tests: Dip our toes into using Ansible

This adds a shell primitive to make it easy to execute a playbook task list. The big picture idea is to sync with ostreedev/ostree#1462 and rewrite some of the libvm shell stuff as playbooks, allowing easier code sharing with a-h-t and just in general being a better library for talking ssh and executing commnads.
cgwalters · Mar 8, 2018 · b20632f · b20632f
1 parent cdd3227
commit b20632f
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 4 deletions.
diff --git a/.papr.yml b/.papr.yml
@@ -29,6 +29,7 @@ tests:
   - ci/ci-commitmessage-submodules.sh
   - ci/codestyle.sh
   - ci/build-check.sh
+  - ci/vmcheck-provision.sh
   - make vmcheck
 
 timeout: 60m

diff --git a/Makefile-tests.am b/Makefile-tests.am
@@ -18,6 +18,8 @@ if BUILDOPT_ASAN
 AM_TESTS_ENVIRONMENT += BUILDOPT_ASAN=yes ASAN_OPTIONS=detect_leaks=false
 endif
 
+GITIGNOREFILES += ssh-config ansible-inventory.yml vmcheck/ test-compose-logs/
+
 testbin_cppflags = $(AM_CPPFLAGS) -I $(srcdir)/src/lib -I $(srcdir)/src/libpriv -I $(srcdir)/libglnx -I $(srcdir)/tests/common
 testbin_cflags = $(AM_CFLAGS) $(PKGDEP_RPMOSTREE_CFLAGS)
 testbin_ldadd = $(PKGDEP_RPMOSTREE_LIBS) librpmostree-1.la librpmostreepriv.la

diff --git a/ci/vmcheck-provision.sh b/ci/vmcheck-provision.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/bash
+# Install build dependencies, run unit tests and installed tests.
+
+set -xeuo pipefail
+
+dn=$(dirname $0)
+. ${dn}/libbuild.sh
+pkg_install openssh-clients ansible
diff --git a/tests/common/libvm.sh b/tests/common/libvm.sh
@@ -34,6 +34,25 @@ vm_setup() {
 
   export SSH="ssh $sshopts $VM"
   export SCP="scp $sshopts"
+
+  cat >${topsrcdir}/ansible-inventory.yml <<EOF
+all:
+  hosts:
+    vmcheck:
+      ansible_ssh_common_args: "${sshopts}"
+EOF
+}
+
+vm_ansible_inline() {
+    playbook=$(mktemp -p /tmp 'libvm-ansible.XXXXXX')
+    cat > ${playbook} <<EOF
+---
+- hosts: vmcheck
+  tasks:
+EOF
+    sed -e 's,^,  ,' >> ${playbook}
+    ansible-playbook -i ${topsrcdir}/ansible-inventory.yml ${playbook}
+    rm -f ${playbook}
 }
 
 # rsync wrapper that sets up authentication

diff --git a/tests/vmcheck/test-basic.sh b/tests/vmcheck/test-basic.sh
@@ -44,10 +44,13 @@ echo "ok jsonpath"
 # underhanded, but we need a bona fide user session to verify non-priv status,
 # and logging in through SSH is an easy way to achieve that.
 if ! vm_cmd getent passwd testuser; then
-  vm_cmd useradd testuser
-  vm_cmd mkdir -pm 0700 /home/testuser/.ssh
-  vm_cmd cp -a /root/.ssh/authorized_keys /home/testuser/.ssh
-  vm_cmd chown -R testuser:testuser /home/testuser/.ssh
+  vm_ansible_inline <<EOF
+- shell: >
+    useradd testuser &&
+    mkdir -pm 0700 /home/testuser/.ssh &&
+    cp -a /root/.ssh/authorized_keys /home/testuser/.ssh &&
+    chown -R testuser:testuser /home/testuser/.ssh
+EOF
 fi
 
 # Make sure we can't do various operations as non-root