From 603ae47805e2b695e4e9f3b6e48e9447511f9ee8 Mon Sep 17 00:00:00 2001 From: Trevor Vaughan Date: Thu, 3 Jun 2021 10:49:40 -0400 Subject: [PATCH] (SIMP-9718) Update nc timeout in tests (#90) * (SIMP-9718) Update nc timeout in tests * For some reason, nc in EL8 now hangs so you have to pass a timeout * Added an 'allowed to fail' docker test to gitlab SIMP-9178 #close * enable EPEL using the beaker_helpers function * fix GHA * add resources to nodesets for tests * add haveged * pull_request_target -> pull_request We can't let PRs submitted by potentially untrusted forks from running any code (including Gemfiles and Rakefiles) inside the context of our org/repository. * removed GHA beaker tests until they can be fully evaluated Co-authored-by: op-ct --- Gemfile | 2 +- spec/acceptance/nodesets/default.yml | 17 +++-------- spec/acceptance/nodesets/docker.yml | 28 +++++++++++++++++++ spec/acceptance/nodesets/oel.yml | 17 +++-------- .../suites/default/00_instances_spec.rb | 1 + .../suites/default/01_connection_spec.rb | 4 ++- .../suites/default/20_connectivity_spec.rb | 3 +- 7 files changed, 43 insertions(+), 29 deletions(-) create mode 100644 spec/acceptance/nodesets/docker.yml diff --git a/Gemfile b/Gemfile index e9eb071..fff0a32 100644 --- a/Gemfile +++ b/Gemfile @@ -38,7 +38,7 @@ end group :system_tests do gem 'beaker' gem 'beaker-rspec' - gem 'simp-beaker-helpers', ENV['SIMP_BEAKER_HELPERS_VERSION'] || ['>= 1.21.4', '< 2'] + gem 'simp-beaker-helpers', ENV['SIMP_BEAKER_HELPERS_VERSION'] || ['>= 1.23.2', '< 2'] end # Evaluate extra gemfiles if they exist diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml index bcc5026..db51888 100644 --- a/spec/acceptance/nodesets/default.yml +++ b/spec/acceptance/nodesets/default.yml @@ -6,35 +6,26 @@ end -%> HOSTS: - el7: + el7.beaker.test: roles: - server-el7 - default platform: el-7-x86_64 box: centos/7 hypervisor: <%= hypervisor %> - yum_repos: - epel: - mirrorlist: 'https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch' - gpgkeys: - - https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever - el8: + el8.beaker.test: roles: - server-el8 platform: el-8-x86_64 box: generic/centos8 hypervisor: <%= hypervisor %> - yum_repos: - epel: - mirrorlist: 'https://mirrors.fedoraproject.org/metalink?repo=epel-8&arch=$basearch' - gpgkeys: - - https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever CONFIG: log_level: verbose type: aio - vagrant_memsize: 256 + vagrant_cpus: 2 + vagrant_memsize: 512 synced_folder: disabled <% if ENV['BEAKER_PUPPET_ENVIRONMENT'] -%> puppet_environment: <%= ENV['BEAKER_PUPPET_ENVIRONMENT'] %> diff --git a/spec/acceptance/nodesets/docker.yml b/spec/acceptance/nodesets/docker.yml new file mode 100644 index 0000000..ac77f77 --- /dev/null +++ b/spec/acceptance/nodesets/docker.yml @@ -0,0 +1,28 @@ +HOSTS: + el7.test.net: + roles: + - server-el7 + - default + platform: el-7-x86_64 + hypervisor: docker + image: simpproject/simp_beaker_el7 + docker_cmd: '["/sbin/init"]' + + el8.test.net: + roles: + - server-el8 + platform: el-8-x86_64 + hypervisor: docker + image: simpproject/simp_beaker_el8 + docker_cmd: '["/sbin/init"]' + +CONFIG: + log_level: verbose + type: aio +<% if ENV['BEAKER_PUPPET_ENVIRONMENT'] -%> + puppet_environment: <%= ENV['BEAKER_PUPPET_ENVIRONMENT'] %> +<% end -%> + ssh: + password: root + auth_methods: + - password diff --git a/spec/acceptance/nodesets/oel.yml b/spec/acceptance/nodesets/oel.yml index 10b34c4..52c68e0 100644 --- a/spec/acceptance/nodesets/oel.yml +++ b/spec/acceptance/nodesets/oel.yml @@ -6,35 +6,26 @@ end -%> HOSTS: - oel7: + oel7.beaker.test: roles: - server-el7 - default platform: el-7-x86_64 box: onyxpoint/oel-7-x86_64 hypervisor: <%= hypervisor %> - yum_repos: - epel: - mirrorlist: 'https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch' - gpgkeys: - - https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever - oel8: + oel8.beaker.test: roles: - server-el8 platform: el-8-x86_64 box: generic/oracle8 hypervisor: <%= hypervisor %> - yum_repos: - epel: - mirrorlist: 'https://mirrors.fedoraproject.org/metalink?repo=epel-8&arch=$basearch' - gpgkeys: - - https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever CONFIG: log_level: verbose type: aio - vagrant_memsize: 256 + vagrant_cpus: 2 + vagrant_memsize: 512 synced_folder: disabled <% if ENV['BEAKER_PUPPET_ENVIRONMENT'] -%> puppet_environment: <%= ENV['BEAKER_PUPPET_ENVIRONMENT'] %> diff --git a/spec/acceptance/suites/default/00_instances_spec.rb b/spec/acceptance/suites/default/00_instances_spec.rb index 98903bb..29d0e5c 100644 --- a/spec/acceptance/suites/default/00_instances_spec.rb +++ b/spec/acceptance/suites/default/00_instances_spec.rb @@ -25,6 +25,7 @@ } let(:hieradata) {{ 'iptables::ports' => { 22 => { 'proto' => 'tcp', 'trusted_nets' => ['ALL'] } }, + 'simp_options::haveged' => true, 'simp_options::firewall' => true, 'simp_options::pki' => true, 'simp_options::pki::source' => '/etc/pki/simp-testing/pki/', diff --git a/spec/acceptance/suites/default/01_connection_spec.rb b/spec/acceptance/suites/default/01_connection_spec.rb index ebf2020..92de2be 100644 --- a/spec/acceptance/suites/default/01_connection_spec.rb +++ b/spec/acceptance/suites/default/01_connection_spec.rb @@ -8,6 +8,7 @@ let(:hieradata) {{ 'iptables::ports' => { 22 => { 'proto' => 'tcp', 'trusted_nets' => ['ALL'] } }, + 'simp_options::haveged' => true, 'simp_options::firewall' => true, 'simp_options::pki' => true, 'simp_options::pki::source' => '/etc/pki/simp-testing/pki/', @@ -79,7 +80,8 @@ # does not test stunnel itself. context 'with selinux on' do it 'should apply with no errors' do - install_package(host, 'epel-release') + enable_epel_on(host) + set_hieradata_on(host,hieradata) apply_manifest_on(host,base_manifest, catch_failures: true) end diff --git a/spec/acceptance/suites/default/20_connectivity_spec.rb b/spec/acceptance/suites/default/20_connectivity_spec.rb index 88d3f89..7c8fac7 100644 --- a/spec/acceptance/suites/default/20_connectivity_spec.rb +++ b/spec/acceptance/suites/default/20_connectivity_spec.rb @@ -24,6 +24,7 @@ hieradata = { 'iptables::ports' => { 22 => { 'proto' => 'tcp', 'trusted_nets' => ['ALL'] } }, 'iptables::precise_match' => true, + 'simp_options::haveged' => true, 'simp_options::firewall' => true, 'simp_options::pki' => true, 'simp_options::pki::source' => '/etc/pki/simp-testing/pki/', @@ -66,7 +67,7 @@ end it "should send successfully from #{client}" do - on(client, %(/bin/echo "#{client.ip}" | nc localhost 1235)) + on(client, %(/bin/echo "#{client.ip}" | nc -w1 localhost 1235)) end it "should be received successfully on #{server}" do