Improve CI (#539)

* Update CI scripts to be more close to the ones in ansible-core.

* Extend CI matrix.

* Mark more VMs.

* Revert "Mark more VMs."

This reverts commit 8bc79af636.

* Disable alpine VMs for get_certificate due to httptester problems.

* Improve retrieval of cryptsetup version.

* ACME 'emulator' won't work on Alpine either.

* Improve luks test setup.

* Make sure wipefs is installed on Alpine.

* dmsetup (from device-mapper) is used by the tests.

* Fix bcrypt install failure handling.

* String, not float.

* openssl_privatekey_convert is not an action module.

* Update Python info.

* Try out which VMs can be used by now.

* Enable ACME tests on all VMs but Alpine; update comment.

* Adjust acme-tiny shebang.

* Remove new entries from CI matrix.

tests/integration/targets/luks_device/tasks/main.yml

@@ -15,29 +15,66 @@
   loop:
     - keyfile1
     - keyfile2
+
+- name: Include OS-specific variables
+  include_vars: '{{ lookup("first_found", search) }}'
+  vars:
+    search:
+      files:
+      - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml'
+      - '{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml'
+      - '{{ ansible_distribution }}.yml'
+      - '{{ ansible_os_family }}.yml'
+      - default.yml
+      paths:
+      - vars
+
 - name: Make sure cryptsetup is installed
   package:
     name: cryptsetup
     state: present
-  become: yes
+  become: true
+
+- name: Install additionally required packages
+  package:
+    name: '{{ luks_extra_packages }}'
+    state: present
+  become: true
+  when: luks_extra_packages | length > 0
+
+- name: Determine cryptsetup version
+  command: cryptsetup --version
+  register: cryptsetup_version
+
+- name: Extract cryptsetup version
+  set_fact:
+    cryptsetup_version: >-
+      {{ cryptsetup_version.stdout_lines[0] | regex_search('cryptsetup ([0-9]+\.[0-9]+\.[0-9]+)') | split | last }}
+
 - name: Create cryptfile
   command: dd if=/dev/zero of={{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile bs=1M count=32
+
+- name: Figure out next loopback device
+  command: losetup -f
+  become: true
+  register: cryptfile_device_output
+
 - name: Create lookback device
   command: losetup -f {{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile
-  become: yes
-- name: Determine loop device name
-  command: losetup -j {{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile --output name
-  become: yes
-  register: cryptfile_device_output
-- set_fact:
-    cryptfile_device: "{{ cryptfile_device_output.stdout_lines[1] }}"
+  become: true
+
+- name: Store some common data for tests
+  set_fact:
+    cryptfile_device: "{{ cryptfile_device_output.stdout_lines[0] }}"
     cryptfile_passphrase1: "uNiJ9vKG2mUOEWDiQVuBHJlfMHE"
     cryptfile_passphrase2: "HW4Ak2HtE2vvne0qjJMPTtmbV4M"
     cryptfile_passphrase3: "qQJqsjabO9pItV792k90VvX84MM"
+
 - block:
   - include_tasks: run-test.yml
     with_fileglob:
     - "tests/*.yml"
+
   always:
   - name: Make sure LUKS device is gone
     luks_device:
@@ -45,8 +82,10 @@
       state: absent
     become: yes
     ignore_errors: yes
+
   - command: losetup -d "{{ cryptfile_device }}"
     become: yes
+
   - file:
-      dest: "{{ remote_tmp_dir }}/cryptfile"
+      dest: "{{ remote_tmp_dir.replace('~', ansible_env.HOME) }}/cryptfile"
       state: absent

tests/integration/targets/luks_device/tasks/tests/performance.yml

@@ -3,10 +3,6 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-- name: Gather package facts
-  package_facts:
-    manager: auto
-
 - name: On kernel >= 5.9 use performance flags
   block:
     - name: Create and open (check)
@@ -104,4 +100,4 @@
 
   when:
     - ansible_facts.kernel is version('5.9.0', '>=')
-    - ansible_facts.packages['cryptsetup'][0].version is version('2.3.4', '>=')
+    - cryptsetup_version is version('2.3.4', '>=')

tests/integration/targets/luks_device/vars/Alpine.yml

@@ -0,0 +1,10 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+cryptsetup_package: cryptsetup
+
+luks_extra_packages:
+  - device-mapper
+  - wipefs

tests/integration/targets/luks_device/vars/default.yml

@@ -0,0 +1,8 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+cryptsetup_package: cryptsetup
+
+luks_extra_packages: []