From 1dc0eb5a6ac30fc9229e85ada651c8f58d8f4446 Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Fri, 11 Apr 2025 08:10:51 -0600 Subject: [PATCH] ci: several changes related to new qemu test, ansible-lint, python versions, ubuntu versions There is a new QEMU based test which uses the qemu/kvm capability of github action runners. This is the basis for new bootc/image mode tests which we will be rolling out in the near future. ansible-lint requires that the collection path is set so that the requirements it installs are installed in the correct place. There has been some general github action deprecation of python versions and ubuntu versions that we have had to fix. Remove `CONTRIBUTOR` from the list of users who can trigger citest. For more information, see * https://github.com/linux-system-roles/.github/pull/98 * https://github.com/linux-system-roles/.github/pull/94 * https://github.com/linux-system-roles/.github/pull/93 * https://github.com/linux-system-roles/.github/pull/92 * https://github.com/linux-system-roles/.github/pull/91 Signed-off-by: Rich Megginson --- .github/workflows/ansible-lint.yml | 4 +- .../workflows/ansible-managed-var-comment.yml | 2 +- .github/workflows/ansible-test.yml | 2 +- .../workflows/qemu-kvm-integration-tests.yml | 129 ++++++++++++++++++ .github/workflows/tft.yml | 2 +- .github/workflows/tft_citest_bad.yml | 2 +- README.md | 2 +- plans/test_playbooks_parallel.fmf | 6 - 8 files changed, 137 insertions(+), 12 deletions(-) create mode 100644 .github/workflows/qemu-kvm-integration-tests.yml diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 666b231..c6c1852 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -32,7 +32,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.5.1" - name: Convert role to collection format id: collection @@ -80,3 +80,5 @@ jobs: with: working_directory: ${{ github.workspace }}/.tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }} requirements_file: ${{ steps.collection.outputs.coll_req_file }} + env: + ANSIBLE_COLLECTIONS_PATH: ${{ github.workspace }}/.tox diff --git a/.github/workflows/ansible-managed-var-comment.yml b/.github/workflows/ansible-managed-var-comment.yml index 0864269..99bf5d5 100644 --- a/.github/workflows/ansible-managed-var-comment.yml +++ b/.github/workflows/ansible-managed-var-comment.yml @@ -30,7 +30,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.5.1" - name: Run ansible-plugin-scan run: | diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index 4dbdaa2..b98f69b 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -33,7 +33,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.5.1" - name: Convert role to collection format run: | diff --git a/.github/workflows/qemu-kvm-integration-tests.yml b/.github/workflows/qemu-kvm-integration-tests.yml new file mode 100644 index 0000000..2d65444 --- /dev/null +++ b/.github/workflows/qemu-kvm-integration-tests.yml @@ -0,0 +1,129 @@ +--- +name: QEMU/KVM Integration tests +on: # yamllint disable-line rule:truthy + pull_request: + merge_group: + branches: + - main + types: + - checks_requested + push: + branches: + - main + workflow_dispatch: + +permissions: + contents: read + # This is required for the ability to create/update the Pull request status + statuses: write +jobs: + qemu_kvm: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + scenario: + - { image: "centos-9", env: "qemu-ansible-core-2.16" } + - { image: "centos-10", env: "qemu-ansible-core-2.17" } + # ansible/libdnf5 bug: https://issues.redhat.com/browse/RHELMISC-10110 + # - { image: "fedora-41", env: "qemu-ansible-core-2.17" } + - { image: "fedora-42", env: "qemu-ansible-core-2.17" } + steps: + - name: Checkout repo + uses: actions/checkout@v4 + + - name: Check if platform is supported + id: check_platform + run: | + set -euxo pipefail + image="${{ matrix.scenario.image }}" + + # convert image to tag formats + platform= + platform_version= + case "$image" in + centos-*) platform=el; platform_version=el"${image#centos-}" ;; + fedora-*) platform=fedora; platform_version="${image/-/}" ;; + esac + supported= + if yq -e '.galaxy_info.galaxy_tags[] | select(. == "'${platform_version}'" or . == "'${platform}'")' meta/main.yml; then + supported=true + fi + + echo "supported=$supported" >> "$GITHUB_OUTPUT" + + - name: Set up /dev/kvm + if: steps.check_platform.outputs.supported + run: | + echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm.rules + sudo udevadm control --reload-rules + sudo udevadm trigger --name-match=kvm --settle + ls -l /dev/kvm + + - name: Disable man-db to speed up package install + if: steps.check_platform.outputs.supported + run: | + echo "set man-db/auto-update false" | sudo debconf-communicate + sudo dpkg-reconfigure man-db + + - name: Install test dependencies + if: steps.check_platform.outputs.supported + run: | + set -euxo pipefail + python3 -m pip install --upgrade pip + sudo apt update + sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86 + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.5.1" + + - name: Configure tox-lsr + if: steps.check_platform.outputs.supported + run: >- + curl -o ~/.config/linux-system-roles.json + https://raw.githubusercontent.com/linux-system-roles/linux-system-roles.github.io/master/download/linux-system-roles.json + + - name: Run qemu/kvm tox integration tests + if: steps.check_platform.outputs.supported + run: >- + tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch + --log-level=debug --skip-tags tests::infiniband -- + + - name: Test result summary + if: steps.check_platform.outputs.supported && always() + run: | + set -euo pipefail + # some platforms may have setup/cleanup playbooks - need to find the + # actual test playbook that starts with tests_ + while read code start end test_files; do + for f in $test_files; do + f="$(basename $f)" + if [[ "$f" =~ ^tests_ ]]; then + break + fi + done + if [ "$code" = "0" ]; then + echo -n "PASS: " + else + echo -n "FAIL: " + fi + echo "$f" + done < batch.report + + - name: Show test logs on failure + if: steps.check_platform.outputs.supported && failure() + run: | + set -euo pipefail + for f in tests/*.log; do + echo "::group::$(basename $f)" + cat "$f" + echo "::endgroup::" + done + + - name: Set commit status as success with a description that platform is skipped + if: ${{ steps.check_platform.outputs.supported == '' }} + uses: myrotvorets/set-commit-status-action@master + with: + status: success + context: "${{ github.workflow }} / qemu_kvm (${{ matrix.scenario.image }}, ${{ matrix.scenario.env }}) (pull_request)" + description: The role does not support this platform. Skipping. + targetUrl: "" diff --git a/.github/workflows/tft.yml b/.github/workflows/tft.yml index 9a1d25a..ac75d5c 100644 --- a/.github/workflows/tft.yml +++ b/.github/workflows/tft.yml @@ -21,7 +21,7 @@ jobs: if: | github.event.issue.pull_request && contains(github.event.comment.body, '[citest]') - && (contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR", "CONTRIBUTOR"]'), github.event.comment.author_association) + && (contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) || contains('systemroller', github.event.comment.user.login)) runs-on: ubuntu-latest outputs: diff --git a/.github/workflows/tft_citest_bad.yml b/.github/workflows/tft_citest_bad.yml index 9f48f35..b78c813 100644 --- a/.github/workflows/tft_citest_bad.yml +++ b/.github/workflows/tft_citest_bad.yml @@ -11,7 +11,7 @@ jobs: if: | github.event.issue.pull_request && contains(fromJson('["[citest_bad]", "[citest-bad]", "[citest bad]"]'), github.event.comment.body) - && contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR", "CONTRIBUTOR"]'), github.event.comment.author_association) + && contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) permissions: actions: write # for re-running failed jobs: https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#re-run-a-job-from-a-workflow-run runs-on: ubuntu-latest diff --git a/README.md b/README.md index 715eb92..588c862 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # PostgreSQL system role -[![ansible-lint.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-test.yml) [![codespell.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/codespell.yml) [![markdownlint.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/markdownlint.yml) [![tft.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/woke.yml) +[![ansible-lint.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/ansible-test.yml) [![codespell.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/codespell.yml) [![markdownlint.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/markdownlint.yml) [![qemu-kvm-integration-tests.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/qemu-kvm-integration-tests.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/qemu-kvm-integration-tests.yml) [![tft.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/postgresql/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/postgresql/actions/workflows/woke.yml) The PostgreSQL system role installs, configures, and starts the PostgreSQL server. diff --git a/plans/test_playbooks_parallel.fmf b/plans/test_playbooks_parallel.fmf index 0f0bfff..9a352c2 100644 --- a/plans/test_playbooks_parallel.fmf +++ b/plans/test_playbooks_parallel.fmf @@ -5,16 +5,10 @@ provision: # Hence there is no need to define `how` explicitly. - name: control-node1 role: control_node - # `connection: system` is required for `how: virtual` to assign VMs a real - # IP making SSH configuration easier. - # This setting is ignored in `artemis`, so we can leave it as is. - connection: system - name: managed-node1 role: managed_node - connection: system - name: managed-node2 role: managed_node - connection: system environment: SR_ANSIBLE_VER: 2.17 SR_REPO_NAME: postgresql