/atomic-host-tests

A collection of single-host tests for Atomic Host

Primary LanguageShellGNU General Public License v3.0GPL-3.0

Atomic Host Tests

This repo contains a number of Ansible playbooks that can be used to run tests against an Atomic Host.

The intent is to have a collection of tests that can be used to test the CentOS, Fedora, and RHEL versions of Atomic Host.

Currently, these tests fall into the category of single host, integration tests.

NOTE: This repo only provides playbooks/tests and does not currently provide any way for provisioning test resources/infrastructure.

Interested in more information about this project? You can click through the results to more information.

Sanity Test Results

The table below shows the latest results of running the improved-sanity-test against each of the referenced streams. You can see the version that was tested and a link to the log file containing the results.

Stream Version/Status Log File
CentOS Atomic Host Continuous cahc status log
CentOS Atomic Host centosah status log
Fedora 27 Atomic Host fedora 27 atomic status log
Fedora 27 Atomic Testing fedora 27 atomic testing status log
Fedora 27 Atomic Updates fedora 27 atomic updates status log
Fedora 28 Atomic Host Continuous fahc status log
Fedora 28 Atomic Host fedora 28 atomic status log
Fedora 28 Atomic Testing fedora 28 atomic testing status log
Fedora 28 Atomic Updates fedora 28 atomic updates status log
Fedora Rawhide Atomic Host fedora rawhide atomic status log

Next Tier Results

After a successful sanity test result, we run a select set of 'next' tier tests against the version that passed. These results are tracked in the tables below.

You can click on the pass/fail badge to get taken to the log of the results.

CentOS Atomic Host Continuous Result CentOS Atomic Host Result
admin-unlock admin-unlock log admin-unlock admin-unlock log
atomic atomic log atomic atomic log
docker docker log docker docker log
docker-build-httpd docker-build-httpd log docker-build-http docker-build-httpd log
docker-swarm docker-swarm log docker-swarm docker-swarm log
k8-cluster k8-cluster log k8-cluster k8-cluster log
pkg-layering pkg-layering pkg-layering pkg-layering
rpm-ostree rpm-ostree log rpm-ostree rpm-ostree log
system-containers system-containers log system-containers system-containers log
Fedora 27 Atomic Host Continuous Result Fedora 27 Atomic Host Result
admin-unlock admin-unlock log admin-unlock admin-unlock log
atomic atomic log atomic atomic log
docker docker log docker docker log
docker-build-httpd docker-build-httpd log docker-build-http docker-build-httpd log
docker-swarm docker-swarm log docker-swarm docker-swarm log
k8-cluster k8-cluster log k8-cluster k8-cluster log
pkg-layering pkg-layering pkg-layering pkg-layering
rpm-ostree rpm-ostree log rpm-ostree rpm-ostree log
system-containers system-containers log system-containers system-containers log
Fedora 27 Atomic Testing Result Fedora 27 Atomic Updates Result
admin-unlock admin-unlock log admin-unlock admin-unlock log
atomic atomic log atomic atomic log
docker docker log docker docker log
docker-build-httpd docker-build-httpd log docker-build-http docker-build-httpd log
docker-swarm docker-swarm log docker-swarm docker-swarm log
k8-cluster k8-cluster log k8-cluster k8-cluster log
pkg-layering pkg-layering pkg-layering pkg-layering
rpm-ostree rpm-ostree log rpm-ostree rpm-ostree log
system-containers system-containers log system-containers system-containers log
Fedora 28 Atomic Host Result Fedora 28 Atomic Testing Result
admin-unlock admin-unlock log admin-unlock admin-unlock log
atomic atomic log atomic atomic log
docker docker log docker docker log
docker-build-httpd docker-build-httpd log docker-build-http docker-build-httpd log
docker-swarm docker-swarm log docker-swarm docker-swarm log
k8-cluster k8-cluster log k8-cluster k8-cluster log
pkg-layering pkg-layering pkg-layering pkg-layering
rpm-ostree rpm-ostree log rpm-ostree rpm-ostree log
system-containers system-containers log system-containers system-containers log
Fedora 28 Atomic Updates Result Fedora Rawhide Atomic Host Result
admin-unlock admin-unlock log admin-unlock admin-unlock log
atomic atomic log atomic atomic log
docker docker log docker docker log
docker-build-httpd docker-build-httpd log docker-build-httpd docker-build-httpd log
docker-swarm docker-swarm log docker-swarm docker-swarm log
k8-cluster k8-cluster log k8-cluster k8-cluster log
pkg-layering pkg-layering pkg-layering pkg-layering
rpm-ostree rpm-ostree log rpm-ostree rpm-ostree log
system-containers system-containers log system-containers system-containers log

Supported Test Suites

The following test suites are available and supported. Any other playbooks found in the repo are currently unmaintained and may not work correctly.

  • ostree admin unlock
    • Verifies the ability to install packages using ostree admin unlock
  • Docker Build httpd
    • Attempts to build a httpd container using various base images
  • Docker Swarm
    • Covers the basic functionality of the docker swarm commands
  • Docker/Docker Latest
    • Validates basic docker operations using either docker or docker-latest
  • CVE Scanner
    • Performs atomic scan on a number of RHEL containers
  • Improved Sanity Test
    • A test suite aimed at providing smoketest-like coverage of an entire Atomic Host
  • Kubernetes
    • Validates standing up a single-node Kubernetes cluster and deploying a simple web+DB application
  • OpenShift Ansible
    • Validates the OpenShfit Ansible installer against AH streams
  • Package Layering
    • Validates the package layering functionality of rpm-ostree
  • System Containers
    • Verifies the basic usage of system containers on Atomic Host

Why Ansible?

The reasons for choosing Ansible playbooks are mainly 1) ease of use, 2) portability, and 3) simplicity.

  1. Ansible is a well-known tool and there is plenty of documentation available for users to rely on.

  2. Ansible requires only a small amount of functionality on the system under test (basically Python and SSH), so playbooks can be used across multiple platforms with little changes necessary.

  3. Fail fast and early. When a task in Ansible fails, the whole playbook fails (for the most part). Thus, if something fails during the execution, that is a good indication that something broke.

Virtual Environment

The preferred environment to run the playbooks is using a virtual environment. This will ensure the correct version of Ansible is installed and will not interfere with your current workspace.

To setup a virtualenv, follow the steps below after cloning atomic-host-tests:

virtualenv my_env
source my_env/bin/activate
pip install -r requirements.txt

The above instructions assume you have some existing tooling installed on your workstation. For example, on a Fedora 27 system the following packages need to be installed ahead of time:

# dnf -y install gcc git python2-virtualenv redhat-rpm-config rsync sshpass

Your package requirements may be different on your distribution.

Running Playbooks

All the playbooks should be able to be run without any extra options on the command line. Like so:

# ansible-playbook -i inventory tests/improved-sanity-test/main.yml

However, some tests do accept extra arguments that can change how the test is run; please see the README for each test for details.

Additionally, certain variables are required to be configured for each test and the required variables can vary between tests. There are sensible defaults provided, but it is up to the user to configure them as they see fit.

NOTE: Playbooks are developed and tested using Ansible 2.2. Older versions will not work.

Log Options

By default Ansible logs to stdout. Atomic host tests has a custom callback plugin that makes the output more human readable. In addition there are a few custom log options described below.

Capture failure details

If the environment variable AHT_RESULT_FILE is set, Ansible will save the details of the failed task into file named after the value of the environment variable in the current working directory.

export AHT_RESULT_FILE=my_failure_file

In this example the failure details will be saved to ./my_failure_file

Capture journal on failure

Ansible handlers are used to capture the journal on failure. This feature can be enabled using a role or an include which must be called in every block of pre_tasks, post_tasks, tasks, roles, or plays. Force_handlers must be set to true regardless of which method is used.

force_handlers: true
To use journal capture as role:
- role: handler_notify_on_failure
  handler_name: h_get_journal
To use journal capture as include:
- include: 'atomic-host-tests/roles/handler_notify_on_failure/task/main.yml'
  handler_name: h_get_journal

In addition, the handler must be included since using include doesn't automatically pull in the handler. This is typically done at the end of the block.

handlers:
  - include: 'atomic-host-tests/roles/handler_notify_on_failure/handlers/main.yml'

NOTE The path should be relative to the path of the playbook

Vagrant

You can see how the playbooks would run by using the supplied Vagrantfile which defines multiple boxes to test with.

You should be able to choose a CentOS AH box, a Fedora 27 AH box, or a CentOS AH Continuous (CAHC) box.

$ vagrant up centos

or

$ vagrant up fedora27

or

$ vagrant up cahc

By default, the Vagrantfile will run the tests/improved-sanity-test/main.yml. The playbook which is run can be changed by setting the environment variable PLAYBOOK_FILE to point to a playbook in the repo.

$ PLAYBOOK_FILE=tests/docker-swarm/main.yml vagrant up cahc