enable travis ci

.travis.yml

@@ -0,0 +1,43 @@
+---
+language: python
+python: "2.7"
+sudo: required
+
+
+env:
+  #matrix:
+  - OS_TYPE=centos OS_VERSION=7 ANSIBLE_VERSION=1.9.2
+
+branches:
+  except:
+  #- master
+  - travis
+
+services:
+  - docker
+
+before_install:
+  - sudo apt-get update
+  - echo 'DOCKER_OPTS="-H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock -s devicemapper"' | sudo tee /etc/default/docker > /dev/null
+  - sudo service docker restart
+  - sleep 5
+  - "find $PWD"
+
+install:
+  # Install Ansible.
+  #- pip install ansible
+
+script:
+  ## Run it in a CentOS7 privileged docker
+  # This is heavily nested.
+  # First build a new docker container
+  # Install new container
+  # Inside the container compile ansible from source (because ansible 1.9.2 and systemd was not happy together)
+  # Do several ansible checks
+  - "/bin/bash tests/launch-docker.sh"
+
+
+notifications:
+  email: false
+  flowdock:
+    secure: "rotnhCdGfUBRB3g57WOSIecEn8N52SfCFnkkF9E+FC9hYUhzCQjRWB+h8YItd/w7lvgXeYB2O7PastkKTTnh4Agdr2zkkqKD3k2sDdXUM/4/+KdTswKj6UfP2BifgwzlyK/xPyIfq0P4gkdwOpYQ2I6brpTy6pnVsWFIav2YFQdRuVMf4GmJ4ZkBZnMBoxN4hwGMXo0rlY5frS9c+WeqQQciTdiuDELLh6uoBPfxpw9FXUpBn+coBgZxMTDTiuF7w7c/vTCCt7jnv4um/UMA/PAWI8JBoN84MgKCaRnv3DQT3wIKc+wHZRLwCC6zkzbD+1GR/BohN1szoHejWVohqU9cUIM9KTA/ESij1Khcw6GnIMpB7ukT5T+d1libd9txHtC39JBwbMR2pztcvvR+JAPYzS4kANP7uekxIR7bL9I1VYY+sBSgIY9/KV2NEubu3kcPZS4ZiIBZdv8fKaV+kxewxCyRfQxi5C6EaKRpSP46O9xjTiBtkpY9oyszWsS8g75VGPgzzCcF/vSc3Um02Jz4noC7MyMl5fS3O0UHrV+rEj0rb+QY6D2DYQ4Ct/WmcuS70hsQU6CAa8IKpTR5aKxhJsEOafX6P2SoRCdelKvrTxtWJ7gXBkYRuRKOKybF7+YTAXBMvPjhQg0S4EMzDDAmH6CXAtT3opj2S6rlIUs="

tests/Dockerfile

@@ -0,0 +1,25 @@
+FROM centos:centos7
+MAINTAINER "Johan" <[email protected]>
+ENV container docker
+ENV LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8
+RUN yum clean all && yum -y update && \
+    yum -y install epel-release && \
+    yum -y install ansible git openssh-clients
+RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
+RUN yum -y update; yum clean all; \
+(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do \
+[ $i == systemd-tmpfiles-setup.service ] || rm -f $i; \
+done); \
+rm -f /lib/systemd/system/multi-user.target.wants/*;\
+rm -f /etc/systemd/system/*.wants/*;\
+rm -f /lib/systemd/system/local-fs.target.wants/*; \
+rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
+rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
+rm -f /lib/systemd/system/basic.target.wants/*;\
+rm -f /lib/systemd/system/anaconda.target.wants/*;
+
+# generate ssh keys
+RUN ssh-keygen -q -t rsa -f ~/.ssh/id_rsa
+##
+VOLUME [ "/sys/fs/cgroup" ]
+CMD ["/sbin/init"]

tests/inventory

@@ -0,0 +1,32 @@
+# https://github.com/CSC-IT-Center-for-Science/fgci-ansible/blob/master/examples/hosts-example
+localhost
+
+[login]
+localhost
+
+[admin]
+localhost
+
+[grid]
+localhost
+
+[install]
+localhost
+
+[compute]
+localhost ip_address=10.1.100.1 mac_address=00:11:22:33:44:55 pxe=yes
+
+[pxe_bootable_nodes:children]
+compute
+
+[production:children]
+install
+admin
+#login
+grid
+
+[slurm_service:children]
+install
+
+[slurm_compute:children]
+compute

tests/launch-docker.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+sudo docker build --rm -t local/c7-systemd -f tests/Dockerfile .
+sudo docker run -it --privileged=true --rm=true -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v `pwd`:/ansible-ferm-firewall:rw local/c7-systemd /bin/bash -c "/ansible-ferm-firewall/tests/test-in-docker-image.sh ${OS_TYPE} ${OS_VERSION} ${ANSIBLE_VERSION}"

tests/test-in-docker-image.sh

@@ -0,0 +1,136 @@
+#!/usr/bin/env bash
+
+SOURCE="${BASH_SOURCE[0]}"
+RDIR="$( dirname "$SOURCE" )"
+SUDO=`which sudo 2> /dev/null`
+SUDO_OPTION=""
+#SUDO_OPTION="--sudo"
+OS_TYPE=${1:-}
+OS_VERSION=${2:-}
+ANSIBLE_VERSION=${3:-}
+
+ANSIBLE_VAR=""
+ANSIBLE_INVENTORY="tests/inventory"
+ANSIBLE_PLAYBOOk="tests/test.yml"
+#ANSIBLE_LOG_LEVEL=""
+ANSIBLE_LOG_LEVEL="-vvv"
+APACHE_CTL="apache2ctl"
+
+# if there wasn't sudo then ansible couldn't use it
+if [ "x$SUDO" == "x" ];then
+    SUDO_OPTION=""
+fi
+
+if [ "${OS_TYPE}" == "centos" ];then
+    APACHE_CTL="apachectl"
+    if [ "${OS_VERSION}" == "7" ];then
+        ANSIBLE_VAR="apache_use_service=False"
+    fi
+fi
+
+ANSIBLE_EXTRA_VARS=""
+if [ "${ANSIBLE_VAR}x" == "x" ];then
+    ANSIBLE_EXTRA_VARS=" -e \"${ANSIBLE_VAR}\" "
+fi
+
+
+cd $RDIR/..
+printf "[defaults]\nroles_path = ../:roles" > ansible.cfg
+printf "" > ssh.config
+
+function show_version() {
+
+ansible --version
+
+id
+
+}
+
+function install_ansible_devel() {
+
+# http://docs.ansible.com/ansible/intro_installation.html#latest-release-via-yum
+echo "TEST: building ansible"
+
+yum -y install PyYAML python-paramiko python-jinja2 python-httplib2 rpm-build make python2-devel asciidoc 2>&1 >/dev/null || (echo "Could not install ansible yum dependencies" && exit 2 )
+rm -Rf ansible
+git clone https://github.com/ansible/ansible --recursive ||(echo "Could not clone ansible from Github" && exit 2 )
+cd ansible
+# checking out this commit because some errors after 2015-11-05
+git checkout 07d0d2720c73816e1206882db7bc856087eb5c3f
+make rpm 2>&1 >/dev/null
+rpm -Uvh ./rpm-build/ansible-*.noarch.rpm ||(echo "Could not install built ansible devel rpms" && exit 2 )
+cd ..
+rm -Rf ansible
+
+}
+
+function install_os_deps() {
+echo "TEST: installing os deps"
+
+yum -y install epel-release sudo ansible tree git ||(echo "Could not install some os deps" && exit 2 )
+
+}
+
+function tree_list() {
+
+tree
+
+}
+function test_ansible_setup(){
+    echo "TEST: ansible -m setup -i ${ANSIBLE_INVENTORY} --connection=local localhost"
+
+    ansible -m setup -i ${ANSIBLE_INVENTORY} --connection=local localhost
+
+}
+
+
+function test_install_requirements(){
+    echo "TEST: ansible-galaxy install -r requirements.yml --force"
+
+    ansible-galaxy install -r requirements.yml --force ||(echo "requirements install failed" && exit 2 )
+
+}
+
+function test_playbook_syntax(){
+    echo "TEST: ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} --syntax-check"
+
+    ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} --syntax-check ||(echo "ansible playbook syntax check was failed" && exit 2 )
+}
+
+function test_playbook_check(){
+    echo "TEST: ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} ${ANSIBLE_LOG_LEVEL} --connection=local ${SUDO_OPTION} ${ANSIBLE_EXTRA_VARS} --check"
+
+    ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} ${ANSIBLE_LOG_LEVEL} --connection=local ${SUDO_OPTION} ${ANSIBLE_EXTRA_VARS} --check ||(echo "playbook check failed" && exit 2 )
+
+}
+
+function test_playbook(){
+    echo "TEST: ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} ${ANSIBLE_LOG_LEVEL} --connection=local ${SUDO_OPTION} ${ANSIBLE_EXTRA_VARS}"
+    ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} ${ANSIBLE_LOG_LEVEL} --connection=local ${SUDO_OPTION} ${ANSIBLE_EXTRA_VARS} ||(echo "first ansible run failed" && exit 2 )
+
+    echo "TEST: idempotence test! Same as previous but now grep for changed=0.*failed=0"
+    ansible-playbook -i ${ANSIBLE_INVENTORY} ${ANSIBLE_PLAYBOOk} ${ANSIBLE_LOG_LEVEL} --connection=local ${SUDO_OPTION} ${ANSIBLE_EXTRA_VARS} || grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' ) || (echo 'Idempotence test: fail' && exit 1)
+}
+function extra_tests(){
+
+    ${APACHE_CTL} configtest || (echo "php --version was failed" && exit 100 )
+}
+
+
+set -e
+function main(){
+    install_os_deps
+    install_ansible_devel
+    show_version
+#    tree_list
+#    test_install_requirements
+    test_ansible_setup
+    test_playbook_syntax
+    test_playbook
+    test_playbook_check
+#    extra_tests
+
+}
+
+################ run #########################
+main

tests/test.yml

@@ -0,0 +1,6 @@
+---
+
+ - hosts: localhost
+   remote_user: root
+   roles:
+     - ansible-ferm-firewall