Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
144 lines (129 sloc) 6.04 KB
---
# Requirements :
# gem install kitchen-docker kitchen-ansible
driver:
name: docker
require_chef_omnibus: false # No need of chef
require_ruby_for_busser: true
# Command used to run container at kitchen create. You can use it to override ssh parameters like MaxSessions (https://github.com/test-kitchen/test-kitchen/pull/1047)
#run_command: '/usr/sbin/sshd -D -o UseDNS=no -o UsePAM=no -o PasswordAuthentication=yes -o MaxSessions=40 -o UsePrivilegeSeparation=no -o PidFile=/tmp/sshd.pid'
#provision_command: echo 'bla driver' # work at create
# This part specify the public key and private used to connect to containers (used by kitchen cli).
# But we will use this key later also to be able to connect from bastion to others containers.
# If not exist, kitchen will generate public and private key
# /!\ spec directory should be created before run kitchen ci.
# The spec directory is used because this directory will be copied inside the container by default.
# The public key is automatically added in all containers authorized_keys.
# /!\ The public key should not have \n at the and or you will have a ruby error during the create step
private_key: spec/id_rsa
public_key: spec/id_rsa.pub
provisioner:
name: ansible_playbook
# Specify the role path in case you are testing a role. In case of playbook let it commented
#roles_path: .
require_ansible_repo: true
ansible_verbose: true
# e.g.: 1 => '-v', 2 => '-vv', 3 => '-vvv", ...
ansible_verbosity: 2
ansible_version: latest
# If not specified kitchen-ansible will run locally the playbook. Default local ansible run
ansible_connection: ssh
# Avoid kitchen-ansible to be blocked on ssh key verification
ansible_host_key_checking: false
# We are testing a playbook so I need to give his name
playbook: site.yml
# Specify the private key of the container put during converge
private_key: spec/id_rsa # ---------------------------##########################################################--- Not needed ?
require_chef_for_busser: false # No need of chef
# Give dedicated ansible hosts file for kitchen. See the role example if you want to avoid it
ansible_inventory: kitchen-hosts
# Add some random variables
extra_vars:
a: b
# BUG Related to https://github.com/test-kitchen/test-kitchen/pull/1047
transport:
max_ssh_sessions: 2
platforms:
# The important fact is that we define 2 images.
# * One with pre-installed ansible for bastion to run faster tests (no need overhead of ansible setup for each build.)
# * One basic clean debian image
- name: debian-kitchen
driver_config:
image: gaell/debian-kitchen
platform: debian
- name: debian
driver_config:
image: debian
platform: debian
verifier:
name: busser
plugin:
- Ansiblespec
ruby_bindir: '/usr/bin'
# kitchen will run each "suites" on each "platforms".
# Because of our "hack" to have one pre build image for the bastion and one image for others nodes.
# We are not using kitchen like this so, we specify platforms to exclude on each suites.
suites:
- name: web
provisioner:
ansible_playbook_command: echo 'NOOOP ANSIBLE' # Work at converge, disable ansible
# If we disable all ansible require, the install_busser_prereqs will not be handled
require_ansible_omnibus: false # No need ansible on this container
require_ansible_source: false # No need ansible on this container
require_ansible_repo: false # No need ansible on this container
require_ruby_for_busser: true # see note [1]
driver:
# work at create
provision_command:
- sudo apt-get install -y ruby # see note [1]
- sudo apt-get install -y net-tools # For netstat used by serverspec
# Create a share volume to share source code of our app with the back container.
volume: /mnt
driver_config:
instance_name: web
excludes:
- debian-kitchen
- name: back
provisioner:
ansible_playbook_command: echo 'NOOOP ANSIBLE' # Work at converge, disable ansible
# If we disable all ansible require, the install_busser_prereqs will not be handled
require_ansible_omnibus: false # No need ansible on this container
require_ansible_source: false # No need ansible on this container
require_ansible_repo: false # No need ansible on this container
require_ruby_for_busser: true # see note [1]
driver:
# work at create
provision_command:
- sudo apt-get install -y ruby # see note [1]
- sudo apt-get install -y net-tools # For netstat used by serverspec
# Get shared volume from the web container
volumes_from: web
driver_config:
instance_name: back
excludes:
- debian-kitchen
- name: ansible
provisioner:
require_ansible_omnibus: false # No force ansible from repo
require_ansible_source: false # No force ansible from repo
require_ansible_repo: true
require_ruby_for_busser: true # see note [1] because of require_ansible_repo, don't need of manual ruby install
# Specify the private key path inside the container that ansible will use to run
# See copy_private_key_cmd function in github to know more on this subject :
# https://github.com/neillturner/kitchen-ansible/blob/master/lib/kitchen/provisioner/ansible_playbook.rb
# This private key will be copied in kitchen home directory at the kitchen converge step. Juste before run ansible
private_key: spec/id_rsa
driver_config:
hostname: ansible.local
instance_name: ansible
# The bastion need to be declared at the end. Docker need to create first containers on which you are linked
links:
- "web:web"
- "back:back"
excludes:
- debian
# Notes :
# [1]
# Install ruby manualy. Because even if you put require_ruby_for_busser true, kitchen-ansible will not install it if
# you don't select require_ansible_omnibus or require_ansible_source or require_ansible_repo
# see : https://github.com/neillturner/kitchen-ansible/blob/847d2517617f8e1109cfe6862bd6809773f58b20/lib/kitchen/provisioner/ansible_playbook.rb#L98