packaging: add tests

parent 4a5865ea
......@@ -38,6 +38,7 @@ _obj
/compile
/compile_commands.json
/depcomp
/distro/tests/*/.vagrant
/install-sh
/stamp-h1
/aclocal.m4
......
Requirements
------------
- ansible
- vagrant
- libvirt (+vagrant-libvirt) / virtualbox
Usage
-----
`vagrant up` command is configured to trigger ansible provisioning
which configures OBS repository, installs the knot-resolver package,
starts the kresd@1 service and finally attempts to use it to resolve
a domain name. It also tests that DNSSEC validation is turned on.
By default, the *knot-resolver-latest* repo is used. To test the
*knot-resolver-devel* repo, enable in it `knot-resolver-test.yaml`.
Run the following command for every distro (aka directory with
Vagrantfile):
./test-distro.sh debian9
Caveats
-------
This tests the latest `knot-resolver` package that is available. In certain
cases, this may result in unexpected behaviour, because it might be testing a
different package than expected.
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
Vagrant.configure(2) do |config|
config.vm.box = "archlinux/archlinux"
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.define "arch" do |arch|
arch.vm.provision "ansible" do |ansible|
ansible.playbook = "../knot-resolver-test.yaml"
end
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
Vagrant.configure(2) do |config|
config.vm.box = "centos/7"
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.define "centos7" do |centos7|
centos7.vm.provision "ansible" do |ansible|
ansible.playbook = "../knot-resolver-test.yaml"
end
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
Vagrant.configure(2) do |config|
config.vm.box = "debian/stretch64"
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.define "debian9" do |debian9|
debian9.vm.provision "ansible" do |ansible|
ansible.playbook = "../knot-resolver-test.yaml"
end
end
end
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
Vagrant.configure(2) do |config|
config.vm.box = "fedora/27-cloud-base"
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.define "fedora27" do |fedora27|
fedora27.vm.provision "ansible" do |ansible|
ansible.playbook = "../knot-resolver-test.yaml"
end
end
end
---
- hosts: all
remote_user: root
become: true
vars:
repos:
- knot-resolver-latest
# - knot-resolver-devel # enable to test development builds
ansible_python_interpreter: /usr/bin/python2
dig_package:
Debian: dnsutils
Ubuntu: dnsutils
Fedora: bind-utils
CentOS: bind-utils
Archlinux: bind-tools
configure_obs_repo:
Fedora: |
dnf config-manager --add-repo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Fedora_27/home:CZ-NIC:{{ item }}.repo
CentOS: |
yum install -y wget &&
wget -i wget https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/CentOS_7_EPEL/home:CZ-NIC:{{ item }}.repo -O /etc/yum.repos.d/home:CZ-NIC:{{ item }}.repo
Debian: |
echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Debian_9.0/ /' > /etc/apt/sources.list.d/{{ item }}.list &&
wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Debian_9.0/Release.key -O Release.key &&
apt-key add - < Release.key &&
apt-get update
Ubuntu: |
echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/xUbuntu_16.04/ /' > /etc/apt/sources.list.d/{{ item }}.list &&
wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/xUbuntu_16.04/Release.key -O Release.key &&
apt-key add - < Release.key &&
apt-get update
# HACK: Ansible requires Python 2, but it's not installed by default in all distros
gather_facts: false
pre_tasks:
- name: install python and deps for ansible modules
raw: |
yum install -y python2 python2-dnf libselinux-python || \
pacman -Sy python2 --noconfirm || \
apt-get install -y python || \
:
ignore_errors: true
- name: gather facts
setup:
tasks:
- name: install epel
package:
name: epel-release
state: present
when: ansible_distribution == 'CentOS'
- name: configure OBS repository
shell: "{{ configure_obs_repo[ansible_distribution] }}"
with_items: "{{ repos }}"
when: ansible_distribution != 'Archlinux'
- block:
- name: configure OBS repository (Arch)
blockinfile:
block: |
[home_CZ-NIC_{{ item }}_Arch]
SigLevel = Never
Server = https://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Arch/$arch
insertbefore: '^\[core\]'
path: /etc/pacman.conf
state: present
with_items: "{{ repos }}"
- name: sync repos (Arch)
shell: pacman -Syu --noconfirm
when: ansible_distribution == 'Archlinux'
- name: install knot-resolver
package:
name: knot-resolver
state: latest
- name: install dig
package:
name: "{{ dig_package[ansible_distribution] }}"
state: present
- name: turn off SELinux
selinux:
policy: targeted
state: permissive
when: ansible_distribution in ['RedHat', 'Fedora']
- name: start kresd@1.service
service:
name: kresd@1.service
state: restarted
- name: resolve nic.cz
shell: dig @127.0.0.1 nic.cz
register: res
failed_when: '"status: NOERROR" not in res.stdout'
- name: test dnssec is turned on
block:
- name: test dnssec-failed.org +cd returns NOERROR
shell: dig +cd @127.0.0.1 dnssec-failed.org
register: res
failed_when: '"status: NOERROR" not in res.stdout'
- name: test dnssec-failed.org returns SERVFAIL
shell: dig @127.0.0.1 dnssec-failed.org
register: res
failed_when: '"status: SERVFAIL" not in res.stdout'
#!/bin/bash -x
# Configure which repos to use in knot-resolver-test.yaml (vars - repos)
# Example usage: ./test-distro.sh debian9
cd "$1"
vagrant destroy &>/dev/null
vagrant up
ret=$?
vagrant destroy &>/dev/null
exit $ret
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
Vagrant.configure(2) do |config|
config.vm.box = "generic/ubuntu1604"
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.define "ubuntu1604" do |ubuntu1604|
ubuntu1604.vm.provision "ansible" do |ansible|
ansible.playbook = "../knot-resolver-test.yaml"
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment