diff options
Diffstat (limited to 'roles/lib_openshift/src')
29 files changed, 1514 insertions, 137 deletions
diff --git a/roles/lib_openshift/src/ansible/oc_label.py b/roles/lib_openshift/src/ansible/oc_label.py index 28f004621..84c5e336a 100644 --- a/roles/lib_openshift/src/ansible/oc_label.py +++ b/roles/lib_openshift/src/ansible/oc_label.py @@ -10,7 +10,7 @@ def main(): state=dict(default='present', type='str', choices=['present', 'absent', 'list', 'add']), debug=dict(default=False, type='bool'), - kind=dict(default='node', type='str', required=True, + kind=dict(default='node', type='str', choices=['node', 'pod', 'namespace']), name=dict(default=None, type='str'), namespace=dict(default=None, type='str'), diff --git a/roles/lib_openshift/src/ansible/oc_process.py b/roles/lib_openshift/src/ansible/oc_process.py new file mode 100644 index 000000000..17cf865b7 --- /dev/null +++ b/roles/lib_openshift/src/ansible/oc_process.py @@ -0,0 +1,32 @@ +# pylint: skip-file +# flake8: noqa + + +def main(): + ''' + ansible oc module for processing templates + ''' + + module = AnsibleModule( + argument_spec=dict( + kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), + state=dict(default='present', type='str', choices=['present', 'list']), + debug=dict(default=False, type='bool'), + namespace=dict(default='default', type='str'), + template_name=dict(default=None, type='str'), + content=dict(default=None, type='str'), + params=dict(default=None, type='dict'), + create=dict(default=False, type='bool'), + reconcile=dict(default=True, type='bool'), + ), + supports_check_mode=True, + ) + + rval = OCProcess.run_ansible(module.params, module.check_mode) + if 'failed' in rval: + module.fail_json(**rval) + + module.exit_json(**rval) + +if __name__ == '__main__': + main() diff --git a/roles/lib_openshift/src/ansible/oc_route.py b/roles/lib_openshift/src/ansible/oc_route.py index c87e6738f..f2f5c5095 100644 --- a/roles/lib_openshift/src/ansible/oc_route.py +++ b/roles/lib_openshift/src/ansible/oc_route.py @@ -2,20 +2,6 @@ # flake8: noqa -def get_cert_data(path, content): - '''get the data for a particular value''' - if not path and not content: - return None - - rval = None - if path and os.path.exists(path) and os.access(path, os.R_OK): - rval = open(path).read() - elif content: - rval = content - - return rval - - # pylint: disable=too-many-branches def main(): ''' @@ -42,6 +28,7 @@ def main(): host=dict(default=None, type='str'), wildcard_policy=dict(default=None, type='str'), weight=dict(default=None, type='int'), + port=dict(default=None, type='int'), ), mutually_exclusive=[('dest_cacert_path', 'dest_cacert_content'), ('cacert_path', 'cacert_content'), @@ -49,30 +36,8 @@ def main(): ('key_path', 'key_content'), ], supports_check_mode=True, ) - files = {'destcacert': {'path': module.params['dest_cacert_path'], - 'content': module.params['dest_cacert_content'], - 'value': None, }, - 'cacert': {'path': module.params['cacert_path'], - 'content': module.params['cacert_content'], - 'value': None, }, - 'cert': {'path': module.params['cert_path'], - 'content': module.params['cert_content'], - 'value': None, }, - 'key': {'path': module.params['key_path'], - 'content': module.params['key_content'], - 'value': None, }, } - - if module.params['tls_termination']: - for key, option in files.items(): - if key == 'destcacert' and module.params['tls_termination'] != 'reencrypt': - continue - - option['value'] = get_cert_data(option['path'], option['content']) - - if not option['value']: - module.fail_json(msg='Verify that you pass a value for %s' % key) - results = OCRoute.run_ansible(module.params, files, module.check_mode) + results = OCRoute.run_ansible(module.params, module.check_mode) if 'failed' in results: module.fail_json(**results) diff --git a/roles/lib_openshift/src/class/oc_obj.py b/roles/lib_openshift/src/class/oc_obj.py index 9d0b8e45b..2ec20e72c 100644 --- a/roles/lib_openshift/src/class/oc_obj.py +++ b/roles/lib_openshift/src/class/oc_obj.py @@ -49,7 +49,7 @@ class OCObject(OpenShiftCLI): return self._create(files[0]) content['data'] = yaml.dump(content['data']) - content_file = Utils.create_files_from_contents(content)[0] + content_file = Utils.create_tmp_files_from_contents(content)[0] return self._create(content_file['path']) diff --git a/roles/lib_openshift/src/class/oc_process.py b/roles/lib_openshift/src/class/oc_process.py new file mode 100644 index 000000000..80d81448d --- /dev/null +++ b/roles/lib_openshift/src/class/oc_process.py @@ -0,0 +1,188 @@ +# pylint: skip-file +# flake8: noqa + + +# pylint: disable=too-many-instance-attributes +class OCProcess(OpenShiftCLI): + ''' Class to wrap the oc command line tools ''' + + # pylint allows 5. we need 6 + # pylint: disable=too-many-arguments + def __init__(self, + namespace, + tname=None, + params=None, + create=False, + kubeconfig='/etc/origin/master/admin.kubeconfig', + tdata=None, + verbose=False): + ''' Constructor for OpenshiftOC ''' + super(OCProcess, self).__init__(namespace, kubeconfig) + self.namespace = namespace + self.name = tname + self.data = tdata + self.params = params + self.create = create + self.kubeconfig = kubeconfig + self.verbose = verbose + self._template = None + + @property + def template(self): + '''template property''' + if self._template is None: + results = self._process(self.name, False, self.params, self.data) + if results['returncode'] != 0: + raise OpenShiftCLIError('Error processing template [%s].' % self.name) + self._template = results['results']['items'] + + return self._template + + def get(self): + '''get the template''' + results = self._get('template', self.name) + if results['returncode'] != 0: + # Does the template exist?? + if 'not found' in results['stderr']: + results['returncode'] = 0 + results['exists'] = False + results['results'] = [] + + return results + + def delete(self, obj): + '''delete a resource''' + return self._delete(obj['kind'], obj['metadata']['name']) + + def create_obj(self, obj): + '''create a resource''' + return self._create_from_content(obj['metadata']['name'], obj) + + def process(self, create=None): + '''process a template''' + do_create = False + if create != None: + do_create = create + else: + do_create = self.create + + return self._process(self.name, do_create, self.params, self.data) + + def exists(self): + '''return whether the template exists''' + # Always return true if we're being passed template data + if self.data: + return True + t_results = self._get('template', self.name) + + if t_results['returncode'] != 0: + # Does the template exist?? + if 'not found' in t_results['stderr']: + return False + else: + raise OpenShiftCLIError('Something went wrong. %s' % t_results) + + return True + + def needs_update(self): + '''attempt to process the template and return it for comparison with oc objects''' + obj_results = [] + for obj in self.template: + + # build a list of types to skip + skip = [] + + if obj['kind'] == 'ServiceAccount': + skip.extend(['secrets', 'imagePullSecrets']) + if obj['kind'] == 'BuildConfig': + skip.extend(['lastTriggeredImageID']) + if obj['kind'] == 'ImageStream': + skip.extend(['generation']) + if obj['kind'] == 'DeploymentConfig': + skip.extend(['lastTriggeredImage']) + + # fetch the current object + curr_obj_results = self._get(obj['kind'], obj['metadata']['name']) + if curr_obj_results['returncode'] != 0: + # Does the template exist?? + if 'not found' in curr_obj_results['stderr']: + obj_results.append((obj, True)) + continue + + # check the generated object against the existing object + if not Utils.check_def_equal(obj, curr_obj_results['results'][0], skip_keys=skip): + obj_results.append((obj, True)) + continue + + obj_results.append((obj, False)) + + return obj_results + + # pylint: disable=too-many-return-statements + @staticmethod + def run_ansible(params, check_mode): + '''run the ansible idempotent code''' + + ocprocess = OCProcess(params['namespace'], + params['template_name'], + params['params'], + params['create'], + kubeconfig=params['kubeconfig'], + tdata=params['content'], + verbose=params['debug']) + + state = params['state'] + + api_rval = ocprocess.get() + + if state == 'list': + if api_rval['returncode'] != 0: + return {"failed": True, "msg" : api_rval} + + return {"changed" : False, "results": api_rval, "state": "list"} + + elif state == 'present': + if check_mode and params['create']: + return {"changed": True, 'msg': "CHECK_MODE: Would have processed template."} + + if not ocprocess.exists() or not params['reconcile']: + #FIXME: this code will never get run in a way that succeeds when + # module.params['reconcile'] is true. Because oc_process doesn't + # create the actual template, the check of ocprocess.exists() + # is meaningless. Either it's already here and this code + # won't be run, or this code will fail because there is no + # template available for oc process to use. Have we conflated + # the template's existence with the existence of the objects + # it describes? + + # Create it here + api_rval = ocprocess.process() + if api_rval['returncode'] != 0: + return {"failed": True, "msg": api_rval} + + if params['create']: + return {"changed": True, "results": api_rval, "state": "present"} + + return {"changed": False, "results": api_rval, "state": "present"} + + # verify results + update = False + rval = [] + all_results = ocprocess.needs_update() + for obj, status in all_results: + if status: + ocprocess.delete(obj) + results = ocprocess.create_obj(obj) + results['kind'] = obj['kind'] + rval.append(results) + update = True + + if not update: + return {"changed": update, "results": api_rval, "state": "present"} + + for cmd in rval: + if cmd['returncode'] != 0: + return {"failed": True, "changed": update, "results": rval, "state": "present"} + + return {"changed": update, "results": rval, "state": "present"} + diff --git a/roles/lib_openshift/src/class/oc_route.py b/roles/lib_openshift/src/class/oc_route.py index 42af2c01c..42388ad0b 100644 --- a/roles/lib_openshift/src/class/oc_route.py +++ b/roles/lib_openshift/src/class/oc_route.py @@ -64,9 +64,23 @@ class OCRoute(OpenShiftCLI): skip = [] return not Utils.check_def_equal(self.config.data, self.route.yaml_dict, skip_keys=skip, debug=True) + @staticmethod + def get_cert_data(path, content): + '''get the data for a particular value''' + if not path and not content: + return None + + rval = None + if path and os.path.exists(path) and os.access(path, os.R_OK): + rval = open(path).read() + elif content: + rval = content + + return rval + # pylint: disable=too-many-return-statements,too-many-branches @staticmethod - def run_ansible(params, files, check_mode=False): + def run_ansible(params, check_mode=False): ''' run the idempotent asnible code params comes from the ansible portion for this module @@ -78,6 +92,30 @@ class OCRoute(OpenShiftCLI): } check_mode: does the module support check mode. (module.check_mode) ''' + files = {'destcacert': {'path': params['dest_cacert_path'], + 'content': params['dest_cacert_content'], + 'value': None, }, + 'cacert': {'path': params['cacert_path'], + 'content': params['cacert_content'], + 'value': None, }, + 'cert': {'path': params['cert_path'], + 'content': params['cert_content'], + 'value': None, }, + 'key': {'path': params['key_path'], + 'content': params['key_content'], + 'value': None, }, } + + if params['tls_termination'] and params['tls_termination'].lower() != 'passthrough': # E501 + + for key, option in files.items(): + if key == 'destcacert' and params['tls_termination'] != 'reencrypt': + continue + + option['value'] = OCRoute.get_cert_data(option['path'], option['content']) # E501 + + if not option['value']: + return {'failed': True, + 'msg': 'Verify that you pass a value for %s' % key} rconfig = RouteConfig(params['name'], params['namespace'], @@ -90,7 +128,8 @@ class OCRoute(OpenShiftCLI): params['tls_termination'], params['service_name'], params['wildcard_policy'], - params['weight']) + params['weight'], + params['port']) oc_route = OCRoute(rconfig, verbose=params['debug']) diff --git a/roles/lib_openshift/src/class/oc_secret.py b/roles/lib_openshift/src/class/oc_secret.py index 40b2aa4d1..e99999c37 100644 --- a/roles/lib_openshift/src/class/oc_secret.py +++ b/roles/lib_openshift/src/class/oc_secret.py @@ -48,7 +48,7 @@ class OCSecret(OpenShiftCLI): def create(self, files=None, contents=None): '''Create a secret ''' if not files: - files = Utils.create_files_from_contents(contents) + files = Utils.create_tmp_files_from_contents(contents) secrets = ["%s=%s" % (sfile['name'], sfile['path']) for sfile in files] cmd = ['secrets', 'new', self.name] @@ -81,7 +81,7 @@ class OCSecret(OpenShiftCLI): This is accomplished by passing -ojson. This will most likely change in the future ''' if not files: - files = Utils.create_files_from_contents(contents) + files = Utils.create_tmp_files_from_contents(contents) secrets = ["%s=%s" % (sfile['name'], sfile['path']) for sfile in files] cmd = ['-ojson', 'secrets', 'new', self.name] @@ -132,7 +132,7 @@ class OCSecret(OpenShiftCLI): if params['files']: files = params['files'] elif params['contents']: - files = Utils.create_files_from_contents(params['contents']) + files = Utils.create_tmp_files_from_contents(params['contents']) else: return {'failed': True, 'msg': 'Either specify files or contents.'} @@ -146,7 +146,7 @@ class OCSecret(OpenShiftCLI): return {'changed': True, 'msg': 'Would have performed a create.'} - api_rval = ocsecret.create(params['files'], params['contents']) + api_rval = ocsecret.create(files, params['contents']) # Remove files if files and params['delete_after']: diff --git a/roles/lib_openshift/src/doc/process b/roles/lib_openshift/src/doc/process new file mode 100644 index 000000000..86a854c07 --- /dev/null +++ b/roles/lib_openshift/src/doc/process @@ -0,0 +1,84 @@ +# flake8: noqa +# pylint: skip-file + +DOCUMENTATION = ''' +--- +module: oc_process +short_description: Module to process openshift templates +description: + - Process openshift templates programmatically. +options: + state: + description: + - State has a few different meanings when it comes to process. + - state: present - This state runs an `oc process <template>`. When used in + - conjunction with 'create: True' the process will be piped to | oc create -f + - state: absent - will remove a template + - state: list - will perform an `oc get template <template_name>` + default: present + choices: ["present", "absent", "list"] + aliases: [] + kubeconfig: + description: + - The path for the kubeconfig file to use for authentication + required: false + default: /etc/origin/master/admin.kubeconfig + aliases: [] + debug: + description: + - Turn on debug output. + required: false + default: False + aliases: [] + template_name: + description: + - Name of the openshift template that is being processed. + required: false + default: None + aliases: [] + namespace: + description: + - The namespace where the template lives. + required: false + default: default + aliases: [] + content: + description: + - Template content that will be processed. + required: false + default: None + aliases: [] + params: + description: + - A list of parameters that will be inserted into the template. + required: false + default: None + aliases: [] + create: + description: + - Whether or not to create the template after being processed. e.g. oc process | oc create -f - + required: False + default: False + aliases: [] + reconcile: + description: + - Whether or not to attempt to determine if there are updates or changes in the incoming template. + default: true + aliases: [] +author: +- "Kenny Woodson <kwoodson@redhat.com>" +extends_documentation_fragment: [] +''' + +EXAMPLES = ''' +- name: process the cloud volume provisioner template with variables + oc_process: + namespace: openshift-infra + template_name: online-volume-provisioner + create: True + params: + PLAT: rhel7 + register: processout + run_once: true +- debug: var=processout +''' diff --git a/roles/lib_openshift/src/doc/route b/roles/lib_openshift/src/doc/route index 1797d4d33..a12999c9e 100644 --- a/roles/lib_openshift/src/doc/route +++ b/roles/lib_openshift/src/doc/route @@ -99,6 +99,12 @@ options: required: false default: None aliases: [] + port: + description: + - The Name of the service port or number of the container port the route will route traffic to + required: false + default: None + aliases: [] author: - "Kenny Woodson <kwoodson@redhat.com>" extends_documentation_fragment: [] diff --git a/roles/lib_openshift/src/lib/base.py b/roles/lib_openshift/src/lib/base.py index 55f7d3146..a895b40b3 100644 --- a/roles/lib_openshift/src/lib/base.py +++ b/roles/lib_openshift/src/lib/base.py @@ -20,7 +20,7 @@ class OpenShiftCLI(object): ''' Constructor for OpenshiftCLI ''' self.namespace = namespace self.verbose = verbose - self.kubeconfig = kubeconfig + self.kubeconfig = Utils.create_tmpfile_copy(kubeconfig) self.all_namespaces = all_namespaces # Pylint allows only 5 arguments to be passed. @@ -31,7 +31,8 @@ class OpenShiftCLI(object): if not res['results']: return res - fname = '/tmp/%s' % rname + fname = Utils.create_tmpfile(rname + '-') + yed = Yedit(fname, res['results'][0], separator=sep) changes = [] for key, value in content.items(): @@ -55,7 +56,7 @@ class OpenShiftCLI(object): def _create_from_content(self, rname, content): '''create a temporary file and then call oc create on it''' - fname = '/tmp/%s' % rname + fname = Utils.create_tmpfile(rname + '-') yed = Yedit(fname, content=content) yed.write() @@ -98,7 +99,7 @@ class OpenShiftCLI(object): if results['returncode'] != 0 or not create: return results - fname = '/tmp/%s' % template_name + fname = Utils.create_tmpfile(template_name + '-') yed = Yedit(fname, results['results']) yed.write() @@ -279,32 +280,61 @@ class OpenShiftCLI(object): class Utils(object): ''' utilities for openshiftcli modules ''' + + @staticmethod + def _write(filename, contents): + ''' Actually write the file contents to disk. This helps with mocking. ''' + + with open(filename, 'w') as sfd: + sfd.write(contents) + @staticmethod - def create_file(rname, data, ftype='yaml'): + def create_tmp_file_from_contents(rname, data, ftype='yaml'): ''' create a file in tmp with name and contents''' - path = os.path.join('/tmp', rname) - with open(path, 'w') as fds: - if ftype == 'yaml': - fds.write(yaml.dump(data, Dumper=yaml.RoundTripDumper)) - elif ftype == 'json': - fds.write(json.dumps(data)) - else: - fds.write(data) + tmp = Utils.create_tmpfile(prefix=rname) + + if ftype == 'yaml': + Utils._write(tmp, yaml.dump(data, Dumper=yaml.RoundTripDumper)) + elif ftype == 'json': + Utils._write(tmp, json.dumps(data)) + else: + Utils._write(tmp, data) # Register cleanup when module is done - atexit.register(Utils.cleanup, [path]) - return path + atexit.register(Utils.cleanup, [tmp]) + return tmp + + @staticmethod + def create_tmpfile_copy(inc_file): + '''create a temporary copy of a file''' + tmpfile = Utils.create_tmpfile('lib_openshift-') + Utils._write(tmpfile, open(inc_file).read()) + + # Cleanup the tmpfile + atexit.register(Utils.cleanup, [tmpfile]) + + return tmpfile + + @staticmethod + def create_tmpfile(prefix='tmp'): + ''' Generates and returns a temporary file name ''' + + with tempfile.NamedTemporaryFile(prefix=prefix, delete=False) as tmp: + return tmp.name @staticmethod - def create_files_from_contents(content, content_type=None): + def create_tmp_files_from_contents(content, content_type=None): '''Turn an array of dict: filename, content into a files array''' if not isinstance(content, list): content = [content] files = [] for item in content: - path = Utils.create_file(item['path'], item['data'], ftype=content_type) - files.append({'name': os.path.basename(path), 'path': path}) + path = Utils.create_tmp_file_from_contents(item['path'] + '-', + item['data'], + ftype=content_type) + files.append({'name': os.path.basename(item['path']), + 'path': path}) return files @staticmethod diff --git a/roles/lib_openshift/src/lib/import.py b/roles/lib_openshift/src/lib/import.py index c2b30e019..6344c1a54 100644 --- a/roles/lib_openshift/src/lib/import.py +++ b/roles/lib_openshift/src/lib/import.py @@ -12,6 +12,7 @@ import os import re import shutil import subprocess +import tempfile # pylint: disable=import-error import ruamel.yaml as yaml from ansible.module_utils.basic import AnsibleModule diff --git a/roles/lib_openshift/src/lib/route.py b/roles/lib_openshift/src/lib/route.py index 3130e7358..3b54a24fb 100644 --- a/roles/lib_openshift/src/lib/route.py +++ b/roles/lib_openshift/src/lib/route.py @@ -19,7 +19,8 @@ class RouteConfig(object): tls_termination=None, service_name=None, wildcard_policy=None, - weight=None): + weight=None, + port=None): ''' constructor for handling route options ''' self.kubeconfig = kubeconfig self.name = sname @@ -31,6 +32,7 @@ class RouteConfig(object): self.cert = cert self.key = key self.service_name = service_name + self.port = port self.data = {} self.wildcard_policy = wildcard_policy if wildcard_policy is None: @@ -55,12 +57,15 @@ class RouteConfig(object): if self.tls_termination: self.data['spec']['tls'] = {} + self.data['spec']['tls']['termination'] = self.tls_termination + + if self.tls_termination != 'passthrough': + self.data['spec']['tls']['key'] = self.key + self.data['spec']['tls']['caCertificate'] = self.cacert + self.data['spec']['tls']['certificate'] = self.cert + if self.tls_termination == 'reencrypt': self.data['spec']['tls']['destinationCACertificate'] = self.destcacert - self.data['spec']['tls']['key'] = self.key - self.data['spec']['tls']['caCertificate'] = self.cacert - self.data['spec']['tls']['certificate'] = self.cert - self.data['spec']['tls']['termination'] = self.tls_termination self.data['spec']['to'] = {'kind': 'Service', 'name': self.service_name, @@ -68,11 +73,16 @@ class RouteConfig(object): self.data['spec']['wildcardPolicy'] = self.wildcard_policy + if self.port: + self.data['spec']['port'] = {} + self.data['spec']['port']['targetPort'] = self.port + # pylint: disable=too-many-instance-attributes,too-many-public-methods class Route(Yedit): ''' Class to wrap the oc command line tools ''' wildcard_policy = "spec.wildcardPolicy" host_path = "spec.host" + port_path = "spec.port.targetPort" service_path = "spec.to.name" weight_path = "spec.to.weight" cert_path = "spec.tls.certificate" @@ -118,6 +128,10 @@ class Route(Yedit): ''' return host ''' return self.get(Route.host_path) + def get_port(self): + ''' return port ''' + return self.get(Route.port_path) + def get_wildcard_policy(self): ''' return wildcardPolicy ''' return self.get(Route.wildcard_policy) diff --git a/roles/lib_openshift/src/sources.yml b/roles/lib_openshift/src/sources.yml index aa02ce120..e9056655d 100644 --- a/roles/lib_openshift/src/sources.yml +++ b/roles/lib_openshift/src/sources.yml @@ -39,6 +39,16 @@ oc_obj.py: - class/oc_obj.py - ansible/oc_obj.py +oc_process.py: +- doc/generated +- doc/license +- lib/import.py +- doc/process +- ../../lib_utils/src/class/yedit.py +- lib/base.py +- class/oc_process.py +- ansible/oc_process.py + oc_route.py: - doc/generated - doc/license diff --git a/roles/lib_openshift/src/test/generate-and-run-tests.sh b/roles/lib_openshift/src/test/generate-and-run-tests.sh new file mode 100755 index 000000000..cd7571372 --- /dev/null +++ b/roles/lib_openshift/src/test/generate-and-run-tests.sh @@ -0,0 +1,54 @@ +#!/bin/bash -e + + +if [ $# -ne 1 ] ; then + echo "Usage: $(basename $0) <master name>" + exit 1 +fi + +MASTER=$1 + + + +# Put us in the same dir as the script. +cd $(dirname $0) + + +echo +echo "Running lib_utils generate-and-run-tests.sh" +echo "-------------------------------------------" +../../../lib_utils/src/test/generate-and-run-tests.sh + + +echo +echo "Running lib_openshift generate" +echo "------------------------------" +../generate.py + + +echo +echo "Running lib_openshift Unit Tests" +echo "----------------------------" +cd unit + +for test in *.py; do + echo + echo "--------------------------------------------------------------------------------" + echo + echo "Running $test..." + ./$test +done + + +echo +echo "Running lib_openshift Integration Tests" +echo "-----------------------------------" +cd ../integration + +for test in *.yml; do + echo + echo "--------------------------------------------------------------------------------" + echo + echo "Running $test..." + ./$test -vvv -e cli_master_test="$MASTER" +done diff --git a/roles/lib_openshift/src/test/integration/oadm_manage_node.yml b/roles/lib_openshift/src/test/integration/oadm_manage_node.yml index 69a701b17..3ee13a409 100755 --- a/roles/lib_openshift/src/test/integration/oadm_manage_node.yml +++ b/roles/lib_openshift/src/test/integration/oadm_manage_node.yml @@ -1,40 +1,51 @@ #!/usr/bin/ansible-playbook --module-path=../../../library/ -# ./oadm_manage_node.yml -M ../../../library -e "cli_master_test=$OPENSHIFT_MASTER cli_node_test=$OPENSHIFT_NODE +# +# ./oadm_manage_node.yml -e "cli_master_test=$OPENSHIFT_MASTER --- - hosts: "{{ cli_master_test }}" gather_facts: no user: root tasks: + - name: get list of nodes + oc_obj: + state: list + kind: node + register: obj_out + + - name: Set the node to work with + set_fact: + node_to_test: "{{ obj_out['results']['results'][0]['items'][0]['metadata']['name'] }}" + - name: list pods from a node oadm_manage_node: list_pods: True node: - - "{{ cli_node_test }}" + - "{{ node_to_test }}" register: podout - debug: var=podout - assert: - that: "'{{ cli_node_test }}' in podout.results.nodes" + that: "'{{ node_to_test }}' in podout.results.nodes" msg: Pod data was not returned - name: set node to unschedulable oadm_manage_node: schedulable: False node: - - "{{ cli_node_test }}" + - "{{ node_to_test }}" register: nodeout - debug: var=nodeout - name: assert that schedulable=False assert: that: nodeout.results.nodes[0]['schedulable'] == False - msg: "{{ cli_node_test }} schedulable set to True" + msg: "{{ node_to_test }} schedulable set to True" - name: get node scheduable oc_obj: kind: node state: list - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" namespace: None register: nodeout @@ -48,11 +59,11 @@ oadm_manage_node: schedulable: True node: - - "{{ cli_node_test }}" + - "{{ node_to_test }}" register: nodeout - debug: var=nodeout - name: assert that schedulable=False assert: that: nodeout.results.nodes[0]['schedulable'] - msg: "{{ cli_node_test }} schedulable set to False" + msg: "{{ node_to_test }} schedulable set to False" diff --git a/roles/lib_openshift/src/test/integration/oc_label.yml b/roles/lib_openshift/src/test/integration/oc_label.yml index ce9bc25bb..b4e721407 100755 --- a/roles/lib_openshift/src/test/integration/oc_label.yml +++ b/roles/lib_openshift/src/test/integration/oc_label.yml @@ -1,5 +1,7 @@ #!/usr/bin/ansible-playbook --module-path=../../../library/ -# ./oc_label.yml -e "cli_master_test=$OPENSHIFT_MASTER -e "cli_node_test=ip-172-0-31-1.ec2" +# +# ./oc_label.yml -e "cli_master_test=$OPENSHIFT_MASTER +# --- - hosts: "{{ cli_master_test }}" gather_facts: no @@ -15,16 +17,25 @@ msg: "{{ item }} not defined" when: "{{ item }} is not defined" with_items: - - cli_node_test # openshift node to be used to add/remove labels to - cli_master_test # ansible inventory instance to run playbook against tasks: + - name: get list of nodes + oc_obj: + state: list + kind: node + register: obj_out + + - name: Set the node to work with + set_fact: + node_to_test: "{{ obj_out['results']['results'][0]['items'][0]['metadata']['name'] }}" + - name: delete test labels (start from known starting position) oc_label: state: absent namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 - key: testlabel3 @@ -34,7 +45,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: original_labels - name: assert that testlabel2 and testlabel3 test labels don't exist assert: @@ -47,7 +58,7 @@ state: add namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 value: "yes" @@ -62,7 +73,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: assert that testlabel2 label actually added assert: @@ -75,7 +86,7 @@ state: add namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 value: "yes" @@ -90,7 +101,7 @@ state: add namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 value: "different" @@ -105,7 +116,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: assert that testlabel2 label actually modified assert: @@ -118,7 +129,7 @@ state: absent namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabelnone register: label_out @@ -132,7 +143,7 @@ state: absent namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 register: label_out @@ -146,7 +157,7 @@ state: absent namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 register: label_out @@ -160,7 +171,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: assert label actually deleted assert: @@ -172,7 +183,7 @@ state: add namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 value: "yes" @@ -189,7 +200,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: assert that both labels actually exist assert: @@ -204,7 +215,7 @@ state: absent namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 - key: testlabel3 @@ -219,7 +230,7 @@ state: absent namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: - key: testlabel2 - key: testlabel3 @@ -237,7 +248,7 @@ state: present namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: "{{ original_labels_as_key_value_list }}" register: label_out - name: assert that no changes are made when current list matches existing list @@ -250,7 +261,7 @@ state: present namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: "{{ original_labels_as_key_value_list + [{'key': 'testlabel2', 'value': 'yes'}] }}" register: label_out - name: assert that changes were made @@ -263,7 +274,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: asssert that new label was actually added assert: @@ -276,7 +287,7 @@ state: present namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: "{{ original_labels_as_key_value_list + [{'key': 'testlabel2', 'value': 'different'}]}}" register: label_out - name: assert that changes were made when existing key's value is changed @@ -289,7 +300,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: asssert that changed label was actually changed assert: @@ -302,7 +313,7 @@ state: present namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" labels: "{{ original_labels_as_key_value_list }}" register: label_out - name: assert that changes were made @@ -315,7 +326,7 @@ state: list namespace: "{{ def_namespace }}" kind: "{{ def_kind }}" - name: "{{ cli_node_test }}" + name: "{{ node_to_test }}" register: label_out - name: asssert that present-removed actually removed assert: diff --git a/roles/lib_openshift/src/test/integration/oc_process.yml b/roles/lib_openshift/src/test/integration/oc_process.yml new file mode 100755 index 000000000..7ea4c6b99 --- /dev/null +++ b/roles/lib_openshift/src/test/integration/oc_process.yml @@ -0,0 +1,83 @@ +#!/usr/bin/ansible-playbook --module-path=../../../library/:../../../../lib_utils/library + +--- +- hosts: "{{ cli_master_test }}" + gather_facts: no + user: root + vars: + template_name: mysql-ephemeral + ns_name: test + + post_tasks: + - name: get the mysql-ephemeral template + oc_obj: + name: mysql-ephemeral + state: list + namespace: openshift + kind: template + register: mysqltempl + + - name: fix namespace + yedit: + src: /tmp/mysql-template + key: metadata.namespace + value: test + backup: false + content: "{{ mysqltempl.results.results[0] | to_yaml }}" + + - name: create the test namespace + oc_obj: + name: test + state: present + namespace: test + kind: namespace + content: + path: /tmp/ns_test + data: + apiVersion: v1 + kind: Namespace + metadata: + name: test + spec: + finalizers: + - openshift.io/origin + - kubernetes + register: mysqltempl + + - name: create the mysql-ephemeral template + oc_obj: + name: mysql-ephemeral + state: present + namespace: test + kind: template + files: + - /tmp/mysql-template + delete_after: True + register: mysqltempl + + - name: process mysql-ephemeral + oc_process: + template_name: mysql-ephemeral + namespace: test + params: + NAMESPACE: test + DATABASE_SERVICE_NAME: testdb + create: False + reconcile: false + register: procout + + - assert: + that: + - not procout.changed + - procout.results.results['items'][0]['metadata']['name'] == 'testdb' + - procout.results.results['items'][0]['kind'] == 'Service' + - procout.results.results['items'][1]['metadata']['name'] == 'testdb' + - procout.results.results['items'][1]['kind'] == 'DeploymentConfig' + msg: process failed on template + + - name: remove namespace test + oc_obj: + kind: namespace + name: test + namespace: test + state: absent diff --git a/roles/lib_openshift/src/test/integration/oc_route.yml b/roles/lib_openshift/src/test/integration/oc_route.yml index 620d5d5e7..b9d635eaa 100755 --- a/roles/lib_openshift/src/test/integration/oc_route.yml +++ b/roles/lib_openshift/src/test/integration/oc_route.yml @@ -75,3 +75,43 @@ - assert: that: "routeout.changed == False" msg: Route create not idempotent + + - name: delete route + oc_route: + name: test + namespace: default + state: absent + register: routeout + + - name: create route + oc_route: + name: test + namespace: default + tls_termination: passthrough + service_name: test + host: test.example + port: 8443 + register: routeout + + - assert: + that: + - "routeout.changed == True" + - "routeout.results['results'][0]['spec']['port']['targetPort'] == 8443" + msg: Route create not idempotent + + - name: create route + oc_route: + name: test + namespace: default + tls_termination: passthrough + service_name: test + host: test.example + port: 8444 + register: routeout + - debug: var=routeout + + - assert: + that: + - "routeout.changed == True" + - "routeout.results.results[0]['spec']['port']['targetPort'] == 8444" + msg: Route update not idempotent diff --git a/roles/lib_openshift/src/test/integration/oc_service.yml b/roles/lib_openshift/src/test/integration/oc_service.yml index 616694382..3eb6facef 100755 --- a/roles/lib_openshift/src/test/integration/oc_service.yml +++ b/roles/lib_openshift/src/test/integration/oc_service.yml @@ -123,6 +123,6 @@ - assert: that: - svc_out.changed == False - - svc_out.results.returncode == 1 + - svc_out.results.returncode == 0 - "'not found' in svc_out.results.stderr" msg: service get failed diff --git a/roles/lib_openshift/src/test/unit/oadm_manage_node.py b/roles/lib_openshift/src/test/unit/oadm_manage_node.py index 8fd6f9c55..b0786dfac 100755 --- a/roles/lib_openshift/src/test/unit/oadm_manage_node.py +++ b/roles/lib_openshift/src/test/unit/oadm_manage_node.py @@ -35,8 +35,9 @@ class ManageNodeTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oadm_manage_node.Utils.create_tmpfile_copy') @mock.patch('oadm_manage_node.ManageNode.openshift_cmd') - def test_list_pods(self, mock_openshift_cmd): + def test_list_pods(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'node': ['ip-172-31-49-140.ec2.internal'], 'schedulable': None, @@ -106,6 +107,10 @@ class ManageNodeTest(unittest.TestCase): "returncode": 0} ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = ManageNode.run_ansible(params, False) # returned a single node @@ -113,8 +118,9 @@ class ManageNodeTest(unittest.TestCase): # returned 2 pods self.assertTrue(len(results['results']['nodes']['ip-172-31-49-140.ec2.internal']) == 2) + @mock.patch('oadm_manage_node.Utils.create_tmpfile_copy') @mock.patch('oadm_manage_node.ManageNode.openshift_cmd') - def test_schedulable_false(self, mock_openshift_cmd): + def test_schedulable_false(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'node': ['ip-172-31-49-140.ec2.internal'], 'schedulable': False, @@ -162,6 +168,11 @@ class ManageNodeTest(unittest.TestCase): "results": "NAME STATUS AGE\n" + "ip-172-31-49-140.ec2.internal Ready,SchedulingDisabled 5h\n", "returncode": 0}] + + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = ManageNode.run_ansible(params, False) self.assertTrue(results['changed']) diff --git a/roles/lib_openshift/src/test/unit/oc_label.py b/roles/lib_openshift/src/test/unit/oc_label.py index 3f7162070..3176987b0 100755 --- a/roles/lib_openshift/src/test/unit/oc_label.py +++ b/roles/lib_openshift/src/test/unit/oc_label.py @@ -35,8 +35,9 @@ class OCLabelTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oc_label.Utils.create_tmpfile_copy') @mock.patch('oc_label.OCLabel._run') - def test_state_list(self, mock_cmd): + def test_state_list(self, mock_cmd, mock_tmpfile_copy): ''' Testing a label list ''' params = {'name': 'default', 'namespace': 'default', @@ -82,13 +83,18 @@ class OCLabelTest(unittest.TestCase): (0, ns, ''), ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCLabel.run_ansible(params, False) self.assertFalse(results['changed']) self.assertTrue(results['results']['labels'] == [{'storage_pv_quota': 'False'}]) + @mock.patch('oc_label.Utils.create_tmpfile_copy') @mock.patch('oc_label.OCLabel._run') - def test_state_present(self, mock_cmd): + def test_state_present(self, mock_cmd, mock_tmpfile_copy): ''' Testing a label list ''' params = {'name': 'default', 'namespace': 'default', @@ -171,6 +177,10 @@ class OCLabelTest(unittest.TestCase): (0, ns1, ''), ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCLabel.run_ansible(params, False) self.assertTrue(results['changed']) diff --git a/roles/lib_openshift/src/test/unit/oc_process.py b/roles/lib_openshift/src/test/unit/oc_process.py new file mode 100755 index 000000000..450ff7071 --- /dev/null +++ b/roles/lib_openshift/src/test/unit/oc_process.py @@ -0,0 +1,483 @@ +#!/usr/bin/env python2 +''' + Unit tests for oc process +''' +# To run +# python -m unittest version +# +# . +# Ran 1 test in 0.597s +# +# OK + +import os +import sys +import unittest +import mock + +# Removing invalid variable names for tests so that I can +# keep them brief +# pylint: disable=invalid-name,no-name-in-module +# Disable import-error b/c our libraries aren't loaded in jenkins +# pylint: disable=import-error +# place class in our python path +module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library') # noqa: E501 +sys.path.insert(0, module_path) +from oc_process import OCProcess # noqa: E402 + + +# pylint: disable=too-many-public-methods +class OCProcessTest(unittest.TestCase): + ''' + Test class for OCProcess + ''' + mysql = '''{ + "kind": "Template", + "apiVersion": "v1", + "metadata": { + "name": "mysql-ephemeral", + "namespace": "openshift", + "selfLink": "/oapi/v1/namespaces/openshift/templates/mysql-ephemeral", + "uid": "fb8b5f04-e3d3-11e6-a982-0e84250fc302", + "resourceVersion": "480", + "creationTimestamp": "2017-01-26T14:30:27Z", + "annotations": { + "iconClass": "icon-mysql-database", + "openshift.io/display-name": "MySQL (Ephemeral)", + "tags": "database,mysql" + } + }, + "objects": [ + { + "apiVersion": "v1", + "kind": "Service", + "metadata": { + "creationTimestamp": null, + "name": "${DATABASE_SERVICE_NAME}" + }, + "spec": { + "ports": [ + { + "name": "mysql", + "nodePort": 0, + "port": 3306, + "protocol": "TCP", + "targetPort": 3306 + } + ], + "selector": { + "name": "${DATABASE_SERVICE_NAME}" + }, + "sessionAffinity": "None", + "type": "ClusterIP" + }, + "status": { + "loadBalancer": {} + } + }, + { + "apiVersion": "v1", + "kind": "DeploymentConfig", + "metadata": { + "creationTimestamp": null, + "name": "${DATABASE_SERVICE_NAME}" + }, + "spec": { + "replicas": 1, + "selector": { + "name": "${DATABASE_SERVICE_NAME}" + }, + "strategy": { + "type": "Recreate" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "name": "${DATABASE_SERVICE_NAME}" + } + }, + "spec": { + "containers": [ + { + "capabilities": {}, + "env": [ + { + "name": "MYSQL_USER", + "value": "${MYSQL_USER}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${MYSQL_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${MYSQL_DATABASE}" + } + ], + "image": " ", + "imagePullPolicy": "IfNotPresent", + "livenessProbe": { + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + }, + "timeoutSeconds": 1 + }, + "name": "mysql", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/sh", + "-i", + "-c", + "MYSQL_PWD=$MYSQL_PASSWORD mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'" + ] + }, + "initialDelaySeconds": 5, + "timeoutSeconds": 1 + }, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, + "securityContext": { + "capabilities": {}, + "privileged": false + }, + "terminationMessagePath": "/dev/termination-log", + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "${DATABASE_SERVICE_NAME}-data" + } + ] + } + ], + "dnsPolicy": "ClusterFirst", + "restartPolicy": "Always", + "volumes": [ + { + "emptyDir": { + "medium": "" + }, + "name": "${DATABASE_SERVICE_NAME}-data" + } + ] + } + }, + "triggers": [ + { + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "mysql" + ], + "from": { + "kind": "ImageStreamTag", + "name": "mysql:${MYSQL_VERSION}", + "namespace": "${NAMESPACE}" + }, + "lastTriggeredImage": "" + }, + "type": "ImageChange" + }, + { + "type": "ConfigChange" + } + ] + }, + "status": {} + } + ], + "parameters": [ + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "value": "512Mi" + }, + { + "name": "NAMESPACE", + "displayName": "Namespace", + "description": "The OpenShift Namespace where the ImageStream resides.", + "value": "openshift" + }, + { + "name": "DATABASE_SERVICE_NAME", + "displayName": "Database Service Name", + "description": "The name of the OpenShift Service exposed for the database.", + "value": "mysql", + "required": true + }, + { + "name": "MYSQL_USER", + "displayName": "MySQL Connection Username", + "description": "Username for MySQL user that will be used for accessing the database.", + "generate": "expression", + "from": "user[A-Z0-9]{3}", + "required": true + }, + { + "name": "MYSQL_PASSWORD", + "displayName": "MySQL Connection Password", + "description": "Password for the MySQL connection user.", + "generate": "expression", + "from": "[a-zA-Z0-9]{16}", + "required": true + }, + { + "name": "MYSQL_DATABASE", + "displayName": "MySQL Database Name", + "description": "Name of the MySQL database accessed.", + "value": "sampledb", + "required": true + }, + { + "name": "MYSQL_VERSION", + "displayName": "Version of MySQL Image", + "description": "Version of MySQL image to be used (5.5, 5.6 or latest).", + "value": "5.6", + "required": true + } + ], + "labels": { + "template": "mysql-ephemeral-template" + } +}''' + + def setUp(self): + ''' setup method will set to known configuration ''' + pass + + @mock.patch('oc_process.Utils.create_tmpfile_copy') + @mock.patch('oc_process.OCProcess._run') + def test_state_list(self, mock_cmd, mock_tmpfile_copy): + ''' Testing a get ''' + params = {'template_name': 'mysql-ephermeral', + 'namespace': 'test', + 'content': None, + 'state': 'list', + 'reconcile': False, + 'create': False, + 'params': {'NAMESPACE': 'test', 'DATABASE_SERVICE_NAME': 'testdb'}, + 'kubeconfig': '/etc/origin/master/admin.kubeconfig', + 'debug': False} + + mock_cmd.side_effect = [ + (0, OCProcessTest.mysql, '') + ] + + mock_tmpfile_copy.side_effect = [ + '/tmp/mock_kubeconfig', + ] + + results = OCProcess.run_ansible(params, False) + + self.assertFalse(results['changed']) + self.assertEqual(results['results']['results'][0]['metadata']['name'], 'mysql-ephemeral') + + @mock.patch('oc_process.Utils.create_tmpfile_copy') + @mock.patch('oc_process.OCProcess._run') + def test_process_no_create(self, mock_cmd, mock_tmpfile_copy): + ''' Testing a process with no create ''' + params = {'template_name': 'mysql-ephermeral', + 'namespace': 'test', + 'content': None, + 'state': 'present', + 'reconcile': False, + 'create': False, + 'params': {'NAMESPACE': 'test', 'DATABASE_SERVICE_NAME': 'testdb'}, + 'kubeconfig': '/etc/origin/master/admin.kubeconfig', + 'debug': False} + + mysqlproc = '''{ + "kind": "List", + "apiVersion": "v1", + "metadata": {}, + "items": [ + { + "apiVersion": "v1", + "kind": "Service", + "metadata": { + "creationTimestamp": null, + "labels": { + "template": "mysql-ephemeral-template" + }, + "name": "testdb" + }, + "spec": { + "ports": [ + { + "name": "mysql", + "nodePort": 0, + "port": 3306, + "protocol": "TCP", + "targetPort": 3306 + } + ], + "selector": { + "name": "testdb" + }, + "sessionAffinity": "None", + "type": "ClusterIP" + }, + "status": { + "loadBalancer": {} + } + }, + { + "apiVersion": "v1", + "kind": "DeploymentConfig", + "metadata": { + "creationTimestamp": null, + "labels": { + "template": "mysql-ephemeral-template" + }, + "name": "testdb" + }, + "spec": { + "replicas": 1, + "selector": { + "name": "testdb" + }, + "strategy": { + "type": "Recreate" + }, + "template": { + "metadata": { + "creationTimestamp": null, + "labels": { + "name": "testdb" + } + }, + "spec": { + "containers": [ + { + "capabilities": {}, + "env": [ + { + "name": "MYSQL_USER", + "value": "userHJJ" + }, + { + "name": "MYSQL_PASSWORD", + "value": "GITOAduAMaV6k688" + }, + { + "name": "MYSQL_DATABASE", + "value": "sampledb" + } + ], + "image": " ", + "imagePullPolicy": "IfNotPresent", + "livenessProbe": { + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + }, + "timeoutSeconds": 1 + }, + "name": "mysql", + "ports": [ + { + "containerPort": 3306, + "protocol": "TCP" + } + ], + "readinessProbe": { + "exec": { + "command": [ + "/bin/sh", + "-i", + "-c", + "MYSQL_PWD=$MYSQL_PASSWORD mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'" + ] + }, + "initialDelaySeconds": 5, + "timeoutSeconds": 1 + }, + "resources": { + "limits": { + "memory": "512Mi" + } + }, + "securityContext": { + "capabilities": {}, + "privileged": false + }, + "terminationMessagePath": "/dev/termination-log", + "volumeMounts": [ + { + "mountPath": "/var/lib/mysql/data", + "name": "testdb-data" + } + ] + } + ], + "dnsPolicy": "ClusterFirst", + "restartPolicy": "Always", + "volumes": [ + { + "emptyDir": { + "medium": "" + }, + "name": "testdb-data" + } + ] + } + }, + "triggers": [ + { + "imageChangeParams": { + "automatic": true, + "containerNames": [ + "mysql" + ], + "from": { + "kind": "ImageStreamTag", + "name": "mysql:5.6", + "namespace": "test" + }, + "lastTriggeredImage": "" + }, + "type": "ImageChange" + }, + { + "type": "ConfigChange" + } + ] + } + } + ] +}''' + + mock_cmd.side_effect = [ + (0, OCProcessTest.mysql, ''), + (0, OCProcessTest.mysql, ''), + (0, mysqlproc, ''), + ] + + mock_tmpfile_copy.side_effect = [ + '/tmp/mock_kubeconfig', + ] + + results = OCProcess.run_ansible(params, False) + + self.assertFalse(results['changed']) + self.assertEqual(results['results']['results']['items'][0]['metadata']['name'], 'testdb') + + def tearDown(self): + '''TearDown method''' + pass + + +if __name__ == "__main__": + unittest.main() diff --git a/roles/lib_openshift/src/test/unit/oc_route.py b/roles/lib_openshift/src/test/unit/oc_route.py new file mode 100755 index 000000000..fcfa88cbf --- /dev/null +++ b/roles/lib_openshift/src/test/unit/oc_route.py @@ -0,0 +1,258 @@ +#!/usr/bin/env python2 +''' + Unit tests for oc route +''' +# To run: +# ./oc_serviceaccount.py +# +# . +# Ran 1 test in 0.002s +# +# OK + +import os +import sys +import unittest +import mock + +# Removing invalid variable names for tests so that I can +# keep them brief +# pylint: disable=invalid-name,no-name-in-module +# Disable import-error b/c our libraries aren't loaded in jenkins +# pylint: disable=import-error,wrong-import-position +# place class in our python path +module_path = os.path.join('/'.join(os.path.realpath(__file__).split('/')[:-4]), 'library') # noqa: E501 +sys.path.insert(0, module_path) +from oc_route import OCRoute # noqa: E402 + + +class OCRouteTest(unittest.TestCase): + ''' + Test class for OCServiceAccount + ''' + + def setUp(self): + ''' setup method will create a file and set to known configuration ''' + pass + + @mock.patch('oc_route.OCRoute._run') + def test_list_route(self, mock_cmd): + ''' Testing getting a route ''' + + # Arrange + + # run_ansible input parameters + params = { + 'kubeconfig': '/etc/origin/master/admin.kubeconfig', + 'state': 'list', + 'debug': False, + 'name': 'test', + 'namespace': 'default', + 'tls_termination': 'passthrough', + 'dest_cacert_path': None, + 'cacert_path': None, + 'cert_path': None, + 'key_path': None, + 'dest_cacert_content': None, + 'cacert_content': None, + 'cert_content': None, + 'key_content': None, + 'service_name': 'testservice', + 'host': 'test.openshift.com', + 'wildcard_policy': None, + 'weight': None, + 'port': None + } + + route_result = '''{ + "kind": "Route", + "apiVersion": "v1", + "metadata": { + "name": "test", + "namespace": "default", + "selfLink": "/oapi/v1/namespaces/default/routes/test", + "uid": "1b127c67-ecd9-11e6-96eb-0e0d9bdacd26", + "resourceVersion": "439182", + "creationTimestamp": "2017-02-07T01:59:48Z" + }, + "spec": { + "host": "test.example", + "to": { + "kind": "Service", + "name": "test", + "weight": 100 + }, + "port": { + "targetPort": 8443 + }, + "tls": { + "termination": "passthrough" + }, + "wildcardPolicy": "None" + }, + "status": { + "ingress": [ + { + "host": "test.example", + "routerName": "router", + "conditions": [ + { + "type": "Admitted", + "status": "True", + "lastTransitionTime": "2017-02-07T01:59:48Z" + } + ], + "wildcardPolicy": "None" + } + ] + } + }''' + + # Return values of our mocked function call. These get returned once per call. + mock_cmd.side_effect = [ + # First call to mock + (0, route_result, ''), + ] + + # Act + results = OCRoute.run_ansible(params, False) + + # Assert + self.assertFalse(results['changed']) + self.assertEqual(results['state'], 'list') + self.assertEqual(results['results'][0]['metadata']['name'], 'test') + + # Making sure our mock was called as we expected + mock_cmd.assert_has_calls([ + mock.call(['oc', '-n', 'default', 'get', 'route', 'test', '-o', 'json'], None), + ]) + + @mock.patch('oc_route.Yedit._write') + @mock.patch('oc_route.OCRoute._run') + def test_create_route(self, mock_cmd, mock_write): + ''' Testing getting a route ''' + + # Arrange + + # run_ansible input parameters + params = { + 'kubeconfig': '/etc/origin/master/admin.kubeconfig', + 'state': 'present', + 'debug': False, + 'name': 'test', + 'namespace': 'default', + 'tls_termination': 'edge', + 'dest_cacert_path': None, + 'cacert_path': None, + 'cert_path': None, + 'key_path': None, + 'dest_cacert_content': None, + 'cacert_content': 'testing', + 'cert_content': 'testing', + 'key_content': 'testing', + 'service_name': 'testservice', + 'host': 'test.openshift.com', + 'wildcard_policy': None, + 'weight': None, + 'port': None + } + + route_result = '''{ + "apiVersion": "v1", + "kind": "Route", + "metadata": { + "creationTimestamp": "2017-02-07T20:55:10Z", + "name": "test", + "namespace": "default", + "resourceVersion": "517745", + "selfLink": "/oapi/v1/namespaces/default/routes/test", + "uid": "b6f25898-ed77-11e6-9755-0e737db1e63a" + }, + "spec": { + "host": "test.openshift.com", + "tls": { + "caCertificate": "testing", + "certificate": "testing", + "key": "testing", + "termination": "edge" + }, + "to": { + "kind": "Service", + "name": "testservice", + "weight": 100 + }, + "wildcardPolicy": "None" + }, + "status": { + "ingress": [ + { + "conditions": [ + { + "lastTransitionTime": "2017-02-07T20:55:10Z", + "status": "True", + "type": "Admitted" + } + ], + "host": "test.openshift.com", + "routerName": "router", + "wildcardPolicy": "None" + } + ] + } + }''' + + test_route = '''\ +kind: Route +spec: + tls: + caCertificate: testing + termination: edge + certificate: testing + key: testing + to: + kind: Service + name: testservice + weight: 100 + host: test.openshift.com + wildcardPolicy: None +apiVersion: v1 +metadata: + namespace: default + name: test +''' + + # Return values of our mocked function call. These get returned once per call. + mock_cmd.side_effect = [ + # First call to mock + (1, '', 'Error from server: routes "test" not found'), + (1, '', 'Error from server: routes "test" not found'), + (0, 'route "test" created', ''), + (0, route_result, ''), + ] + + mock_write.assert_has_calls = [ + # First call to mock + mock.call('/tmp/test', test_route) + ] + + # Act + results = OCRoute.run_ansible(params, False) + + # Assert + self.assertTrue(results['changed']) + self.assertEqual(results['state'], 'present') + self.assertEqual(results['results']['results'][0]['metadata']['name'], 'test') + + # Making sure our mock was called as we expected + mock_cmd.assert_has_calls([ + mock.call(['oc', '-n', 'default', 'get', 'route', 'test', '-o', 'json'], None), + mock.call(['oc', '-n', 'default', 'create', '-f', '/tmp/test'], None), + ]) + + def tearDown(self): + '''TearDown method''' + pass + + +if __name__ == "__main__": + unittest.main() diff --git a/roles/lib_openshift/src/test/unit/oc_scale.py b/roles/lib_openshift/src/test/unit/oc_scale.py index d8d5a231f..f15eb164d 100755 --- a/roles/lib_openshift/src/test/unit/oc_scale.py +++ b/roles/lib_openshift/src/test/unit/oc_scale.py @@ -35,8 +35,9 @@ class OCScaleTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oc_scale.Utils.create_tmpfile_copy') @mock.patch('oc_scale.OCScale.openshift_cmd') - def test_state_list(self, mock_openshift_cmd): + def test_state_list(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'name': 'router', 'namespace': 'default', @@ -70,13 +71,18 @@ class OCScaleTest(unittest.TestCase): 'results': dc, 'returncode': 0}] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCScale.run_ansible(params, False) self.assertFalse(results['changed']) self.assertEqual(results['result'][0], 2) + @mock.patch('oc_scale.Utils.create_tmpfile_copy') @mock.patch('oc_scale.OCScale.openshift_cmd') - def test_scale(self, mock_openshift_cmd): + def test_scale(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'name': 'router', 'namespace': 'default', @@ -114,13 +120,18 @@ class OCScaleTest(unittest.TestCase): 'returncode': 0} ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCScale.run_ansible(params, False) self.assertFalse(results['changed']) self.assertEqual(results['result'][0], 3) + @mock.patch('oc_scale.Utils.create_tmpfile_copy') @mock.patch('oc_scale.OCScale.openshift_cmd') - def test_no_dc_scale(self, mock_openshift_cmd): + def test_no_dc_scale(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'name': 'not_there', 'namespace': 'default', @@ -138,6 +149,10 @@ class OCScaleTest(unittest.TestCase): 'stdout': ""}, ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCScale.run_ansible(params, False) self.assertTrue(results['failed']) diff --git a/roles/lib_openshift/src/test/unit/oc_secret.py b/roles/lib_openshift/src/test/unit/oc_secret.py index 835918b95..645aac82b 100755 --- a/roles/lib_openshift/src/test/unit/oc_secret.py +++ b/roles/lib_openshift/src/test/unit/oc_secret.py @@ -35,8 +35,10 @@ class OCSecretTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass - @mock.patch('oc_secret.OCSecret.openshift_cmd') - def test_adding_a_secret(self, mock_openshift_cmd): + @mock.patch('oc_secret.Utils.create_tmpfile_copy') + @mock.patch('oc_secret.Utils._write') + @mock.patch('oc_secret.OCSecret._run') + def test_adding_a_secret(self, mock_cmd, mock_write, mock_tmpfile_copy): ''' Testing adding a secret ''' # Arrange @@ -45,10 +47,10 @@ class OCSecretTest(unittest.TestCase): params = { 'state': 'present', 'namespace': 'default', - 'name': 'secretname', + 'name': 'testsecretname', 'contents': [{ 'path': "/tmp/somesecret.json", - 'data': "{'one': 1, 'two': 2, 'three', 3}", + 'data': "{'one': 1, 'two': 2, 'three': 3}", }], 'decode': False, 'kubeconfig': '/etc/origin/master/admin.kubeconfig', @@ -58,17 +60,13 @@ class OCSecretTest(unittest.TestCase): } # Return values of our mocked function call. These get returned once per call. - mock_openshift_cmd.side_effect = [ - { - "cmd": "/usr/bin/oc get secrets -o json secretname", - "results": "", - "returncode": 0, - }, # oc output for first call to openshift_cmd (oc secrets get) - { - "cmd": "/usr/bin/oc secrets new secretname somesecret.json=/tmp/somesecret.json", - "results": "", - "returncode": 0, - }, # oc output for second call to openshift_cmd (oc secrets new) + mock_cmd.side_effect = [ + (1, '', 'Error from server: secrets "testsecretname" not found'), + (0, 'secret/testsecretname', ''), + ] + + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', ] # Act @@ -80,9 +78,13 @@ class OCSecretTest(unittest.TestCase): self.assertEqual(results['state'], 'present') # Making sure our mock was called as we expected - mock_openshift_cmd.assert_has_calls([ - mock.call(['get', 'secrets', 'secretname', '-o', 'json'], output=True), - mock.call(['secrets', 'new', 'secretname', 'somesecret.json=/tmp/somesecret.json']), + mock_cmd.assert_has_calls([ + mock.call(['oc', '-n', 'default', 'get', 'secrets', 'testsecretname', '-o', 'json'], None), + mock.call(['oc', '-n', 'default', 'secrets', 'new', 'testsecretname', mock.ANY], None), + ]) + + mock_write.assert_has_calls([ + mock.call(mock.ANY, "{'one': 1, 'two': 2, 'three': 3}"), ]) def tearDown(self): diff --git a/roles/lib_openshift/src/test/unit/oc_service.py b/roles/lib_openshift/src/test/unit/oc_service.py index 69f7dd49c..4a845e9f3 100755 --- a/roles/lib_openshift/src/test/unit/oc_service.py +++ b/roles/lib_openshift/src/test/unit/oc_service.py @@ -36,8 +36,9 @@ class OCServiceTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oc_service.Utils.create_tmpfile_copy') @mock.patch('oc_service.OCService._run') - def test_state_list(self, mock_cmd): + def test_state_list(self, mock_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'name': 'router', 'namespace': 'default', @@ -108,13 +109,18 @@ class OCServiceTest(unittest.TestCase): (0, service, '') ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCService.run_ansible(params, False) self.assertFalse(results['changed']) self.assertEqual(results['results']['results'][0]['metadata']['name'], 'router') + @mock.patch('oc_service.Utils.create_tmpfile_copy') @mock.patch('oc_service.OCService._run') - def test_create(self, mock_cmd): + def test_create(self, mock_cmd, mock_tmpfile_copy): ''' Testing a create service ''' params = {'name': 'router', 'namespace': 'default', @@ -191,6 +197,10 @@ class OCServiceTest(unittest.TestCase): (0, service, '') ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCService.run_ansible(params, False) self.assertTrue(results['changed']) diff --git a/roles/lib_openshift/src/test/unit/oc_serviceaccount.py b/roles/lib_openshift/src/test/unit/oc_serviceaccount.py index dab751bb9..256b569eb 100755 --- a/roles/lib_openshift/src/test/unit/oc_serviceaccount.py +++ b/roles/lib_openshift/src/test/unit/oc_serviceaccount.py @@ -35,8 +35,9 @@ class OCServiceAccountTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oc_serviceaccount.Utils.create_tmpfile_copy') @mock.patch('oc_serviceaccount.OCServiceAccount._run') - def test_adding_a_serviceaccount(self, mock_cmd): + def test_adding_a_serviceaccount(self, mock_cmd, mock_tmpfile_copy): ''' Testing adding a serviceaccount ''' # Arrange @@ -90,6 +91,10 @@ class OCServiceAccountTest(unittest.TestCase): (0, valid_result_json, ''), ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + # Act results = OCServiceAccount.run_ansible(params, False) diff --git a/roles/lib_openshift/src/test/unit/oc_serviceaccount_secret.py b/roles/lib_openshift/src/test/unit/oc_serviceaccount_secret.py index 342da961b..4d555d412 100755 --- a/roles/lib_openshift/src/test/unit/oc_serviceaccount_secret.py +++ b/roles/lib_openshift/src/test/unit/oc_serviceaccount_secret.py @@ -35,9 +35,10 @@ class OCServiceAccountSecretTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oc_serviceaccount_secret.Utils.create_tmpfile_copy') @mock.patch('oc_serviceaccount_secret.Yedit._write') @mock.patch('oc_serviceaccount_secret.OCServiceAccountSecret._run') - def test_adding_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write): + def test_adding_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write, mock_tmpfile_copy): ''' Testing adding a secret to a service account ''' # Arrange @@ -137,6 +138,10 @@ metadata: (0, oc_get_sa_after, ''), # Fourth call to the mock ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + # Act results = OCServiceAccountSecret.run_ansible(params, False) @@ -149,18 +154,19 @@ metadata: mock_cmd.assert_has_calls([ mock.call(['oc', '-n', 'default', 'get', 'sa', 'builder', '-o', 'json'], None), mock.call(['oc', '-n', 'default', 'get', 'sa', 'builder', '-o', 'json'], None), - mock.call(['oc', '-n', 'default', 'replace', '-f', '/tmp/builder'], None), + mock.call(['oc', '-n', 'default', 'replace', '-f', mock.ANY], None), mock.call(['oc', '-n', 'default', 'get', 'sa', 'builder', '-o', 'json'], None) ]) mock_write.assert_has_calls([ - mock.call('/tmp/builder', builder_yaml_file) + mock.call(mock.ANY, builder_yaml_file) ]) + @mock.patch('oc_serviceaccount_secret.Utils.create_tmpfile_copy') @mock.patch('oc_serviceaccount_secret.Yedit._write') @mock.patch('oc_serviceaccount_secret.OCServiceAccountSecret._run') - def test_removing_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write): - ''' Testing adding a secret to a service account ''' + def test_removing_a_secret_to_a_serviceaccount(self, mock_cmd, mock_write, mock_tmpfile_copy): + ''' Testing removing a secret to a service account ''' # Arrange @@ -229,6 +235,10 @@ metadata: (0, 'serviceaccount "builder" replaced', ''), # Third call to the mock ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + # Act results = OCServiceAccountSecret.run_ansible(params, False) @@ -241,11 +251,11 @@ metadata: mock_cmd.assert_has_calls([ mock.call(['oc', '-n', 'default', 'get', 'sa', 'builder', '-o', 'json'], None), mock.call(['oc', '-n', 'default', 'get', 'sa', 'builder', '-o', 'json'], None), - mock.call(['oc', '-n', 'default', 'replace', '-f', '/tmp/builder'], None), + mock.call(['oc', '-n', 'default', 'replace', '-f', mock.ANY], None), ]) mock_write.assert_has_calls([ - mock.call('/tmp/builder', builder_yaml_file) + mock.call(mock.ANY, builder_yaml_file) ]) def tearDown(self): diff --git a/roles/lib_openshift/src/test/unit/oc_version.py b/roles/lib_openshift/src/test/unit/oc_version.py index f927948be..67dea415b 100755 --- a/roles/lib_openshift/src/test/unit/oc_version.py +++ b/roles/lib_openshift/src/test/unit/oc_version.py @@ -35,8 +35,9 @@ class OCVersionTest(unittest.TestCase): ''' setup method will create a file and set to known configuration ''' pass + @mock.patch('oc_version.Utils.create_tmpfile_copy') @mock.patch('oc_version.OCVersion.openshift_cmd') - def test_get(self, mock_openshift_cmd): + def test_get(self, mock_openshift_cmd, mock_tmpfile_copy): ''' Testing a get ''' params = {'kubeconfig': '/etc/origin/master/admin.kubeconfig', 'state': 'list', @@ -52,6 +53,10 @@ class OCVersionTest(unittest.TestCase): "returncode": 0} ] + mock_tmpfile_copy.side_effect = [ + '/tmp/mocked_kubeconfig', + ] + results = OCVersion.run_ansible(params) self.assertFalse(results['changed']) |