Created
July 23, 2021 18:59
-
-
Save sbeliakou/74e77756184114e0de3171f37a650103 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 1.3 Tomcat | |
| cases: | |
| - global_env: | |
| ANSIBLE_TRANSPORT: docker | |
| ANSIBLE_FORCE_COLOR: True | |
| # ANSIBLE_STRATEGY: mitogen_linear | |
| # ANSIBLE_STRATEGY_PLUGINS: /tmp/mitogen-0.3.0rc1/ansible_mitogen/plugins/strategy | |
| - script: | | |
| docker run -d --name app-server --privileged quay.io/sbeliakou/ansible-training:centos | |
| if [ ! -d /tmp/mitogen-0.3.0rc1 ]; then | |
| wget https://github.com/mitogen-hq/mitogen/archive/v0.3.0rc1.tar.gz -O /tmp/mitogen.tar.gz | |
| tar xzvf /tmp/mitogen.tar.gz -C /tmp/ && \ | |
| rm -f /tmp/mitogen.tar.gz | |
| fi | |
| - case: playbook lint (ansible-lint) | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success test -f tomcat.yml | |
| assert_success ansible-lint tomcat.yml -x 201,204,208,risky-file-permissions | |
| - case: playbook syntax check (--syntax-check) | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success ansible-playbook tomcat.yml -i app-server, --syntax-check | |
| - case: apply playbook | |
| skip: false | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| [ -f tomcat.yml ] | |
| ansible-playbook tomcat.yml -i app-server, -v | |
| docker exec app-server systemctl show --property MainPID tomcat > /tmp/tomcat.pid1 | |
| weight: 3 | |
| - script: sleep 3 | |
| - case: service process should run after rollout | |
| script: docker exec app-server ps -ef | grep -v grep | grep tomcat | |
| weight: 2 | |
| - case: responds 200 | |
| script: | | |
| # assert_success docker exec app-server systemctl is-active tomcat | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success docker exec app-server curl -s -f localhost:8080 | |
| assert_output --partial "<title>Apache Tomcat" | |
| weight: 2 | |
| - case: idempotency check | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success ansible-playbook tomcat.yml -i app-server, -e ansible_host=app-server -v | |
| docker exec app-server systemctl show --property MainPID tomcat > /tmp/tomcat.pid2 | |
| assert_output --partial "unreachable=0" | |
| assert_output --partial "changed=0" | |
| assert_output --partial "failed=0" | |
| weight: 3 | |
| - case: tomcat should run after 2nd apply | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success docker exec app-server curl -s -f --connect-calhost:8080 | |
| assert_output --partial "<title>Apache Tomcat" | |
| weight: 2 | |
| - case: tomcat shouldn't restart | |
| log: false | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success docker exec app-server curl -s -f --connect-calhost:8080 | |
| assert_output --partial "<title>Apache Tomcat" | |
| assert_success diff /tmp/tomcat.pid1 /tmp/tomcat.pid2 | |
| weight: 3 | |
| - case: tomcat service is enabled | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| assert_success docker exec app-server systemctl is-enabled tomcat | |
| assert_output "enabled" | |
| - case: "'tomcat_user' variable set as required" | |
| debug: on_failure | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Add user \"tomcat")) | .user.name' | egrep -w '{{ *tomcat_user *}}' | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Unpack Tomcat Archive")) | .unarchive.owner' | egrep -w '{{ *tomcat_user *}}' | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Copy Users Configuration")) | .template.owner' | egrep -w '{{ *tomcat_user *}}' | |
| cat templates/tomcat.service.j2 | egrep -w 'User={{ *tomcat_user *}}' | |
| - case: "'tomcat_group' variable set as required" | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Create tomcat Group")) | .group.name' | egrep -w '{{ *tomcat_group *}}' | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Add user \"tomcat")) | .user.group' | egrep -w '{{ *tomcat_group *}}' | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Unpack Tomcat Archive")) | .unarchive.group' | egrep -w '{{ *tomcat_group *}}' | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Copy Users Configuration")) | .template.group' | egrep -w '{{ *tomcat_group *}}' | |
| cat templates/tomcat.service.j2 | egrep -w 'Group={{ *tomcat_group *}}' | |
| - case: tomcat service is running under non-priviliged user as per tomcat_user/tomcat_group | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| docker rm -f app-server | |
| docker run -d --name app-server --privileged quay.io/sbeliakou/ansible-training:centos | |
| ansible-playbook tomcat.yml -i app-server, -v -e tomcat_user=toma -e tomcat_group=toma | |
| docker exec app-server systemctl is-active tomcat | |
| docker exec app-server systemctl show --property User tomcat | grep "User=toma" | |
| docker exec app-server systemctl show --property Group tomcat | grep "Group=toma" | |
| - case: "'tomcat_url' variable set as required" | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Download Tomcat")) | .get_url.url' | egrep -w '{{ *tomcat_url *}}' | |
| - case: "'tomcat_home' variable set as required" | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Add user \"tomcat")) | .user.home' | egrep -w '{{ *tomcat_home *}}' | |
| yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Symlink install directory")) | .file.path' | egrep -w '{{ *tomcat_home *}}' | |
| # yq e tomcat.yml -j | jq '.[0].tasks[] | select (.name | contains("Disable Manager Access Restrictions")) | .replace.path' | egrep -w '{{ *tomcat_home *}}' | |
| cat templates/tomcat.service.j2 | egrep -w '{{ *tomcat_home *}}' | |
| - case: can install tomcat into another home dir | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| docker rm -f app-server | |
| docker run -d --name app-server --privileged quay.io/sbeliakou/ansible-training:centos | |
| run ansible-playbook tomcat.yml -i app-server, -v -e tomcat_home=/opt/tomcat-test | |
| assert_success | |
| assert_output --partial "failed=0" | |
| # docker exec app-server systemctl is-active tomcat | |
| # docker exec app-server systemctl status tomcat | |
| docker exec app-server systemctl status tomcat | grep /opt/tomcat-test | |
| - case: can apply playbook under non-root user | |
| script: | | |
| grep \?\?\? tomcat.yml && exit 1 || true | |
| docker rm -f app-server | |
| docker run -d --name app-server --privileged quay.io/sbeliakou/ansible-training:centos | |
| run ansible-playbook tomcat.yml -i app-server, -v -u devops | |
| assert_success | |
| assert_output --partial "failed=0" | |
| docker exec app-server systemctl status tomcat | grep -w active | |
| weight: 3 | |
| - script: docker rm -f app-server |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment