Skip to content

Only enable ansible/yaml lint tests when playbooks are built #7099

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 10, 2021
Merged

Only enable ansible/yaml lint tests when playbooks are built #7099

merged 2 commits into from
Jun 10, 2021
+27 −11

Conversation

@ggbecker
Copy link
Member

@ggbecker ggbecker commented Jun 8, 2021
edited
Loading

Description:

  • Only enable ansible/yaml lint tests when playbooks are built
  • Add two tests to ansible playbooks per profile since there are a few post-processing made by python scripts and it makes sense to test them in addition to playbooks per rule.

Relates to #7039

@ggbecker ggbecker added the Ansible Ansible remediation update. label Jun 8, 2021
@ggbecker ggbecker added this to the 0.1.57 milestone Jun 8, 2021
@ggbecker ggbecker marked this pull request as draft June 8, 2021 17:13
@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Used by openshift-ci bot. label Jun 8, 2021
@ggbecker ggbecker force-pushed the fix-ansible-checks-test branch from 648ab08 to 51a3e1f Compare June 8, 2021 17:17
@ggbecker ggbecker marked this pull request as ready for review June 8, 2021 17:17
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Used by openshift-ci bot. label Jun 8, 2021
cipherboy
cipherboy reviewed Jun 8, 2021
View reviewed changes
@JAORMX
Copy link
Contributor

JAORMX commented Jun 9, 2021

/retest

@ggbecker ggbecker force-pushed the fix-ansible-checks-test branch from 51a3e1f to 1fce2fd Compare June 9, 2021 10:41
@yuumasato yuumasato self-assigned this Jun 9, 2021
yuumasato
yuumasato reviewed Jun 9, 2021
View reviewed changes
@ggbecker ggbecker force-pushed the fix-ansible-checks-test branch from 1fce2fd to 13054de Compare June 9, 2021 14:16
@ggbecker
Only enable ansible/yaml lint tests when playbooks are built.
3435288 
Note: Ansible playbooks per rule are not rendered by OpenSCAP thus the
OpenSCAP version test is not needed in this case.
@ggbecker ggbecker force-pushed the fix-ansible-checks-test branch from 13054de to 3435288 Compare June 9, 2021 15:27
@ggbecker ggbecker changed the title Enable playbooks per rule when ANSIBLE_CHECKS is on. Only enable ansible/yaml lint tests when playbooks are built Jun 9, 2021
@ggbecker
Copy link
Member Author

ggbecker commented Jun 9, 2021

The PR has turned into a different direction as we realized it makes more sense to tests things that are actually being built and not force to build content to be tested. So the ansible/yamllint tests are enabled only the flags to build the ansible content is enabled.

@JAORMX
Copy link
Contributor

JAORMX commented Jun 10, 2021

/retest

yuumasato
yuumasato requested changes Jun 10, 2021
View reviewed changes
Copy link
Member

@yuumasato yuumasato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good, just found one issue with tests when profile playbooks are not built.

@ggbecker
Guard ansible syntax check test on playbooks per profile with CMake o…
dd273ee 
…ption.

The option SSG_ANSIBLE_PLAYBOOKS_ENABLED must be enabled in order to be
able to check the syntax of ansible playbooks per profile. Otherwise
these files won't be built and the test will always fail.
yuumasato
yuumasato approved these changes Jun 10, 2021
View reviewed changes
Copy link
Member

@yuumasato yuumasato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, just pending jenkins.

@openshift-ci
Copy link

openshift-ci bot commented Jun 10, 2021

@ggbecker: The following test failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/e2e-aws-ocp4-moderate dd273ee link /test e2e-aws-ocp4-moderate

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@yuumasato
Copy link
Member

yuumasato commented Jun 10, 2021
edited
Loading

I see some rules report Status: FAIL, but I don't think these are related to this PR.
There are also some infra issues.
CC: @JAORMX

@yuumasato yuumasato merged commit 2f3d9a6 into ComplianceAsCode:master Jun 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yuumasato yuumasato yuumasato approved these changes

+1 more reviewer

@cipherboy cipherboy cipherboy approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@yuumasato yuumasato

Labels

Ansible Ansible remediation update.

Projects

None yet

Milestone

0.1.57

Development

Successfully merging this pull request may close these issues.

4 participants

@ggbecker @JAORMX @yuumasato @cipherboy