Merge pull request #7 from PowerDNS/molecule-tests

Molecule tests

.gitignore

@@ -1,24 +1,11 @@
+# Ignore the Python cache files
+__pycache__
+*.pyc
 
-# Created by https://www.gitignore.io/api/vim,linux
-
-### Vim ###
-[._]*.s[a-w][a-z]
-[._]s[a-w][a-z]
-*.un~
-Session.vim
-.netrwhist
-*~
-
-
-### Linux ###
-*~
-
-# temporary files which can be created if a process still has a handle open of a deleted file
-.fuse_hidden*
-
-# KDE directory preferences
-.directory
-
-# Linux trash folder which might appear on any partition or disk
-.Trash-*
+# Ignore the vagrant, molecule and testinfra temp files
+.vagrant
+.molecule
+.cache
 
+# Ignore the Ansible retry files
+*.retry

.travis.yml

@@ -1,29 +1,28 @@
 ---
+
 language: python
 python: "2.7"
 
-# Use the new container infrastructure
-sudo: false
-
-# Install ansible
-addons:
-  apt:
-    packages:
-    - python-pip
+sudo: required
 
-install:
-  # Install ansible
-  - pip install ansible
+# Enable the docker service
+services:
+  - docker
 
-  # Check ansible version
-  - ansible --version
+# Replace aufs with the vfs docker storage driver
+# to prevent systemd to fail starting docker in docker.
+before_install:
+  - sudo sed -i 's|DOCKER_OPTS=.*|DOCKER_OPTS="-H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock --storage-driver vfs"|g' /etc/default/docker
+  - sudo service docker restart
+  - docker info
 
-  # Create ansible.cfg with correct roles_path
-  - printf '[defaults]\nroles_path=../' >ansible.cfg
+# Install molecule
+install:
+  - pip install -r test-requirements.txt
 
+# Tests all the scenarios
 script:
-  # Basic role syntax check
-  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+  - molecule test --all
 
 notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

.yamllint

@@ -0,0 +1,18 @@
+extends: default
+
+rules:
+
+  # Disable line-length and truthy values reporting
+  line-length: disable
+  truthy: disable
+
+  # Max 1 space to separate the elements in brakets
+  braces:
+    max-spaces-inside: 1
+
+  # Max 1 space in empty brackets
+  brackets:
+    min-spaces-inside-empty: 0
+    max-spaces-inside-empty: 1
+
+

defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 
 # By default no additional repository is added to the hosts to install dnsdist
-dnsdist_install_repo: "" 
+dnsdist_install_repo: ""
 
 # Install the EPEL repository.
 # EPEL is needed to satisfy some dnsdist dependencies like lidsodium

molecule/README.md

@@ -0,0 +1,64 @@
+# Testing with Molecule
+
+This role uses [molecule](https://molecule.readthedocs.io/en/latest/) 
+to implement automated testing of its functionalities. 
+
+## Requirements
+
+* Ansible >= 2.2 
+* molecule v2
+* Docker
+
+## Create a Docker virtual machine (optional on most Linux distros) 
+
+On some systems, e.g. OS X, is not possible to run successfully the docker-based molecule test-suite
+because of the lack of systemd support (the services in the docker containers will fail to start).
+
+To overcome this issue, make sure to have
+
+* Vagrant
+* Virtualbox
+* docker-machine
+
+installed on your system and follow these instructions to create a docker virtual machine
+to use for your tests
+
+```bash
+# Create the virtual machine
+vagrant up
+
+# Install docker inside the virtual machine
+docker-machine create -d generic \
+--generic-ssh-user vagrant \
+--generic-ssh-key .vagrant/machines/molecule-dnsdist/virtualbox/private_key \
+--generic-ip-address "$(vagrant ssh -- hostname -I | cut -d ' ' -f 2)" \
+--engine-install-url "https://get.docker.com" \
+molecule-dnsdist
+
+# Connect your local docker client to the docker deamon running in the virtual machine
+eval $(docker-machine env molecule-dnsdist)
+```
+
+To clean-up the environment just execute
+
+```bash
+# Destroy the virtual machine
+vagrant rm
+
+# Remove the docker virtual machine from the docker-machines list
+docker-machine rm molecule-dnsdist
+```
+
+# Execute the tests
+
+```bash
+# if using the docker virtual machine
+eval $(docker-machine env molecule-dnsdist)
+
+# test all the scenarios
+molecule test --all
+
+# execute only a specific scenario
+# e.g.
+molecule test --scenario-name dnsdist-1.2.x
+```

molecule/Vagrantfile

@@ -0,0 +1,38 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  config.vm.define "molecule-dnsdist" do |test|
+
+    # Every Vagrant development environment requires a box. You can search for
+    # boxes at https://vagrantcloud.com/search.
+    test.vm.box = "bento/ubuntu-16.04"
+
+    # Create a private network, which allows host-only access to the machine
+    # using a specific IP.
+    test.vm.network "private_network", type: "dhcp"
+
+    # Provider-specific configuration so you can fine-tune various
+    # backing providers for Vagrant. These expose provider-specific options.
+    test.vm.provider "virtualbox" do |vb|
+      # Customize the VM name
+      vb.name = "molecule-dnsdist"
+
+      # Customize the amount of memory on the VM:
+      vb.memory = "1024"
+    end
+
+    # Enable provisioning with a shell script. Additional provisioners such as
+    # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
+    # documentation for more information about their specific syntax and use.
+    # test.vm.provision "shell", inline: <<-SHELL
+    #   apt-get update
+    #   apt-get install -y apache2
+    # SHELL
+  end
+
+end

molecule/common/Dockerfile.centos-systemd.j2

@@ -0,0 +1,28 @@
+FROM {{ item.image }}
+
+# Tell systemd that we're running inside a Docker container.
+ENV container docker
+
+# Configure systemd to run into the container (see https://hub.docker.com/_/centos/)
+RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+rm -f /lib/systemd/system/multi-user.target.wants/*;\
+rm -f /etc/systemd/system/*.wants/*;\
+rm -f /lib/systemd/system/local-fs.target.wants/*; \
+rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+rm -f /lib/systemd/system/basic.target.wants/*;\
+rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+# Install sudo and disable requiretty
+RUN yum -y install sudo
+RUN /usr/bin/sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD [ "/usr/sbin/init" ]
+
+# Make sure all the Ansible dependencies are there.
+RUN touch /var/lib/rpm/* \
+  && yum makecache fast \
+  && yum update -y \
+  && yum install -y python sudo yum-plugin-ovl bash \
+  && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf

molecule/common/Dockerfile.debian-systemd.j2

@@ -0,0 +1,33 @@
+FROM {{ item.image }}
+
+# Tell systemd that we're running inside a Docker container.
+ENV container docker
+
+# Make sure systemd is fully installed in the system.
+RUN apt-get update \
+  && apt-get install -y systemd \
+  && apt-get clean \
+  && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Don't start the optional systemd services. 
+RUN cd /lib/systemd/system/sysinit.target.wants/; ls | grep -v systemd-tmpfiles-setup | xargs rm -f $1 \
+rm -f /lib/systemd/system/multi-user.target.wants/*;\
+rm -f /etc/systemd/system/*.wants/*;\
+rm -f /lib/systemd/system/local-fs.target.wants/*; \
+rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+rm -f /lib/systemd/system/basic.target.wants/*;\
+rm -f /lib/systemd/system/anaconda.target.wants/*; \
+rm -f /lib/systemd/system/plymouth*; \
+rm -f /lib/systemd/system/systemd-update-utmp*;
+
+RUN systemctl set-default multi-user.target
+
+VOLUME [ "/sys/fs/cgroup" ]
+CMD [ "/sbin/init" ]
+
+# Make sure all the Ansible dependencies are there.
+RUN apt-get update \
+  && apt-get upgrade -y \
+  && apt-get install -y python sudo bash ca-certificates gnupg \
+  && apt-get clean

molecule/common/Dockerfile.default.j2

@@ -0,0 +1,9 @@
+FROM {{ item.image }}
+
+RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get upgrade -y && apt-get install -y python sudo bash ca-certificates && apt-get clean; \
+    elif [ $(command -v yum) ]; then yum makecache fast && yum update -y && yum install -y python sudo yum-plugin-ovl bash initscripts && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \
+    elif [ $(command -v zypper) ]; then zypper refresh && zypper update -y && zypper install -y python sudo bash python-xml && zypper clean -a; \
+    elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \
+    elif [ $(command -v dnf) ]; then dnf makecache fast && dnf --assumeyes install python python-devel python2-dnf bash && dnf clean all; fi
+
+CMD [ "sleep", "infinity" ]

molecule/common/create.yml

@@ -0,0 +1,59 @@
+---
+
+- name: Create molecule Docker instance(s)
+  hosts: localhost
+  connection: local
+  gather_facts: False
+  vars_files:
+    - molecule-vars.yml
+  tasks:
+    - name: Create Dockerfiles from image names
+      template:
+        src: "{{ molecule_scenario_directory }}/../common/Dockerfile.{{ item.image_tpl | default('default') }}.j2"
+        dest: "{{ molecule_ephemeral_directory }}/Dockerfile_{{ item.image | regex_replace('[^a-zA-Z0-9_]', '_') }}"
+      with_items: "{{ molecule_yml.platforms }}"
+      register: platforms
+
+    - name: Discover local Docker images
+      docker_image_facts:
+        name: "molecule_local/{{ item.item.name }}"
+        docker_host: "{{ docker_host | default(omit) }}"
+        cacert_path: "{{ docker_tls_ca_cert | default(omit) }}"
+        cert_path: "{{ docker_tls_client_cert | default(omit) }}"
+        key_path: "{{ docker_tls_client_key | default(omit) }}"
+        tls_verify: "{{ docker_tls_verify | default(omit) }}"
+      with_items: "{{ platforms.results }}"
+      register: docker_images
+
+    - name: Build an Ansible compatible image
+      docker_image:
+        path: "{{ molecule_ephemeral_directory }}"
+        name: "molecule_local/{{ item.item.image }}"
+        dockerfile: "{{ item.item.dockerfile | default(item.invocation.module_args.dest) }}"
+        force: "{{ item.item.force | default(True) }}"
+        docker_host: "{{ docker_host | default(omit) }}"
+        cacert_path: "{{ docker_tls_ca_cert | default(omit) }}"
+        cert_path: "{{ docker_tls_client_cert | default(omit) }}"
+        key_path: "{{ docker_tls_client_key | default(omit) }}"
+        tls_verify: "{{ docker_tls_verify | default(omit) }}"
+      with_items: "{{ platforms.results }}"
+      when: platforms.changed or docker_images.results | map(attribute='images') | select('equalto', []) | list | count >= 0
+
+    - name: Create molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        hostname: "{{ item.name }}"
+        image: "molecule_local/{{ item.image }}"
+        command: "{{ item.command | default(omit) }}"
+        privileged: yes
+        volumes:
+          # Mount the cgroups fs to allow SystemD to run into the containers
+          - "/sys/fs/cgroup:/sys/fs/cgroup:ro"
+        recreate: no
+        state: started
+        docker_host: "{{ docker_host | default(omit) }}"
+        cacert_path: "{{ docker_tls_ca_cert | default(omit) }}"
+        cert_path: "{{ docker_tls_client_cert | default(omit) }}"
+        key_path: "{{ docker_tls_client_key | default(omit) }}"
+        tls_verify: "{{ docker_tls_verify | default(omit) }}"
+      with_items: "{{ molecule_yml.platforms }}"

molecule/common/destroy.yml

@@ -0,0 +1,20 @@
+---
+
+- name: Destroy molecule Docker instance(s)
+  hosts: localhost
+  connection: local
+  gather_facts: False
+  vars_files:
+    - molecule-vars.yml
+  tasks:
+    - name: Destroy molecule instance(s)
+      docker_container:
+        name: "{{ item.name }}"
+        state: absent
+        force_kill: "{{ item.force_kill | default(True) }}"
+        docker_host: "{{ docker_host | default(omit) }}"
+        cacert_path: "{{ docker_tls_ca_cert | default(omit) }}"
+        cert_path: "{{ docker_tls_client_cert | default(omit) }}"
+        key_path: "{{ docker_tls_client_key | default(omit) }}"
+        tls_verify: "{{ docker_tls_verify | default(omit) }}"
+      with_items: "{{ molecule_yml.platforms }}"

molecule/common/molecule-vars.yml

@@ -0,0 +1,15 @@
+---
+
+# Molecule
+molecule_file: "{{ lookup('env', 'MOLECULE_FILE') }}"
+molecule_ephemeral_directory: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}"
+molecule_scenario_directory: "{{ lookup('env', 'MOLECULE_SCENARIO_DIRECTORY') }}"
+molecule_yml: "{{ lookup('file', molecule_file) | from_yaml }}"
+
+# Docker
+docker_host: "{{ lookup('env', 'DOCKER_HOST') }}"
+docker_cert_path: "{{ lookup('env', 'DOCKER_CERT_PATH') }}"
+docker_tls_ca_cert: "{% if docker_cert_path %}{{ docker_cert_path }}/ca.pem{% endif %}"
+docker_tls_client_key: "{% if docker_cert_path %}{{ docker_cert_path }}/key.pem{% endif %}"
+docker_tls_client_cert: "{% if docker_cert_path %}{{ docker_cert_path }}/cert.pem{% endif %}"
+docker_tls_verify: "{{ lookup('env', 'DOCKER_TLS_VERIFY') | default('no', true) }}"

molecule/common/playbook.yml

@@ -0,0 +1,13 @@
+---
+
+- name: Install and configure dnsdist
+  hosts: all
+  vars:
+    molecule_scenario_directory: "{{ lookup('env', 'MOLECULE_SCENARIO_DIRECTORY') }}"
+    dnsdist_servers:
+      - '8.8.8.8'
+      - '127.0.0.1:5300'
+  vars_files:
+    - "{{ molecule_scenario_directory }}/scenario-vars.yml"
+  roles:
+    - { role: dnsdist-ansible }