This repo contains some submodule repos & resources for Ansible TDD, BDD, XDD, and such. It includes many examples given and sourced from these sources:
- Tighten Your Quality Feedback Loop
- Infrastructure Testing with Ansible and Serverspec
- kitchen-ansible Test Kitchen Provisioner
If you are not familiar with Test Kitchen, I suggest you view the quick test-kitchen demo slideshow here. If you have more time, you might want to also check out Fletcher Nichol's full DevOps Days Presentation here.
- Install ChefDK (Current version: 2.4.17)
- Install kitchen-ansible gem
- If you have
rvminstalled, first:rvm use system - With ChefDK < 0.3.1:
- install to
/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/with:$(/opt/chefdk/bin/chef shell-init $(basename $SHELL)); sudo /opt/chefdk/embedded/bin/gem install kitchen-ansible
- install to
- OR With ChefDK >= 0.3.1:
- Install to
~/.chefdk/gem/ruby/2.1.0/gems/with:chef exec gem install kitchen-ansible(Recommended) - Install to
/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/with:sudo chef gem install kitchen-ansible(NOTE: This will install to system ChefDK location!)
- Install to
- Install VirtualBox (Current version: 5.2.6)
- Install Vagrant (Current version: 2.0.2)
Now you're ready to use test-kitchen along with the kitchen-ansible Provisioner.
The ansible-examples repo contains a demo of using test-kitchen with ansible and the kitchen-ansible Provisioner. To try it out:
- Checkout submodule repos:
git submodule update --init cd ansible-examples/tomcat-standalone- Run Test Kitchen:
kitchen test
When developing playbooks and roles, it's helpful to have YAML syntax check (and of course ansible-playbook --syntax-check). In this repo is an example Guardfile for using the Guard Ruby gem to do this automatically for you each time you edit a file! Plus, it notifies you of results via a "growl" style notification (on Mac). This should also work on Windows or Linux with the alternate gems listed in Gemfile, but this has not been tested for a while!.
To use this example, you first need Ruby >= 2.3 or >= 2.2.6. I used Ruby 2.2.5 via RVM. You also need to install bundler (gem install bundler).
Once you have Ruby and bundler, all you need is:
# Make sure you are in this repo's directory!
# cd path/to/ansible-tdd/
bundle install
bundle exec guard
Now, try editing a file to introduce a syntax error and Guard will notify you! (It also shows if syntax check result was success)
For example, this repo contains some roles under roles/. Edit one of the tasks files to introduce an error.
If you are using an older version of Ansible, you may run into errors with playbooks that include encrypted Ansible Vault vars files! The example Guardfile handles this gracefully, as long as you use a vault password file and follow the naming convention.
If you are using playbooks with Ansible Vault vars files, you need to place your Vault password files (just a text file containing the Ansible Vault encryption password) into $HOME/secrets/.
This example Guardfile has this path hardcoded, and uses a naming convention based on the playbook name! If you want to modify this location, edit your Guardfile appropriately.
For a playbook with encrypted vars file, it might be using task: - include_vars: path/to/your/encrypted-vars.yml
If the playbook directory was named foo-playbook, place the Ansible Vault password file in this location: $HOME/secrets/ansible-vault-foo-playbook
The reason this is necessary is because in older versions of Ansible, ansible-playbook --syntax-check will throw an error if the playbook cannot decrypt the Ansible vault vars file, and also if you try to use an undefined variable. To work around this, the example Guardfile checks for existence of a Vault password file in ~/secrets that matches the playbook name. If found, it passes this in to ansible-playbook --syntax-check via --vault-password-file=$HOME/secrets/ansible-vault-<PLAYBOOK_NAME>.
New versions of Ansible will not have this problem in --syntax-check mode!
This repo contains an example playbook under playbooks/wemux-vault/example.yml that uses an encypted vars file. The password to decrypt this is included in playbooks/wemux-vault/ansible-vault-wemux-vault. Place this file at $HOME/secrets/ansible-vault-wemux-vault to fix any Guard errors. The included Guardfile will see you have placed the password file there and now syntax check should work!