diff --git a/.github/workflows/test-ansible.yml b/.github/workflows/test-ansible.yml index c681898add..561685c041 100644 --- a/.github/workflows/test-ansible.yml +++ b/.github/workflows/test-ansible.yml @@ -49,7 +49,6 @@ jobs: env export PATH=/opt/python/3.6.7/bin:${PATH} sudo apt-get install python3 python3-pip - sudo pip3 install wheel sudo pip3 install --upgrade setuptools pip sudo pip3 install ansible~=2.9.13 make test-e2e-ansible-molecule diff --git a/hack/tests/e2e-ansible-molecule.sh b/hack/tests/e2e-ansible-molecule.sh index a4dbbda3e2..a68976860a 100755 --- a/hack/tests/e2e-ansible-molecule.sh +++ b/hack/tests/e2e-ansible-molecule.sh @@ -33,12 +33,22 @@ else fi KUSTOMIZE_PATH=${KUSTOMIZE} TEST_OPERATOR_NAMESPACE=default molecule test -s kind -cd $TMPDIR -KUSTOMIZE_PATH=${KUSTOMIZE} +rm -rf $KUSTOMIZE +cd $TMPDIR/ +rm -rf memcached-molecule-operator + header_text "Test Ansible Molecule scenarios" pushd "${ROOTDIR}/test/ansible" -DEST_IMAGE="quay.io/example/ansible-test-operator:v0.0.1" -sed -i".bak" -E -e 's/(FROM quay.io\/operator-framework\/ansible-operator)(:.*)?/\1:dev/g' build/Dockerfile; rm -f build/Dockerfile.bak -docker build -f build/Dockerfile -t "$DEST_IMAGE" --no-cache . + +make kustomize +if [ -f ./bin/kustomize ] ; then + KUSTOMIZE="$(realpath ./bin/kustomize)" +else + KUSTOMIZE="$(which kustomize)" +fi + +DEST_IMAGE="quay.io/example/advanced-molecule-operator:v0.0.1" +sed -i".bak" -E -e 's/(FROM quay.io\/operator-framework\/ansible-operator)(:.*)?/\1:dev/g' Dockerfile; rm -f Dockerfile.bak +docker build -t "$DEST_IMAGE" --no-cache . load_image_if_kind "$DEST_IMAGE" -OPERATOR_PULL_POLICY=Never OPERATOR_IMAGE=${DEST_IMAGE} TEST_CLUSTER_PORT=24443 TEST_OPERATOR_NAMESPACE=osdk-test molecule test --all +KUSTOMIZE_PATH=$KUSTOMIZE OPERATOR_PULL_POLICY=Never OPERATOR_IMAGE=${DEST_IMAGE} TEST_OPERATOR_NAMESPACE=osdk-test molecule test diff --git a/test/ansible/.gitignore b/test/ansible/.gitignore new file mode 100644 index 0000000000..62fd3e3995 --- /dev/null +++ b/test/ansible/.gitignore @@ -0,0 +1,14 @@ + +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib +bin + +# editor and IDE paraphernalia +.idea +*.swp +*.swo +*~ diff --git a/test/ansible/build/Dockerfile b/test/ansible/Dockerfile similarity index 84% rename from test/ansible/build/Dockerfile rename to test/ansible/Dockerfile index 8b89901254..b29926583a 100644 --- a/test/ansible/build/Dockerfile +++ b/test/ansible/Dockerfile @@ -1,20 +1,23 @@ -FROM quay.io/operator-framework/ansible-operator:dev +FROM quay.io/operator-framework/ansible-operator:v1.2.0 COPY requirements.yml ${HOME}/requirements.yml RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ && chmod -R ug+rwx ${HOME}/.ansible -COPY ansible.cfg /etc/ansible/ansible.cfg -COPY watches.yaml ${HOME}/watches.yaml +COPY watches.yaml ${HOME}/watches.yaml COPY roles/ ${HOME}/roles/ COPY playbooks/ ${HOME}/playbooks/ + +# Customizations done to check advanced scenarios COPY inventory/ ${HOME}/inventory/ COPY plugins/ ${HOME}/plugins/ +COPY ansible.cfg /etc/ansible/ansible.cfg COPY fixture_collection/ /tmp/fixture_collection/ USER root RUN chmod -R ug+rwx /tmp/fixture_collection USER 1001 RUN ansible-galaxy collection build /tmp/fixture_collection/ --output-path /tmp/fixture_collection/ \ - && ansible-galaxy collection install /tmp/fixture_collection/operator_sdk-test_fixtures-0.0.0.tar.gz + && ansible-galaxy collection install /tmp/fixture_collection/operator_sdk-test_fixtures-0.0.0.tar.gz RUN echo abc123 > /opt/ansible/pwd.yml \ - && ansible-vault encrypt_string --vault-password-file /opt/ansible/pwd.yml 'thisisatest' --name 'the_secret' > /opt/ansible/vars.yml \ No newline at end of file + && ansible-vault encrypt_string --vault-password-file /opt/ansible/pwd.yml 'thisisatest' --name 'the_secret' > /opt/ansible/vars.yml + diff --git a/test/ansible/Makefile b/test/ansible/Makefile new file mode 100644 index 0000000000..1fdb988365 --- /dev/null +++ b/test/ansible/Makefile @@ -0,0 +1,92 @@ +# Current Operator version +VERSION ?= 0.0.1 +# Default bundle image tag +BUNDLE_IMG ?= controller-bundle:$(VERSION) +# Options for 'bundle-build' +ifneq ($(origin CHANNELS), undefined) +BUNDLE_CHANNELS := --channels=$(CHANNELS) +endif +ifneq ($(origin DEFAULT_CHANNEL), undefined) +BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL) +endif +BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) + +# Image URL to use all building/pushing image targets +IMG ?= controller:latest + +all: docker-build + +# Run against the configured Kubernetes cluster in ~/.kube/config +run: ansible-operator + $(ANSIBLE_OPERATOR) run + +# Install CRDs into a cluster +install: kustomize + $(KUSTOMIZE) build config/crd | kubectl apply -f - + +# Uninstall CRDs from a cluster +uninstall: kustomize + $(KUSTOMIZE) build config/crd | kubectl delete -f - + +# Deploy controller in the configured Kubernetes cluster in ~/.kube/config +deploy: kustomize + cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} + $(KUSTOMIZE) build config/default | kubectl apply -f - + +# Undeploy controller in the configured Kubernetes cluster in ~/.kube/config +undeploy: kustomize + $(KUSTOMIZE) build config/default | kubectl delete -f - + +# Build the docker image +docker-build: + docker build . -t ${IMG} + +# Push the docker image +docker-push: + docker push ${IMG} + +PATH := $(PATH):$(PWD)/bin +SHELL := env PATH=$(PATH) /bin/sh +OS = $(shell uname -s | tr '[:upper:]' '[:lower:]') +ARCH = $(shell uname -m | sed 's/x86_64/amd64/') +OSOPER = $(shell uname -s | tr '[:upper:]' '[:lower:]' | sed 's/darwin/apple-darwin/' | sed 's/linux/linux-gnu/') +ARCHOPER = $(shell uname -m ) + +kustomize: +ifeq (, $(shell which kustomize 2>/dev/null)) + @{ \ + set -e ;\ + mkdir -p bin ;\ + curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.5.4/kustomize_v3.5.4_$(OS)_$(ARCH).tar.gz | tar xzf - -C bin/ ;\ + } +KUSTOMIZE=$(realpath ./bin/kustomize) +else +KUSTOMIZE=$(shell which kustomize) +endif + +ansible-operator: +ifeq (, $(shell which ansible-operator 2>/dev/null)) + @{ \ + set -e ;\ + mkdir -p bin ;\ + curl -LO https://github.com/operator-framework/operator-sdk/releases/download/v1.2.0/ansible-operator-v1.2.0-$(ARCHOPER)-$(OSOPER) ;\ + mv ansible-operator-v1.2.0-$(ARCHOPER)-$(OSOPER) ./bin/ansible-operator ;\ + chmod +x ./bin/ansible-operator ;\ + } +ANSIBLE_OPERATOR=$(realpath ./bin/ansible-operator) +else +ANSIBLE_OPERATOR=$(shell which ansible-operator) +endif + +# Generate bundle manifests and metadata, then validate generated files. +.PHONY: bundle +bundle: kustomize + operator-sdk generate kustomize manifests -q + cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) + $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS) + operator-sdk bundle validate ./bundle + +# Build the bundle image. +.PHONY: bundle-build +bundle-build: + docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) . diff --git a/test/ansible/OWNERS b/test/ansible/OWNERS deleted file mode 100644 index 9702fa3403..0000000000 --- a/test/ansible/OWNERS +++ /dev/null @@ -1,6 +0,0 @@ -approvers: - - fabianvf - - jmrodri -reviewers: - - fabianvf - - jmrodri diff --git a/test/ansible/PROJECT b/test/ansible/PROJECT new file mode 100644 index 0000000000..fb5e744071 --- /dev/null +++ b/test/ansible/PROJECT @@ -0,0 +1,24 @@ +domain: example.com +layout: ansible.sdk.operatorframework.io/v1 +multigroup: true +projectName: advanced-molecule-operator +resources: +- group: test + kind: InventoryTest + version: v1alpha1 +- group: test + kind: ArgsTest + version: v1alpha1 +- group: test + kind: CaseTest + version: v1alpha1 +- group: test + kind: CollectionTest + version: v1alpha1 +- group: test + kind: SelectorTest + version: v1alpha1 +- group: test + kind: SubresourcesTest + version: v1alpha1 +version: 3-alpha diff --git a/test/ansible/config/crd/bases/test.example.com_argstests.yaml b/test/ansible/config/crd/bases/test.example.com_argstests.yaml new file mode 100644 index 0000000000..4370af5f84 --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_argstests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: argstests.test.example.com +spec: + group: test.example.com + names: + kind: ArgsTest + listKind: ArgsTestList + plural: argstests + singular: argstest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ArgsTest is the Schema for the argstests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of ArgsTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of ArgsTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/bases/test.example.com_casetests.yaml b/test/ansible/config/crd/bases/test.example.com_casetests.yaml new file mode 100644 index 0000000000..639d2a77bc --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_casetests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: casetests.test.example.com +spec: + group: test.example.com + names: + kind: CaseTest + listKind: CaseTestList + plural: casetests + singular: casetest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CaseTest is the Schema for the casetests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of CaseTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of CaseTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/bases/test.example.com_collectiontests.yaml b/test/ansible/config/crd/bases/test.example.com_collectiontests.yaml new file mode 100644 index 0000000000..af8a6c499f --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_collectiontests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: collectiontests.test.example.com +spec: + group: test.example.com + names: + kind: CollectionTest + listKind: CollectionTestList + plural: collectiontests + singular: collectiontest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CollectionTest is the Schema for the collectiontests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of CollectionTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of CollectionTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/bases/test.example.com_inventorytests.yaml b/test/ansible/config/crd/bases/test.example.com_inventorytests.yaml new file mode 100644 index 0000000000..d10ff7c04a --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_inventorytests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: inventorytests.test.example.com +spec: + group: test.example.com + names: + kind: InventoryTest + listKind: InventoryTestList + plural: inventorytests + singular: inventorytest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: InventoryTest is the Schema for the inventorytests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of InventoryTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of InventoryTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/bases/test.example.com_reconciliationtests.yaml b/test/ansible/config/crd/bases/test.example.com_reconciliationtests.yaml new file mode 100644 index 0000000000..d8343116ff --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_reconciliationtests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: reconciliationtests.test.example.com +spec: + group: test.example.com + names: + kind: ReconciliationTest + listKind: ReconciliationTestList + plural: reconciliationtests + singular: reconciliationtest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ReconciliationTest is the Schema for the reconciliationtests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of ReconciliationTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of ReconciliationTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/bases/test.example.com_selectortests.yaml b/test/ansible/config/crd/bases/test.example.com_selectortests.yaml new file mode 100644 index 0000000000..2068942e73 --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_selectortests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: selectortests.test.example.com +spec: + group: test.example.com + names: + kind: SelectorTest + listKind: SelectorTestList + plural: selectortests + singular: selectortest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: SelectorTest is the Schema for the selectortests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of SelectorTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of SelectorTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/bases/test.example.com_subresourcestests.yaml b/test/ansible/config/crd/bases/test.example.com_subresourcestests.yaml new file mode 100644 index 0000000000..38c1d3a690 --- /dev/null +++ b/test/ansible/config/crd/bases/test.example.com_subresourcestests.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: subresourcestests.test.example.com +spec: + group: test.example.com + names: + kind: SubresourcesTest + listKind: SubresourcesTestList + plural: subresourcestests + singular: subresourcestest + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: SubresourcesTest is the Schema for the subresourcestests API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of SubresourcesTest + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of SubresourcesTest + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} diff --git a/test/ansible/config/crd/kustomization.yaml b/test/ansible/config/crd/kustomization.yaml new file mode 100644 index 0000000000..4742ee14fa --- /dev/null +++ b/test/ansible/config/crd/kustomization.yaml @@ -0,0 +1,12 @@ +# This kustomization.yaml is not intended to be run by itself, +# since it depends on service name and namespace that are out of this kustomize package. +# It should be run by config/default +resources: +- bases/test.example.com_inventorytests.yaml +- bases/test.example.com_argstests.yaml +- bases/test.example.com_casetests.yaml +- bases/test.example.com_collectiontests.yaml +- bases/test.example.com_selectortests.yaml +- bases/test.example.com_subresourcestests.yaml +- bases/test.example.com_reconciliationtests.yaml +# +kubebuilder:scaffold:crdkustomizeresource diff --git a/test/ansible/config/default/kustomization.yaml b/test/ansible/config/default/kustomization.yaml new file mode 100644 index 0000000000..1307200548 --- /dev/null +++ b/test/ansible/config/default/kustomization.yaml @@ -0,0 +1,26 @@ +# Adds namespace to all resources. +namespace: advanced-molecule-operator-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: advanced-molecule-operator- + +# Labels to add to all resources and selectors. +#commonLabels: +# someName: someValue + +bases: +- ../crd +- ../rbac +- ../manager +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. +#- ../prometheus + +patchesStrategicMerge: + # Protect the /metrics endpoint by putting it behind auth. + # If you want your controller-manager to expose the /metrics + # endpoint w/o any authn/z, please comment the following line. +- manager_auth_proxy_patch.yaml diff --git a/test/ansible/config/default/manager_auth_proxy_patch.yaml b/test/ansible/config/default/manager_auth_proxy_patch.yaml new file mode 100644 index 0000000000..4fe5572c44 --- /dev/null +++ b/test/ansible/config/default/manager_auth_proxy_patch.yaml @@ -0,0 +1,27 @@ +# This patch inject a sidecar container which is a HTTP proxy for the +# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: kube-rbac-proxy + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=10" + ports: + - containerPort: 8443 + name: https + - name: manager + args: + - "--metrics-addr=127.0.0.1:8080" + - "--enable-leader-election" + - "--leader-election-id=advanced-molecule-operator" + - "--ansible-args='--vault-password-file /opt/ansible/pwd.yml'" diff --git a/test/ansible/config/manager/kustomization.yaml b/test/ansible/config/manager/kustomization.yaml new file mode 100644 index 0000000000..5c5f0b84cb --- /dev/null +++ b/test/ansible/config/manager/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- manager.yaml diff --git a/test/ansible/config/manager/manager.yaml b/test/ansible/config/manager/manager.yaml new file mode 100644 index 0000000000..cfee93297e --- /dev/null +++ b/test/ansible/config/manager/manager.yaml @@ -0,0 +1,40 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system + labels: + control-plane: controller-manager +spec: + selector: + matchLabels: + control-plane: controller-manager + replicas: 1 + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - name: manager + args: + - "--metrics-addr=127.0.0.1:8080" + - "--enable-leader-election" + - "--leader-election-id=advanced-molecule-operator" + - "--ansible-args='--vault-password-file /opt/ansible/pwd.yml'" + env: + - name: ANSIBLE_DEBUG_LOGS + value: "TRUE" + - name: ANSIBLE_GATHERING + value: explicit + - name: ANSIBLE_INVENTORY + value: /opt/ansible/inventory + image: controller:latest + terminationGracePeriodSeconds: 10 diff --git a/test/ansible/config/prometheus/kustomization.yaml b/test/ansible/config/prometheus/kustomization.yaml new file mode 100644 index 0000000000..ed137168a1 --- /dev/null +++ b/test/ansible/config/prometheus/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- monitor.yaml diff --git a/test/ansible/config/prometheus/monitor.yaml b/test/ansible/config/prometheus/monitor.yaml new file mode 100644 index 0000000000..1b44d4f617 --- /dev/null +++ b/test/ansible/config/prometheus/monitor.yaml @@ -0,0 +1,16 @@ +--- +# Prometheus Monitor Service (Metrics) +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-monitor + namespace: system +spec: + endpoints: + - path: /metrics + port: https + selector: + matchLabels: + control-plane: controller-manager diff --git a/test/ansible/config/rbac/argstest_editor_role.yaml b/test/ansible/config/rbac/argstest_editor_role.yaml new file mode 100644 index 0000000000..b436fa9561 --- /dev/null +++ b/test/ansible/config/rbac/argstest_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit argstests. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argstest-editor-role +rules: +- apiGroups: + - test.example.com + resources: + - argstests + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - test.example.com + resources: + - argstests/status + verbs: + - get diff --git a/test/ansible/config/rbac/argstest_viewer_role.yaml b/test/ansible/config/rbac/argstest_viewer_role.yaml new file mode 100644 index 0000000000..bba2d4f9c8 --- /dev/null +++ b/test/ansible/config/rbac/argstest_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view argstests. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argstest-viewer-role +rules: +- apiGroups: + - test.example.com + resources: + - argstests + verbs: + - get + - list + - watch +- apiGroups: + - test.example.com + resources: + - argstests/status + verbs: + - get diff --git a/test/ansible/config/rbac/auth_proxy_client_clusterrole.yaml b/test/ansible/config/rbac/auth_proxy_client_clusterrole.yaml new file mode 100644 index 0000000000..bd4af137a9 --- /dev/null +++ b/test/ansible/config/rbac/auth_proxy_client_clusterrole.yaml @@ -0,0 +1,7 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: metrics-reader +rules: +- nonResourceURLs: ["/metrics"] + verbs: ["get"] diff --git a/test/ansible/config/rbac/auth_proxy_role.yaml b/test/ansible/config/rbac/auth_proxy_role.yaml new file mode 100644 index 0000000000..618f5e4177 --- /dev/null +++ b/test/ansible/config/rbac/auth_proxy_role.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: proxy-role +rules: +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: ["create"] +- apiGroups: ["authorization.k8s.io"] + resources: + - subjectaccessreviews + verbs: ["create"] diff --git a/test/ansible/config/rbac/auth_proxy_role_binding.yaml b/test/ansible/config/rbac/auth_proxy_role_binding.yaml new file mode 100644 index 0000000000..48ed1e4b85 --- /dev/null +++ b/test/ansible/config/rbac/auth_proxy_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: system diff --git a/test/ansible/config/rbac/auth_proxy_service.yaml b/test/ansible/config/rbac/auth_proxy_service.yaml new file mode 100644 index 0000000000..6cf656be14 --- /dev/null +++ b/test/ansible/config/rbac/auth_proxy_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager diff --git a/test/ansible/config/rbac/kustomization.yaml b/test/ansible/config/rbac/kustomization.yaml new file mode 100644 index 0000000000..66c28338fe --- /dev/null +++ b/test/ansible/config/rbac/kustomization.yaml @@ -0,0 +1,12 @@ +resources: +- role.yaml +- role_binding.yaml +- leader_election_role.yaml +- leader_election_role_binding.yaml +# Comment the following 4 lines if you want to disable +# the auth proxy (https://github.com/brancz/kube-rbac-proxy) +# which protects your /metrics endpoint. +- auth_proxy_service.yaml +- auth_proxy_role.yaml +- auth_proxy_role_binding.yaml +- auth_proxy_client_clusterrole.yaml diff --git a/test/ansible/config/rbac/leader_election_role.yaml b/test/ansible/config/rbac/leader_election_role.yaml new file mode 100644 index 0000000000..53e974910b --- /dev/null +++ b/test/ansible/config/rbac/leader_election_role.yaml @@ -0,0 +1,25 @@ +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: leader-election-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/test/ansible/deploy/role_binding.yaml b/test/ansible/config/rbac/leader_election_role_binding.yaml similarity index 61% rename from test/ansible/deploy/role_binding.yaml rename to test/ansible/config/rbac/leader_election_role_binding.yaml index 34a09cc757..eed16906f4 100644 --- a/test/ansible/deploy/role_binding.yaml +++ b/test/ansible/config/rbac/leader_election_role_binding.yaml @@ -1,11 +1,12 @@ -kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding metadata: - name: ansible -subjects: -- kind: ServiceAccount - name: ansible + name: leader-election-rolebinding roleRef: - kind: Role - name: ansible apiGroup: rbac.authorization.k8s.io + kind: Role + name: leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: system diff --git a/test/ansible/config/rbac/role.yaml b/test/ansible/config/rbac/role.yaml new file mode 100644 index 0000000000..a023a52179 --- /dev/null +++ b/test/ansible/config/rbac/role.yaml @@ -0,0 +1,186 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: manager-role +rules: + ## + ## Base operator rules + ## + - apiGroups: + - "" + resources: + - secrets + - pods + - pods/exec + - pods/log + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - inventorytests + - inventorytests/status + - inventorytests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - subresourcestests + - subresourcestests/status + - subresourcestests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - collectiontests + - collectiontests/status + - collectiontests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - selectortests + - selectortests/status + - selectortests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - casetests + - casetests/status + - casetests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - argstests + - argstests/status + - argstests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Rules for test.example.com/v1alpha1, Kind: InventoryTest + ## + - apiGroups: + - test.example.com + resources: + - reconciliationtests + - reconciliationtests/status + - reconciliationtests/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + ## + ## Base operator rules + ## + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +# +kubebuilder:scaffold:rules diff --git a/test/ansible/config/rbac/role_binding.yaml b/test/ansible/config/rbac/role_binding.yaml new file mode 100644 index 0000000000..98f87829e9 --- /dev/null +++ b/test/ansible/config/rbac/role_binding.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: system diff --git a/test/ansible/config/samples/kustomization.yaml b/test/ansible/config/samples/kustomization.yaml new file mode 100644 index 0000000000..e353c59b27 --- /dev/null +++ b/test/ansible/config/samples/kustomization.yaml @@ -0,0 +1,3 @@ +## Append samples you want in your CSV to this file as resources ## +resources: +- test_v1alpha1_inventorytest.yaml diff --git a/test/ansible/deploy/crds/test.example.com_v1alpha1_inventorytest_cr.yaml b/test/ansible/config/samples/test_v1alpha1_inventorytest.yaml similarity index 76% rename from test/ansible/deploy/crds/test.example.com_v1alpha1_inventorytest_cr.yaml rename to test/ansible/config/samples/test_v1alpha1_inventorytest.yaml index d6f990b42b..2792063349 100644 --- a/test/ansible/deploy/crds/test.example.com_v1alpha1_inventorytest_cr.yaml +++ b/test/ansible/config/samples/test_v1alpha1_inventorytest.yaml @@ -1,9 +1,8 @@ apiVersion: test.example.com/v1alpha1 kind: InventoryTest metadata: - name: example-inventory + name: inventorytest-sample annotations: "ansible.sdk.operatorframework.io/verbosity": "0" spec: - # Add fields here size: 3 diff --git a/test/ansible/config/testing/debug_logs_patch.yaml b/test/ansible/config/testing/debug_logs_patch.yaml new file mode 100644 index 0000000000..3e31e2fba1 --- /dev/null +++ b/test/ansible/config/testing/debug_logs_patch.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + env: + - name: ANSIBLE_DEBUG_LOGS + value: "TRUE" diff --git a/test/ansible/config/testing/kustomization.yaml b/test/ansible/config/testing/kustomization.yaml new file mode 100644 index 0000000000..9757d27f74 --- /dev/null +++ b/test/ansible/config/testing/kustomization.yaml @@ -0,0 +1,24 @@ +# Adds namespace to all resources. +namespace: osdk-test + +namePrefix: osdk- + +# Labels to add to all resources and selectors. +#commonLabels: +# someName: someValue + +patchesStrategicMerge: +- manager_image.yaml +- pull_policy/Never.yaml +- debug_logs_patch.yaml +- ../default/manager_auth_proxy_patch.yaml + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../crd +- ../rbac +- ../manager +images: +- name: testing + newName: testing-operator diff --git a/test/ansible/config/testing/manager_image.yaml b/test/ansible/config/testing/manager_image.yaml new file mode 100644 index 0000000000..e44f542d9b --- /dev/null +++ b/test/ansible/config/testing/manager_image.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + image: testing diff --git a/test/ansible/config/testing/pull_policy/Always.yaml b/test/ansible/config/testing/pull_policy/Always.yaml new file mode 100644 index 0000000000..6b0a8e2a8a --- /dev/null +++ b/test/ansible/config/testing/pull_policy/Always.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + imagePullPolicy: Always diff --git a/test/ansible/config/testing/pull_policy/IfNotPresent.yaml b/test/ansible/config/testing/pull_policy/IfNotPresent.yaml new file mode 100644 index 0000000000..2f52f496cd --- /dev/null +++ b/test/ansible/config/testing/pull_policy/IfNotPresent.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + imagePullPolicy: IfNotPresent diff --git a/test/ansible/config/testing/pull_policy/Never.yaml b/test/ansible/config/testing/pull_policy/Never.yaml new file mode 100644 index 0000000000..86f13d8164 --- /dev/null +++ b/test/ansible/config/testing/pull_policy/Never.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + imagePullPolicy: Never diff --git a/test/ansible/deploy/crds/test.example.com_argstest_crd.yaml b/test/ansible/deploy/crds/test.example.com_argstest_crd.yaml deleted file mode 100644 index 8b3ebe8b21..0000000000 --- a/test/ansible/deploy/crds/test.example.com_argstest_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: argstests.test.example.com -spec: - group: test.example.com - names: - kind: ArgsTest - listKind: ArgsTestList - plural: argstests - singular: argstest - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - status: {} diff --git a/test/ansible/deploy/crds/test.example.com_casetest_crd.yaml b/test/ansible/deploy/crds/test.example.com_casetest_crd.yaml deleted file mode 100644 index c336a0e1cb..0000000000 --- a/test/ansible/deploy/crds/test.example.com_casetest_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: casetests.test.example.com -spec: - group: test.example.com - names: - kind: CaseTest - listKind: CaseTestList - plural: casetests - singular: casetest - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - status: {} diff --git a/test/ansible/deploy/crds/test.example.com_collectiontests_crd.yaml b/test/ansible/deploy/crds/test.example.com_collectiontests_crd.yaml deleted file mode 100644 index 0ff8896153..0000000000 --- a/test/ansible/deploy/crds/test.example.com_collectiontests_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: collectiontests.test.example.com -spec: - group: test.example.com - names: - kind: CollectionTest - listKind: CollectionTestList - plural: collectiontests - singular: collectiontest - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/test/ansible/deploy/crds/test.example.com_inventorytests_crd.yaml b/test/ansible/deploy/crds/test.example.com_inventorytests_crd.yaml deleted file mode 100644 index d08bb9055b..0000000000 --- a/test/ansible/deploy/crds/test.example.com_inventorytests_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: inventorytests.test.example.com -spec: - group: test.example.com - names: - kind: InventoryTest - listKind: InventoryTestList - plural: inventorytests - singular: inventorytest - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/test/ansible/deploy/crds/test.example.com_reconciliationtest_crd.yaml b/test/ansible/deploy/crds/test.example.com_reconciliationtest_crd.yaml deleted file mode 100644 index 6c964f0c56..0000000000 --- a/test/ansible/deploy/crds/test.example.com_reconciliationtest_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: reconciliationtests.test.example.com -spec: - group: test.example.com - names: - kind: ReconciliationTest - listKind: ReconciliationTestList - plural: reconciliationtests - singular: reconciliationtest - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - status: {} diff --git a/test/ansible/deploy/crds/test.example.com_selectortest_crd.yaml b/test/ansible/deploy/crds/test.example.com_selectortest_crd.yaml deleted file mode 100644 index fff1fe11d7..0000000000 --- a/test/ansible/deploy/crds/test.example.com_selectortest_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: selectortests.test.example.com -spec: - group: test.example.com - names: - kind: SelectorTest - listKind: SelectorTestList - plural: selectortests - singular: selectortest - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - status: {} diff --git a/test/ansible/deploy/crds/test.example.com_subresourcestests_crd.yaml b/test/ansible/deploy/crds/test.example.com_subresourcestests_crd.yaml deleted file mode 100644 index fb6687baa4..0000000000 --- a/test/ansible/deploy/crds/test.example.com_subresourcestests_crd.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: subresourcestests.test.example.com -spec: - group: test.example.com - names: - kind: SubresourcesTest - listKind: SubresourcesTestList - plural: subresourcestests - singular: subresourcestest - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/test/ansible/deploy/crds/test.example.com_v1_inventorytest_cr.yaml b/test/ansible/deploy/crds/test.example.com_v1_inventorytest_cr.yaml deleted file mode 100644 index 71f42e09b0..0000000000 --- a/test/ansible/deploy/crds/test.example.com_v1_inventorytest_cr.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: test.example.com/v1 -kind: InventoryTest -metadata: - name: example-inventorytest - annotations: - "ansible.sdk.operatorframework.io/verbosity": "3" -spec: - # Add fields here - size: 3 diff --git a/test/ansible/deploy/operator.yaml b/test/ansible/deploy/operator.yaml deleted file mode 100644 index df0545a827..0000000000 --- a/test/ansible/deploy/operator.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ansible -spec: - replicas: 1 - selector: - matchLabels: - name: ansible - template: - metadata: - labels: - name: ansible - spec: - serviceAccountName: ansible - containers: - - name: ansible - # Replace this with the built image name - image: "REPLACE_IMAGE" - imagePullPolicy: "Always" - volumeMounts: - - mountPath: /tmp/ansible-operator/runner - name: runner - env: - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "ansible" - - name: ANSIBLE_GATHERING - value: explicit - - name: ANSIBLE_INVENTORY - value: /opt/ansible/inventory - livenessProbe: - httpGet: - path: /healthz - port: 6789 - initialDelaySeconds: 5 - periodSeconds: 3 - - volumes: - - name: runner - emptyDir: {} diff --git a/test/ansible/deploy/role.yaml b/test/ansible/deploy/role.yaml deleted file mode 100644 index d30b87b291..0000000000 --- a/test/ansible/deploy/role.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: ansible -rules: -- apiGroups: - - "" - resources: - - pods - - pods/exec - - pods/log - - services - - services/finalizers - - endpoints - - persistentvolumeclaims - - events - - configmaps - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: - - get - - create -- apiGroups: - - apps - resourceNames: - - ansible - resources: - - deployments/finalizers - verbs: - - update -- apiGroups: - - "" - resources: - - pods - verbs: - - get -- apiGroups: - - apps - resources: - - replicasets - - deployments - verbs: - - get -- apiGroups: - - test.example.com - resources: - - '*' - - inventories - verbs: - - create - - delete - - get - - list - - patch - - update - - watch diff --git a/test/ansible/deploy/service_account.yaml b/test/ansible/deploy/service_account.yaml deleted file mode 100644 index 94be3a0755..0000000000 --- a/test/ansible/deploy/service_account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: ansible diff --git a/test/ansible/molecule/cluster/converge.yml b/test/ansible/molecule/cluster/converge.yml deleted file mode 100644 index 8877f82588..0000000000 --- a/test/ansible/molecule/cluster/converge.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -- name: Converge - hosts: localhost - connection: local - gather_facts: no - collections: - - community.kubernetes - - tasks: - - name: Ensure operator image is set - fail: - msg: | - You must specify the OPERATOR_IMAGE environment variable in order to run the - 'cluster' scenario - when: not operator_image - - - name: Create the Operator Deployment - k8s: - namespace: '{{ namespace }}' - definition: "{{ lookup('template', '/'.join([template_dir, 'operator.yaml.j2'])) }}" - wait: yes - vars: - image: '{{ operator_image }}' - pull_policy: '{{ operator_pull_policy }}' diff --git a/test/ansible/molecule/cluster/destroy.yml b/test/ansible/molecule/cluster/destroy.yml deleted file mode 100644 index b55bb6f8d3..0000000000 --- a/test/ansible/molecule/cluster/destroy.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -- name: Destroy - hosts: localhost - connection: local - gather_facts: false - - tasks: - - name: Delete namespace - k8s: - api_version: v1 - kind: Namespace - name: '{{ namespace }}' - state: absent - wait: yes - - - name: Delete RBAC resources - k8s: - definition: "{{ lookup('template', '/'.join([deploy_dir, item])) }}" - namespace: '{{ namespace }}' - state: absent - wait: yes - with_items: - - role.yaml - - role_binding.yaml - - service_account.yaml - - - name: Delete Custom Resource Definitions - k8s: - definition: "{{ lookup('file', item) }}" - state: absent - wait: yes - with_fileglob: - - "{{ '/'.join([deploy_dir, 'crds']) }}/*_crd.yaml" diff --git a/test/ansible/molecule/cluster/prepare.yml b/test/ansible/molecule/cluster/prepare.yml deleted file mode 100644 index 942b1aa73f..0000000000 --- a/test/ansible/molecule/cluster/prepare.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -- name: Prepare - hosts: localhost - connection: local - gather_facts: false - no_log: "{{ molecule_no_log }}" - vars: - deploy_dir: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') }}/deploy" - - tasks: - - name: Create Custom Resource Definitions - k8s: - definition: "{{ lookup('file', item) }}" - with_fileglob: - - "{{ '/'.join([deploy_dir, 'crds']) }}/*_crd.yaml" - - - name: Create namespace - k8s: - api_version: v1 - kind: Namespace - name: '{{ namespace }}' - - - name: Create RBAC resources - k8s: - definition: "{{ lookup('template', '/'.join([deploy_dir, item])) }}" - namespace: '{{ namespace }}' - with_items: - - role.yaml - - role_binding.yaml - - service_account.yaml - - - name: Create ServiceMonitor Custom Resource Definiiton - k8s: - definition: "{{ lookup('url', 'https://raw.githubusercontent.com/coreos/prometheus-operator/release-0.35/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml', split_lines=False) | from_yaml_all | list }}" diff --git a/test/ansible/molecule/cluster/tasks/liveness_test.yml b/test/ansible/molecule/cluster/tasks/liveness_test.yml deleted file mode 100644 index 9f05a74981..0000000000 --- a/test/ansible/molecule/cluster/tasks/liveness_test.yml +++ /dev/null @@ -1,16 +0,0 @@ -- name: get the operator pod - set_fact: - op_pod: "{{ lookup('k8s', kind='Pod', label_selector='name=ansible') }}" - -- name: Check for liveness probe failure events - # We can't directly hit the endpoint, which is not publicly exposed. If k8s sees a failing endpoint, it will create a "Killing" event. - k8s_info: - kind: Event - field_selectors: - - "involvedObject.name={{ op_pod.metadata.name }}" - - "reason=Killing" - register: liveness_failures - -- name: Assert that the Pod has not been liveness probe Killed - assert: - that: liveness_failures.resources|length == 0 diff --git a/test/ansible/molecule/default/converge.yml b/test/ansible/molecule/default/converge.yml new file mode 100644 index 0000000000..0633db9849 --- /dev/null +++ b/test/ansible/molecule/default/converge.yml @@ -0,0 +1,18 @@ +--- +- name: Converge + hosts: localhost + connection: local + gather_facts: no + collections: + - community.kubernetes + + tasks: + - name: Create Namespace + k8s: + api_version: v1 + kind: Namespace + name: '{{ namespace }}' + + - import_tasks: kustomize.yml + vars: + state: present diff --git a/test/ansible/molecule/cluster/create.yml b/test/ansible/molecule/default/create.yml similarity index 100% rename from test/ansible/molecule/cluster/create.yml rename to test/ansible/molecule/default/create.yml diff --git a/test/ansible/molecule/default/destroy.yml b/test/ansible/molecule/default/destroy.yml new file mode 100644 index 0000000000..af55e4f174 --- /dev/null +++ b/test/ansible/molecule/default/destroy.yml @@ -0,0 +1,24 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + collections: + - community.kubernetes + + tasks: + - import_tasks: kustomize.yml + vars: + state: absent + + - name: Destroy Namespace + k8s: + api_version: v1 + kind: Namespace + name: '{{ namespace }}' + state: absent + + - name: Unset pull policy + command: '{{ kustomize }} edit remove patch pull_policy/{{ operator_pull_policy }}.yaml' + args: + chdir: '{{ config_dir }}/testing' diff --git a/test/ansible/molecule/default/kustomize.yml b/test/ansible/molecule/default/kustomize.yml new file mode 100644 index 0000000000..f3d888c2f3 --- /dev/null +++ b/test/ansible/molecule/default/kustomize.yml @@ -0,0 +1,15 @@ +--- +- name: Build kustomize testing overlay + # load_restrictor must be set to none so we can load patch files from the default overlay + command: '{{ kustomize }} build --load_restrictor none .' + args: + chdir: '{{ config_dir }}/testing' + register: resources + changed_when: false + +- name: Set resources to {{ state }} + k8s: + definition: '{{ item }}' + state: '{{ state }}' + wait: yes + loop: '{{ resources.stdout | from_yaml_all | list }}' diff --git a/test/ansible/molecule/cluster/molecule.yml b/test/ansible/molecule/default/molecule.yml similarity index 75% rename from test/ansible/molecule/cluster/molecule.yml rename to test/ansible/molecule/default/molecule.yml index 06b307f7d1..ea58004dce 100644 --- a/test/ansible/molecule/cluster/molecule.yml +++ b/test/ansible/molecule/default/molecule.yml @@ -7,9 +7,9 @@ lint: | set -e yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . platforms: -- name: cluster - groups: - - k8s + - name: cluster + groups: + - k8s provisioner: name: ansible lint: | @@ -22,10 +22,11 @@ provisioner: host_vars: localhost: ansible_python_interpreter: '{{ ansible_playbook_python }}' - deploy_dir: ${MOLECULE_PROJECT_DIRECTORY}/deploy - template_dir: ${MOLECULE_PROJECT_DIRECTORY}/molecule/templates + config_dir: ${MOLECULE_PROJECT_DIRECTORY}/config + samples_dir: ${MOLECULE_PROJECT_DIRECTORY}/config/samples operator_image: ${OPERATOR_IMAGE:-""} operator_pull_policy: ${OPERATOR_PULL_POLICY:-"Always"} + kustomize: ${KUSTOMIZE_PATH:-kustomize} env: K8S_AUTH_KUBECONFIG: ${KUBECONFIG:-"~/.kube/config"} verifier: diff --git a/test/ansible/molecule/default/prepare.yml b/test/ansible/molecule/default/prepare.yml index 0ef09072db..7d9f3f1b76 100644 --- a/test/ansible/molecule/default/prepare.yml +++ b/test/ansible/molecule/default/prepare.yml @@ -1,27 +1,28 @@ --- - name: Prepare - hosts: k8s - gather_facts: no + hosts: localhost + connection: local + gather_facts: false + tasks: - - name: Fetch the kubeconfig - fetch: - dest: '{{ kubeconfig_file }}' - flat: yes - src: /root/.kube/config + - name: Ensure operator image is set + fail: + msg: | + You must specify the OPERATOR_IMAGE environment variable in order to run the + 'default' scenario + when: not operator_image + + - name: Set testing image + command: '{{ kustomize }} edit set image testing={{ operator_image }}' + args: + chdir: '{{ config_dir }}/testing' - - name: Change the kubeconfig port to the proper value - replace: - regexp: '8443' - replace: "{{ lookup('env', 'KIND_PORT') }}" - path: '{{ kubeconfig_file }}' - delegate_to: localhost + - name: Set pull policy + command: '{{ kustomize }} edit add patch pull_policy/{{ operator_pull_policy }}.yaml' + args: + chdir: '{{ config_dir }}/testing' - - name: Wait for the Kubernetes API to become available (this could take a minute) - uri: - url: "http://localhost:10080/kubernetes-ready" - status_code: 200 - validate_certs: no - register: result - until: (result.status|default(-1)) == 200 - retries: 60 - delay: 5 + - name: Set testing namespace + command: '{{ kustomize }} edit set namespace {{ namespace }}' + args: + chdir: '{{ config_dir }}/testing' diff --git a/test/ansible/molecule/cluster/tasks/args_test.yml b/test/ansible/molecule/default/tasks/argstest_test.yml similarity index 100% rename from test/ansible/molecule/cluster/tasks/args_test.yml rename to test/ansible/molecule/default/tasks/argstest_test.yml diff --git a/test/ansible/molecule/cluster/tasks/case_test.yml b/test/ansible/molecule/default/tasks/casetest_test.yml similarity index 100% rename from test/ansible/molecule/cluster/tasks/case_test.yml rename to test/ansible/molecule/default/tasks/casetest_test.yml diff --git a/test/ansible/molecule/cluster/tasks/collections_test.yml b/test/ansible/molecule/default/tasks/collectiontest_test.yml similarity index 76% rename from test/ansible/molecule/cluster/tasks/collections_test.yml rename to test/ansible/molecule/default/tasks/collectiontest_test.yml index 61ba0c40b9..f7053f24bd 100644 --- a/test/ansible/molecule/cluster/tasks/collections_test.yml +++ b/test/ansible/molecule/default/tasks/collectiontest_test.yml @@ -19,4 +19,9 @@ assert: that: cm.data.did_it_work == 'indeed' vars: - cm: "{{ q('k8s', api_version='v1', kind='ConfigMap', namespace=namespace, resource_name='test-this-collection').0 }}" + cm: "{{ q('k8s', + api_version='v1', + kind='ConfigMap', + namespace=namespace, + resource_name='test-this-collection' + ).0 }}" diff --git a/test/ansible/molecule/cluster/tasks/inventory_test.yml b/test/ansible/molecule/default/tasks/inventorytest_test.yml similarity index 78% rename from test/ansible/molecule/cluster/tasks/inventory_test.yml rename to test/ansible/molecule/default/tasks/inventorytest_test.yml index 909f8960c5..acb7e7e34d 100644 --- a/test/ansible/molecule/cluster/tasks/inventory_test.yml +++ b/test/ansible/molecule/default/tasks/inventorytest_test.yml @@ -11,7 +11,10 @@ reason: Successful status: "True" vars: - custom_resource: "{{ lookup('template', '/'.join([deploy_dir, 'crds/test.example.com_v1alpha1_inventorytest_cr.yaml'])) | from_yaml }}" + custom_resource: "{{ lookup('template', '/'.join([ + config_dir, + 'samples/test_v1alpha1_inventorytest.yaml' + ])) | from_yaml }}" - name: Assert sentinel ConfigMap has been created for Molecule Test assert: diff --git a/test/ansible/molecule/cluster/tasks/reconciliation_test.yml b/test/ansible/molecule/default/tasks/reconciliationtest_test.yml similarity index 100% rename from test/ansible/molecule/cluster/tasks/reconciliation_test.yml rename to test/ansible/molecule/default/tasks/reconciliationtest_test.yml diff --git a/test/ansible/molecule/cluster/tasks/secrets_test.yml b/test/ansible/molecule/default/tasks/secretstest_test.yml similarity index 98% rename from test/ansible/molecule/cluster/tasks/secrets_test.yml rename to test/ansible/molecule/default/tasks/secretstest_test.yml index 1b6888c001..ce8f454bb2 100644 --- a/test/ansible/molecule/cluster/tasks/secrets_test.yml +++ b/test/ansible/molecule/default/tasks/secretstest_test.yml @@ -42,7 +42,7 @@ new: '{{ "content" | b64encode }}' - name: Wait for the corresponding key to be created - k8s_facts: + k8s_info: api_version: v1 kind: ConfigMap name: test-secret diff --git a/test/ansible/molecule/cluster/tasks/selector_test.yml b/test/ansible/molecule/default/tasks/selectortest_test.yml similarity index 99% rename from test/ansible/molecule/cluster/tasks/selector_test.yml rename to test/ansible/molecule/default/tasks/selectortest_test.yml index 5084a1d601..9254657cfe 100644 --- a/test/ansible/molecule/cluster/tasks/selector_test.yml +++ b/test/ansible/molecule/default/tasks/selectortest_test.yml @@ -50,5 +50,3 @@ vars: cm: "{{ q('k8s', api_version='v1', kind='ConfigMap', namespace=namespace, resource_name='selector-test-fail')}}" - - diff --git a/test/ansible/molecule/cluster/tasks/subresources_test.yml b/test/ansible/molecule/default/tasks/subresourcestest_test.yml similarity index 100% rename from test/ansible/molecule/cluster/tasks/subresources_test.yml rename to test/ansible/molecule/default/tasks/subresourcestest_test.yml diff --git a/test/ansible/molecule/cluster/verify.yml b/test/ansible/molecule/default/verify.yml similarity index 75% rename from test/ansible/molecule/cluster/verify.yml rename to test/ansible/molecule/default/verify.yml index 386bfbb721..8670d557a1 100644 --- a/test/ansible/molecule/cluster/verify.yml +++ b/test/ansible/molecule/default/verify.yml @@ -5,12 +5,16 @@ gather_facts: no collections: - community.kubernetes + + vars: + ctrl_label: control-plane=controller-manager + tasks: - block: - - name: Import all test files from tasks/ - include_tasks: '{{ item }}' - with_fileglob: - - tasks/*_test.yml + - name: Import all test files from tasks/ + include_tasks: '{{ item }}' + with_fileglob: + - tasks/*_test.yml rescue: - name: Retrieve relevant resources k8s_info: @@ -32,10 +36,11 @@ k8s_log: name: '{{ item.metadata.name }}' namespace: '{{ namespace }}' - loop: '{{ q("k8s", api_version="v1", kind="Pod", namespace=namespace) }}' + container: manager + loop: "{{ q('k8s', api_version='v1', kind='Pod', namespace=namespace, label_selector=ctrl_label) }}" register: debug_logs - - name: Ouput gathered resources + - name: Output gathered resources debug: var: debug_resources diff --git a/test/ansible/molecule/kind/converge.yml b/test/ansible/molecule/kind/converge.yml new file mode 100644 index 0000000000..dbd27374a5 --- /dev/null +++ b/test/ansible/molecule/kind/converge.yml @@ -0,0 +1,31 @@ +--- +- name: Converge + hosts: localhost + connection: local + gather_facts: no + + tasks: + - name: Build Ansible dev base image + make: + chdir: '{{ project_dir }}/../../' + target: image-build-ansible + # Not important, but maybe should fix someday + changed_when: false + + - name: Build operator image + docker_image: + build: + path: '{{ project_dir }}' + pull: no + name: '{{ operator_image }}' + tag: latest + push: no + source: build + force_source: yes + + - name: Load image into kind cluster + command: kind load docker-image --name osdk-test '{{ operator_image }}' + register: result + changed_when: '"not yet present" in result.stdout' + +- import_playbook: ../default/converge.yml diff --git a/test/ansible/molecule/kind/create.yml b/test/ansible/molecule/kind/create.yml new file mode 100644 index 0000000000..66a84a14f7 --- /dev/null +++ b/test/ansible/molecule/kind/create.yml @@ -0,0 +1,8 @@ +--- +- name: Create + hosts: localhost + connection: local + gather_facts: false + tasks: + - name: Create test kind cluster + command: kind create cluster --name osdk-test --kubeconfig {{ kubeconfig }} diff --git a/test/ansible/molecule/kind/destroy.yml b/test/ansible/molecule/kind/destroy.yml new file mode 100644 index 0000000000..77b75a1d57 --- /dev/null +++ b/test/ansible/molecule/kind/destroy.yml @@ -0,0 +1,12 @@ +--- +- name: Destroy + hosts: localhost + connection: local + gather_facts: false + collections: + - community.kubernetes + + tasks: + - name: Destroy test kind cluster + command: kind delete cluster --name osdk-test --kubeconfig {{ kubeconfig }} + diff --git a/test/ansible/molecule/kind/molecule.yml b/test/ansible/molecule/kind/molecule.yml new file mode 100644 index 0000000000..d4361f32fc --- /dev/null +++ b/test/ansible/molecule/kind/molecule.yml @@ -0,0 +1,42 @@ +--- +dependency: + name: galaxy +driver: + name: delegated +lint: | + set -e + yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . +platforms: + - name: cluster + groups: + - k8s +provisioner: + name: ansible + playbooks: + prepare: ../default/prepare.yml + verify: ../default/verify.yml + lint: | + set -e + ansible-lint + inventory: + group_vars: + all: + namespace: ${TEST_OPERATOR_NAMESPACE:-osdk-test} + host_vars: + localhost: + ansible_python_interpreter: '{{ ansible_playbook_python }}' + config_dir: ${MOLECULE_PROJECT_DIRECTORY}/config + samples_dir: ${MOLECULE_PROJECT_DIRECTORY}/config/samples + project_dir: ${MOLECULE_PROJECT_DIRECTORY} + operator_image: testing-operator + operator_pull_policy: "Never" + kubeconfig: "{{ lookup('env', 'KUBECONFIG') }}" + kustomize: ${KUSTOMIZE_PATH:-kustomize} + env: + K8S_AUTH_KUBECONFIG: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig + KUBECONFIG: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig +verifier: + name: ansible + lint: | + set -e + ansible-lint diff --git a/test/ansible/molecule/templates/operator.yaml.j2 b/test/ansible/molecule/templates/operator.yaml.j2 deleted file mode 100644 index ac940a6030..0000000000 --- a/test/ansible/molecule/templates/operator.yaml.j2 +++ /dev/null @@ -1,54 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ansible -spec: - replicas: 1 - selector: - matchLabels: - name: ansible - template: - metadata: - labels: - name: ansible -{% if hash is defined %} - image_hash: "{{ hash }}" -{% endif %} - spec: - serviceAccountName: ansible - containers: - - name: operator - # Replace this with the built image name - image: "{{ image }}" - imagePullPolicy: "{{ pull_policy }}" - volumeMounts: - - mountPath: /tmp/ansible-operator/runner - name: runner - env: - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "ansible" - - name: ANSIBLE_GATHERING - value: explicit - - name: ANSIBLE_INVENTORY - value: /opt/ansible/inventory - - name: ANSIBLE_DEBUG_LOGS - value: "TRUE" - livenessProbe: - httpGet: - path: /healthz - port: 6789 - initialDelaySeconds: 5 - periodSeconds: 3 - args: ["--ansible-args='--vault-password-file /opt/ansible/pwd.yml'"] - volumes: - - name: runner - emptyDir: {} diff --git a/test/ansible/molecule/test-local/converge.yml b/test/ansible/molecule/test-local/converge.yml deleted file mode 100644 index bf3bd13d50..0000000000 --- a/test/ansible/molecule/test-local/converge.yml +++ /dev/null @@ -1,55 +0,0 @@ ---- -- name: Build Operator in Kubernetes docker container - hosts: k8s - gather_facts: no - collections: - - community.kubernetes - - vars: - image: test.example.com/ansible:testing - - tasks: - # using command so we don't need to install any dependencies - - name: Get existing image hash - command: docker images -q {{ image }} - register: prev_hash_raw - changed_when: false - - - - name: Build Operator Image - command: docker build -f /build/build/Dockerfile -t {{ image }} /build - register: build_cmd - changed_when: not hash or (hash and hash not in cmd_out) - vars: - hash: '{{ prev_hash_raw.stdout }}' - cmd_out: '{{ "".join(build_cmd.stdout_lines[-2:]) }}' - - - name: Get new image hash - command: docker images -q {{ image }} - register: hash_raw - changed_when: false - - - name: Set localhost hash fact - set_fact: - hash: '{{ hash_raw.stdout }}' - delegate_to: localhost - delegate_facts: true - -- name: Converge - hosts: localhost - connection: local - collections: - - community.kubernetes - - vars: - image: test.example.com/ansible:testing - operator_template: "{{ '/'.join([template_dir, 'operator.yaml.j2']) }}" - - tasks: - - name: Create the Operator Deployment - k8s: - namespace: '{{ namespace }}' - definition: "{{ lookup('template', operator_template) }}" - wait: yes - vars: - pull_policy: Never diff --git a/test/ansible/molecule/test-local/molecule.yml b/test/ansible/molecule/test-local/molecule.yml deleted file mode 100644 index 6fc64c04a9..0000000000 --- a/test/ansible/molecule/test-local/molecule.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -dependency: - name: galaxy -driver: - name: docker -lint: | - set -e - yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . -platforms: - - name: kind-test-local - groups: - - k8s - image: bsycorp/kind:latest-${KUBE_VERSION:-1.17} - privileged: true - override_command: false - exposed_ports: - - 8443/tcp - - 10080/tcp - published_ports: - - 0.0.0.0:${TEST_CLUSTER_PORT:-10443}:8443/tcp - pre_build_image: true - volumes: - - ${MOLECULE_PROJECT_DIRECTORY}:/build:Z -provisioner: - name: ansible - log: true - lint: | - set -e - ansible-lint - inventory: - group_vars: - all: - namespace: ${TEST_OPERATOR_NAMESPACE:-osdk-test} - kubeconfig_file: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig - host_vars: - localhost: - ansible_python_interpreter: '{{ ansible_playbook_python }}' - template_dir: ${MOLECULE_PROJECT_DIRECTORY}/molecule/templates - deploy_dir: ${MOLECULE_PROJECT_DIRECTORY}/deploy - env: - K8S_AUTH_KUBECONFIG: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig - KUBECONFIG: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig - ANSIBLE_ROLES_PATH: ${MOLECULE_PROJECT_DIRECTORY}/roles - KIND_PORT: '${TEST_CLUSTER_PORT:-10443}' -verifier: - name: ansible - lint: | - set -e - ansible-lint diff --git a/test/ansible/molecule/test-local/prepare.yml b/test/ansible/molecule/test-local/prepare.yml deleted file mode 100644 index c070cca02b..0000000000 --- a/test/ansible/molecule/test-local/prepare.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -- import_playbook: ../default/prepare.yml -- import_playbook: ../cluster/prepare.yml - -- name: Dump the dev image - hosts: localhost - connection: local - gather_facts: no - - tasks: - - name: Dump the dev image - command: docker save -o /tmp/dev-operator.tar quay.io/operator-framework/ansible-operator:dev - - - name: Copy the image to the kind container - command: docker cp /tmp/dev-operator.tar kind-test-local:/dev-operator.tar - -- name: Make dev operator image available for Molecule Test - hosts: k8s - gather_facts: no - - tasks: - - name: Make dev operator available - command: docker load -i /dev-operator.tar - -- name: Clean up for Molecule Test - hosts: localhost - connection: local - gather_facts: no - - tasks: - - name: remove dev-operator.tar - file: - path: /tmp/dev-operator.tar - state: absent diff --git a/test/ansible/molecule/test-local/verify.yml b/test/ansible/molecule/test-local/verify.yml deleted file mode 100644 index 4c00308846..0000000000 --- a/test/ansible/molecule/test-local/verify.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- import_playbook: ../cluster/verify.yml diff --git a/test/ansible/playbooks/args.yml b/test/ansible/playbooks/argstest.yml similarity index 100% rename from test/ansible/playbooks/args.yml rename to test/ansible/playbooks/argstest.yml diff --git a/test/ansible/playbooks/case.yml b/test/ansible/playbooks/casetest.yml similarity index 100% rename from test/ansible/playbooks/case.yml rename to test/ansible/playbooks/casetest.yml index 06ba12109f..083416793a 100644 --- a/test/ansible/playbooks/case.yml +++ b/test/ansible/playbooks/casetest.yml @@ -3,7 +3,6 @@ gather_facts: no collections: - community.kubernetes - tasks: - name: Create configmap k8s: @@ -15,3 +14,4 @@ namespace: '{{ meta.namespace }}' data: shouldBeCamel: '{{ camelCaseVar | default("false") }}' + diff --git a/test/ansible/playbooks/inventory.yml b/test/ansible/playbooks/inventorytest.yml similarity index 76% rename from test/ansible/playbooks/inventory.yml rename to test/ansible/playbooks/inventorytest.yml index d77d0e7363..3f57edac2d 100644 --- a/test/ansible/playbooks/inventory.yml +++ b/test/ansible/playbooks/inventorytest.yml @@ -1,10 +1,9 @@ --- - - hosts: test gather_facts: no tasks: - - import_role: - name: inventory + - import_role: + name: "inventorytest" - hosts: localhost gather_facts: no diff --git a/test/ansible/playbooks/reconciliation.yml b/test/ansible/playbooks/reconciliationtest.yml similarity index 100% rename from test/ansible/playbooks/reconciliation.yml rename to test/ansible/playbooks/reconciliationtest.yml diff --git a/test/ansible/playbooks/selector.yml b/test/ansible/playbooks/selectortest.yml similarity index 100% rename from test/ansible/playbooks/selector.yml rename to test/ansible/playbooks/selectortest.yml diff --git a/test/ansible/playbooks/subresources.yml b/test/ansible/playbooks/subresourcestest.yml similarity index 100% rename from test/ansible/playbooks/subresources.yml rename to test/ansible/playbooks/subresourcestest.yml diff --git a/test/ansible/requirements.yml b/test/ansible/requirements.yml index e7849b923e..8a661f8b95 100644 --- a/test/ansible/requirements.yml +++ b/test/ansible/requirements.yml @@ -1,4 +1,5 @@ +--- collections: - name: community.kubernetes - version: <1.0.0 + version: "<1.0.0" - operator_sdk.util diff --git a/test/ansible/roles/inventory/tasks/main.yml b/test/ansible/roles/inventorytest/tasks/main.yml similarity index 100% rename from test/ansible/roles/inventory/tasks/main.yml rename to test/ansible/roles/inventorytest/tasks/main.yml diff --git a/test/ansible/watches.yaml b/test/ansible/watches.yaml index b17940e6bd..2f9392daaf 100644 --- a/test/ansible/watches.yaml +++ b/test/ansible/watches.yaml @@ -1,8 +1,9 @@ --- +# Use the 'create api' subcommand to add watches to this file. - version: v1alpha1 group: test.example.com kind: InventoryTest - playbook: playbooks/inventory.yml + playbook: playbooks/inventorytest.yml vars: meta: '{{ ansible_operator_meta }}' @@ -16,7 +17,7 @@ - version: v1alpha1 group: test.example.com kind: SubresourcesTest - playbook: playbooks/subresources.yml + playbook: playbooks/subresourcestest.yml vars: meta: '{{ ansible_operator_meta }}' @@ -31,7 +32,7 @@ - version: v1alpha1 group: test.example.com kind: SelectorTest - playbook: playbooks/selector.yml + playbook: playbooks/selectortest.yml selector: matchExpressions: - {key: testLabel, operator: Exists, values: []} @@ -41,7 +42,7 @@ - version: v1alpha1 group: test.example.com kind: CaseTest - playbook: playbooks/case.yml + playbook: playbooks/casetest.yml snakeCaseParameters: false vars: meta: '{{ ansible_operator_meta }}' @@ -49,13 +50,14 @@ - version: v1alpha1 group: test.example.com kind: ArgsTest - playbook: playbooks/args.yml + playbook: playbooks/argstest.yml vars: meta: '{{ ansible_operator_meta }}' - version: v1alpha1 group: test.example.com kind: ReconciliationTest - playbook: playbooks/reconciliation.yml + playbook: playbooks/reconciliationtest.yml vars: meta: '{{ ansible_operator_meta }}' +# +kubebuilder:scaffold:watch