Resolve "use facter to get ip during acceptance"

b2cce13a · Fabien Combernous · d386a01c · b2cce13a · b2cce13a · b2cce13a
Commit b2cce13a authored Nov 15, 2019 by Fabien Combernous
4 changed files
--- a/spec/acceptance/01_freeipa_spec.rb
+++ b/spec/acceptance/01_freeipa_spec.rb
 require 'spec_helper_acceptance'

+ip_master = fact_on('master', 'networking.interfaces.eth1.ip')
+ip_replica = fact_on('replica', 'networking.interfaces.eth1.ip')
+
 describe 'class freeipa' do
  context 'with ipa_role master' do
    hosts_as('master').each do |master|
@@ -11,7 +14,7 @@ describe 'class freeipa' do
        puppet_admin_password       => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
        directory_services_password => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
        install_ipa_server          => true,
-        ip_address                  => '10.10.10.35',
+        ip_address                  => '#{ip_master}',
        enable_ip_address           => true,
        enable_hostname             => true,
        manage_host_entry           => true,
@@ -45,7 +48,7 @@ describe 'class freeipa' do
          directory_services_password => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          password_usedto_joindomain  => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          install_ipa_server          => true,
-          ip_address                  => '10.10.10.36',
+          ip_address                  => '#{ip_replica}',
          enable_ip_address           => true,
          enable_hostname             => true,
          manage_host_entry           => true,
@@ -67,6 +70,7 @@ describe 'class freeipa' do

  context 'with ipa_role client' do
    hosts_as('client').each do |client|
+      ip_client = fact_on('client', 'networking.interfaces.enp0s8.ip')
      it 'applies idempotently' do
        pp = <<-EOS
        class {'freeipa':
@@ -75,7 +79,7 @@ describe 'class freeipa' do
          puppet_admin_password       => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          directory_services_password => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          password_usedto_joindomain  => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
-          ip_address                  => '10.10.10.37',
+          ip_address                  => '#{ip_client}',
          install_epel                => true,
          ipa_master_fqdn             => 'ipa-server-1.example.lan'
        }
@@ -98,7 +102,7 @@ describe 'class freeipa' do
          puppet_admin_password       => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          directory_services_password => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          install_ipa_server          => true,
-          ip_address                  => '10.10.10.35',
+          ip_address                  => '#{ip_master}',
          enable_ip_address           => true,
          enable_hostname             => true,
          manage_host_entry           => true,
@@ -122,7 +126,7 @@ describe 'class freeipa' do
          puppet_admin_password       => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          directory_services_password => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
          password_usedto_joindomain  => 's^ecr@et.ea;R/O*=?j!.QsAu+$',
-          ip_address                  => '10.10.10.35',
+          ip_address                  => '#{ip_master}',
          install_epel                => true,
          ipa_master_fqdn             => 'ipa-server-1.example.lan'
        }
@@ -132,63 +136,4 @@ describe 'class freeipa' do
      end
    end
  end
-
-  context 'Test ssh connnections for jsmith user with pre-defined ssh-key' do
-    # Install ssh key on root on master
-    hosts_as('master').each do |master|
-      it 'doest a kinit with puppet admin user' do
-        on(master, "echo 's^ecr@et.ea;R/O*=?j!.QsAu+$' | kinit admin")
-      end
-
-      it 'creates user jsmith in freeipa' do
-        on(master, "echo 's^ecr@et.ea;R/O*=?j!.QsAu+$' | ipa user-add jsmith --first=John --last=Smith --password")
-      end
-
-      it 'creates ssh key' do
-        on(master, "ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa")
-      end
-
-      it 'adds the public key in freeipa to jsmith' do
-        on(master, 'key=`cat /root/.ssh/id_rsa.pub`; ipa user-mod jsmith --sshpubkey="$key"')
-      end
-
-      # Add HBAC Rule to give all ipa users access to ipa-client-centos
-      it 'creates a HBAC rule for all users' do
-        on(master, 'ipa hbacrule-add --usercat=all --servicecat=all allGroup')
-      end
-
-      it 'adds centos client to allGroup rule' do
-        on(master, 'ipa hbacrule-add-host --hosts=ipa-client-centos allGroup')
-      end
-
-      # Remove allow_all HBAC
-      it 'deletes the allow_all default rule' do
-        on(master, 'ipa hbacrule-del allow_all')
-      end
-
-      it 'ssh on allowed host' do
-        pp = <<-EOS
-          exec { 'test ssh':
-          path     => '/bin/',
-          command  => 'ssh -o "StrictHostKeyChecking no" jsmith@10.10.10.37 id',
-          returns  => "0"
-          }
-          EOS
-
-        apply_manifest_on(master, pp, catch_failures: true)
-      end
-
-      it 'ssh on not allowed host ' do
-        pp = <<-EOS
-          exec { 'test ssh':
-          path     => '/bin/',
-          command  => 'ssh -o "StrictHostKeyChecking no" jsmith@localhost id',
-          returns  => "255"
-          }
-          EOS
-
-        apply_manifest_on(master, pp, catch_failures: true)
-      end
-    end
-  end
 end
--- a/spec/acceptance/nodesets/centos8.yml
+++ b/spec/acceptance/nodesets/centos8.yml
+---
+HOSTS:
+  ipa-server-1:
+    roles:
+    - default
+    - master
+    - centos
+    platform: el-8-x86_64
+    hypervisor: vagrant
+    box: centos/8
+    box_check_update: false
+    vagrant_memsize: 2048
+    vagrant_cpus: 2
+    ip: 10.10.10.35
+  ipa-server-2:
+    roles:
+    - replica
+    - centos
+    platform: el-8-x86_64
+    hypervisor: vagrant
+    box: centos/8
+    box_check_update: false
+    vagrant_memsize: 2048
+    vagrant_cpus: 2
+    ip: 10.10.10.36
+  ipa-client-centos:
+    roles:
+    - client
+    - client-centos7
+    - centos
+    platform: el-7-x86_64
+    hypervisor: vagrant
+    box: centos/7
+    box_version: 1809.01
+    box_check_update: false
+    vagrant_memsize: 1024
+    ip: 10.10.10.37
+  ipa-client-ubuntu16:
+    roles:
+    - client
+    - client-ubuntu16
+    platform: ubuntu-1604-amd64
+    hypervisor: vagrant
+    box: ubuntu/xenial64
+    box_version: 20181114.0.0
+    box_check_update: false
+    vagrant_memsize: 1024
+    ip: 10.10.10.38
+
+CONFIG:
+  type: foss
+  loglevel: debug
--- a/spec/acceptance/nodesets/default.yml
+++ b/spec/acceptance/nodesets/default.yml
@@ -12,7 +12,6 @@ HOSTS:
    box_check_update: false
    vagrant_memsize: 2048
    vagrant_cpus: 2
-    ip: 10.10.10.35
  ipa-server-2:
    roles:
    - replica
@@ -24,30 +23,15 @@ HOSTS:
    box_check_update: false
    vagrant_memsize: 2048
    vagrant_cpus: 2
-    ip: 10.10.10.36
-  ipa-client-centos:
+  ipa-client-ubuntu18:
    roles:
    - client
-    - client-centos7
-    - centos
-    platform: el-7-x86_64
-    hypervisor: vagrant
-    box: centos/7
-    box_version: 1809.01
-    box_check_update: false
-    vagrant_memsize: 1024
-    ip: 10.10.10.37
-  ipa-client-ubuntu16:
-    roles:
-    - client
-    - client-ubuntu16
-    platform: ubuntu-1604-amd64
+    platform: ubuntu-1804-amd64
    hypervisor: vagrant
-    box: ubuntu/xenial64
-    box_version: 20181114.0.0
+    box: ubuntu/bionic64
+    box_version: 20191114.0.0
    box_check_update: false
    vagrant_memsize: 1024
-    ip: 10.10.10.38

 CONFIG:
  type: foss

--- a/spec/spec_helper_acceptance.rb
+++ b/spec/spec_helper_acceptance.rb
@@ -10,6 +10,8 @@ run_puppet_install_helper
 install_module_on(hosts)
 install_module_dependencies_on(hosts)

+ip_master = fact_on('master', 'networking.interfaces.eth1.ip')
+
 RSpec.configure do |c|
  c.before :suite do
    # Configure all nodes in nodeset
@@ -34,79 +36,54 @@ RSpec.configure do |c|
      on host, puppet("resource exec 'git clone #{modname}' command='git clone #{giturl} /etc/puppetlabs/code/environments/production/modules/#{modname}' path=/usr/bin")
    end

-    # Configure /etc/hosts for each node.
-    # WARNING : function hosts_as() return an array.
-    # But here we use several roles dedicated, used only once time in nodeset.
-    # This permit to use one different IP for each role : master, replica, client-centos7 and client-ubuntu16.
-
-    # Here master with ip address 10.10.10.35
    hosts_as('master').each do |master|
      pp = <<-EOS
        exec { 'set master /etc/hosts':
          path     => '/bin/',
-          command  => 'echo -e "127.0.0.1       ipa-server-1.example.lan ipa-server-1\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n 10.10.10.35 ipa-server-1.example.lan ipa-server-1\n" > /etc/hosts',
+          command  => 'echo -e "127.0.0.1       ipa-server-1.example.lan ipa-server-1\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n #{ip_master} ipa-server-1.example.lan ipa-server-1\n" > /etc/hosts',
        }
        EOS

      apply_manifest_on(master, pp, catch_failures: true, debug: true)
    end

-    # Here replica with ip address 10.10.10.36
    hosts_as('replica').each do |replica|
+      ip_replica = fact_on('replica', 'networking.interfaces.eth1.ip')
      pp = <<-EOS
         exec { 'set replica /etc/hosts':
           path     => '/bin/',
-           command  => 'echo -e "127.0.0.1       ipa-server-2.example.lan ipa-server-2\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n 10.10.10.36 ipa-server-2.example.lan ipa-server-2\n" > /etc/hosts',
+           command  => 'echo -e "127.0.0.1       ipa-server-2.example.lan ipa-server-2\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n #{ip_replica} ipa-server-2.example.lan ipa-server-2\n" > /etc/hosts',
         }
         class { 'resolv_conf':
-           nameservers => ['10.10.10.35'],
+           nameservers => ['#{ip_master}'],
         }
         host {'ipa-server-1.example.lan':
           ensure => present,
-           ip => '10.10.10.35',
+           ip => '#{ip_master}',
         }
      EOS

      apply_manifest_on(replica, pp, catch_failures: true, debug: true)
    end

-    # Here a first client running CentOS7 with ip address 10.10.10.37
-    hosts_as('client-centos7').each do |clientcentos7|
-      pp = <<-EOS
-        exec { 'set client centos /etc/hosts':
-          path     => '/bin/',
-          command  => 'echo -e "127.0.0.1       ipa-client-centos.example.lan ipa-server-2\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n 10.10.10.37 ipa-client-centos.example.lan ipa-client-centos\n" > /etc/hosts',
-        }
-      EOS
-
-      apply_manifest_on(clientcentos7, pp, catch_failures: true)
-    end
-
-    # Here a second client running Ubuntu1604 with ip address 10.10.10.38
-    hosts_as('client-ubuntu16').each do |clientubuntu16|
-      pp = <<-EOS
-         exec { 'set client ubuntu /etc/hosts':
-           path     => '/bin/',
-           command  => 'echo -e "127.0.0.1       ipa-client-ubuntu16.example.lan ipa-server-2\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n 10.10.10.38 ipa-client-ubuntu16.example.lan ipa-client-ubuntu16\n" > /etc/hosts',
-         }
-         EOS
-
-      apply_manifest_on(clientubuntu16, pp, catch_failures: true)
-    end
-
-    # WARNING : function hosts_as() return an array. We now use hosts_as() normaly with several nodes returned.
-    #  * all clients have role 'client' in nodeset.
-    #  * all nodes running CentOS have role 'centos' in nodeset.
+    # WARNING : function hosts_as() return an array.
+    # We now use hosts_as() normaly with several nodes returned.
+    # All clients have role 'client' in nodeset.

    # Configure all clients nodes.
    hosts_as('client').each do |client|
+      ip_client = fact_on('client', 'networking.interfaces.enp0s8.ip')
      pp = <<-EOS
+        exec { 'set client ubuntu /etc/hosts':
+          path     => '/bin/',
+          command  => 'echo -e "127.0.0.1       #{client}.example.lan #{client}\n ::1     ip6-localhost ip6-loopback\n fe00::0 ip6-localnet\n ff00::0 ip6-mcastprefix\n ff02::1 ip6-allnodes\n ff02::2 ip6-allrouters\n\n #{ip_client} #{client}.example.lan #{client}\n" > /etc/hosts',
+        }
        class { 'resolv_conf':
-          nameservers => ['10.10.10.35'],
+          nameservers => ['#{ip_master}'],
        }
        host {'ipa-server-1.example.lan':
          ensure => present,
-          ip => '10.10.10.35',
+          ip => '#{ip_master}',
        }
        EOS