functional tests instrumented by ansible/vagrant (#1682)
This commit is contained in:
parent
804b6f4c5d
commit
39f57f1487
|
@ -5,10 +5,9 @@ This directory contains scripts for functional testing. The tests are run with
|
||||||
the [bats-core](https://github.com/bats-core/bats-core) framework, which is an
|
the [bats-core](https://github.com/bats-core/bats-core) framework, which is an
|
||||||
active fork of the older BATS (Bash Automated Testing System).
|
active fork of the older BATS (Bash Automated Testing System).
|
||||||
|
|
||||||
The goal is to be cross-platform but not explicitly test the packaging system
|
With the addition of [the ansible playbooks](ansible/README.md) it is possible
|
||||||
or service management. Those parts are specific to each distribution and are
|
to use VMs to test the binary packages, service management and other CPU
|
||||||
tested separately (triggered by crowdsec releases, but they run in other
|
architectures.
|
||||||
repositories).
|
|
||||||
|
|
||||||
### cscli
|
### cscli
|
||||||
|
|
||||||
|
@ -52,13 +51,12 @@ repositories).
|
||||||
| stream mode | `99_lapi-stream-mode | |
|
| stream mode | `99_lapi-stream-mode | |
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# How to use it
|
# How to use it
|
||||||
|
|
||||||
## pre-requisites
|
## pre-requisites
|
||||||
|
|
||||||
- `git submodule init; git submodule update`
|
- `git submodule init; git submodule update`
|
||||||
- `daemonize (linux) or daemon (freebsd), bash, python3, openbsd-netcat`
|
- `daemonize (linux) or daemon (freebsd), bash>=4.4, python3, openbsd-netcat`
|
||||||
- `go install github.com/cloudflare/cfssl/cmd/cfssl@latest`
|
- `go install github.com/cloudflare/cfssl/cmd/cfssl@latest`
|
||||||
- `go install github.com/cloudflare/cfssl/cmd/cfssljson@latest`
|
- `go install github.com/cloudflare/cfssl/cmd/cfssljson@latest`
|
||||||
- `go install github.com/mikefarah/yq/v4@latest`
|
- `go install github.com/mikefarah/yq/v4@latest`
|
||||||
|
|
2
tests/ansible/.gitignore
vendored
Normal file
2
tests/ansible/.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
.vagrant
|
||||||
|
vagrant/*/*.out
|
157
tests/ansible/README.md
Normal file
157
tests/ansible/README.md
Normal file
|
@ -0,0 +1,157 @@
|
||||||
|
# Ansible playbooks for functional testing
|
||||||
|
|
||||||
|
These playbooks allow you to test crowdsec in a real environment, where the
|
||||||
|
application is running as root, deployed with the OS package manager, and
|
||||||
|
uses the standard init system for the distribution (systemd or other).
|
||||||
|
|
||||||
|
This way, you can test not only the application's feature but also the packaging
|
||||||
|
boilerplate, integration scripts, and compatibility with new distribution releases,
|
||||||
|
operating systems, or architectures.
|
||||||
|
|
||||||
|
The ansible hosts should be expendable machines with at least 1GB RAM, do not
|
||||||
|
expect them to be stable if you use them for anything else after the tests.
|
||||||
|
|
||||||
|
Install the requirements with `ansible-galaxy install -r requiements.yml`.
|
||||||
|
|
||||||
|
There are several Ansible playbooks. You can use `run-all.yml` to configure the
|
||||||
|
installation and run the tests, or run the playbooks separately to iterate while developing.
|
||||||
|
|
||||||
|
- run-all.yml: run the other playbooks in the correct order.
|
||||||
|
|
||||||
|
- provision-dependencies.yml: install the bats requirements (bash, netcat, cfssl, etc.), compilers, and database.
|
||||||
|
|
||||||
|
- provision-test-suite.yml: install the tests scripts and bats environment.
|
||||||
|
|
||||||
|
- prepare-tests.yml: install the package under test, and create the test fixture data.
|
||||||
|
|
||||||
|
- run-tests.yml: run the functional tests. This is not idempotent and can be run multiple times.
|
||||||
|
|
||||||
|
The tasks use the following environment variables. They must be exported or
|
||||||
|
ansible won't be able to see them.
|
||||||
|
|
||||||
|
- `TEST_SUITE_GIT` (default "https://github.com/crowdsecurity/crowdsec"),
|
||||||
|
`TEST_SUITE_VERSION` (default "master"): repo URL and branch/tag/commit of
|
||||||
|
the crowdsec sources containing the test fixture and scripts.
|
||||||
|
|
||||||
|
- `TEST_SUITE_ZIP`: optional, archive of a `crowdsecurity/crowdsec` repository
|
||||||
|
containing the test fixture and scripts. Overrides `TEST_SUITE_GIT` and
|
||||||
|
`TEST_SUITE_VERSION`. It can be created with `zip -r crowdsec.zip .` from
|
||||||
|
the root directory of the repository.
|
||||||
|
|
||||||
|
- `DB_BACKEND`: Required. Set to "sqlite", "pgx", "mysql", "postgres".
|
||||||
|
Postgres is automatically provisioned when required. There is no
|
||||||
|
provisioning code for mysql/mariadb yet, but it can be added.
|
||||||
|
|
||||||
|
- `PACKAGE_TESTING`: when set to false or not defined, the crowdsec binaries
|
||||||
|
to be tested are built from the sources that come from `TEST_SUITE_GIT` or
|
||||||
|
`TEST_SUITE_ZIP`. Crowdsec is then run as non-root, in a local directory.
|
||||||
|
This is basically a fancy wrapper to run `make bats-test` in a vm.
|
||||||
|
When `PACKAGE_TESTING` is set to true, however, crowdsec is installed from
|
||||||
|
a binary package (see variables below), it is run as root from systemd (or
|
||||||
|
equivalent) and uses the system-wide `/etc/crowdsec` and `/var/lib`
|
||||||
|
directories to store the test data.
|
||||||
|
|
||||||
|
- `TEST_PACKAGE_VERSION_DEB`, `TEST_PACKAGE_VERSION_RPM`: Optional, the
|
||||||
|
version of the package under test (ex. "1.4.0-rc5"), can be in the
|
||||||
|
packagecloud "stable" or "testing" repository. Requires
|
||||||
|
`PACKAGE_TESTING=true`. You must set both variables to reuse the same set of
|
||||||
|
variables for Debian and RedHat-based distributions, because stable releases
|
||||||
|
require a package version suffix in the RPM file names.
|
||||||
|
|
||||||
|
- `TEST_PACKAGE_FILE`: optional, file pointing to the package under test
|
||||||
|
(.deb, .rpm, .pkg...). If both `TEST_PACKAGE_VERSION_*` and
|
||||||
|
`TEST_PACKAGE_FILE` are provided, both are be installed (to test upgrades
|
||||||
|
for example). Requires `PACKAGE_TESTING=true`
|
||||||
|
|
||||||
|
- `TEST_PACKAGE_DIR`: optional (but conflicts with `TEST_PACKAGE_FILE`), the path
|
||||||
|
to a directory containing packages with the following layout:
|
||||||
|
|
||||||
|
For DEB: `{{ package_dir }}/{{ ansible_distribution_release }}_{{ ansible_architecture.replace('x86_64', 'amd64) }}/{{ ansible_distribution_release }}/{{ ansible_architecture.replace('x86_64', 'amd64' }}/crowdsec_*.deb`
|
||||||
|
For RPM: `{{ package_dir }}/{{ releasever }}/RPMS/{{ ansible_architecture }}/crowdsec-{{ testing_file_version }}*.{{ releasever }}.{{ ansible_architecture }}.rpm`
|
||||||
|
|
||||||
|
- `TEST_SKIP`: optional, comma-separated list of scripts that won't be executed.
|
||||||
|
Example: `TEST_SKIP=02_nolapi.bats,03_noagent.bats`
|
||||||
|
|
||||||
|
## Running tests with Vagrant + Ansible
|
||||||
|
|
||||||
|
You don't need Vagrant to run the ansible tests, if you can manage your own
|
||||||
|
vm creation and inventory.
|
||||||
|
|
||||||
|
However, to avoid relying on (and paying for..) a public cloud, we wrote vagrant
|
||||||
|
configuration files for the most common distributions we support.
|
||||||
|
|
||||||
|
To test with Vagrant, you need to:
|
||||||
|
|
||||||
|
- have a working libvirt environment (if you can use virt-manager to create VMs, you're golden)
|
||||||
|
|
||||||
|
- install the vagrant-libvirt plugin (`vagrant plugin install vagrant-libvirt`.
|
||||||
|
If it complains about gem versions, blame Ruby and see if you can remove some
|
||||||
|
other conflicting plugin).
|
||||||
|
|
||||||
|
- copy one of the `./env/*.sh` scripts to `environment.sh`, edit to your
|
||||||
|
needs, and execute it with "source environment.sh"
|
||||||
|
|
||||||
|
- `cd vagrant/<distro-of-your-choice>`
|
||||||
|
|
||||||
|
- `vagrant up --no-provision; vagrant provision`. The first command creates
|
||||||
|
the VM, the second installs all the dependencies, test suite and package
|
||||||
|
under test, then runs the tests. If you run a plain `vagrant up`, it does
|
||||||
|
everything with a single command, but also destroys the VM in case of test
|
||||||
|
failure so you are left with nothing to debug.
|
||||||
|
|
||||||
|
- `vagrant destroy` when you want to remove the VM. If you want to free up the
|
||||||
|
space taken by the base VM images, they are in
|
||||||
|
`/var/lib/libvirt/images/*VAGRANT*`
|
||||||
|
|
||||||
|
The above steps are automated in the script `./prepare-run` (requires bash >=4.4).
|
||||||
|
It takes an enviroment file, and optionally a list of directories with vagrant
|
||||||
|
configurations. With a single parameter, it loops over all the directories in
|
||||||
|
alphabetical order. Watch out for leftover VMs if you break the loop by hand.
|
||||||
|
|
||||||
|
After this, you will find up to 30GB of base images in `/var/lib/libvirt/images`,
|
||||||
|
which you need to remove by hand when you have finished testing or leave them
|
||||||
|
around for the next time.
|
||||||
|
|
||||||
|
You can give more memory or CPU juice to the VMs by editing [Vagrantfile.common](vagrant/Vagrantfile.common).
|
||||||
|
|
||||||
|
## Test Matrix
|
||||||
|
|
||||||
|
Tests fail with unsupported configurations or when the environment is not prepared correctly
|
||||||
|
due to missing setup/teardown parts in Ansible or functional tests. False positives
|
||||||
|
are also possible due to timing issues or flaky network connections.
|
||||||
|
|
||||||
|
If you have a result that deviates from the following matrix, that's probably a genuine bug or regression.
|
||||||
|
The data was created with crowdsec v1.4.1.
|
||||||
|
|
||||||
|
| | source/sqlite | pkg/sqlite | source/postgres | source/pgx | source/mysql (0) |
|
||||||
|
| ------------------------- | ------------- | ---------- | --------------- | ---------- | ---------------- |
|
||||||
|
| AmazonLinux 2 | ✓ (1) | ✓ (1) | old-db | old-db | wip |
|
||||||
|
| CentOS 7 | ✓ | ✓ | old-db | old-db | ✓ |
|
||||||
|
| CentOS 8 | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Debian 9 (stretch) | ✓ | ✓ | old-db | old-db | wip |
|
||||||
|
| Debian 10 (buster) | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Debian 11 (bullseye) | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Debian (testing/bookworm) | ✓ | ✓ | wip | wip | wip |
|
||||||
|
| Fedora 33 | ✓ | ✓ | wip | wip | wip |
|
||||||
|
| Fedora 34 | ✓ | ✓ | ✓ | ✓ | wip |
|
||||||
|
| Fedora 35 | ✓ | ✓ | ✓ | ✓ | wip |
|
||||||
|
| Fedora 36 | ✓ | ✓ | ✓ | ✓ | wip |
|
||||||
|
| FreeBSD 12 | ✓ | wip | wip | wip | wip |
|
||||||
|
| FreeBSD 13 | ✓ | wip | wip | wip | wip |
|
||||||
|
| Oracle 7 | ✓ | ✓ | wip | wip | ✓ |
|
||||||
|
| Oracle 8 | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Ubuntu 16.04 (xenial) | ✓ | ✓ | wip | wip | ✓ |
|
||||||
|
| Ubuntu 18.04 (bionic) | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Ubuntu 20.04 (focal) | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Ubuntu 22.04 (jammy) | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| | | | | | |
|
||||||
|
|
||||||
|
Note: all tests with `local/<database>` are expected to pass for `pkg/<database>` as well.
|
||||||
|
|
||||||
|
wip - missing ansible or bats parts, working on it
|
||||||
|
|
||||||
|
old-db - the database that ships with the distribution is not supported (Postgres < 10)
|
||||||
|
|
||||||
|
0 - MySQL or MariaDB, depending on distribution defaults
|
||||||
|
|
||||||
|
1 - ansible may hang, passes all tests if run by hand
|
14
tests/ansible/ansible.cfg
Normal file
14
tests/ansible/ansible.cfg
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
[defaults]
|
||||||
|
pipelining = True
|
||||||
|
force_color = True
|
||||||
|
|
||||||
|
# inventory = inventory.yml
|
||||||
|
callbacks_enabled = timer
|
||||||
|
|
||||||
|
# more compact and readable output
|
||||||
|
stdout_callback = debug
|
||||||
|
display_skipped_hosts = no
|
||||||
|
display_ok_hosts = yes
|
||||||
|
|
||||||
|
[ssh_connection]
|
||||||
|
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
|
51
tests/ansible/env/example.sh
vendored
Executable file
51
tests/ansible/env/example.sh
vendored
Executable file
|
@ -0,0 +1,51 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
## DB_BACKEND is required, because even if it has a sensible default (sqlite)
|
||||||
|
## all other variables can have an empty value. So if DB_BACKEND is missing you
|
||||||
|
## may have forgot to set the environment for the test run.
|
||||||
|
## One of "sqlite", "postgres", "pgx", "mysql"
|
||||||
|
DB_BACKEND=sqlite
|
||||||
|
|
||||||
|
## Set this to test a binary package (deb, rpm..). If missing or false,
|
||||||
|
## crowdsec will be built from sources and tested an non-root without installation.
|
||||||
|
# PACKAGE_TESTING=true
|
||||||
|
|
||||||
|
## The URL of a crowdsec repository with the test scripts.
|
||||||
|
# TEST_SUITE_GIT="https://github.com/crowdsecurity/crowdsec"
|
||||||
|
|
||||||
|
## The branch, tag or commit of the test scripts.
|
||||||
|
# TEST_SUITE_VERSION="master"
|
||||||
|
|
||||||
|
## The path to a crowdsec.zip file containing the crowdsec sources with test scripts.
|
||||||
|
## Overrides TEST_SUITE_GIT and TEST_SUITE_VERSION.
|
||||||
|
# TEST_SUITE_ZIP="/tmp/crowdsec.zip"
|
||||||
|
|
||||||
|
## TEST_PACKAGE_VERSION_DEB is the version of the package under test.
|
||||||
|
## Can be different from TEST_PACKAGE_VERSION_RPM in case of stable releases (no '-1' suffix).
|
||||||
|
# TEST_PACKAGE_VERSION_DEB=1.4.1
|
||||||
|
|
||||||
|
## TEST_PACKAGE_VERSION_RPM is the version of the package under test.
|
||||||
|
## Can be different from TEST_PACKAGE_VERSION_DEB in case of stable releases (rpm requires a '-1' suffix).
|
||||||
|
# TEST_PACKAGE_VERSION_RPM=1.4.1-1
|
||||||
|
|
||||||
|
## The path to a crowdsec binary package (.deb, .rpm..). If both this and TEST_PACKAGE_VERSION_* are set,
|
||||||
|
## the package from TEST_PACKAGE_VERSION_* will be installed first, then replaced by the package in the
|
||||||
|
## provided file. This is a way to test upgrades.
|
||||||
|
# TEST_PACKAGE_FILE="/tmp/crowdsec.deb"
|
||||||
|
|
||||||
|
## The path to a bundle with all the .deb and .rpm packages, split by architecture, distribution and version (see README).
|
||||||
|
# TEST_PACKAGE_DIR=/path/to/packages/1.4.1-rc1
|
||||||
|
|
||||||
|
## A comma-separated list of test scripts to skip. Example: "02_nolapi.bats,03_noagent.bats"
|
||||||
|
# TEST_SKIP=
|
||||||
|
|
||||||
|
export DB_BACKEND
|
||||||
|
export PACKAGE_TESTING
|
||||||
|
export TEST_SUITE_GIT
|
||||||
|
export TEST_SUITE_VERSION
|
||||||
|
export TEST_SUITE_ZIP
|
||||||
|
export TEST_PACKAGE_VERSION_DEB
|
||||||
|
export TEST_PACKAGE_VERSION_RPM
|
||||||
|
export TEST_PACKAGE_FILE
|
||||||
|
export TEST_PACKAGE_DIR
|
||||||
|
export TEST_SKIP
|
17
tests/ansible/env/pkg-sqlite.sh
vendored
Executable file
17
tests/ansible/env/pkg-sqlite.sh
vendored
Executable file
|
@ -0,0 +1,17 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
DB_BACKEND=sqlite
|
||||||
|
PACKAGE_TESTING=true
|
||||||
|
TEST_PACKAGE_VERSION_DEB=1.4.1
|
||||||
|
TEST_PACKAGE_VERSION_RPM=1.4.1-1
|
||||||
|
|
||||||
|
export DB_BACKEND
|
||||||
|
export PACKAGE_TESTING
|
||||||
|
export TEST_SUITE_GIT
|
||||||
|
export TEST_SUITE_VERSION
|
||||||
|
export TEST_SUITE_ZIP
|
||||||
|
export TEST_PACKAGE_VERSION_DEB
|
||||||
|
export TEST_PACKAGE_VERSION_RPM
|
||||||
|
export TEST_PACKAGE_FILE
|
||||||
|
export TEST_PACKAGE_DIR
|
||||||
|
export TEST_SKIP
|
14
tests/ansible/env/source-mysql.sh
vendored
Executable file
14
tests/ansible/env/source-mysql.sh
vendored
Executable file
|
@ -0,0 +1,14 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
DB_BACKEND=mysql
|
||||||
|
|
||||||
|
export DB_BACKEND
|
||||||
|
export PACKAGE_TESTING
|
||||||
|
export TEST_SUITE_GIT
|
||||||
|
export TEST_SUITE_VERSION
|
||||||
|
export TEST_SUITE_ZIP
|
||||||
|
export TEST_PACKAGE_VERSION_DEB
|
||||||
|
export TEST_PACKAGE_VERSION_RPM
|
||||||
|
export TEST_PACKAGE_FILE
|
||||||
|
export TEST_PACKAGE_DIR
|
||||||
|
export TEST_SKIP
|
14
tests/ansible/env/source-pgx.sh
vendored
Executable file
14
tests/ansible/env/source-pgx.sh
vendored
Executable file
|
@ -0,0 +1,14 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
DB_BACKEND=pgx
|
||||||
|
|
||||||
|
export DB_BACKEND
|
||||||
|
export PACKAGE_TESTING
|
||||||
|
export TEST_SUITE_GIT
|
||||||
|
export TEST_SUITE_VERSION
|
||||||
|
export TEST_SUITE_ZIP
|
||||||
|
export TEST_PACKAGE_VERSION_DEB
|
||||||
|
export TEST_PACKAGE_VERSION_RPM
|
||||||
|
export TEST_PACKAGE_FILE
|
||||||
|
export TEST_PACKAGE_DIR
|
||||||
|
export TEST_SKIP
|
14
tests/ansible/env/source-postgres.sh
vendored
Executable file
14
tests/ansible/env/source-postgres.sh
vendored
Executable file
|
@ -0,0 +1,14 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
DB_BACKEND=postgres
|
||||||
|
|
||||||
|
export DB_BACKEND
|
||||||
|
export PACKAGE_TESTING
|
||||||
|
export TEST_SUITE_GIT
|
||||||
|
export TEST_SUITE_VERSION
|
||||||
|
export TEST_SUITE_ZIP
|
||||||
|
export TEST_PACKAGE_VERSION_DEB
|
||||||
|
export TEST_PACKAGE_VERSION_RPM
|
||||||
|
export TEST_PACKAGE_FILE
|
||||||
|
export TEST_PACKAGE_DIR
|
||||||
|
export TEST_SKIP
|
14
tests/ansible/env/source-sqlite.sh
vendored
Executable file
14
tests/ansible/env/source-sqlite.sh
vendored
Executable file
|
@ -0,0 +1,14 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
DB_BACKEND=sqlite
|
||||||
|
|
||||||
|
export DB_BACKEND
|
||||||
|
export PACKAGE_TESTING
|
||||||
|
export TEST_SUITE_GIT
|
||||||
|
export TEST_SUITE_VERSION
|
||||||
|
export TEST_SUITE_ZIP
|
||||||
|
export TEST_PACKAGE_VERSION_DEB
|
||||||
|
export TEST_PACKAGE_VERSION_RPM
|
||||||
|
export TEST_PACKAGE_FILE
|
||||||
|
export TEST_PACKAGE_DIR
|
||||||
|
export TEST_SKIP
|
37
tests/ansible/prepare-run
Executable file
37
tests/ansible/prepare-run
Executable file
|
@ -0,0 +1,37 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# This loops over all the available boxes, running the test suite on each one.
|
||||||
|
# The results are collected in a file. If the file already exists, tests are not run again.
|
||||||
|
|
||||||
|
env=$1
|
||||||
|
|
||||||
|
if [[ -z "${env}" ]]; then
|
||||||
|
echo "Usage: $0 <env> [vagrant-dir]..."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
shift
|
||||||
|
|
||||||
|
vagrant_dirs=("$@")
|
||||||
|
if [[ $# -eq 0 ]]; then
|
||||||
|
readarray -d '' vagrant_dirs < <(find vagrant -mindepth 1 -maxdepth 1 -type d -print0 | sort -z)
|
||||||
|
fi
|
||||||
|
|
||||||
|
#shellcheck disable=SC1090
|
||||||
|
. "${env}"
|
||||||
|
|
||||||
|
VAGRANT_FORCE_COLOR=true
|
||||||
|
export VAGRANT_FORCE_COLOR
|
||||||
|
|
||||||
|
for vm in "${vagrant_dirs[@]}"; do
|
||||||
|
outfile="$(basename "${env}").out"
|
||||||
|
pushd "${vm}" >/dev/null || exit
|
||||||
|
if [[ ! -f "${outfile}" ]]; then
|
||||||
|
vagrant up --no-provision
|
||||||
|
vagrant provision 2>&1 | tee "${outfile}"
|
||||||
|
vagrant destroy -f
|
||||||
|
else
|
||||||
|
echo "Skipping: ${vm}, file ${outfile} already exists." >&2
|
||||||
|
fi
|
||||||
|
popd >/dev/null || exit
|
||||||
|
done
|
20
tests/ansible/prepare_tests.yml
Normal file
20
tests/ansible/prepare_tests.yml
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
---
|
||||||
|
- name: "prepare functional tests"
|
||||||
|
hosts: all
|
||||||
|
gather_facts: true
|
||||||
|
vars_files:
|
||||||
|
- vars/go.yml
|
||||||
|
- vars/mysql.yml
|
||||||
|
- vars/postgres.yml
|
||||||
|
environment:
|
||||||
|
PGHOST: 127.0.0.1
|
||||||
|
PGPORT: 5432
|
||||||
|
PGPASSWORD: "{{ postgresql_users[0].password }}"
|
||||||
|
PGUSER: postgres
|
||||||
|
MYSQL_HOST: localhost
|
||||||
|
MYSQL_PORT: 3306
|
||||||
|
MYSQL_PASSWORD: "{{ mysql_root_password }}"
|
||||||
|
MYSQL_USER: "root"
|
||||||
|
roles:
|
||||||
|
- role: install_crowdsec_package
|
||||||
|
- role: make_fixture
|
53
tests/ansible/provision_dependencies.yml
Normal file
53
tests/ansible/provision_dependencies.yml
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
---
|
||||||
|
- name: "install Go (!freebsd)"
|
||||||
|
hosts: all
|
||||||
|
gather_facts: true
|
||||||
|
vars_files:
|
||||||
|
- vars/go.yml
|
||||||
|
tasks:
|
||||||
|
- ansible.builtin.include_role:
|
||||||
|
name: gantsign.golang
|
||||||
|
when:
|
||||||
|
- ansible_os_family != "FreeBSD"
|
||||||
|
|
||||||
|
- name: "install Go (freebsd)"
|
||||||
|
hosts: all
|
||||||
|
gather_facts: true
|
||||||
|
become: true
|
||||||
|
tasks:
|
||||||
|
- ansible.builtin.package:
|
||||||
|
name: go
|
||||||
|
state: present
|
||||||
|
when:
|
||||||
|
- ansible_os_family == "FreeBSD"
|
||||||
|
|
||||||
|
- name: "apply common configuration to all nodes"
|
||||||
|
hosts: all
|
||||||
|
vars_files:
|
||||||
|
- vars/go.yml
|
||||||
|
roles:
|
||||||
|
- common
|
||||||
|
- machine_id
|
||||||
|
- bats_requirements
|
||||||
|
|
||||||
|
- name: "install Postgres"
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
vars_files:
|
||||||
|
- vars/postgres.yml
|
||||||
|
tasks:
|
||||||
|
- ansible.builtin.include_role:
|
||||||
|
name: geerlingguy.postgresql
|
||||||
|
when:
|
||||||
|
- lookup('ansible.builtin.env', 'DB_BACKEND') in ['pgx', 'postgres']
|
||||||
|
|
||||||
|
- name: "install MySQL"
|
||||||
|
hosts: all
|
||||||
|
become: true
|
||||||
|
vars_files:
|
||||||
|
- vars/mysql.yml
|
||||||
|
tasks:
|
||||||
|
- ansible.builtin.include_role:
|
||||||
|
name: geerlingguy.mysql
|
||||||
|
when:
|
||||||
|
- lookup('ansible.builtin.env', 'DB_BACKEND') == 'mysql'
|
5
tests/ansible/provision_test_suite.yml
Normal file
5
tests/ansible/provision_test_suite.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- name: "install the test scripts"
|
||||||
|
hosts: all
|
||||||
|
roles:
|
||||||
|
- install_crowdsec_tests
|
4
tests/ansible/requirements.yml
Normal file
4
tests/ansible/requirements.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
- src: geerlingguy.postgresql
|
||||||
|
- src: geerlingguy.mysql
|
||||||
|
- src: gantsign.golang
|
4
tests/ansible/roles/bats_requirements/defaults/main.yml
Normal file
4
tests/ansible/roles/bats_requirements/defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
build_bash: false
|
||||||
|
|
||||||
|
build_daemonize: (ansible_distribution == "Ubuntu" and ansible_distribution_version == '16.04') or ansible_distribution == 'Amazon'
|
51
tests/ansible/roles/bats_requirements/tasks/bash.yml
Normal file
51
tests/ansible/roles/bats_requirements/tasks/bash.yml
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
---
|
||||||
|
- name: "look up bash version"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.package_facts:
|
||||||
|
|
||||||
|
- name: "bash version found"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.debug:
|
||||||
|
var: ansible_facts.packages['bash'][0].version
|
||||||
|
|
||||||
|
- name: "check if bash needs building (<4.4)"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
build_bash: "{{ ansible_facts.packages['bash'][0].version is version('4.4', '<') }}"
|
||||||
|
|
||||||
|
- name: "build bash: download"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.unarchive:
|
||||||
|
src: http://ftp.gnu.org/gnu/bash/bash-5.1.16.tar.gz
|
||||||
|
dest: "{{ ansible_env.HOME }}"
|
||||||
|
remote_src: true
|
||||||
|
creates: "{{ ansible_env.HOME }}/bash-5.1.16"
|
||||||
|
when:
|
||||||
|
- build_bash
|
||||||
|
|
||||||
|
- name: "build bash: configure"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "./configure --prefix=/opt/bash"
|
||||||
|
creates: ./Makefile
|
||||||
|
chdir: "{{ ansible_env.HOME }}/bash-5.1.16"
|
||||||
|
when:
|
||||||
|
- build_bash
|
||||||
|
|
||||||
|
- name: "build bash: create /opt/bash"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /opt/bash
|
||||||
|
state: directory
|
||||||
|
mode: 0o755
|
||||||
|
when:
|
||||||
|
- build_bash
|
||||||
|
|
||||||
|
- name: "build bash: make install"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "make install"
|
||||||
|
creates: /opt/bash/bin/bash
|
||||||
|
chdir: "{{ ansible_env.HOME }}/bash-5.1.16"
|
||||||
|
when:
|
||||||
|
- build_bash
|
35
tests/ansible/roles/bats_requirements/tasks/daemonize.yml
Normal file
35
tests/ansible/roles/bats_requirements/tasks/daemonize.yml
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
---
|
||||||
|
- name: "install daemonize package"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- daemonize
|
||||||
|
when:
|
||||||
|
- not build_daemonize
|
||||||
|
|
||||||
|
- name: "build daemonize: git checkout"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: https://github.com/bmc/daemonize
|
||||||
|
dest: "{{ ansible_env.HOME }}/daemonize"
|
||||||
|
version: release-1.7.8
|
||||||
|
when:
|
||||||
|
- build_daemonize
|
||||||
|
|
||||||
|
- name: "build daemonize: configure"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "./configure --prefix=/usr/local"
|
||||||
|
creates: ./Makefile
|
||||||
|
chdir: "{{ ansible_env.HOME }}/daemonize"
|
||||||
|
when:
|
||||||
|
- build_daemonize
|
||||||
|
|
||||||
|
- name: "build daemonize: make install"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "make all install"
|
||||||
|
creates: /usr/local/sbin/daemonize
|
||||||
|
chdir: "{{ ansible_env.HOME }}/daemonize"
|
||||||
|
when:
|
||||||
|
- build_daemonize
|
80
tests/ansible/roles/bats_requirements/tasks/main.yml
Normal file
80
tests/ansible/roles/bats_requirements/tasks/main.yml
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
---
|
||||||
|
- name: "install bash"
|
||||||
|
ansible.builtin.import_tasks: bash.yml
|
||||||
|
|
||||||
|
- name: "Install daemonize"
|
||||||
|
ansible.builtin.import_tasks: daemonize.yml
|
||||||
|
when:
|
||||||
|
- ansible_os_family != 'FreeBSD'
|
||||||
|
|
||||||
|
- name: "install netcat"
|
||||||
|
ansible.builtin.import_tasks: netcat.yml
|
||||||
|
|
||||||
|
- name: "Install curl, jq, openssl, python3"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- curl
|
||||||
|
- jq
|
||||||
|
- openssl
|
||||||
|
- python3
|
||||||
|
|
||||||
|
- name: "install bc (!freebsd)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- bc
|
||||||
|
when:
|
||||||
|
- ansible_os_family != 'FreeBSD'
|
||||||
|
|
||||||
|
- name: "install base64(freebsd)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- base64
|
||||||
|
when:
|
||||||
|
- ansible_os_family == 'FreeBSD'
|
||||||
|
|
||||||
|
- name: "install pidof (Amazon)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- procps-ng
|
||||||
|
when:
|
||||||
|
- ansible_distribution == 'Amazon'
|
||||||
|
|
||||||
|
- name: "install gcc (for go-sqlite, needs cgo)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- gcc
|
||||||
|
|
||||||
|
- name: "install cfssl"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "go install github.com/cloudflare/cfssl/cmd/cfssl@latest"
|
||||||
|
creates: /usr/bin/cfssl
|
||||||
|
environment:
|
||||||
|
GOBIN: /usr/bin
|
||||||
|
# make sure we use the built version of go, if there is one
|
||||||
|
PATH: "{{ golang_install_dir }}/bin:{{ ansible_env.PATH }}"
|
||||||
|
|
||||||
|
- name: "install cfssljson"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "go install github.com/cloudflare/cfssl/cmd/cfssljson@latest"
|
||||||
|
creates: /usr/bin/cfssljson
|
||||||
|
environment:
|
||||||
|
GOBIN: /usr/bin
|
||||||
|
# make sure we use the built version of go, if there is one
|
||||||
|
PATH: "{{ golang_install_dir }}/bin:{{ ansible_env.PATH }}"
|
||||||
|
|
||||||
|
- name: "install yq"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "go install github.com/mikefarah/yq/v4@latest"
|
||||||
|
creates: /usr/bin/yq
|
||||||
|
environment:
|
||||||
|
GOBIN: /usr/bin
|
||||||
|
# make sure we use the built version of go, if there is one
|
||||||
|
PATH: "{{ golang_install_dir }}/bin:{{ ansible_env.PATH }}"
|
25
tests/ansible/roles/bats_requirements/tasks/netcat.yml
Normal file
25
tests/ansible/roles/bats_requirements/tasks/netcat.yml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
---
|
||||||
|
- name: "install netcat (Amazon, Fedora, CentOS)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- nmap-ncat
|
||||||
|
when:
|
||||||
|
- ansible_facts['distribution'] in ['Amazon', 'Fedora', 'CentOS', 'OracleLinux']
|
||||||
|
|
||||||
|
- name: "install netcat (RedHat)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- netcat
|
||||||
|
when:
|
||||||
|
- ansible_facts['distribution'] == 'RedHat'
|
||||||
|
|
||||||
|
# "netcat" does not exist in some versions (only -traditional or -openbsd)
|
||||||
|
- name: "install netcat (Debian)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- netcat-traditional
|
||||||
|
when:
|
||||||
|
- ansible_os_family == "Debian"
|
39
tests/ansible/roles/common/tasks/main.yml
Normal file
39
tests/ansible/roles/common/tasks/main.yml
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
---
|
||||||
|
# required for (at least) jq
|
||||||
|
- name: "enable EPEL"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name: epel-release
|
||||||
|
when:
|
||||||
|
- ansible_distribution == 'CentOS'
|
||||||
|
|
||||||
|
- name: "update package cache (Debian)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt:
|
||||||
|
upgrade: false
|
||||||
|
update_cache: true
|
||||||
|
when:
|
||||||
|
- ansible_os_family == "Debian"
|
||||||
|
|
||||||
|
- name: "install gcc, git"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- gcc
|
||||||
|
- git
|
||||||
|
|
||||||
|
- name: "install make (Linux)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- make
|
||||||
|
when:
|
||||||
|
- ansible_os_family != "FreeBSD"
|
||||||
|
|
||||||
|
- name: "install gmake (FreeBSD)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- gmake
|
||||||
|
when:
|
||||||
|
- ansible_os_family == "FreeBSD"
|
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: "set package_file from package_dir"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
package_file: "{{ package_dir }}/{{ ansible_distribution_release }}_{{ ansible_architecture.replace('x86_64', 'amd64) }}/{{ ansible_distribution_release }}/{{ ansible_architecture.replace('x86_64', 'amd64' }}/crowdsec_*.deb"
|
||||||
|
when:
|
||||||
|
- (package_dir is defined) and (package_dir | length > 0)
|
||||||
|
|
||||||
|
- name: "copy built file for deb-like"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "{{ package_file }}"
|
||||||
|
dest: "{{ ansible_env.HOME }}/crowdsec.deb"
|
||||||
|
mode: 0o644
|
||||||
|
|
||||||
|
- name: "install crowdsec on deb-like"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: "{{ ansible_env.HOME }}/crowdsec.deb"
|
||||||
|
allow_downgrade: true
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
- name: "install stuff"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- apt-transport-https
|
||||||
|
- gnupg
|
||||||
|
|
||||||
|
- name: "install crowdsec repo [1/2] (*.deb)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt_key:
|
||||||
|
url: https://packagecloud.io/crowdsec/crowdsec/gpgkey
|
||||||
|
|
||||||
|
- name: "add crowdsec repo [2/2] (*.deb)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt_repository:
|
||||||
|
repo: deb https://packagecloud.io/crowdsec/crowdsec/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} main
|
||||||
|
|
||||||
|
- name: "install crowdsec testing repo [1/2] (*.deb)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt_key:
|
||||||
|
url: https://packagecloud.io/crowdsec/crowdsec-testing/gpgkey
|
||||||
|
|
||||||
|
- name: "add crowdsec testing repo [1/2] (*.deb)"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt_repository:
|
||||||
|
repo: deb https://packagecloud.io/crowdsec/crowdsec-testing/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} main
|
||||||
|
|
||||||
|
- name: "install crowdsec"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- crowdsec={{ package_version_deb }}
|
|
@ -0,0 +1,20 @@
|
||||||
|
---
|
||||||
|
- name: "set package_file from package_dir"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
package_file: "{{ package_dir }}/{{ releasever }}/RPMS/{{ ansible_architecture }}/crowdsec-{{ testing_file_version }}*.{{ releasever }}.{{ ansible_architecture }}.rpm"
|
||||||
|
when:
|
||||||
|
- (package_dir is defined) and (package_dir | length > 0)
|
||||||
|
|
||||||
|
- name: "copy built file for rpm-like"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "{{ package_file }}"
|
||||||
|
dest: "{{ ansible_env.HOME }}/crowdsec.rpm"
|
||||||
|
mode: 0o644
|
||||||
|
|
||||||
|
- name: "install crowdsec on rpm-like"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.yum:
|
||||||
|
name: "{{ ansible_env.HOME }}/crowdsec.rpm"
|
||||||
|
disable_gpg_check: true
|
||||||
|
allow_downgrade: true
|
|
@ -0,0 +1,30 @@
|
||||||
|
---
|
||||||
|
- name: "download the rpm script"
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.rpm.sh
|
||||||
|
dest: "{{ ansible_env.HOME }}/rpm.sh"
|
||||||
|
mode: 0o775
|
||||||
|
|
||||||
|
- name: "install crowdsec rpm repo"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "{{ ansible_env.HOME }}/rpm.sh"
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
- name: "download the (testing) rpm script"
|
||||||
|
ansible.builtin.get_url:
|
||||||
|
url: https://packagecloud.io/install/repositories/crowdsec/crowdsec-testing/script.rpm.sh
|
||||||
|
dest: "{{ ansible_env.HOME }}/rpm-testing.sh"
|
||||||
|
mode: 0o775
|
||||||
|
|
||||||
|
- name: "install crowdsec (testing) rpm repo"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "{{ ansible_env.HOME }}/rpm-testing.sh"
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
- name: "install crowdsec"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- crowdsec-{{ package_version_rpm }}.{{ releasever.replace('amzn2', 'el7').replace('ol7', 'el7').replace('ol8', 'el8') }}
|
33
tests/ansible/roles/install_crowdsec_package/tasks/main.yml
Normal file
33
tests/ansible/roles/install_crowdsec_package/tasks/main.yml
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
- name: "system details"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: |
|
||||||
|
Distribution: {{ ansible_distribution }}
|
||||||
|
Version: {{ ansible_distribution_version }}
|
||||||
|
Major: {{ ansible_distribution_major_version }}
|
||||||
|
Release: {{ ansible_distribution_release }}
|
||||||
|
Releasever: {{ releasever }}
|
||||||
|
|
||||||
|
- name: "install from binary repository (RedHat)"
|
||||||
|
ansible.builtin.import_tasks: install_from_rpm_repo.yml
|
||||||
|
when:
|
||||||
|
- (package_version_rpm is defined) and (package_version_rpm|length > 0)
|
||||||
|
- ansible_os_family == "RedHat"
|
||||||
|
|
||||||
|
- name: "install from binary repository (Debian)"
|
||||||
|
ansible.builtin.import_tasks: install_from_deb_repo.yml
|
||||||
|
when:
|
||||||
|
- (package_version_deb is defined) and (package_version_deb|length > 0)
|
||||||
|
- ansible_os_family == "Debian"
|
||||||
|
|
||||||
|
- name: "install from *.rpm package file"
|
||||||
|
ansible.builtin.import_tasks: install_from_rpm.yml
|
||||||
|
when:
|
||||||
|
- (package_file is defined) and (package_file|length > 0)
|
||||||
|
- ansible_os_family == "RedHat"
|
||||||
|
|
||||||
|
- name: "install from *.deb package file"
|
||||||
|
ansible.builtin.import_tasks: install_from_deb.yml
|
||||||
|
when:
|
||||||
|
- (package_file is defined) and (package_file|length > 0)
|
||||||
|
- ansible_os_family == "Debian"
|
16
tests/ansible/roles/install_crowdsec_package/vars/main.yml
Normal file
16
tests/ansible/roles/install_crowdsec_package/vars/main.yml
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
---
|
||||||
|
release:
|
||||||
|
CentOS: el
|
||||||
|
Fedora: fc
|
||||||
|
Amazon: amzn
|
||||||
|
Debian: debian
|
||||||
|
Ubuntu: ubuntu
|
||||||
|
FreeBSD: freebsd
|
||||||
|
OracleLinux: ol
|
||||||
|
|
||||||
|
releasever: "{{ release[ansible_distribution] + ansible_distribution_major_version }}"
|
||||||
|
|
||||||
|
package_version_deb: "{{ lookup('ansible.builtin.env', 'TEST_PACKAGE_VERSION_DEB') }}"
|
||||||
|
package_version_rpm: "{{ lookup('ansible.builtin.env', 'TEST_PACKAGE_VERSION_RPM') }}"
|
||||||
|
package_file: "{{ lookup('ansible.builtin.env', 'TEST_PACKAGE_FILE') }}"
|
||||||
|
package_dir: "{{ lookup('ansible.builtin.env', 'TEST_PACKAGE_DIR') }}"
|
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
suite_git: "https://github.com/crowdsecurity/crowdsec"
|
||||||
|
suite_version: "master"
|
68
tests/ansible/roles/install_crowdsec_tests/tasks/main.yml
Normal file
68
tests/ansible/roles/install_crowdsec_tests/tasks/main.yml
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
---
|
||||||
|
- name: "lookup $TEST_SUITE_GIT"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
suite_git: "{{ lookup('ansible.builtin.env', 'TEST_SUITE_GIT') }}"
|
||||||
|
when: lookup('ansible.builtin.env', 'TEST_SUITE_GIT') | length>0
|
||||||
|
|
||||||
|
- name: "lookup $TEST_SUITE_VERSION"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
suite_version: "{{ lookup('ansible.builtin.env', 'TEST_SUITE_VERSION') }}"
|
||||||
|
when: lookup('ansible.builtin.env', 'TEST_SUITE_VERSION') | length>0
|
||||||
|
|
||||||
|
- name: "lookup $TEST_SUITE_ZIP"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
suite_zip: "{{ lookup('ansible.builtin.env', 'TEST_SUITE_ZIP') }}"
|
||||||
|
when: lookup('ansible.builtin.env', 'TEST_SUITE_ZIP') | length>0
|
||||||
|
|
||||||
|
- name: "install unzip"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.package:
|
||||||
|
name:
|
||||||
|
- unzip
|
||||||
|
when:
|
||||||
|
- (suite_zip is defined) and (suite_zip|length > 0)
|
||||||
|
|
||||||
|
- name: "install tests: create crowdsec dir"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
state: directory
|
||||||
|
mode: 0o700
|
||||||
|
when:
|
||||||
|
- (suite_zip is defined) and (suite_zip|length > 0)
|
||||||
|
|
||||||
|
- name: "install tests: extract crowdsec"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.unarchive:
|
||||||
|
src: "{{ suite_zip }}"
|
||||||
|
dest: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
when:
|
||||||
|
- (suite_zip is defined) and (suite_zip|length > 0)
|
||||||
|
|
||||||
|
- name: "install tests: git submodules for bats"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "{{ item }}"
|
||||||
|
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
with_items:
|
||||||
|
- git submodule init
|
||||||
|
- git submodule update
|
||||||
|
when:
|
||||||
|
- (suite_zip is defined) and (suite_zip|length > 0)
|
||||||
|
|
||||||
|
- name: "install tests: checkout crowdsec"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: "{{ suite_git }}"
|
||||||
|
dest: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
single_branch: true
|
||||||
|
version: "{{ suite_version }}"
|
||||||
|
when:
|
||||||
|
- (suite_zip is not defined) or (suite_zip|length == 0)
|
||||||
|
|
||||||
|
- name: "install tests: create crowdsec tests/local dir"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ ansible_env.HOME }}/crowdsec/tests/local"
|
||||||
|
state: directory
|
||||||
|
mode: 0o755
|
2
tests/ansible/roles/machine_id/defaults/main.yml
Normal file
2
tests/ansible/roles/machine_id/defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
machine_id: "githubciXXXXXXXXXXXXXXXXXXXXXXXX\n"
|
18
tests/ansible/roles/machine_id/tasks/main.yml
Normal file
18
tests/ansible/roles/machine_id/tasks/main.yml
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
- name: "set /etc/machine-id"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /etc/machine-id
|
||||||
|
content: "{{ machine_id }}"
|
||||||
|
mode: 0o444
|
||||||
|
|
||||||
|
# some distributions use var/lib/dbus,
|
||||||
|
# but the directory doesn't exists on fedora
|
||||||
|
- name: "set /var/lib/dbus/machine-id"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.copy:
|
||||||
|
dest: /var/lib/dbus/machine-id
|
||||||
|
content: "{{ machine_id }}"
|
||||||
|
mode: 0o444
|
||||||
|
when:
|
||||||
|
- ansible_os_family != 'FreeBSD' and ansible_distribution != "Fedora"
|
55
tests/ansible/roles/make_fixture/tasks/main.yml
Normal file
55
tests/ansible/roles/make_fixture/tasks/main.yml
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
---
|
||||||
|
- name: "set make_cmd = make (!freebsd)"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
make_cmd: make
|
||||||
|
when:
|
||||||
|
- ansible_os_family != 'FreeBSD'
|
||||||
|
|
||||||
|
- name: "set make_cmd = gmake (freebsd)"
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
make_cmd: gmake
|
||||||
|
when:
|
||||||
|
- ansible_os_family == 'FreeBSD'
|
||||||
|
|
||||||
|
- name: "build crowdsec from sources, prepare test environment and fixture"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "{{ make_cmd }} bats-build bats-fixture"
|
||||||
|
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar"
|
||||||
|
environment:
|
||||||
|
DB_BACKEND: "{{ lookup('ansible.builtin.env', 'DB_BACKEND') }}"
|
||||||
|
# daemonize -> /usr/bin or /usr/local/sbin
|
||||||
|
# pidof -> /usr/sbin
|
||||||
|
# bash -> /opt/bash/bin
|
||||||
|
PATH: "/opt/bash/bin:{{ ansible_env.PATH }}:{{ golang_install_dir }}/bin/:/usr/sbin:/usr/local/sbin"
|
||||||
|
when: (package_testing is not defined) or (package_testing in ['', 'false', 'False'])
|
||||||
|
|
||||||
|
- name: "prepare test environment and fixture for binary package"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "{{ make_cmd }} bats-environment bats-check-requirements bats-fixture"
|
||||||
|
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
creates: "{{ ansible_env.HOME }}/crowdsec/tests/local-init/init-config-data.tar"
|
||||||
|
environment:
|
||||||
|
PACKAGE_TESTING: "{{ package_testing }}"
|
||||||
|
DB_BACKEND: "{{ lookup('ansible.builtin.env', 'DB_BACKEND') }}"
|
||||||
|
# daemonize -> /usr/bin or /usr/local/sbin
|
||||||
|
# pidof -> /usr/sbin
|
||||||
|
# bash -> /opt/bash/bin
|
||||||
|
PATH: "/opt/bash/bin:{{ ansible_env.PATH }}:/usr/sbin:/usr/local/sbin"
|
||||||
|
when: (package_testing is defined) and (package_testing not in ['', 'false', 'False'])
|
||||||
|
|
||||||
|
- name: "read .environment.sh"
|
||||||
|
ansible.builtin.slurp:
|
||||||
|
src: "{{ ansible_env.HOME }}/crowdsec/tests/.environment.sh"
|
||||||
|
changed_when: false
|
||||||
|
register: envfile
|
||||||
|
|
||||||
|
- name: "show .environment.sh"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: "{{ envfile['content'] | b64decode }}"
|
||||||
|
|
||||||
|
- name: "show environment variables"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: "{{ ansible_env | to_nice_yaml }}"
|
2
tests/ansible/roles/make_fixture/vars/main.yml
Normal file
2
tests/ansible/roles/make_fixture/vars/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
package_testing: "{{ lookup('ansible.builtin.env', 'PACKAGE_TESTING') }}"
|
89
tests/ansible/roles/run_func_tests/tasks/main.yml
Normal file
89
tests/ansible/roles/run_func_tests/tasks/main.yml
Normal file
|
@ -0,0 +1,89 @@
|
||||||
|
---
|
||||||
|
- name: "create /lib/systemd/system/crowdsec.service.d"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.file:
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0o755
|
||||||
|
path: /lib/systemd/system/crowdsec.service.d
|
||||||
|
state: directory
|
||||||
|
when:
|
||||||
|
- (package_testing is defined) and (package_testing not in ['', 'false', 'False'])
|
||||||
|
- ansible_os_family in ["RedHat", "Debian"]
|
||||||
|
|
||||||
|
- name: "override StartLimitBurst"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.ini_file:
|
||||||
|
dest: /lib/systemd/system/crowdsec.service.d/startlimitburst.conf
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0o644
|
||||||
|
section: Service
|
||||||
|
option: StartLimitBurst
|
||||||
|
value: 100
|
||||||
|
when:
|
||||||
|
- (package_testing is defined) and (package_testing not in ['', 'false', 'False'])
|
||||||
|
- ansible_os_family in ["RedHat", "Debian"]
|
||||||
|
|
||||||
|
- name: "systemctl daemon-reload"
|
||||||
|
become: true
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
when:
|
||||||
|
- (package_testing is defined) and (package_testing not in ['', 'false', 'False'])
|
||||||
|
- ansible_os_family in ["RedHat", "Debian"]
|
||||||
|
|
||||||
|
- name: "search for test scripts"
|
||||||
|
become: false
|
||||||
|
ansible.builtin.find:
|
||||||
|
paths: "{{ ansible_env.HOME }}/crowdsec/tests/bats"
|
||||||
|
pattern: "*.bats"
|
||||||
|
register: testfiles
|
||||||
|
|
||||||
|
- name: "read .environment.sh"
|
||||||
|
ansible.builtin.slurp:
|
||||||
|
src: "{{ ansible_env.HOME }}/crowdsec/tests/.environment.sh"
|
||||||
|
changed_when: false
|
||||||
|
register: envfile
|
||||||
|
|
||||||
|
- name: "show .environment.sh"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: "{{ envfile['content'] | b64decode }}"
|
||||||
|
|
||||||
|
- name: "run BATS tests for source build"
|
||||||
|
ignore_errors: false
|
||||||
|
become: false
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: tests/run-tests {{ item.path }}
|
||||||
|
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
with_items: "{{ testfiles.files | sort(attribute='path') }}"
|
||||||
|
loop_control:
|
||||||
|
label: "{{ item['path'] }}"
|
||||||
|
environment:
|
||||||
|
# daemonize -> /usr/bin or /usr/local/sbin
|
||||||
|
# pidof -> /usr/sbin
|
||||||
|
# bash -> /opt/bash/bin
|
||||||
|
PATH: "/opt/bash/bin:{{ ansible_env.PATH }}:/usr/sbin:/usr/local/sbin"
|
||||||
|
changed_when: false
|
||||||
|
when:
|
||||||
|
- (package_testing is not defined) or (package_testing in ['', 'false', 'False'])
|
||||||
|
- (item.path | basename) not in skip_tests.split(',')
|
||||||
|
|
||||||
|
- name: "run BATS tests for binary package"
|
||||||
|
ignore_errors: false
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: tests/run-tests {{ item.path }}
|
||||||
|
chdir: "{{ ansible_env.HOME }}/crowdsec"
|
||||||
|
with_items: "{{ testfiles.files | sort(attribute='path') }}"
|
||||||
|
loop_control:
|
||||||
|
label: "{{ item['path'] }}"
|
||||||
|
environment:
|
||||||
|
# daemonize -> /usr/bin or /usr/local/sbin
|
||||||
|
# pidof -> /usr/sbin
|
||||||
|
# bash -> /opt/bash/bin
|
||||||
|
PATH: "/opt/bash/bin:{{ ansible_env.PATH }}:/usr/sbin:/usr/local/sbin"
|
||||||
|
changed_when: false
|
||||||
|
when:
|
||||||
|
- (package_testing is defined) and (package_testing not in ['', 'false', 'False'])
|
||||||
|
- (item.path | basename) not in skip_tests.split(',')
|
3
tests/ansible/roles/run_func_tests/vars/main.yml
Normal file
3
tests/ansible/roles/run_func_tests/vars/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
package_testing: "{{ lookup('ansible.builtin.env', 'PACKAGE_TESTING') }}"
|
||||||
|
skip_tests: "{{ lookup('ansible.builtin.env', 'TEST_SKIP') }}"
|
5
tests/ansible/run_all.yml
Normal file
5
tests/ansible/run_all.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
- import_playbook: provision_dependencies.yml
|
||||||
|
- import_playbook: provision_test_suite.yml
|
||||||
|
- import_playbook: prepare_tests.yml
|
||||||
|
- import_playbook: run_tests.yml
|
18
tests/ansible/run_tests.yml
Normal file
18
tests/ansible/run_tests.yml
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
---
|
||||||
|
- name: "run functional tests"
|
||||||
|
hosts: all
|
||||||
|
gather_facts: true
|
||||||
|
vars_files:
|
||||||
|
- vars/mysql.yml
|
||||||
|
- vars/postgres.yml
|
||||||
|
environment:
|
||||||
|
PGHOST: 127.0.0.1
|
||||||
|
PGPORT: 5432
|
||||||
|
PGPASSWORD: "{{ postgresql_users[0].password }}"
|
||||||
|
PGUSER: postgres
|
||||||
|
MYSQL_HOST: localhost
|
||||||
|
MYSQL_PORT: 3306
|
||||||
|
MYSQL_PASSWORD: "{{ mysql_root_password }}"
|
||||||
|
MYSQL_USER: "root"
|
||||||
|
roles:
|
||||||
|
- role: run_func_tests
|
34
tests/ansible/vagrant/Vagrantfile.common
Normal file
34
tests/ansible/vagrant/Vagrantfile.common
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.provider :libvirt do |libvirt|
|
||||||
|
libvirt.cpus = 1
|
||||||
|
libvirt.memory = 1024
|
||||||
|
end
|
||||||
|
|
||||||
|
config.vm.synced_folder '.', '/vagrant', disabled: true
|
||||||
|
|
||||||
|
config.vm.provision "ansible" do |ansible|
|
||||||
|
# ansible.verbose = "vvvv"
|
||||||
|
ansible.config_file = "../../ansible.cfg"
|
||||||
|
ansible.playbook = "../../run_all.yml"
|
||||||
|
end
|
||||||
|
|
||||||
|
# same as above, to run the steps separately
|
||||||
|
|
||||||
|
# config.vm.provision "ansible" do |provdep|
|
||||||
|
# provdep.config_file = "../../ansible-common.cfg"
|
||||||
|
# provdep.playbook = "../../provision_dependencies.yml"
|
||||||
|
# end
|
||||||
|
# config.vm.provision "ansible" do |provtest|
|
||||||
|
# provtest.config_file = "../../ansible-common.cfg"
|
||||||
|
# provtest.playbook = "../../provision_test_suite.yml"
|
||||||
|
# end
|
||||||
|
# config.vm.provision "ansible" do |preptest|
|
||||||
|
# preptest.config_file = "../../ansible-common.cfg"
|
||||||
|
# preptest.playbook = "../../prepare_tests.yml"
|
||||||
|
# end
|
||||||
|
# config.vm.provision "ansible" do |runtests|
|
||||||
|
# runtests.config_file = "../../ansible-common.cfg"
|
||||||
|
# runtests.playbook = "../../run_tests.yml"
|
||||||
|
# end
|
||||||
|
|
||||||
|
end
|
6
tests/ansible/vagrant/centos-7/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/centos-7/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "centos/7"
|
||||||
|
end
|
6
tests/ansible/vagrant/centos-8/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/centos-8/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "centos/stream8"
|
||||||
|
end
|
6
tests/ansible/vagrant/debian-10-buster/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/debian-10-buster/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "debian/buster64"
|
||||||
|
end
|
6
tests/ansible/vagrant/debian-11-bullseye/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/debian-11-bullseye/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "debian/bullseye64"
|
||||||
|
end
|
6
tests/ansible/vagrant/debian-9-stretch/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/debian-9-stretch/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "debian/stretch64"
|
||||||
|
end
|
6
tests/ansible/vagrant/debian-testing/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/debian-testing/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "debian/testing64"
|
||||||
|
end
|
8
tests/ansible/vagrant/fedora-33/Vagrantfile
vendored
Normal file
8
tests/ansible/vagrant/fedora-33/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes seem to have issues with journalctl
|
||||||
|
# config.vm.box = "fedora/33-cloud-base"
|
||||||
|
config.vm.box = "generic/fedora33"
|
||||||
|
end
|
8
tests/ansible/vagrant/fedora-34/Vagrantfile
vendored
Normal file
8
tests/ansible/vagrant/fedora-34/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes seem to have issues with journalctl
|
||||||
|
# config.vm.box = "fedora/34-cloud-base"
|
||||||
|
config.vm.box = "generic/fedora34"
|
||||||
|
end
|
8
tests/ansible/vagrant/fedora-35/Vagrantfile
vendored
Normal file
8
tests/ansible/vagrant/fedora-35/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes seem to have issues with journalctl
|
||||||
|
# config.vm.box = "fedora/35-cloud-base"
|
||||||
|
config.vm.box = "generic/fedora35"
|
||||||
|
end
|
8
tests/ansible/vagrant/fedora-36/Vagrantfile
vendored
Normal file
8
tests/ansible/vagrant/fedora-36/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes seem to have issues with journalctl
|
||||||
|
# config.vm.box = "fedora/36-cloud-base"
|
||||||
|
config.vm.box = "generic/fedora36"
|
||||||
|
end
|
6
tests/ansible/vagrant/freebsd-12/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/freebsd-12/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "generic/freebsd12"
|
||||||
|
end
|
6
tests/ansible/vagrant/freebsd-13/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/freebsd-13/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "generic/freebsd13"
|
||||||
|
end
|
6
tests/ansible/vagrant/oracle-7/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/oracle-7/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "generic/oracle7"
|
||||||
|
end
|
6
tests/ansible/vagrant/oracle-8/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/oracle-8/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "generic/oracle8"
|
||||||
|
end
|
7
tests/ansible/vagrant/ubuntu-16.04-xenial/Vagrantfile
vendored
Normal file
7
tests/ansible/vagrant/ubuntu-16.04-xenial/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes only supports virtualbox
|
||||||
|
config.vm.box = "generic/ubuntu1604"
|
||||||
|
end
|
7
tests/ansible/vagrant/ubuntu-18.04-bionic/Vagrantfile
vendored
Normal file
7
tests/ansible/vagrant/ubuntu-18.04-bionic/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes only supports virtualbox
|
||||||
|
config.vm.box = "generic/ubuntu1804"
|
||||||
|
end
|
7
tests/ansible/vagrant/ubuntu-20.04-focal/Vagrantfile
vendored
Normal file
7
tests/ansible/vagrant/ubuntu-20.04-focal/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes only supports virtualbox
|
||||||
|
config.vm.box = "generic/ubuntu2004"
|
||||||
|
end
|
7
tests/ansible/vagrant/ubuntu-22.04-jammy/Vagrantfile
vendored
Normal file
7
tests/ansible/vagrant/ubuntu-22.04-jammy/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
# the official boxes only supports virtualbox
|
||||||
|
config.vm.box = "generic/ubuntu2204"
|
||||||
|
end
|
6
tests/ansible/vagrant/zz-amazon-linux-2/Vagrantfile
vendored
Normal file
6
tests/ansible/vagrant/zz-amazon-linux-2/Vagrantfile
vendored
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
common = '../Vagrantfile.common'
|
||||||
|
load common if File.exists?(common)
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "cloudnatives/amazon-linux-2"
|
||||||
|
end
|
2
tests/ansible/vars/go.yml
Normal file
2
tests/ansible/vars/go.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
golang_version: "1.18.2"
|
||||||
|
golang_install_dir: "/opt/go/{{ golang_version }}"
|
4
tests/ansible/vars/mysql.yml
Normal file
4
tests/ansible/vars/mysql.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# The password is insecure since the db is ephemeral and only listen to localhost.
|
||||||
|
mysql_root_password: password
|
29
tests/ansible/vars/postgres.yml
Normal file
29
tests/ansible/vars/postgres.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# The password is insecure since the db is ephemeral and only listen to localhost.
|
||||||
|
postgresql_users:
|
||||||
|
- name: postgres
|
||||||
|
password: postgres
|
||||||
|
|
||||||
|
postgresql_hba_entries:
|
||||||
|
- type: local
|
||||||
|
database: all
|
||||||
|
user: postgres
|
||||||
|
auth_method: peer
|
||||||
|
|
||||||
|
- type: local
|
||||||
|
database: all
|
||||||
|
user: all
|
||||||
|
auth_method: peer
|
||||||
|
|
||||||
|
- type: host
|
||||||
|
database: all
|
||||||
|
user: all
|
||||||
|
address: "127.0.0.1/32"
|
||||||
|
auth_method: md5
|
||||||
|
|
||||||
|
- type: host
|
||||||
|
database: all
|
||||||
|
user: all
|
||||||
|
address: "::1/128"
|
||||||
|
auth_method: md5
|
Loading…
Reference in a new issue