From 14a57933c8856ac2aa552bd0ec6fb97fb568838a Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Tue, 7 Dec 2021 20:13:35 +0000 Subject: [PATCH 1/6] pulp_distribution: allow base_path to be unset for containers We should not need to define a base_path when state=absent. Fixes: #35 --- roles/pulp_distribution/tasks/container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/pulp_distribution/tasks/container.yml b/roles/pulp_distribution/tasks/container.yml index 67a69f8..937d325 100644 --- a/roles/pulp_distribution/tasks/container.yml +++ b/roles/pulp_distribution/tasks/container.yml @@ -6,7 +6,7 @@ password: "{{ pulp_password }}" validate_certs: "{{ pulp_validate_certs | bool }}" name: "{{ item.name }}" - base_path: "{{ item.base_path }}" + base_path: "{{ item.base_path | default(omit) }}" repository: "{{ item.repository | default(omit) }}" version: "{{ item.version | default(omit) }}" content_guard: "{{ item.content_guard | default(omit) }}" From 1214cda19b90fd8c570964c344ea40303929528f Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Tue, 7 Dec 2021 20:15:32 +0000 Subject: [PATCH 2/6] Add tests for container repositories and distributions --- tests/test_container_distribution.yml | 104 ++++++++++++++++++++++++++ tests/test_container_repository.yml | 81 ++++++++++++++++++++ 2 files changed, 185 insertions(+) create mode 100644 tests/test_container_distribution.yml create mode 100644 tests/test_container_repository.yml diff --git a/tests/test_container_distribution.yml b/tests/test_container_distribution.yml new file mode 100644 index 0000000..fc8fef0 --- /dev/null +++ b/tests/test_container_distribution.yml @@ -0,0 +1,104 @@ +--- +- name: Test container distribution + gather_facts: false + hosts: localhost + vars: + pulp_url: http://localhost:8080 + pulp_username: admin + pulp_password: password + pulp_validate_certs: true + tasks: + - include_role: + name: pulp_repository + vars: + pulp_repository_container_repos: + - name: test_container_repo + upstream_name: pulp/test-fixture-1 + url: "https://registry-1.docker.io" + policy: immediate + state: present + + - include_role: + name: pulp_distribution + vars: + pulp_distribution_container: + - name: test_container_distribution + base_path: test_container_distribution + repository: test_container_repo + state: present + - name: test_container_distribution_version_1 + base_path: test_container_distribution_version_1 + repository: test_container_repo + version: 1 + state: present + + - name: Query repository + pulp.squeezer.container_repository: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + name: test_container_repo + register: repo_result + + - name: Query distribution + pulp.squeezer.container_distribution: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + name: test_container_distribution + register: dist_result + + - name: Query distribution version 1 + pulp.squeezer.container_distribution: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + name: test_container_distribution_version_1 + register: dist_version_1_result + + - name: Verify distribution creation + assert: + that: + - dist_result.distribution.name == "test_container_distribution" + - dist_result.distribution.base_path == "test_container_distribution" + - dist_result.distribution.repository == repo_result.repository.pulp_href + - dist_result.distribution.repository_version is none + + - name: Verify distribution creation + assert: + that: + - dist_version_1_result.distribution.name == "test_container_distribution_version_1" + - dist_version_1_result.distribution.base_path == "test_container_distribution_version_1" + - dist_version_1_result.distribution.repository is none + - dist_version_1_result.distribution.repository_version == repo_result.repository.latest_version_href + + - include_role: + name: pulp_distribution + vars: + pulp_distribution_container: + - name: test_container_distribution + state: absent + - name: test_container_distribution_version_1 + state: absent + + - include_role: + name: pulp_repository + vars: + pulp_repository_container_repos: + - name: test_container_repo + state: absent + + - name: Query distributions + pulp.squeezer.container_distribution: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + register: container_distributions + + - name: Verify distribution deletion + assert: + that: container_distributions.distributions | length == 0 diff --git a/tests/test_container_repository.yml b/tests/test_container_repository.yml new file mode 100644 index 0000000..c5379a3 --- /dev/null +++ b/tests/test_container_repository.yml @@ -0,0 +1,81 @@ +--- +- name: Test container repositories + gather_facts: false + hosts: localhost + vars: + pulp_url: http://localhost:8080 + pulp_username: admin + pulp_password: password + pulp_validate_certs: true + tasks: + - include_role: + name: pulp_repository + vars: + pulp_repository_container_repos: + - name: test_container_repo + upstream_name: pulp/test-fixture-1 + url: "https://registry-1.docker.io" + policy: immediate + state: present + + - name: Query repository + pulp.squeezer.container_repository: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + name: test_container_repo + register: repo_result + + - name: Verify repository creation + assert: + that: + - repo_result.repository.name == "test_container_repo" + + - name: Query remote + pulp.squeezer.container_remote: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + name: test_container_repo-remote + register: remote_result + + - name: Verify remote creation + assert: + that: + - remote_result.remote.name == "test_container_repo-remote" + - remote_result.remote.url == "https://registry-1.docker.io" + - remote_result.remote.upstream_name == "pulp/test-fixture-1" + - remote_result.remote.policy == "immediate" + + - include_role: + name: pulp_repository + vars: + pulp_repository_container_repos: + - name: test_container_repo + state: absent + + - name: Query repositories + pulp.squeezer.container_repository: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + register: container_repositories + + - name: Verify repository deletion + assert: + that: container_repositories.repositories | length == 0 + + - name: Query remotes + pulp.squeezer.container_remote: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + register: container_remotes + + - name: Verify remote deletion + assert: + that: container_remotes.remotes | length == 0 From cdf5be78618e205230faf494a799f9e6d3b307b9 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 8 Dec 2021 10:36:12 +0000 Subject: [PATCH 3/6] Add a test for pulp_content_guard role --- tests/files/ca.pem | 28 +++++++++++++++++++ tests/test_content_guard.yml | 53 ++++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 tests/files/ca.pem create mode 100644 tests/test_content_guard.yml diff --git a/tests/files/ca.pem b/tests/files/ca.pem new file mode 100644 index 0000000..1b938f7 --- /dev/null +++ b/tests/files/ca.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCB +vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL +ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp +U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W +ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe +Fw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJVUzEX +MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0 +IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9y +IGF1dGhvcml6ZWQgdXNlIG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNh +bCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj1mCOkdeQmIN65lgZOIzF +9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGPMiJhgsWH +H26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+H +LL729fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN +/BMReYTtXlT2NJ8IAfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPT +rJ9VAMf2CGqUuV/c4DPxhGD5WycRtPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1Ud +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0GCCsGAQUFBwEMBGEwX6FdoFsw +WTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2Oa8PPgGrUSBgs +exkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud +DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4 +sAPmLGd75JR3Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+ +seQxIcaBlVZaDrHC1LGmWazxY8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz +4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTxP/jgdFcrGJ2BtMQo2pSXpXDrrB2+ +BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+PwGZsY6rp2aQW9IHR +lRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4mJO3 +7M2CYfE45k+XmCpajQ== +-----END CERTIFICATE----- diff --git a/tests/test_content_guard.yml b/tests/test_content_guard.yml new file mode 100644 index 0000000..f2353ff --- /dev/null +++ b/tests/test_content_guard.yml @@ -0,0 +1,53 @@ +--- +- name: Test content guards + gather_facts: false + hosts: localhost + vars: + pulp_url: http://localhost:8080 + pulp_username: admin + pulp_password: password + pulp_validate_certs: true + tasks: + - include_role: + name: pulp_content_guard + vars: + pulp_content_guard_x509_cert_guards: + - name: test_cert_guard + description: foo + ca_certificate: "{{ lookup('file', 'files/ca.pem') }}" + state: present + + - name: Query content guard + pulp.squeezer.x509_cert_guard: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + name: test_cert_guard + register: cg_result + + - name: Verify cert guard creation + assert: + that: + - cg_result.content_guard.name == "test_cert_guard" + - cg_result.content_guard.description == "foo" + - cg_result.content_guard.ca_certificate == lookup('file', 'files/ca.pem') + + - include_role: + name: pulp_content_guard + vars: + pulp_content_guard_x509_cert_guards: + - name: test_cert_guard + state: absent + + - name: Query content guards + pulp.squeezer.x509_cert_guard: + pulp_url: "{{ pulp_url }}" + username: "{{ pulp_username }}" + password: "{{ pulp_password }}" + validate_certs: "{{ pulp_validate_certs }}" + register: cert_guards + + - name: Verify cert guard deletion + assert: + that: cert_guards.content_guards | length == 0 From 2e1065d0cf9e2d33b3268911b29f0223fa212f1c Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 8 Dec 2021 10:37:13 +0000 Subject: [PATCH 4/6] pulp_django_user: add jmespath requirement to readme --- roles/pulp_django_user/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/pulp_django_user/README.md b/roles/pulp_django_user/README.md index 52be468..3468b1f 100644 --- a/roles/pulp_django_user/README.md +++ b/roles/pulp_django_user/README.md @@ -3,6 +3,11 @@ pulp_django_user This role creates Django users using the Django admin site. +Requirements +------------ + +The `jmespath` Python module must be installed on the Ansible control host. + Role variables -------------- From 47455c07848ddece57fd694b0fb590a7e3736238 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 8 Dec 2021 10:36:23 +0000 Subject: [PATCH 5/6] Add a test for pulp_django_user role --- .github/workflows/pull_request.yml | 2 +- tests/test_django_user.yml | 91 ++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+), 1 deletion(-) create mode 100644 tests/test_django_user.yml diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 3e9f18d..5042b71 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -42,7 +42,7 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install ansible==5.* + pip install ansible==5.* jmespath ansible-galaxy collection install git+file://$(pwd) - name: Run Pulp in one diff --git a/tests/test_django_user.yml b/tests/test_django_user.yml new file mode 100644 index 0000000..aa3909f --- /dev/null +++ b/tests/test_django_user.yml @@ -0,0 +1,91 @@ +--- +- name: Test django users + gather_facts: false + hosts: localhost + vars: + pulp_url: http://localhost:8080 + pulp_admin_username: admin + pulp_admin_password: password + pulp_validate_certs: true + tasks: + - name: Query groups + uri: + url: "{{ pulp_url }}/pulp/api/v3/groups/" + user: "{{ pulp_admin_username }}" + password: "{{ pulp_admin_password }}" + method: GET + body_format: json + status_code: 200 + force_basic_auth: true + register: groups_result + + - name: Create groups + uri: + url: "{{ pulp_url }}/pulp/api/v3/groups/" + user: "{{ pulp_admin_username }}" + password: "{{ pulp_admin_password }}" + method: POST + body: + name: "{{ item }}" + body_format: json + status_code: 201 + force_basic_auth: true + loop: + - test_group1 + - test_group2 + when: item not in groups_result.json.results | map(attribute='name') | list + + - include_role: + name: pulp_django_user + vars: + pulp_django_users: + - username: test_user + password: correct horse battery staple + groups: + - test_group1 + + - name: Query user + uri: + url: "{{ pulp_url }}/pulp/api/v3/users/?username=test_user" + user: "{{ pulp_admin_username }}" + password: "{{ pulp_admin_password }}" + method: GET + status_code: 200 + force_basic_auth: true + register: user_result + + - name: Verify django user creation + assert: + that: + - user_result.json.count == 1 + - user_result.json.results[0].username == "test_user" + - user_result.json.results[0].groups | length == 1 + - user_result.json.results[0].groups[0].name == "test_group1" + + # Update group membership. + - include_role: + name: pulp_django_user + vars: + pulp_django_users: + - username: test_user + password: correct horse battery staple + groups: + - test_group2 + + - name: Query user + uri: + url: "{{ pulp_url }}/pulp/api/v3/users/?username=test_user" + user: "{{ pulp_admin_username }}" + password: "{{ pulp_admin_password }}" + method: GET + status_code: 200 + force_basic_auth: true + register: user_result + + - name: Verify django user group update + assert: + that: + - user_result.json.count == 1 + - user_result.json.results[0].username == "test_user" + - user_result.json.results[0].groups | length == 1 + - user_result.json.results[0].groups[0].name == "test_group2" From e21634d02af2faab3362eb9c12d1e396c7f4cd56 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 8 Dec 2021 10:37:55 +0000 Subject: [PATCH 6/6] Add Pulp in one settings directory to build_ignore in galaxy.yml This directory may contain files we do not have permission to access. --- galaxy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/galaxy.yml b/galaxy.yml index 576f50a..3b54339 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -13,3 +13,5 @@ license: tags: - pulp repository: "https://github.com/stackhpc/ansible-collection-pulp" +build_ignore: + - settings