From: Tomas Krizek Date: Sun, 25 Feb 2018 17:29:42 +0000 (+0100) Subject: packaging: add tests X-Git-Tag: v2.2.0~16^2~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bd220e9a9b0e984f7353616902a25f324f81136c;p=thirdparty%2Fknot-resolver.git packaging: add tests --- diff --git a/.gitignore b/.gitignore index 5bab2d702..b2aa6c592 100644 --- a/.gitignore +++ b/.gitignore @@ -38,6 +38,7 @@ _obj /compile /compile_commands.json /depcomp +/distro/tests/*/.vagrant /install-sh /stamp-h1 /aclocal.m4 diff --git a/distro/tests/README.md b/distro/tests/README.md new file mode 100644 index 000000000..ec9570baa --- /dev/null +++ b/distro/tests/README.md @@ -0,0 +1,30 @@ +Requirements +------------ + +- ansible +- vagrant +- libvirt (+vagrant-libvirt) / virtualbox + +Usage +----- + +`vagrant up` command is configured to trigger ansible provisioning +which configures OBS repository, installs the knot-resolver package, +starts the kresd@1 service and finally attempts to use it to resolve +a domain name. It also tests that DNSSEC validation is turned on. + +By default, the *knot-resolver-latest* repo is used. To test the +*knot-resolver-devel* repo, enable in it `knot-resolver-test.yaml`. + +Run the following command for every distro (aka directory with +Vagrantfile): + +./test-distro.sh debian9 + +Caveats +------- + +This tests the latest `knot-resolver` package that is available. In certain +cases, this may result in unexpected behaviour, because it might be testing a +different package than expected. + diff --git a/distro/tests/arch/Vagrantfile b/distro/tests/arch/Vagrantfile new file mode 100644 index 000000000..f61a19caf --- /dev/null +++ b/distro/tests/arch/Vagrantfile @@ -0,0 +1,16 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "archlinux/archlinux" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "arch" do |arch| + arch.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-test.yaml" + end + end + +end diff --git a/distro/tests/centos7/Vagrantfile b/distro/tests/centos7/Vagrantfile new file mode 100644 index 000000000..b587a000c --- /dev/null +++ b/distro/tests/centos7/Vagrantfile @@ -0,0 +1,16 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "centos/7" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "centos7" do |centos7| + centos7.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-test.yaml" + end + end + +end diff --git a/distro/tests/debian9/Vagrantfile b/distro/tests/debian9/Vagrantfile new file mode 100644 index 000000000..8b461e9ab --- /dev/null +++ b/distro/tests/debian9/Vagrantfile @@ -0,0 +1,16 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "debian/stretch64" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "debian9" do |debian9| + debian9.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-test.yaml" + end + end + +end diff --git a/distro/tests/fedora27/Vagrantfile b/distro/tests/fedora27/Vagrantfile new file mode 100644 index 000000000..5352dced1 --- /dev/null +++ b/distro/tests/fedora27/Vagrantfile @@ -0,0 +1,16 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "fedora/27-cloud-base" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "fedora27" do |fedora27| + fedora27.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-test.yaml" + end + end + +end diff --git a/distro/tests/knot-resolver-test.yaml b/distro/tests/knot-resolver-test.yaml new file mode 100644 index 000000000..63936aa9e --- /dev/null +++ b/distro/tests/knot-resolver-test.yaml @@ -0,0 +1,112 @@ +--- +- hosts: all + + remote_user: root + become: true + + vars: + repos: + - knot-resolver-latest + # - knot-resolver-devel # enable to test development builds + ansible_python_interpreter: /usr/bin/python2 + dig_package: + Debian: dnsutils + Ubuntu: dnsutils + Fedora: bind-utils + CentOS: bind-utils + Archlinux: bind-tools + configure_obs_repo: + Fedora: | + dnf config-manager --add-repo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Fedora_27/home:CZ-NIC:{{ item }}.repo + CentOS: | + yum install -y wget && + wget -i wget https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/CentOS_7_EPEL/home:CZ-NIC:{{ item }}.repo -O /etc/yum.repos.d/home:CZ-NIC:{{ item }}.repo + Debian: | + echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Debian_9.0/ /' > /etc/apt/sources.list.d/{{ item }}.list && + wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Debian_9.0/Release.key -O Release.key && + apt-key add - < Release.key && + apt-get update + Ubuntu: | + echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/xUbuntu_16.04/ /' > /etc/apt/sources.list.d/{{ item }}.list && + wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/xUbuntu_16.04/Release.key -O Release.key && + apt-key add - < Release.key && + apt-get update + + # HACK: Ansible requires Python 2, but it's not installed by default in all distros + gather_facts: false + pre_tasks: + - name: install python and deps for ansible modules + raw: | + yum install -y python2 python2-dnf libselinux-python || \ + pacman -Sy python2 --noconfirm || \ + apt-get install -y python || \ + : + ignore_errors: true + - name: gather facts + setup: + + tasks: + - name: install epel + package: + name: epel-release + state: present + when: ansible_distribution == 'CentOS' + + - name: configure OBS repository + shell: "{{ configure_obs_repo[ansible_distribution] }}" + with_items: "{{ repos }}" + when: ansible_distribution != 'Archlinux' + + - block: + - name: configure OBS repository (Arch) + blockinfile: + block: | + [home_CZ-NIC_{{ item }}_Arch] + SigLevel = Never + Server = https://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Arch/$arch + insertbefore: '^\[core\]' + path: /etc/pacman.conf + state: present + with_items: "{{ repos }}" + - name: sync repos (Arch) + shell: pacman -Syu --noconfirm + when: ansible_distribution == 'Archlinux' + + - name: install knot-resolver + package: + name: knot-resolver + state: latest + + - name: install dig + package: + name: "{{ dig_package[ansible_distribution] }}" + state: present + + - name: turn off SELinux + selinux: + policy: targeted + state: permissive + when: ansible_distribution in ['RedHat', 'Fedora'] + + - name: start kresd@1.service + service: + name: kresd@1.service + state: restarted + + - name: resolve nic.cz + shell: dig @127.0.0.1 nic.cz + register: res + failed_when: '"status: NOERROR" not in res.stdout' + + - name: test dnssec is turned on + block: + - name: test dnssec-failed.org +cd returns NOERROR + shell: dig +cd @127.0.0.1 dnssec-failed.org + register: res + failed_when: '"status: NOERROR" not in res.stdout' + + - name: test dnssec-failed.org returns SERVFAIL + shell: dig @127.0.0.1 dnssec-failed.org + register: res + failed_when: '"status: SERVFAIL" not in res.stdout' + diff --git a/distro/tests/test-distro.sh b/distro/tests/test-distro.sh new file mode 100755 index 000000000..61ac6d716 --- /dev/null +++ b/distro/tests/test-distro.sh @@ -0,0 +1,12 @@ +#!/bin/bash -x + +# Configure which repos to use in knot-resolver-test.yaml (vars - repos) +# Example usage: ./test-distro.sh debian9 + +cd "$1" +vagrant destroy &>/dev/null +vagrant up +ret=$? +vagrant destroy &>/dev/null +exit $ret + diff --git a/distro/tests/ubuntu1604/Vagrantfile b/distro/tests/ubuntu1604/Vagrantfile new file mode 100644 index 000000000..92018dc25 --- /dev/null +++ b/distro/tests/ubuntu1604/Vagrantfile @@ -0,0 +1,16 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "generic/ubuntu1604" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "ubuntu1604" do |ubuntu1604| + ubuntu1604.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-test.yaml" + end + end + +end