Merge pull request #358 from seocam/build-test-image-on-azure

Added Azure pipelines to build test containers

molecule/centos-7-build/molecule.yml

@@ -1,6 +1,4 @@
 ---
-dependency:
-  name: galaxy
 driver:
   name: docker
 platforms:

molecule/centos-7/molecule.yml

@@ -1,6 +1,4 @@
 ---
-dependency:
-  name: galaxy
 driver:
   name: docker
 platforms:

molecule/centos-8-build/molecule.yml

@@ -1,6 +1,4 @@
 ---
-dependency:
-  name: galaxy
 driver:
   name: docker
 platforms:

molecule/centos-8/molecule.yml

@@ -1,6 +1,4 @@
 ---
-dependency:
-  name: galaxy
 driver:
   name: docker
 platforms:

molecule/fedora-latest-build/Dockerfile

@@ -0,0 +1,30 @@
+FROM fedora:latest
+ENV container=docker
+
+RUN rm -fv /var/cache/dnf/metadata_lock.pid; \
+dnf makecache; \
+dnf --assumeyes install \
+    /usr/bin/python3 \
+    /usr/bin/python3-config \
+    /usr/bin/dnf-3 \
+    sudo \
+    bash \
+    systemd \
+    procps-ng \
+    iproute && \
+dnf clean all; \
+(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
+rm -f /lib/systemd/system/multi-user.target.wants/*;\
+rm -f /etc/systemd/system/*.wants/*;\
+rm -f /lib/systemd/system/local-fs.target.wants/*; \
+rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+rm -f /lib/systemd/system/basic.target.wants/*;\
+rm -f /lib/systemd/system/anaconda.target.wants/*; \
+rm -rf /var/cache/dnf/;
+
+STOPSIGNAL RTMIN+3
+
+VOLUME ["/sys/fs/cgroup"]
+
+CMD ["/usr/sbin/init"]

molecule/fedora-latest-build/molecule.yml

@@ -0,0 +1,18 @@
+---
+driver:
+  name: docker
+platforms:
+  - name: fedora-latest-build
+    image: fedora-latest
+    dockerfile: Dockerfile
+    hostname: ipaserver.test.local
+    dns_servers:
+      - 8.8.8.8
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    command: /usr/sbin/init
+    privileged: true
+provisioner:
+  name: ansible
+  playbooks:
+    prepare: ../resources/playbooks/prepare-build.yml

molecule/fedora-latest/molecule.yml

@@ -0,0 +1,18 @@
+---
+driver:
+  name: docker
+platforms:
+  - name: fedora-latest
+    image: quay.io/ansible-freeipa/upstream-tests:fedora-latest
+    pre_build_image: true
+    hostname: ipaserver.test.local
+    dns_servers:
+      - 127.0.0.1
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    command: /usr/sbin/init
+    privileged: true
+provisioner:
+  name: ansible
+  playbooks:
+    prepare: ../resources/playbooks/prepare.yml

molecule/resources/playbooks/prepare-build.yml

@@ -2,34 +2,7 @@
 - name: Converge
   hosts: all
   tasks:
-  - name: Ensure IPv6 is ENABLED
-    sysctl:
-      name: "{{ item.name }}"
-      value: "{{ item.value }}"
-      sysctl_set: yes
-      state: present
-      reload: yes
-    with_items :
-      - name: net.ipv6.conf.all.disable_ipv6
-        value: 0
-      - name: net.ipv6.conf.lo.disable_ipv6
-        value: 0
-      - name: net.ipv6.conf.eth0.disable_ipv6
-        value: 1
-
-  - name: stat protected_regular
-    stat:
-      path: /proc/sys/fs/protected_regular
-    register: result
-
-  - name: Ensure fs.protected_regular is disabled
-    sysctl:
-      name: fs.protected_regular
-      value: 0
-      sysctl_set: yes
-      state: present
-      reload: yes
-    when: result.stat.exists
+  - include_tasks: prepare-common.yml
 
   - name: Ensure sudo package is installed
     package:

molecule/resources/playbooks/prepare-common.yml

@@ -0,0 +1,29 @@
+- name: Ensure IPv6 is ENABLED
+  sysctl:
+    name: "{{ item.name }}"
+    value: "{{ item.value }}"
+    sysctl_set: yes
+    state: present
+    reload: yes
+  with_items :
+    - name: net.ipv6.conf.all.disable_ipv6
+      value: 0
+    - name: net.ipv6.conf.lo.disable_ipv6
+      value: 0
+    - name: net.ipv6.conf.eth0.disable_ipv6
+      value: 1
+
+- name: stat protected_regular
+  stat:
+    path: /proc/sys/fs/protected_regular
+  register: result
+
+- name: Ensure fs.protected_regular is disabled
+  sysctl:
+    name: fs.protected_regular
+    value: 0
+    sysctl_set: yes
+    state: present
+    reload: yes
+  when: result.stat.exists
+

molecule/resources/playbooks/prepare.yml

@@ -2,12 +2,14 @@
 - name: Converge
   hosts: all
   tasks:
+  - include_tasks: prepare-common.yml
+
   - name: Ensure lock dirs for DS exists
     file:
       state: directory
       owner: dirsrv
       group: dirsrv
-      path: "{{ item }} "
+      path: "{{ item }}"
     loop:
       - /var/lock/dirsrv/
       - /var/lock/dirsrv/slapd-TEST-LOCAL/

tests/azure/build-containers.yml

@@ -0,0 +1,31 @@
+---
+
+schedules:
+- cron: "0 0 * * *"
+  displayName: Daily midnight build
+  branches:
+    include:
+    - master
+
+pool:
+  vmImage: 'ubuntu-18.04'
+
+jobs:
+
+- template: templates/build_container.yml
+  parameters:
+    job_name_suffix: Centos7
+    container_name: centos-7
+    build_scenario_name: centos-7-build
+
+- template: templates/build_container.yml
+  parameters:
+    job_name_suffix: Centos8
+    container_name: centos-8
+    build_scenario_name: centos-8-build
+
+- template: templates/build_container.yml
+  parameters:
+    job_name_suffix: FedoraLatest
+    container_name: fedora-latest
+    build_scenario_name: fedora-latest-build

tests/azure/templates/build_container.yml

@@ -0,0 +1,35 @@
+
+parameters:
+  - name: job_name_suffix
+    type: string
+  - name: container_name
+    type: string
+  - name: build_scenario_name
+    type: string
+
+jobs:
+- job: BuildTestImage${{ parameters.job_name_suffix }}
+  displayName: Build ${{ parameters.container_name }} test container
+  steps:
+  - task: UsePythonVersion@0
+    inputs:
+      versionSpec: '3.6'
+
+  - script: python -m pip install --upgrade pip setuptools wheel
+    displayName: Install tools
+
+  - script: pip install molecule[docker]
+    displayName: Install molecule
+
+  - script: molecule create -s ${{ parameters.build_scenario_name }}
+    displayName: Create test container
+
+  - script: |
+      docker stop ${{ parameters.build_scenario_name }}
+      docker commit ${{ parameters.build_scenario_name }} quay.io/ansible-freeipa/upstream-tests:${{ parameters.container_name }}
+      docker login -u="$QUAY_ROBOT_USERNAME" -p="$QUAY_ROBOT_TOKEN" quay.io
+      docker push quay.io/ansible-freeipa/upstream-tests:${{ parameters.container_name }}
+    displayName: Save image and upload
+    env:
+      # Secrets needs to be mapped as env vars to work properly
+      QUAY_ROBOT_TOKEN: $(QUAY_ROBOT_TOKEN)