self.mapping_method = mapping_method
-
- valid_mapping_methods = ['add', 'claim', 'generate', 'lookup']
- if self.mapping_method not in valid_mapping_methods:
- raise errors.AnsibleFilterError("|failed unknown mapping method "
- "for provider {0}".format(self.__class__.__name__))
- self._required = []
- self._optional = []
- self._allow_additional = True
-
- @staticmethod
- def validate_idp_list(idp_list):
- ''' validates a list of idps '''
- names = [x.name for x in idp_list]
- if len(set(names)) != len(names):
- raise errors.AnsibleFilterError("|failed more than one provider configured with the same name")
-
- for idp in idp_list:
- idp.validate()
-
- def validate(self):
- ''' validate an instance of this idp class '''
- pass
-
- @staticmethod
- def get_default(key):
- ''' get a default value for a given key '''
- if key == 'mappingMethod':
- return 'claim'
- else:
- return None
-
- def set_provider_item(self, items, required=False):
- ''' set a provider item based on the list of item names provided. '''
- for item in items:
- provider_key = items[0]
- if item in self._idp:
- self.provider[provider_key] = self._idp.pop(item)
- break
- else:
- default = self.get_default(provider_key)
- if default is not None:
- self.provider[provider_key] = default
- elif required:
- raise errors.AnsibleFilterError("|failed provider {0} missing "
- "required key {1}".format(self.__class__.__name__, provider_key))
-
- def set_provider_items(self):
- ''' set the provider items for this idp '''
- for items in self._required:
- self.set_provider_item(items, True)
- for items in self._optional:
- self.set_provider_item(items)
- if self._allow_additional:
- for key in self._idp.keys():
- self.set_provider_item([key])
- else:
- if len(self._idp) > 0:
- raise errors.AnsibleFilterError("|failed provider {0} "
- "contains unknown keys "
- "{1}".format(self.__class__.__name__, ', '.join(self._idp.keys())))
-
- def to_dict(self):
- ''' translate this idp to a dictionary '''
- return dict(name=self.name, challenge=self.challenge,
- login=self.login, mappingMethod=self.mapping_method,
- provider=self.provider)
-
-
-class LDAPPasswordIdentityProvider(IdentityProviderBase):
- """ LDAPPasswordIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(LDAPPasswordIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
- self._required += [['attributes'], ['url'], ['insecure']]
- self._optional += [['ca'],
- ['bindDN', 'bind_dn'],
- ['bindPassword', 'bind_password']]
-
- self._idp['insecure'] = ansible_bool(self._idp.pop('insecure', False))
-
- if 'attributes' in self._idp and 'preferred_username' in self._idp['attributes']:
- pref_user = self._idp['attributes'].pop('preferred_username')
- self._idp['attributes']['preferredUsername'] = pref_user
-
- def validate(self):
- ''' validate this idp instance '''
- if not isinstance(self.provider['attributes'], dict):
- raise errors.AnsibleFilterError("|failed attributes for provider "
- "{0} must be a dictionary".format(self.__class__.__name__))
-
- attrs = ['id', 'email', 'name', 'preferredUsername']
- for attr in attrs:
- if attr in self.provider['attributes'] and not isinstance(self.provider['attributes'][attr], list):
- raise errors.AnsibleFilterError("|failed {0} attribute for "
- "provider {1} must be a list".format(attr, self.__class__.__name__))
-
- unknown_attrs = set(self.provider['attributes'].keys()) - set(attrs)
- if len(unknown_attrs) > 0:
- raise errors.AnsibleFilterError("|failed provider {0} has unknown "
- "attributes: {1}".format(self.__class__.__name__, ', '.join(unknown_attrs)))
-
-
-class KeystonePasswordIdentityProvider(IdentityProviderBase):
- """ KeystoneIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(KeystonePasswordIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
- self._required += [['url'], ['domainName', 'domain_name']]
- self._optional += [['ca'], ['certFile', 'cert_file'], ['keyFile', 'key_file']]
-
-
-class RequestHeaderIdentityProvider(IdentityProviderBase):
- """ RequestHeaderIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(RequestHeaderIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
- self._required += [['headers']]
- self._optional += [['challengeURL', 'challenge_url'],
- ['loginURL', 'login_url'],
- ['clientCA', 'client_ca'],
- ['clientCommonNames', 'client_common_names'],
- ['emailHeaders', 'email_headers'],
- ['nameHeaders', 'name_headers'],
- ['preferredUsernameHeaders', 'preferred_username_headers']]
-
- def validate(self):
- ''' validate this idp instance '''
- if not isinstance(self.provider['headers'], list):
- raise errors.AnsibleFilterError("|failed headers for provider {0} "
- "must be a list".format(self.__class__.__name__))
-
-
-class AllowAllPasswordIdentityProvider(IdentityProviderBase):
- """ AllowAllPasswordIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(AllowAllPasswordIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
-
-
-class DenyAllPasswordIdentityProvider(IdentityProviderBase):
- """ DenyAllPasswordIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(DenyAllPasswordIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
-
-
-class HTPasswdPasswordIdentityProvider(IdentityProviderBase):
- """ HTPasswdPasswordIdentity
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(HTPasswdPasswordIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
- self._required += [['file', 'filename', 'fileName', 'file_name']]
-
- @staticmethod
- def get_default(key):
- if key == 'file':
- return '/etc/origin/htpasswd'
- else:
- return IdentityProviderBase.get_default(key)
-
-
-class BasicAuthPasswordIdentityProvider(IdentityProviderBase):
- """ BasicAuthPasswordIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(BasicAuthPasswordIdentityProvider, self).__init__(api_version, idp)
- self._allow_additional = False
- self._required += [['url']]
- self._optional += [['ca'], ['certFile', 'cert_file'], ['keyFile', 'key_file']]
-
-
-class IdentityProviderOauthBase(IdentityProviderBase):
- """ IdentityProviderOauthBase
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- super(IdentityProviderOauthBase, self).__init__(api_version, idp)
- self._allow_additional = False
- self._required += [['clientID', 'client_id'], ['clientSecret', 'client_secret']]
-
- def validate(self):
- ''' validate an instance of this idp class '''
- pass
-
-
-class OpenIDIdentityProvider(IdentityProviderOauthBase):
- """ OpenIDIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- IdentityProviderOauthBase.__init__(self, api_version, idp)
- self._required += [['claims'], ['urls']]
- self._optional += [['ca'],
- ['extraScopes'],
- ['extraAuthorizeParameters']]
- if 'claims' in self._idp and 'preferred_username' in self._idp['claims']:
- pref_user = self._idp['claims'].pop('preferred_username')
- self._idp['claims']['preferredUsername'] = pref_user
- if 'urls' in self._idp and 'user_info' in self._idp['urls']:
- user_info = self._idp['urls'].pop('user_info')
- self._idp['urls']['userInfo'] = user_info
- if 'extra_scopes' in self._idp:
- self._idp['extraScopes'] = self._idp.pop('extra_scopes')
- if 'extra_authorize_parameters' in self._idp:
- self._idp['extraAuthorizeParameters'] = self._idp.pop('extra_authorize_parameters')
-
- def validate(self):
- ''' validate this idp instance '''
- if not isinstance(self.provider['claims'], dict):
- raise errors.AnsibleFilterError("|failed claims for provider {0} "
- "must be a dictionary".format(self.__class__.__name__))
-
- for var, var_type in (('extraScopes', list), ('extraAuthorizeParameters', dict)):
- if var in self.provider and not isinstance(self.provider[var], var_type):
- raise errors.AnsibleFilterError("|failed {1} for provider "
- "{0} must be a {2}".format(self.__class__.__name__,
- var,
- var_type.__class__.__name__))
-
- required_claims = ['id']
- optional_claims = ['email', 'name', 'preferredUsername']
- all_claims = required_claims + optional_claims
-
- for claim in required_claims:
- if claim in required_claims and claim not in self.provider['claims']:
- raise errors.AnsibleFilterError("|failed {0} claim missing "
- "for provider {1}".format(claim, self.__class__.__name__))
-
- for claim in all_claims:
- if claim in self.provider['claims'] and not isinstance(self.provider['claims'][claim], list):
- raise errors.AnsibleFilterError("|failed {0} claims for "
- "provider {1} must be a list".format(claim, self.__class__.__name__))
-
- unknown_claims = set(self.provider['claims'].keys()) - set(all_claims)
- if len(unknown_claims) > 0:
- raise errors.AnsibleFilterError("|failed provider {0} has unknown "
- "claims: {1}".format(self.__class__.__name__, ', '.join(unknown_claims)))
-
- if not isinstance(self.provider['urls'], dict):
- raise errors.AnsibleFilterError("|failed urls for provider {0} "
- "must be a dictionary".format(self.__class__.__name__))
-
- required_urls = ['authorize', 'token']
- optional_urls = ['userInfo']
- all_urls = required_urls + optional_urls
-
- for url in required_urls:
- if url not in self.provider['urls']:
- raise errors.AnsibleFilterError("|failed {0} url missing for "
- "provider {1}".format(url, self.__class__.__name__))
-
- unknown_urls = set(self.provider['urls'].keys()) - set(all_urls)
- if len(unknown_urls) > 0:
- raise errors.AnsibleFilterError("|failed provider {0} has unknown "
- "urls: {1}".format(self.__class__.__name__, ', '.join(unknown_urls)))
-
-
-class GoogleIdentityProvider(IdentityProviderOauthBase):
- """ GoogleIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- IdentityProviderOauthBase.__init__(self, api_version, idp)
- self._optional += [['hostedDomain', 'hosted_domain']]
-
- def validate(self):
- ''' validate this idp instance '''
- if self.challenge:
- raise errors.AnsibleFilterError("|failed provider {0} does not "
- "allow challenge authentication".format(self.__class__.__name__))
-
-
-class GitHubIdentityProvider(IdentityProviderOauthBase):
- """ GitHubIdentityProvider
-
- Attributes:
-
- Args:
- api_version(str): OpenShift config version
- idp (dict): idp config dict
-
- Raises:
- AnsibleFilterError:
- """
- def __init__(self, api_version, idp):
- IdentityProviderOauthBase.__init__(self, api_version, idp)
- self._optional += [['organizations'],
- ['teams']]
-
- def validate(self):
- ''' validate this idp instance '''
- if self.challenge:
- raise errors.AnsibleFilterError("|failed provider {0} does not "
- "allow challenge authentication".format(self.__class__.__name__))
-
-
-class FilterModule(object):
- ''' Custom ansible filters for use by the openshift_master role'''
-
- @staticmethod
- def translate_idps(idps, api_version):
- ''' Translates a list of dictionaries into a valid identityProviders config '''
- idp_list = []
-
- if not isinstance(idps, list):
- raise errors.AnsibleFilterError("|failed expects to filter on a list of identity providers")
- for idp in idps:
- if not isinstance(idp, dict):
- raise errors.AnsibleFilterError("|failed identity providers must be a list of dictionaries")
-
- cur_module = sys.modules[__name__]
- idp_class = getattr(cur_module, idp['kind'], None)
- idp_inst = idp_class(api_version, idp) if idp_class is not None else IdentityProviderBase(api_version, idp)
- idp_inst.set_provider_items()
- idp_list.append(idp_inst)
-
- IdentityProviderBase.validate_idp_list(idp_list)
- return u(yaml.dump([idp.to_dict() for idp in idp_list],
- allow_unicode=True,
- default_flow_style=False,
- width=float("inf"),
- Dumper=AnsibleDumper))
-
- @staticmethod
- def certificates_to_synchronize(hostvars, include_keys=True, include_ca=True):
- ''' Return certificates to synchronize based on facts. '''
- if not issubclass(type(hostvars), dict):
- raise errors.AnsibleFilterError("|failed expects hostvars is a dict")
- certs = ['admin.crt',
- 'admin.key',
- 'admin.kubeconfig',
- 'master.kubelet-client.crt',
- 'master.kubelet-client.key',
- 'master.proxy-client.crt',
- 'master.proxy-client.key',
- 'service-signer.crt',
- 'service-signer.key']
- if bool(include_ca):
- certs += ['ca.crt', 'ca.key', 'ca-bundle.crt', 'client-ca-bundle.crt']
- if bool(include_keys):
- certs += ['serviceaccounts.private.key',
- 'serviceaccounts.public.key']
- return certs
-
- @staticmethod
- def oo_htpasswd_users_from_file(file_contents):
- ''' return a dictionary of htpasswd users from htpasswd file contents '''
- htpasswd_entries = {}
- if not isinstance(file_contents, string_types):
- raise errors.AnsibleFilterError("failed, expects to filter on a string")
- for line in file_contents.splitlines():
- user = None
- passwd = None
- if len(line) == 0:
- continue
- if ':' in line:
- user, passwd = line.split(':', 1)
-
- if user is None or len(user) == 0 or passwd is None or len(passwd) == 0:
- error_msg = "failed, expects each line to be a colon separated string representing the user and passwd"
- raise errors.AnsibleFilterError(error_msg)
- htpasswd_entries[user] = passwd
- return htpasswd_entries
-
- def filters(self):
- ''' returns a mapping of filters to methods '''
- return {"translate_idps": self.translate_idps,
- "certificates_to_synchronize": self.certificates_to_synchronize,
- "oo_htpasswd_users_from_file": self.oo_htpasswd_users_from_file}
diff --git a/roles/openshift_master_facts/tasks/main.yml b/roles/openshift_master_facts/tasks/main.yml
index 85d0ac25c..f450c916a 100644
--- a/roles/openshift_master_facts/tasks/main.yml
+++ b/roles/openshift_master_facts/tasks/main.yml
@@ -57,6 +57,7 @@
access_token_max_seconds: "{{ openshift_master_access_token_max_seconds | default(None) }}"
auth_token_max_seconds: "{{ openshift_master_auth_token_max_seconds | default(None) }}"
identity_providers: "{{ openshift_master_identity_providers | default(None) }}"
+ # oo_htpasswd_users_from_file is a custom filter in role lib_utils
htpasswd_users: "{{ openshift_master_htpasswd_users | default(lookup('file', openshift_master_htpasswd_file) | oo_htpasswd_users_from_file if openshift_master_htpasswd_file is defined else None) }}"
manage_htpasswd: "{{ openshift_master_manage_htpasswd | default(true) }}"
ldap_ca: "{{ openshift_master_ldap_ca | default(lookup('file', openshift_master_ldap_ca_file) if openshift_master_ldap_ca_file is defined else None) }}"
@@ -90,6 +91,8 @@
- name: Set Default scheduler predicates and priorities
set_fact:
+ # openshift_master_facts_default_predicates is a custom lookup plugin in
+ # role lib_utils
openshift_master_scheduler_default_predicates: "{{ lookup('openshift_master_facts_default_predicates') }}"
openshift_master_scheduler_default_priorities: "{{ lookup('openshift_master_facts_default_priorities') }}"
diff --git a/roles/openshift_master_facts/test/conftest.py b/roles/openshift_master_facts/test/conftest.py
deleted file mode 100644
index 140cced73..000000000
--- a/roles/openshift_master_facts/test/conftest.py
+++ /dev/null
@@ -1,54 +0,0 @@
-import os
-import sys
-
-import pytest
-
-sys.path.insert(1, os.path.join(os.path.dirname(__file__), os.pardir, "lookup_plugins"))
-
-from openshift_master_facts_default_predicates import LookupModule as PredicatesLookupModule # noqa: E402
-from openshift_master_facts_default_priorities import LookupModule as PrioritiesLookupModule # noqa: E402
-
-
-@pytest.fixture()
-def predicates_lookup():
- return PredicatesLookupModule()
-
-
-@pytest.fixture()
-def priorities_lookup():
- return PrioritiesLookupModule()
-
-
-@pytest.fixture()
-def facts():
- return {
- 'openshift': {
- 'common': {}
- }
- }
-
-
-@pytest.fixture(params=[True, False])
-def regions_enabled(request):
- return request.param
-
-
-@pytest.fixture(params=[True, False])
-def zones_enabled(request):
- return request.param
-
-
-def v_prefix(release):
- """Prefix a release number with 'v'."""
- return "v" + release
-
-
-def minor(release):
- """Add a suffix to release, making 'X.Y' become 'X.Y.Z'."""
- return release + ".1"
-
-
-@pytest.fixture(params=[str, v_prefix, minor])
-def release_mod(request):
- """Modifies a release string to alternative valid values."""
- return request.param
diff --git a/roles/openshift_master_facts/test/openshift_master_facts_bad_input_tests.py b/roles/openshift_master_facts/test/openshift_master_facts_bad_input_tests.py
deleted file mode 100644
index e8da1e04a..000000000
--- a/roles/openshift_master_facts/test/openshift_master_facts_bad_input_tests.py
+++ /dev/null
@@ -1,57 +0,0 @@
-import copy
-import os
-import sys
-
-from ansible.errors import AnsibleError
-import pytest
-
-sys.path.insert(1, os.path.join(os.path.dirname(__file__), os.pardir, "lookup_plugins"))
-
-from openshift_master_facts_default_predicates import LookupModule # noqa: E402
-
-
-class TestOpenShiftMasterFactsBadInput(object):
- lookup = LookupModule()
- default_facts = {
- 'openshift': {
- 'common': {}
- }
- }
-
- def test_missing_openshift_facts(self):
- with pytest.raises(AnsibleError):
- facts = {}
- self.lookup.run(None, variables=facts)
-
- def test_missing_deployment_type(self):
- with pytest.raises(AnsibleError):
- facts = copy.deepcopy(self.default_facts)
- facts['openshift']['common']['short_version'] = '10.10'
- self.lookup.run(None, variables=facts)
-
- def test_missing_short_version_and_missing_openshift_release(self):
- with pytest.raises(AnsibleError):
- facts = copy.deepcopy(self.default_facts)
- facts['openshift']['common']['deployment_type'] = 'origin'
- self.lookup.run(None, variables=facts)
-
- def test_unknown_deployment_types(self):
- with pytest.raises(AnsibleError):
- facts = copy.deepcopy(self.default_facts)
- facts['openshift']['common']['short_version'] = '1.1'
- facts['openshift']['common']['deployment_type'] = 'bogus'
- self.lookup.run(None, variables=facts)
-
- def test_unknown_origin_version(self):
- with pytest.raises(AnsibleError):
- facts = copy.deepcopy(self.default_facts)
- facts['openshift']['common']['short_version'] = '0.1'
- facts['openshift']['common']['deployment_type'] = 'origin'
- self.lookup.run(None, variables=facts)
-
- def test_unknown_ocp_version(self):
- with pytest.raises(AnsibleError):
- facts = copy.deepcopy(self.default_facts)
- facts['openshift']['common']['short_version'] = '0.1'
- facts['openshift']['common']['deployment_type'] = 'openshift-enterprise'
- self.lookup.run(None, variables=facts)
diff --git a/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py b/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py
deleted file mode 100644
index 11aad9f03..000000000
--- a/roles/openshift_master_facts/test/openshift_master_facts_default_predicates_tests.py
+++ /dev/null
@@ -1,193 +0,0 @@
-import pytest
-
-
-# Predicates ordered according to OpenShift Origin source:
-# origin/vendor/k8s.io/kubernetes/plugin/pkg/scheduler/algorithmprovider/defaults/defaults.go
-
-DEFAULT_PREDICATES_1_1 = [
- {'name': 'PodFitsHostPorts'},
- {'name': 'PodFitsResources'},
- {'name': 'NoDiskConflict'},
- {'name': 'MatchNodeSelector'},
-]
-
-DEFAULT_PREDICATES_1_2 = [
- {'name': 'PodFitsHostPorts'},
- {'name': 'PodFitsResources'},
- {'name': 'NoDiskConflict'},
- {'name': 'NoVolumeZoneConflict'},
- {'name': 'MatchNodeSelector'},
- {'name': 'MaxEBSVolumeCount'},
- {'name': 'MaxGCEPDVolumeCount'}
-]
-
-DEFAULT_PREDICATES_1_3 = [
- {'name': 'NoDiskConflict'},
- {'name': 'NoVolumeZoneConflict'},
- {'name': 'MaxEBSVolumeCount'},
- {'name': 'MaxGCEPDVolumeCount'},
- {'name': 'GeneralPredicates'},
- {'name': 'PodToleratesNodeTaints'},
- {'name': 'CheckNodeMemoryPressure'}
-]
-
-DEFAULT_PREDICATES_1_4 = [
- {'name': 'NoDiskConflict'},
- {'name': 'NoVolumeZoneConflict'},
- {'name': 'MaxEBSVolumeCount'},
- {'name': 'MaxGCEPDVolumeCount'},
- {'name': 'GeneralPredicates'},
- {'name': 'PodToleratesNodeTaints'},
- {'name': 'CheckNodeMemoryPressure'},
- {'name': 'CheckNodeDiskPressure'},
- {'name': 'MatchInterPodAffinity'}
-]
-
-DEFAULT_PREDICATES_1_5 = [
- {'name': 'NoVolumeZoneConflict'},
- {'name': 'MaxEBSVolumeCount'},
- {'name': 'MaxGCEPDVolumeCount'},
- {'name': 'MatchInterPodAffinity'},
- {'name': 'NoDiskConflict'},
- {'name': 'GeneralPredicates'},
- {'name': 'PodToleratesNodeTaints'},
- {'name': 'CheckNodeMemoryPressure'},
- {'name': 'CheckNodeDiskPressure'},
-]
-
-DEFAULT_PREDICATES_3_6 = DEFAULT_PREDICATES_1_5
-
-DEFAULT_PREDICATES_3_7 = [
- {'name': 'NoVolumeZoneConflict'},
- {'name': 'MaxEBSVolumeCount'},
- {'name': 'MaxGCEPDVolumeCount'},
- {'name': 'MaxAzureDiskVolumeCount'},
- {'name': 'MatchInterPodAffinity'},
- {'name': 'NoDiskConflict'},
- {'name': 'GeneralPredicates'},
- {'name': 'PodToleratesNodeTaints'},
- {'name': 'CheckNodeMemoryPressure'},
- {'name': 'CheckNodeDiskPressure'},
- {'name': 'NoVolumeNodeConflict'},
-]
-
-DEFAULT_PREDICATES_3_9 = DEFAULT_PREDICATES_3_8 = DEFAULT_PREDICATES_3_7
-
-REGION_PREDICATE = {
- 'name': 'Region',
- 'argument': {
- 'serviceAffinity': {
- 'labels': ['region']
- }
- }
-}
-
-TEST_VARS = [
- ('1.1', 'origin', DEFAULT_PREDICATES_1_1),
- ('3.1', 'openshift-enterprise', DEFAULT_PREDICATES_1_1),
- ('1.2', 'origin', DEFAULT_PREDICATES_1_2),
- ('3.2', 'openshift-enterprise', DEFAULT_PREDICATES_1_2),
- ('1.3', 'origin', DEFAULT_PREDICATES_1_3),
- ('3.3', 'openshift-enterprise', DEFAULT_PREDICATES_1_3),
- ('1.4', 'origin', DEFAULT_PREDICATES_1_4),
- ('3.4', 'openshift-enterprise', DEFAULT_PREDICATES_1_4),
- ('1.5', 'origin', DEFAULT_PREDICATES_1_5),
- ('3.5', 'openshift-enterprise', DEFAULT_PREDICATES_1_5),
- ('3.6', 'origin', DEFAULT_PREDICATES_3_6),
- ('3.6', 'openshift-enterprise', DEFAULT_PREDICATES_3_6),
- ('3.7', 'origin', DEFAULT_PREDICATES_3_7),
- ('3.7', 'openshift-enterprise', DEFAULT_PREDICATES_3_7),
- ('3.8', 'origin', DEFAULT_PREDICATES_3_8),
- ('3.8', 'openshift-enterprise', DEFAULT_PREDICATES_3_8),
- ('3.9', 'origin', DEFAULT_PREDICATES_3_9),
- ('3.9', 'openshift-enterprise', DEFAULT_PREDICATES_3_9),
-]
-
-
-def assert_ok(predicates_lookup, default_predicates, regions_enabled, **kwargs):
- results = predicates_lookup.run(None, regions_enabled=regions_enabled, **kwargs)
- if regions_enabled:
- assert results == default_predicates + [REGION_PREDICATE]
- else:
- assert results == default_predicates
-
-
-def test_openshift_version(predicates_lookup, openshift_version_fixture, regions_enabled):
- facts, default_predicates = openshift_version_fixture
- assert_ok(predicates_lookup, default_predicates, variables=facts, regions_enabled=regions_enabled)
-
-
-@pytest.fixture(params=TEST_VARS)
-def openshift_version_fixture(request, facts):
- version, deployment_type, default_predicates = request.param
- version += '.1'
- facts['openshift_version'] = version
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, default_predicates
-
-
-def test_openshift_release(predicates_lookup, openshift_release_fixture, regions_enabled):
- facts, default_predicates = openshift_release_fixture
- assert_ok(predicates_lookup, default_predicates, variables=facts, regions_enabled=regions_enabled)
-
-
-@pytest.fixture(params=TEST_VARS)
-def openshift_release_fixture(request, facts, release_mod):
- release, deployment_type, default_predicates = request.param
- facts['openshift_release'] = release_mod(release)
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, default_predicates
-
-
-def test_short_version(predicates_lookup, short_version_fixture, regions_enabled):
- facts, default_predicates = short_version_fixture
- assert_ok(predicates_lookup, default_predicates, variables=facts, regions_enabled=regions_enabled)
-
-
-@pytest.fixture(params=TEST_VARS)
-def short_version_fixture(request, facts):
- short_version, deployment_type, default_predicates = request.param
- facts['openshift']['common']['short_version'] = short_version
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, default_predicates
-
-
-def test_short_version_kwarg(predicates_lookup, short_version_kwarg_fixture, regions_enabled):
- facts, short_version, default_predicates = short_version_kwarg_fixture
- assert_ok(
- predicates_lookup, default_predicates, variables=facts,
- regions_enabled=regions_enabled, short_version=short_version)
-
-
-@pytest.fixture(params=TEST_VARS)
-def short_version_kwarg_fixture(request, facts):
- short_version, deployment_type, default_predicates = request.param
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, short_version, default_predicates
-
-
-def test_deployment_type_kwarg(predicates_lookup, deployment_type_kwarg_fixture, regions_enabled):
- facts, deployment_type, default_predicates = deployment_type_kwarg_fixture
- assert_ok(
- predicates_lookup, default_predicates, variables=facts,
- regions_enabled=regions_enabled, deployment_type=deployment_type)
-
-
-@pytest.fixture(params=TEST_VARS)
-def deployment_type_kwarg_fixture(request, facts):
- short_version, deployment_type, default_predicates = request.param
- facts['openshift']['common']['short_version'] = short_version
- return facts, deployment_type, default_predicates
-
-
-def test_short_version_deployment_type_kwargs(
- predicates_lookup, short_version_deployment_type_kwargs_fixture, regions_enabled):
- short_version, deployment_type, default_predicates = short_version_deployment_type_kwargs_fixture
- assert_ok(
- predicates_lookup, default_predicates, regions_enabled=regions_enabled,
- short_version=short_version, deployment_type=deployment_type)
-
-
-@pytest.fixture(params=TEST_VARS)
-def short_version_deployment_type_kwargs_fixture(request):
- return request.param
diff --git a/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py b/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py
deleted file mode 100644
index 527fc9ff4..000000000
--- a/roles/openshift_master_facts/test/openshift_master_facts_default_priorities_tests.py
+++ /dev/null
@@ -1,167 +0,0 @@
-import pytest
-
-
-DEFAULT_PRIORITIES_1_1 = [
- {'name': 'LeastRequestedPriority', 'weight': 1},
- {'name': 'BalancedResourceAllocation', 'weight': 1},
- {'name': 'SelectorSpreadPriority', 'weight': 1}
-]
-
-DEFAULT_PRIORITIES_1_2 = [
- {'name': 'LeastRequestedPriority', 'weight': 1},
- {'name': 'BalancedResourceAllocation', 'weight': 1},
- {'name': 'SelectorSpreadPriority', 'weight': 1},
- {'name': 'NodeAffinityPriority', 'weight': 1}
-]
-
-DEFAULT_PRIORITIES_1_3 = [
- {'name': 'LeastRequestedPriority', 'weight': 1},
- {'name': 'BalancedResourceAllocation', 'weight': 1},
- {'name': 'SelectorSpreadPriority', 'weight': 1},
- {'name': 'NodeAffinityPriority', 'weight': 1},
- {'name': 'TaintTolerationPriority', 'weight': 1}
-]
-
-DEFAULT_PRIORITIES_1_4 = [
- {'name': 'LeastRequestedPriority', 'weight': 1},
- {'name': 'BalancedResourceAllocation', 'weight': 1},
- {'name': 'SelectorSpreadPriority', 'weight': 1},
- {'name': 'NodePreferAvoidPodsPriority', 'weight': 10000},
- {'name': 'NodeAffinityPriority', 'weight': 1},
- {'name': 'TaintTolerationPriority', 'weight': 1},
- {'name': 'InterPodAffinityPriority', 'weight': 1}
-]
-
-DEFAULT_PRIORITIES_1_5 = [
- {'name': 'SelectorSpreadPriority', 'weight': 1},
- {'name': 'InterPodAffinityPriority', 'weight': 1},
- {'name': 'LeastRequestedPriority', 'weight': 1},
- {'name': 'BalancedResourceAllocation', 'weight': 1},
- {'name': 'NodePreferAvoidPodsPriority', 'weight': 10000},
- {'name': 'NodeAffinityPriority', 'weight': 1},
- {'name': 'TaintTolerationPriority', 'weight': 1}
-]
-
-DEFAULT_PRIORITIES_3_6 = DEFAULT_PRIORITIES_1_5
-
-DEFAULT_PRIORITIES_3_9 = DEFAULT_PRIORITIES_3_8 = DEFAULT_PRIORITIES_3_7 = DEFAULT_PRIORITIES_3_6
-
-ZONE_PRIORITY = {
- 'name': 'Zone',
- 'argument': {
- 'serviceAntiAffinity': {
- 'label': 'zone'
- }
- },
- 'weight': 2
-}
-
-TEST_VARS = [
- ('1.1', 'origin', DEFAULT_PRIORITIES_1_1),
- ('3.1', 'openshift-enterprise', DEFAULT_PRIORITIES_1_1),
- ('1.2', 'origin', DEFAULT_PRIORITIES_1_2),
- ('3.2', 'openshift-enterprise', DEFAULT_PRIORITIES_1_2),
- ('1.3', 'origin', DEFAULT_PRIORITIES_1_3),
- ('3.3', 'openshift-enterprise', DEFAULT_PRIORITIES_1_3),
- ('1.4', 'origin', DEFAULT_PRIORITIES_1_4),
- ('3.4', 'openshift-enterprise', DEFAULT_PRIORITIES_1_4),
- ('1.5', 'origin', DEFAULT_PRIORITIES_1_5),
- ('3.5', 'openshift-enterprise', DEFAULT_PRIORITIES_1_5),
- ('3.6', 'origin', DEFAULT_PRIORITIES_3_6),
- ('3.6', 'openshift-enterprise', DEFAULT_PRIORITIES_3_6),
- ('3.7', 'origin', DEFAULT_PRIORITIES_3_7),
- ('3.7', 'openshift-enterprise', DEFAULT_PRIORITIES_3_7),
- ('3.8', 'origin', DEFAULT_PRIORITIES_3_8),
- ('3.8', 'openshift-enterprise', DEFAULT_PRIORITIES_3_8),
- ('3.9', 'origin', DEFAULT_PRIORITIES_3_9),
- ('3.9', 'openshift-enterprise', DEFAULT_PRIORITIES_3_9),
-]
-
-
-def assert_ok(priorities_lookup, default_priorities, zones_enabled, **kwargs):
- results = priorities_lookup.run(None, zones_enabled=zones_enabled, **kwargs)
- if zones_enabled:
- assert results == default_priorities + [ZONE_PRIORITY]
- else:
- assert results == default_priorities
-
-
-def test_openshift_version(priorities_lookup, openshift_version_fixture, zones_enabled):
- facts, default_priorities = openshift_version_fixture
- assert_ok(priorities_lookup, default_priorities, variables=facts, zones_enabled=zones_enabled)
-
-
-@pytest.fixture(params=TEST_VARS)
-def openshift_version_fixture(request, facts):
- version, deployment_type, default_priorities = request.param
- version += '.1'
- facts['openshift_version'] = version
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, default_priorities
-
-
-def test_openshift_release(priorities_lookup, openshift_release_fixture, zones_enabled):
- facts, default_priorities = openshift_release_fixture
- assert_ok(priorities_lookup, default_priorities, variables=facts, zones_enabled=zones_enabled)
-
-
-@pytest.fixture(params=TEST_VARS)
-def openshift_release_fixture(request, facts, release_mod):
- release, deployment_type, default_priorities = request.param
- facts['openshift_release'] = release_mod(release)
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, default_priorities
-
-
-def test_short_version(priorities_lookup, short_version_fixture, zones_enabled):
- facts, default_priorities = short_version_fixture
- assert_ok(priorities_lookup, default_priorities, variables=facts, zones_enabled=zones_enabled)
-
-
-@pytest.fixture(params=TEST_VARS)
-def short_version_fixture(request, facts):
- short_version, deployment_type, default_priorities = request.param
- facts['openshift']['common']['short_version'] = short_version
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, default_priorities
-
-
-def test_short_version_kwarg(priorities_lookup, short_version_kwarg_fixture, zones_enabled):
- facts, short_version, default_priorities = short_version_kwarg_fixture
- assert_ok(
- priorities_lookup, default_priorities, variables=facts,
- zones_enabled=zones_enabled, short_version=short_version)
-
-
-@pytest.fixture(params=TEST_VARS)
-def short_version_kwarg_fixture(request, facts):
- short_version, deployment_type, default_priorities = request.param
- facts['openshift']['common']['deployment_type'] = deployment_type
- return facts, short_version, default_priorities
-
-
-def test_deployment_type_kwarg(priorities_lookup, deployment_type_kwarg_fixture, zones_enabled):
- facts, deployment_type, default_priorities = deployment_type_kwarg_fixture
- assert_ok(
- priorities_lookup, default_priorities, variables=facts,
- zones_enabled=zones_enabled, deployment_type=deployment_type)
-
-
-@pytest.fixture(params=TEST_VARS)
-def deployment_type_kwarg_fixture(request, facts):
- short_version, deployment_type, default_priorities = request.param
- facts['openshift']['common']['short_version'] = short_version
- return facts, deployment_type, default_priorities
-
-
-def test_short_version_deployment_type_kwargs(
- priorities_lookup, short_version_deployment_type_kwargs_fixture, zones_enabled):
- short_version, deployment_type, default_priorities = short_version_deployment_type_kwargs_fixture
- assert_ok(
- priorities_lookup, default_priorities, zones_enabled=zones_enabled,
- short_version=short_version, deployment_type=deployment_type)
-
-
-@pytest.fixture(params=TEST_VARS)
-def short_version_deployment_type_kwargs_fixture(request):
- return request.param