diff --git a/tests/integration/targets/setup_docker/handlers/main.yml b/tests/integration/targets/setup_docker/handlers/main.yml index c10960ddc0..a389f91df2 100644 --- a/tests/integration/targets/setup_docker/handlers/main.yml +++ b/tests/integration/targets/setup_docker/handlers/main.yml @@ -1,11 +1,11 @@ -- name: remove pip packages +- name: Remove pip packages pip: state: present name: "{{ [docker_pip_package] | union(docker_pip_extra_packages) }}" listen: cleanup docker when: not docker_skip_cleanup | bool -- name: remove docker pagkages +- name: Remove docker pagkages action: "{{ ansible_facts.pkg_mgr }}" args: name: "{{ docker_cleanup_packages }}" diff --git a/tests/integration/targets/setup_docker/tasks/Debian.yml b/tests/integration/targets/setup_docker/tasks/Debian.yml index af049693c2..7ca964ddfc 100644 --- a/tests/integration/targets/setup_docker/tasks/Debian.yml +++ b/tests/integration/targets/setup_docker/tasks/Debian.yml @@ -2,16 +2,20 @@ - name: Get OS version shell: uname -r register: os_version + - name: Install pre-reqs apt: name: '{{ docker_prereq_packages }}' state: present update_cache: true notify: cleanup docker + - name: Add gpg key shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg >key && apt-key add key + - name: Add Docker repo shell: add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" + - block: - name: Prevent service restart copy: @@ -20,16 +24,19 @@ backup: true mode: '0755' register: policy_rc_d + - name: Install Docker CE apt: name: '{{ docker_packages }}' state: present update_cache: true + always: - name: Restore /usr/sbin/policy-rc.d (if needed) command: mv {{ policy_rc_d.backup_file }} /usr/sbin/policy-rc.d when: - '''backup_file'' in policy_rc_d' + - name: Remove /usr/sbin/policy-rc.d (if needed) file: path: /usr/sbin/policy-rc.d diff --git a/tests/integration/targets/setup_docker_registry/handlers/cleanup.yml b/tests/integration/targets/setup_docker_registry/handlers/cleanup.yml index 6b5001d419..f9d2c9e56a 100644 --- a/tests/integration/targets/setup_docker_registry/handlers/cleanup.yml +++ b/tests/integration/targets/setup_docker_registry/handlers/cleanup.yml @@ -4,33 +4,40 @@ name: "{{ item }}" state: absent with_items: "{{ docker_registry_setup_inames }}" + - name: "Get registry logs" command: "docker logs {{ docker_registry_container_name_registry }}" register: registry_logs no_log: yes ignore_errors: yes + - name: "Printing registry logs" debug: var: registry_logs.stdout_lines when: registry_logs is not failed + - name: "Get nginx logs for first instance" command: "docker logs {{ docker_registry_container_name_nginx }}" register: nginx_logs no_log: yes ignore_errors: yes + - name: "Get nginx logs for second instance" command: "docker logs {{ docker_registry_container_name_nginx2 }}" register: nginx2_logs no_log: yes ignore_errors: yes + - name: "Printing nginx logs for first instance" debug: var: nginx_logs.stdout_lines when: nginx_logs is not failed + - name: "Printing nginx logs for second instance" debug: var: nginx2_logs.stdout_lines when: nginx_logs is not failed + - name: "Make sure all containers are removed" docker_container: name: "{{ item }}" @@ -41,6 +48,7 @@ retries: 3 delay: 3 until: result is success + - name: "Make sure all volumes are removed" command: "docker rm -f {{ item }}" with_items: "{{ docker_registry_setup_vnames }}" diff --git a/tests/integration/targets/setup_docker_registry/tasks/setup-frontend.yml b/tests/integration/targets/setup_docker_registry/tasks/setup-frontend.yml new file mode 100644 index 0000000000..0de4352d75 --- /dev/null +++ b/tests/integration/targets/setup_docker_registry/tasks/setup-frontend.yml @@ -0,0 +1,85 @@ +--- +# Set up first nginx frontend for registry +- name: Start nginx frontend for registry + docker_volume: + name: '{{ docker_registry_container_name_frontend }}' + state: present + +- name: Create container for nginx frontend for registry + docker_container: + state: stopped + name: '{{ docker_registry_container_name_frontend }}' + image: nginx:alpine + ports: 5000 + links: + - '{{ docker_registry_container_name_registry }}:real-registry' + volumes: + - '{{ docker_registry_container_name_frontend }}:/etc/nginx/' + register: nginx_container + +- name: Copy static files into volume + command: docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_frontend }}:/etc/nginx/{{ item }} + loop: + - nginx.conf + - nginx.htpasswd + register: can_copy_files + ignore_errors: yes + +- when: can_copy_files is not failed + block: + + - name: Create private key for frontend certificate + community.crypto.openssl_privatekey: + path: '{{ output_dir }}/cert.key' + type: ECC + curve: secp256r1 + force: yes + + - name: Create CSR for frontend certificate + community.crypto.openssl_csr: + path: '{{ output_dir }}/cert.csr' + privatekey_path: '{{ output_dir }}/cert.key' + subject_alt_name: + - DNS:test-registry.ansible.com + + - name: Create frontend certificate + community.crypto.openssl_certificate: + path: '{{ output_dir }}/cert.pem' + csr_path: '{{ output_dir }}/cert.csr' + privatekey_path: '{{ output_dir }}/cert.key' + provider: selfsigned + + - name: Copy dynamic files into volume + command: docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_frontend }}:/etc/nginx/{{ item }} + loop: + - cert.pem + - cert.key + + - name: Start nginx frontend for registry + docker_container: + name: '{{ docker_registry_container_name_frontend }}' + state: started + register: nginx_container + + - name: Output nginx container network settings + debug: + var: nginx_container.container.NetworkSettings + + - name: Wait for registry frontend + uri: + url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/ + url_username: testuser + url_password: hunter2 + validate_certs: false + register: result + until: result is success + retries: 5 + delay: 1 + + - name: Get registry URL + set_fact: + docker_registry_frontend_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }} + +- set_fact: + docker_registry_frontend_address: 'n/a' + when: can_copy_files is failed diff --git a/tests/integration/targets/setup_docker_registry/tasks/setup.yml b/tests/integration/targets/setup_docker_registry/tasks/setup.yml index e5287f46d1..c780ad45ff 100644 --- a/tests/integration/targets/setup_docker_registry/tasks/setup.yml +++ b/tests/integration/targets/setup_docker_registry/tasks/setup.yml @@ -1,17 +1,23 @@ --- - name: Register registry cleanup + # This must be done **before** docker is set up (see next task), to ensure that the + # registry is removed **before** docker itself is removed. This is necessary as the + # registry and its frontends run as docker containers. command: 'true' notify: Remove test registry + - name: Setup Docker # Please note that we do setup_docker here and not via meta/main.yml to avoid the problem that # our cleanup is called **after** setup_docker's cleanup has been called! include_role: name: setup_docker + - name: Create random name prefix and test registry name set_fact: docker_registry_container_name_registry: '{{ ''ansible-test-registry-%0x'' % ((2**32) | random) }}' docker_registry_container_name_nginx: '{{ ''ansible-test-registry-frontend-%0x'' % ((2**32) | random) }}' docker_registry_container_name_nginx2: '{{ ''ansible-test-registry-frontend2-%0x'' % ((2**32) | random) }}' + - name: Create image and container list set_fact: docker_registry_setup_inames: [] @@ -22,9 +28,15 @@ docker_registry_setup_vnames: - '{{ docker_registry_container_name_nginx }}' - '{{ docker_registry_container_name_nginx2 }}' + - debug: - msg: Using test registry name {{ docker_registry_container_name_registry }} and nginx frontend name {{ docker_registry_container_name_nginx }} -- block: + msg: Using test registry name {{ docker_registry_container_name_registry }} and nginx frontend names {{ docker_registry_container_name_nginx }} and {{ docker_registry_container_name_nginx2 }} + +- fail: msg="Too old docker / docker-py version to set up docker registry!" + when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6) + +- when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=') + block: # Set up registry container - name: Start test registry @@ -33,151 +45,27 @@ image: registry:2.6.1 ports: 5000 register: registry_container + - name: Get registry URL set_fact: registry_address: localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }} # Set up first nginx frontend for registry - - name: Start nginx frontend for registry - docker_volume: - name: '{{ docker_registry_container_name_nginx }}' - state: present - - name: Create container for nginx frontend for registry - docker_container: - state: stopped - name: '{{ docker_registry_container_name_nginx }}' - image: nginx:alpine - ports: 5000 - links: - - '{{ docker_registry_container_name_registry }}:real-registry' - volumes: - - '{{ docker_registry_container_name_nginx }}:/etc/nginx/' - register: nginx_container - - name: Copy static files into volume - command: docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_nginx }}:/etc/nginx/{{ item }} - loop: - - nginx.conf - - nginx.htpasswd - register: can_copy_files - ignore_errors: yes - - block: - - name: Create private key for frontend certificate - community.crypto.openssl_privatekey: - path: '{{ output_dir }}/cert.key' - type: ECC - curve: secp256r1 - - name: Create CSR for frontend certificate - community.crypto.openssl_csr: - path: '{{ output_dir }}/cert.csr' - privatekey_path: '{{ output_dir }}/cert.key' - subject_alt_name: - - DNS:test-registry.ansible.com - - name: Create frontend certificate - community.crypto.openssl_certificate: - path: '{{ output_dir }}/cert.pem' - csr_path: '{{ output_dir }}/cert.csr' - privatekey_path: '{{ output_dir }}/cert.key' - provider: selfsigned - - name: Copy dynamic files into volume - command: docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_nginx }}:/etc/nginx/{{ item }} - loop: - - cert.pem - - cert.key - - name: Start nginx frontend for registry - docker_container: - name: '{{ docker_registry_container_name_nginx }}' - state: started - register: nginx_container - - debug: var=nginx_container.container.NetworkSettings - - name: Wait for registry frontend - uri: - url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/ - url_username: testuser - url_password: hunter2 - validate_certs: false - register: result - until: result is success - retries: 5 - delay: 1 - - name: Get registry URL - set_fact: - registry_frontend_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }} - when: can_copy_files is not failed + - include_tasks: setup-frontend.yml + vars: + docker_registry_container_name_frontend: '{{ docker_registry_container_name_nginx }}' + - set_fact: - registry_frontend_address: 'n/a' - when: can_copy_files is failed + registry_frontend_address: '{{ docker_registry_frontend_address }}' # Set up second nginx frontend for registry - - name: Start nginx frontend for registry - docker_volume: - name: '{{ docker_registry_container_name_nginx2 }}' - state: present - - name: Create container for nginx frontend for registry - docker_container: - state: stopped - name: '{{ docker_registry_container_name_nginx2 }}' - image: nginx:alpine - ports: 5000 - links: - - '{{ docker_registry_container_name_registry }}:real-registry' - volumes: - - '{{ docker_registry_container_name_nginx2 }}:/etc/nginx/' - register: nginx_container - - name: Copy static files into volume - command: docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_nginx2 }}:/etc/nginx/{{ item }} - loop: - - nginx.conf - - nginx.htpasswd - register: can_copy_files - ignore_errors: yes - - block: - - name: Create private key for frontend certificate - community.crypto.openssl_privatekey: - path: '{{ output_dir }}/cert.key' - type: ECC - curve: secp256r1 - - name: Create CSR for frontend certificate - community.crypto.openssl_csr: - path: '{{ output_dir }}/cert.csr' - privatekey_path: '{{ output_dir }}/cert.key' - subject_alt_name: - - DNS:test-registry.ansible.com - - name: Create frontend certificate - community.crypto.openssl_certificate: - path: '{{ output_dir }}/cert.pem' - csr_path: '{{ output_dir }}/cert.csr' - privatekey_path: '{{ output_dir }}/cert.key' - provider: selfsigned - - name: Copy dynamic files into volume - command: docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_nginx2 }}:/etc/nginx/{{ item }} - loop: - - cert.pem - - cert.key - - name: Start nginx frontend for registry - docker_container: - name: '{{ docker_registry_container_name_nginx2 }}' - state: started - register: nginx_container - - debug: var=nginx_container.container.NetworkSettings - - name: Wait for registry frontend - uri: - url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/ - url_username: testuser - url_password: hunter2 - validate_certs: false - register: result - until: result is success - retries: 5 - delay: 1 - - name: Get registry URL - set_fact: - registry_frontend2_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }} - when: can_copy_files is not failed - - set_fact: - registry_frontend2_address: 'n/a' - when: can_copy_files is failed + - include_tasks: setup-frontend.yml + vars: + docker_registry_container_name_frontend: '{{ docker_registry_container_name_nginx2 }}' - - debug: msg="Registry available under {{ registry_address }}, NGINX frontends available under {{ registry_frontend_address }} and {{ registry_frontend2_address }}" - when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=') -- fail: msg="Too old docker / docker-py version to run docker_image tests!" - when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6) + - set_fact: + registry_frontend2_address: '{{ docker_registry_frontend_address }}' + + # Print addresses for registry and frontends + - debug: + msg: "Registry available under {{ registry_address }}, NGINX frontends available under {{ registry_frontend_address }} and {{ registry_frontend2_address }}"