From: adrianiurca Date: Thu, 8 Apr 2021 12:53:59 +0000 (+0300) Subject: mount kernel for docker container X-Git-Tag: v3.0.1~5^2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=068ed00cebfc25af81412f35a55a7cb046d2e1a9;p=puppet-modules%2Fpuppetlabs-firewall.git mount kernel for docker container --- diff --git a/.github/workflows/pr_test.yml b/.github/workflows/pr_test.yml index 69e414b..e2ba9f4 100644 --- a/.github/workflows/pr_test.yml +++ b/.github/workflows/pr_test.yml @@ -122,7 +122,12 @@ jobs: - name: Provision test environment run: | - buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake 'litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }}]' + if [[ "${{matrix.platforms.provider}}" == "provision::docker" ]]; then + DOCKER_RUN_OPTS="docker_run_opts: {'--volume': '/lib/modules/$(uname -r):/lib/modules/$(uname -r)'}" + else + DOCKER_RUN_OPTS='' + fi + buildevents cmd $TRACE_ID $STEP_ID 'rake litmus:provision ${{ matrix.platforms.image }}' -- bundle exec rake "litmus:provision[${{matrix.platforms.provider}},${{ matrix.platforms.image }},$DOCKER_RUN_OPTS]" echo ::group::=== REQUEST === cat request.json || true echo diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..1509f6e --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,47 @@ +name: "Publish module" + +on: + workflow_dispatch: + +jobs: + create-github-release: + name: Deploy GitHub Release + runs-on: ubuntu-20.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + clean: true + fetch-depth: 0 + - name: Get Version + id: gv + run: | + echo "::set-output name=ver::$(jq --raw-output .version metadata.json)" + - name: Create Release + uses: actions/create-release@v1 + id: create_release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: "v${{ steps.gv.outputs.ver }}" + draft: false + prerelease: false + + deploy-forge: + name: Deploy to Forge + runs-on: ubuntu-20.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + ref: ${{ github.ref }} + clean: true + - name: "PDK Build" + uses: docker://puppet/pdk:nightly + with: + args: 'build' + - name: "Push to Forge" + uses: docker://puppet/pdk:nightly + with: + args: 'release publish --forge-token ${{ secrets.FORGE_API_KEY }} --force' diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml new file mode 100644 index 0000000..03e2cb8 --- /dev/null +++ b/.github/workflows/spec.yml @@ -0,0 +1,128 @@ +name: "Spec Tests" + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + pull_request: + +env: + HONEYCOMB_WRITEKEY: 7f3c63a70eecc61d635917de46bea4e6 + HONEYCOMB_DATASET: litmus tests + +jobs: + setup_matrix: + name: "Setup Test Matrix" + runs-on: ubuntu-20.04 + outputs: + spec_matrix: ${{ steps.get-matrix.outputs.spec_matrix }} + + steps: + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + + - name: "Honeycomb: Start first step" + run: | + echo STEP_ID=setup-environment >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Checkout Source + uses: actions/checkout@v2 + if: ${{ github.repository_owner == 'puppetlabs' }} + + - name: Activate Ruby 2.7 + uses: ruby/setup-ruby@v1 + if: ${{ github.repository_owner == 'puppetlabs' }} + with: + ruby-version: "2.7" + bundler-cache: true + + - name: Print bundle environment + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: "Honeycomb: Record Setup Environment time" + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' + echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: Setup Spec Test Matrix + id: get-matrix + run: | + if [ '${{ github.repository_owner }}' == 'puppetlabs' ]; then + buildevents cmd $TRACE_ID $STEP_ID matrix_from_metadata -- bundle exec matrix_from_metadata_v2 + else + echo "::set-output name=spec_matrix::{}" + fi + + - name: "Honeycomb: Record Setup Test Matrix time" + if: ${{ always() }} + run: | + buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Test Matrix' + + Spec: + name: "Spec Tests (Puppet: ${{matrix.puppet_version}}, Ruby Ver: ${{matrix.ruby_version}})" + needs: + - setup_matrix + if: ${{ needs.setup_matrix.outputs.spec_matrix != '{}' }} + + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: ${{fromJson(needs.setup_matrix.outputs.spec_matrix)}} + + env: + BUILDEVENT_FILE: '../buildevents.txt' + PUPPET_GEM_VERSION: ${{ matrix.puppet_version }} + + steps: + - run: | + echo "SANITIZED_PUPPET_VERSION=$(echo '${{ matrix.puppet_version }}' | sed 's/~> //g')" >> $GITHUB_ENV + + - run: | + echo 'puppet_version=${{ env.SANITIZED_PUPPET_VERSION }}' >> $BUILDEVENT_FILE + + - name: "Honeycomb: Start first step" + run: | + echo "STEP_ID=${{ env.SANITIZED_PUPPET_VERSION }}-spec" >> $GITHUB_ENV + echo STEP_START=$(date +%s) >> $GITHUB_ENV + + - name: "Honeycomb: Start recording" + uses: puppetlabs/kvrhdn-gha-buildevents@pdk-templates-v1 + with: + apikey: ${{ env.HONEYCOMB_WRITEKEY }} + dataset: ${{ env.HONEYCOMB_DATASET }} + job-status: ${{ job.status }} + matrix-key: ${{ env.SANITIZED_PUPPET_VERSION }} + + - name: Checkout Source + uses: actions/checkout@v2 + + - name: "Activate Ruby ${{ matrix.ruby_version }}" + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{matrix.ruby_version}} + bundler-cache: true + + - name: Print bundle environment + run: | + echo ::group::bundler environment + buildevents cmd $TRACE_ID $STEP_ID 'bundle env' -- bundle env + echo ::endgroup:: + + - name: Run Static & Syntax Tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + + - name: Run parallel_spec tests + run: | + buildevents cmd $TRACE_ID $STEP_ID 'rake parallel_spec Puppet ${{ matrix.puppet_version }}, Ruby ${{ matrix.ruby_version }}' -- bundle exec rake parallel_spec diff --git a/.gitignore b/.gitignore index 2767022..988dcbb 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ .project .envrc /inventory.yaml +/spec/fixtures/litmus_inventory.yaml diff --git a/.gitpod.yml b/.gitpod.yml index 18406c5..9d89d9f 100644 --- a/.gitpod.yml +++ b/.gitpod.yml @@ -6,4 +6,4 @@ tasks: vscode: extensions: - - puppet.puppet-vscode@1.0.0:oSzfTkDf6Cmc1jOjgW33VA== + - puppet.puppet-vscode@1.2.0:f5iEPbmOj6FoFTOV6q8LTg== diff --git a/.pdkignore b/.pdkignore index a74c4c4..33a1347 100644 --- a/.pdkignore +++ b/.pdkignore @@ -25,6 +25,7 @@ .project .envrc /inventory.yaml +/spec/fixtures/litmus_inventory.yaml /appveyor.yml /.fixtures.yml /Gemfile diff --git a/.sync.yml b/.sync.yml index 920f7b8..09033fe 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,36 +1,6 @@ --- ".gitlab-ci.yml": delete: true -".travis.yml": - dist: trusty # acceptance tests have stopped working on newer versions - probably related to docker behaviour - global_env: - - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" - deploy_to_forge: - enabled: false - branches: - - release - use_litmus: true - litmus: - provision_list: - - ---travis_el - - travis_deb - - travis_el7 - complex: - - collection: - puppet_collection: - - puppet6 - provision_list: - - travis_ub_6 - - collection: - puppet_collection: - - puppet6 - provision_list: - - travis_el8 - dist: xenial - simplecov: true - notifications: - slack: - secure: Ohw1KtRtFAeTQNL/8slgJ7lZ8PYCiooE6i9NWR+fCGNcAzU1LGhacnXqgXD6JCX53zdv8mkkd31AsrGWmx+iFueZkSYdAz+pEXduyRI9Rm6cTotlaGAB7NK+KgjEky7gmRao3EuogYbX7qIpzNaZ4rGUrjWSSeSDCSgGCEwblXk= appveyor.yml: delete: true Gemfile: @@ -47,6 +17,13 @@ spec/spec_helper.rb: .github/workflows/nightly.yml: unmanaged: false .github/workflows/pr_test.yml: - unmanaged: false + unmanaged: true .github/workflows/auto_release.yml: unmanaged: false +.github/workflows/spec.yml: + checks: 'syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop' + unmanaged: false +.github/workflows/release.yml: + unmanaged: false +.travis.yml: + delete: true diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 50145c7..0000000 --- a/.travis.yml +++ /dev/null @@ -1,90 +0,0 @@ ---- -os: linux -dist: trusty -language: ruby -cache: bundler -before_install: - - bundle -v - - rm -f Gemfile.lock - - "# Update system gems if requested. This is useful to temporarily workaround troubles in the test runner" - - "# See https://github.com/puppetlabs/pdk-templates/commit/705154d5c437796b821691b707156e1b056d244f for an example of how this was used" - - "# Ignore exit code of SIGPIPE'd yes to not fail with shell's pipefail set" - - '[ -z "$RUBYGEMS_VERSION" ] || (yes || true) | gem update --system $RUBYGEMS_VERSION' - - gem --version - - bundle -v -script: - - 'SIMPLECOV=yes bundle exec rake $CHECK' -bundler_args: --without system_tests -rvm: - - 2.5.7 -env: - global: - - HONEYCOMB_WRITEKEY="7f3c63a70eecc61d635917de46bea4e6",HONEYCOMB_DATASET="litmus tests" -stages: - - static - - spec - - acceptance -jobs: - fast_finish: true - include: - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_ub_6]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_ub_6_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el8]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - dist: xenial - env: - PLATFORMS: travis_el8_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_deb]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_deb_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - before_script: - - "bundle exec rake 'litmus:provision_list[travis_el7]'" - - "bundle exec rake 'litmus:install_agent[puppet6]'" - - "bundle exec rake litmus:install_module" - env: - PLATFORMS: travis_el7_puppet6 - BUNDLE_WITH: system_tests - rvm: 2.5.7 - script: ["travis_wait 45 bundle exec rake litmus:acceptance:parallel"] - services: docker - stage: acceptance - - - env: CHECK="check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop syntax lint metadata_lint" - stage: static - - - env: PUPPET_GEM_VERSION="~> 6.0" CHECK=parallel_spec - rvm: 2.5.7 - stage: spec -branches: - only: - - main - - /^v\d/ - - release -notifications: - email: false - slack: - secure: Ohw1KtRtFAeTQNL/8slgJ7lZ8PYCiooE6i9NWR+fCGNcAzU1LGhacnXqgXD6JCX53zdv8mkkd31AsrGWmx+iFueZkSYdAz+pEXduyRI9Rm6cTotlaGAB7NK+KgjEky7gmRao3EuogYbX7qIpzNaZ4rGUrjWSSeSDCSgGCEwblXk= diff --git a/metadata.json b/metadata.json index 923cabd..7f81c46 100644 --- a/metadata.json +++ b/metadata.json @@ -76,6 +76,6 @@ } ], "template-url": "https://github.com/puppetlabs/pdk-templates.git#main", - "template-ref": "heads/main-0-g12a5dea", + "template-ref": "heads/main-0-g0a06ce2", "pdk-version": "1.18.1" } diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 9695831..004601b 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -9,7 +9,7 @@ describe 'firewall class' do end end - it 'runs successfully' do + it 'runs successfully', unless: os[:family] == 'redhat' && os[:release].to_i == 6 do pp = "class { 'firewall': }" idempotent_apply(pp) end @@ -19,7 +19,7 @@ describe 'firewall class' do idempotent_apply(pp) end - it 'ensure => running:' do + it 'ensure => running:', unless: os[:family] == 'redhat' && os[:release].to_i == 6 do pp = "class { 'firewall': ensure => running }" idempotent_apply(pp) end diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb index 461a9a8..1633c02 100644 --- a/spec/spec_helper_acceptance_local.rb +++ b/spec/spec_helper_acceptance_local.rb @@ -55,6 +55,20 @@ RSpec.configure do |c| # To enable tests on abs/vmpooler machines just set to `true` this flag c.filter_run_excluding condition_parameter_test: false c.before :suite do + if ['centos', 'oraclelinux', 'scientific'].include?(fetch_os_name) && [6, 7].include?(os[:release].to_i) + LitmusHelper.instance.run_shell('yum update -y') + LitmusHelper.instance.run_shell('depmod -a') + ['filter', 'nat', 'mangle', 'raw'].each do |t| + LitmusHelper.instance.run_shell("modprobe iptable_#{t}") + LitmusHelper.instance.run_shell("modprobe ip6table_#{t}") + end + LitmusHelper.instance.run_shell('touch /etc/sysconfig/iptables') + LitmusHelper.instance.run_shell('touch /etc/sysconfig/ip6tables') + end + if os[:family] == 'debian' + LitmusHelper.instance.run_shell('apt-get update -y') + LitmusHelper.instance.run_shell('apt-get install kmod') if os[:release].to_i == 10 + end if fetch_os_name == 'centos' && os[:release].to_i == 8 pp = <<-PUPPETCODE package { 'iptables-services':