Skip to content

Commit

Permalink
Merge branch 'linux-system-roles:main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
fila43 authored Oct 14, 2024
2 parents 8457160 + 6e0c8bd commit 1b0d8bd
Show file tree
Hide file tree
Showing 27 changed files with 549 additions and 140 deletions.
6 changes: 3 additions & 3 deletions .README.html
Original file line number Diff line number Diff line change
Expand Up @@ -142,8 +142,8 @@ <h1 class="toc-title">Contents</h1>
</ul></li>
<li><a href="#role-variables" id="toc-role-variables">Role Variables</a>
<ul>
<li><a href="#postgresql_verison"
id="toc-postgresql_verison">postgresql_verison</a></li>
<li><a href="#postgresql_version"
id="toc-postgresql_version">postgresql_version</a></li>
<li><a href="#postgresql_password"
id="toc-postgresql_password">postgresql_password</a></li>
<li><a href="#postgresql_pg_hba_conf"
Expand Down Expand Up @@ -193,7 +193,7 @@ <h2 id="collection-requirements">Collection requirements</h2>
<div class="sourceCode" id="cb1"><pre
class="sourceCode bash"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true" tabindex="-1"></a><span class="ex">ansible-galaxy</span> collection install <span class="at">-vv</span> <span class="at">-r</span> meta/collection-requirements.yml</span></code></pre></div>
<h1 id="role-variables">Role Variables</h1>
<h2 id="postgresql_verison">postgresql_verison</h2>
<h2 id="postgresql_version">postgresql_version</h2>
<p>You can set the version of the PostgreSQL server to 10, 12, 13, 15 or
16.</p>
<div class="sourceCode" id="cb2"><pre
Expand Down
2 changes: 2 additions & 0 deletions .ansible-lint
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,5 @@ exclude_paths:
mock_roles:
- linux-system-roles.postgresql
- linux-system-roles.certificate
supported_ansible_also:
- "2.14.0"
1 change: 1 addition & 0 deletions .fmf/version
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
1
6 changes: 3 additions & 3 deletions .github/workflows/ansible-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.2.1"
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0"
- name: Convert role to collection format
run: |
Expand All @@ -44,6 +44,6 @@ jobs:
mkdir -p "$coll_dir/.git"
- name: Run ansible-lint
uses: ansible/ansible-lint@v6
uses: ansible/ansible-lint@v24
with:
working_directory: .tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}
working_directory: ${{ github.workspace }}/.tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}
2 changes: 1 addition & 1 deletion .github/workflows/ansible-managed-var-comment.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.2.1"
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0"
- name: Run ansible-plugin-scan
run: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/ansible-plugin-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.2.1"
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0"
- name: Run ansible-plugin-scan
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ansible-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
- name: Install tox, tox-lsr
run: |
set -euxo pipefail
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.2.1"
pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.4.0"
- name: Convert role to collection format
run: |
Expand All @@ -44,4 +44,4 @@ jobs:
uses: ansible-community/ansible-test-gh-action@release/v1
with:
testing-type: sanity # wokeignore:rule=sanity
collection-src-directory: .tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}
collection-src-directory: ${{ github.workspace }}/.tox/ansible_collections/${{ env.LSR_ROLE2COLL_NAMESPACE }}/${{ env.LSR_ROLE2COLL_NAME }}
2 changes: 1 addition & 1 deletion .github/workflows/changelog_to_tag.yml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ jobs:
echo "tagname=$_tagname" >> "$GITHUB_OUTPUT"
echo "branch=$_branch" >> "$GITHUB_OUTPUT"
- name: Create tag
uses: mathieudutour/github-tag-action@v6.1
uses: mathieudutour/github-tag-action@v6.2
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
custom_tag: ${{ steps.tag.outputs.tagname }}
Expand Down
194 changes: 194 additions & 0 deletions .github/workflows/tft.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,194 @@
---
name: Run integration tests in Testing Farm
on:
issue_comment:
types:
- created
permissions:
contents: read
# This is required for the ability to create/update the Pull request status
statuses: write
jobs:
prepare_vars:
name: Get info from role and PR to determine if and how to test
# The concurrency key is used to prevent multiple workflows from running at the same time
concurrency:
# group name contains reponame-pr_num to allow simualteneous runs in different PRs
group: testing-farm-${{ github.event.repository.name }}-${{ github.event.issue.number }}
cancel-in-progress: true
# Let's schedule tests only on user request. NOT automatically.
# Only repository owner or member can schedule tests
if: |
github.event.issue.pull_request
&& contains(github.event.comment.body, '[citest]')
&& (contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR", "CONTRIBUTOR"]'), github.event.comment.author_association)
|| contains('systemroller', github.event.comment.user.login))
runs-on: ubuntu-latest
outputs:
supported_platforms: ${{ steps.supported_platforms.outputs.supported_platforms }}
head_sha: ${{ steps.head_sha.outputs.head_sha }}
memory: ${{ steps.memory.outputs.memory }}
steps:
- name: Dump github context
run: echo "$GITHUB_CONTEXT"
shell: bash
env:
GITHUB_CONTEXT: ${{ toJson(github) }}

- name: Checkout repo
uses: actions/checkout@v4

- name: Get head sha of the PR
id: head_sha
run: |
head_sha=$(gh api "repos/$REPO/pulls/$PR_NO" --jq '.head.sha')
echo "head_sha=$head_sha" >> $GITHUB_OUTPUT
env:
REPO: ${{ github.repository }}
PR_NO: ${{ github.event.issue.number }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Checkout PR
uses: actions/checkout@v4
with:
ref: ${{ steps.head_sha.outputs.head_sha }}

- name: Get memory
id: memory
run: |
if [ -d tests/provision.fmf ]; then
memory=$(grep -rPo ' m: \K(.*)' tests/provision.fmf)
fi
if [ -n "$memory" ]; then
echo "memory=$memory" >> $GITHUB_OUTPUT
else
echo "memory=2048" >> $GITHUB_OUTPUT
fi
- name: Get supported platforms
id: supported_platforms
run: |
supported_platforms=""
meta_main=meta/main.yml
# All Fedora are supported, add latest Fedora versions to supported_platforms
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi fedora$; then
supported_platforms+=" Fedora-39"
supported_platforms+=" Fedora-40"
fi
# Specific Fedora versions supported
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qiP 'fedora\d+$'; then
for fedora_ver in $(yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -iPo 'fedora\K(\d+$)'); do
supported_platforms+=" Fedora-$fedora_ver"
done
fi
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi el7; then
supported_platforms+=" CentOS-7-latest"
fi
for ver in 8 9 10; do
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi el"$ver"; then
supported_platforms+=" CentOS-Stream-$ver"
fi
done
echo "supported_platforms=$supported_platforms" >> $GITHUB_OUTPUT
testing-farm:
name: ${{ matrix.platform }}/ansible-${{ matrix.ansible_version }}
needs: prepare_vars
strategy:
fail-fast: false
matrix:
include:
- platform: Fedora-39
ansible_version: 2.17
- platform: Fedora-40
ansible_version: 2.17
- platform: CentOS-7-latest
ansible_version: 2.9
- platform: CentOS-Stream-8
ansible_version: 2.9
# On CentOS-Stream-8, latest supported Ansible is 2.16
- platform: CentOS-Stream-8
ansible_version: 2.16
- platform: CentOS-Stream-9
ansible_version: 2.17
- platform: CentOS-Stream-10
ansible_version: 2.17
runs-on: ubuntu-latest
env:
ARTIFACTS_DIR_NAME: "tf_${{ github.event.repository.name }}-${{ github.event.issue.number }}_\
${{ matrix.platform }}-${{ matrix.ansible_version }}_\
${{ needs.prepare_vars.outputs.datetime }}/artifacts"
ARTIFACT_TARGET_DIR: /srv/pub/alt/${{ vars.LINUXSYSTEMROLES_USER }}/logs
steps:
- name: Set variables with DATETIME and artifact location
id: set_vars
run: |
printf -v DATETIME '%(%Y%m%d-%H%M%S)T' -1
ARTIFACTS_DIR_NAME="tf_${{ github.event.repository.name }}-${{ github.event.issue.number }}_\
${{ matrix.platform }}-${{ matrix.ansible_version }}_$DATETIME/artifacts"
ARTIFACTS_TARGET_DIR=/srv/pub/alt/${{ vars.LINUXSYSTEMROLES_USER }}/logs
ARTIFACTS_DIR=$ARTIFACTS_TARGET_DIR/$ARTIFACTS_DIR_NAME
ARTIFACTS_URL=https://dl.fedoraproject.org/pub/alt/${{ vars.LINUXSYSTEMROLES_USER }}/logs/$ARTIFACTS_DIR_NAME
echo "DATETIME=$DATETIME" >> $GITHUB_OUTPUT
echo "ARTIFACTS_DIR=$ARTIFACTS_DIR" >> $GITHUB_OUTPUT
echo "ARTIFACTS_URL=$ARTIFACTS_URL" >> $GITHUB_OUTPUT
- name: Set commit status as pending
if: contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
uses: myrotvorets/set-commit-status-action@master
with:
sha: ${{ needs.prepare_vars.outputs.head_sha }}
status: pending
context: ${{ matrix.platform }}|ansible-${{ matrix.ansible_version }}
description: Test started
targetUrl: ""

- name: Set commit status as success with a description that platform is skipped
if: "!contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)"
uses: myrotvorets/set-commit-status-action@master
with:
sha: ${{ needs.prepare_vars.outputs.head_sha }}
status: success
context: ${{ matrix.platform }}|ansible-${{ matrix.ansible_version }}
description: The role does not support this platform. Skipping.
targetUrl: ""

- name: Run test in testing farm
uses: sclorg/testing-farm-as-github-action@v3
if: contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
with:
git_url: https://github.com/linux-system-roles/tft-tests
git_ref: main
pipeline_settings: '{ "type": "tmt-multihost" }'
environment_settings: '{ "provisioning": { "tags": { "BusinessUnit": "system_roles" } } }'
# Keeping ARTIFACTS_URL at the bottom makes the link in logs clickable
variables: "ANSIBLE_VER=${{ matrix.ansible_version }};\
REPO_NAME=${{ github.event.repository.name }};\
GITHUB_ORG=${{ github.repository_owner }};\
PR_NUM=${{ github.event.issue.number }};\
ARTIFACTS_DIR=${{ steps.set_vars.outputs.ARTIFACTS_DIR }};\
TEST_LOCAL_CHANGES=false;\
LINUXSYSTEMROLES_USER=${{ vars.LINUXSYSTEMROLES_USER }};\
ARTIFACTS_URL=${{ steps.set_vars.outputs.ARTIFACTS_URL }}"
# Note that LINUXSYSTEMROLES_SSH_KEY must be single-line, TF doesn't read multi-line variables fine.
secrets: "LINUXSYSTEMROLES_DOMAIN=${{ secrets.LINUXSYSTEMROLES_DOMAIN }};\
LINUXSYSTEMROLES_SSH_KEY=${{ secrets.LINUXSYSTEMROLES_SSH_KEY }}"
compose: ${{ matrix.platform }}
# There are two blockers for using public ranch:
# 1. multihost is not supported in public https://github.com/teemtee/tmt/issues/2620
# 2. Security issue that leaks long secrets - Jira TFT-2698
tf_scope: private
api_key: ${{ secrets.TF_API_KEY_RH }}
update_pull_request_status: false
tmt_hardware: '{ "memory": ">= ${{ needs.prepare_vars.outputs.memory }} MB" }'
tmt_plan_filter: "tag:general,postgresql"

- name: Set final commit status
uses: myrotvorets/set-commit-status-action@master
if: always() && contains(needs.prepare_vars.outputs.supported_platforms, matrix.platform)
with:
sha: ${{ needs.prepare_vars.outputs.head_sha }}
status: ${{ job.status }}
context: ${{ matrix.platform }}|ansible-${{ matrix.ansible_version }}
description: Test finished
targetUrl: ${{ steps.set_vars.outputs.ARTIFACTS_URL }}
43 changes: 43 additions & 0 deletions .github/workflows/tft_citest_bad.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
---
name: Re-run failed testing farm tests
on:
issue_comment:
types:
- created
permissions:
contents: read
jobs:
citest_bad_rerun:
if: |
github.event.issue.pull_request
&& contains(fromJson('["[citest_bad]", "[citest-bad]", "[citest bad]"]'), github.event.comment.body)
&& contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR", "CONTRIBUTOR"]'), github.event.comment.author_association)
permissions:
actions: write # for re-running failed jobs: https://docs.github.com/en/rest/actions/workflow-runs?apiVersion=2022-11-28#re-run-a-job-from-a-workflow-run
runs-on: ubuntu-latest
steps:
- name: Wait 10s until tft.yml workflow is created and skipped because new comment don't match [citest]
run: sleep 10s

- name: Re-run failed jobs for this PR
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPO: ${{ github.repository }}
PR_TITLE: ${{ github.event.issue.title }}
run: |
PENDING_RUN=$(gh api "repos/$REPO/actions/workflows/tft.yml/runs?event=issue_comment" \
| jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\") | \
select(.status == \"pending\" or .status == \"queued\" or .status == \"in_progress\") | .id][0]")
# if pending run don't exist, take the last run with failure state
if [ "$PENDING_RUN" != "null" ]; then
echo "The workflow $PENDING_RUN is still running, wait for it to finish to re-run"
exit 1
fi
RUN_ID=$(gh api "repos/$REPO/actions/workflows/tft.yml/runs?event=issue_comment" \
| jq -r "[.workflow_runs[] | select( .display_title == \"$PR_TITLE\" ) | select( .conclusion == \"failure\" ) | .id][0]")
if [ "$RUN_ID" = "null" ]; then
echo "Failed workflow not found, exitting"
exit 1
fi
echo "Re-running workflow $RUN_ID"
gh api --method POST repos/$REPO/actions/runs/$RUN_ID/rerun-failed-jobs
1 change: 1 addition & 0 deletions .ostree/packages-runtime-CentOS-10.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
postgresql-server
1 change: 1 addition & 0 deletions .ostree/packages-runtime-RedHat-10.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
postgresql-server
1 change: 0 additions & 1 deletion .yamllint.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# SPDX-License-Identifier: MIT
---
extends: default
ignore: |
/.tox/
Loading

0 comments on commit 1b0d8bd

Please sign in to comment.