From 68c4ee23cb29b282a5542d7d5b91bf27514772e5 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Fri, 13 Jun 2025 16:18:58 +0200 Subject: [PATCH] Convert CRI-O molecule to ansible verifier --- .../cri-o/molecule/default/molecule.yml | 2 +- .../molecule/default/tests/test_default.py | 35 ---------------- .../cri-o/molecule/default/verify.yml | 11 +++++ .../default => molecule}/files/10-mynet.conf | 0 .../templates/container.json.j2} | 4 +- .../templates/sandbox.json.j2} | 2 +- .../molecule/test_runtime.yml | 42 +++++++++++++++++++ 7 files changed, 57 insertions(+), 39 deletions(-) delete mode 100644 roles/container-engine/cri-o/molecule/default/tests/test_default.py create mode 100644 roles/container-engine/cri-o/molecule/default/verify.yml rename roles/container-engine/{cri-o/molecule/default => molecule}/files/10-mynet.conf (100%) rename roles/container-engine/{cri-o/molecule/default/files/container.json => molecule/templates/container.json.j2} (55%) rename roles/container-engine/{cri-o/molecule/default/files/sandbox.json => molecule/templates/sandbox.json.j2} (79%) create mode 100644 roles/container-engine/molecule/test_runtime.yml diff --git a/roles/container-engine/cri-o/molecule/default/molecule.yml b/roles/container-engine/cri-o/molecule/default/molecule.yml index 68f181477..e5bf20e5d 100644 --- a/roles/container-engine/cri-o/molecule/default/molecule.yml +++ b/roles/container-engine/cri-o/molecule/default/molecule.yml @@ -45,4 +45,4 @@ provisioner: create: ../../../../../tests/cloud_playbooks/create-kubevirt.yml prepare: ../../../molecule/prepare.yml verifier: - name: testinfra + name: ansible diff --git a/roles/container-engine/cri-o/molecule/default/tests/test_default.py b/roles/container-engine/cri-o/molecule/default/tests/test_default.py deleted file mode 100644 index 3e38fa5b2..000000000 --- a/roles/container-engine/cri-o/molecule/default/tests/test_default.py +++ /dev/null @@ -1,35 +0,0 @@ -import os - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') - - -def test_service(host): - svc = host.service("crio") - assert svc.is_running - assert svc.is_enabled - - -def test_run(host): - crictl = "/usr/local/bin/crictl" - path = "unix:///var/run/crio/crio.sock" - with host.sudo(): - cmd = host.command(crictl + " --runtime-endpoint " + path + " version") - assert cmd.rc == 0 - assert "RuntimeName: cri-o" in cmd.stdout - -def test_run_pod(host): - runtime = "crun" - - run_command = "/usr/local/bin/crictl run --with-pull --runtime {} /tmp/container.json /tmp/sandbox.json".format(runtime) - with host.sudo(): - cmd = host.command(run_command) - assert cmd.rc == 0 - - with host.sudo(): - log_f = host.file("/tmp/runc1.0.log") - - assert log_f.exists - assert b"Hello from Docker" in log_f.content diff --git a/roles/container-engine/cri-o/molecule/default/verify.yml b/roles/container-engine/cri-o/molecule/default/verify.yml new file mode 100644 index 000000000..a40eb34d5 --- /dev/null +++ b/roles/container-engine/cri-o/molecule/default/verify.yml @@ -0,0 +1,11 @@ +--- +- name: Test CRI-O cri + import_playbook: ../../../molecule/test_cri.yml + vars: + container_manager: crio + cri_socket: unix:///var/run/crio/crio.sock + cri_name: cri-o +- name: Test running a container with crun + import_playbook: ../../../molecule/test_runtime.yml + vars: + container_runtime: crun diff --git a/roles/container-engine/cri-o/molecule/default/files/10-mynet.conf b/roles/container-engine/molecule/files/10-mynet.conf similarity index 100% rename from roles/container-engine/cri-o/molecule/default/files/10-mynet.conf rename to roles/container-engine/molecule/files/10-mynet.conf diff --git a/roles/container-engine/cri-o/molecule/default/files/container.json b/roles/container-engine/molecule/templates/container.json.j2 similarity index 55% rename from roles/container-engine/cri-o/molecule/default/files/container.json rename to roles/container-engine/molecule/templates/container.json.j2 index bcd71e7e5..fc52def81 100644 --- a/roles/container-engine/cri-o/molecule/default/files/container.json +++ b/roles/container-engine/molecule/templates/container.json.j2 @@ -1,10 +1,10 @@ { "metadata": { - "name": "runc1" + "name": "{{ container_runtime }}1" }, "image": { "image": "quay.io/kubespray/hello-world:latest" }, - "log_path": "runc1.0.log", + "log_path": "{{ container_runtime }}1.0.log", "linux": {} } diff --git a/roles/container-engine/cri-o/molecule/default/files/sandbox.json b/roles/container-engine/molecule/templates/sandbox.json.j2 similarity index 79% rename from roles/container-engine/cri-o/molecule/default/files/sandbox.json rename to roles/container-engine/molecule/templates/sandbox.json.j2 index eb9dcb9d2..dc2894736 100644 --- a/roles/container-engine/cri-o/molecule/default/files/sandbox.json +++ b/roles/container-engine/molecule/templates/sandbox.json.j2 @@ -1,6 +1,6 @@ { "metadata": { - "name": "runc1", + "name": "{{ container_runtime }}1", "namespace": "default", "attempt": 1, "uid": "hdishd83djaidwnduwk28bcsb" diff --git a/roles/container-engine/molecule/test_runtime.yml b/roles/container-engine/molecule/test_runtime.yml new file mode 100644 index 000000000..e97063629 --- /dev/null +++ b/roles/container-engine/molecule/test_runtime.yml @@ -0,0 +1,42 @@ +--- +- name: Test container runtime + hosts: all + gather_facts: false + become: true + roles: + - role: ../../kubespray_defaults + tasks: + - name: Copy test container files + template: + src: "{{ item }}.j2" + dest: "/tmp/{{ item }}" + owner: root + mode: "0644" + loop: + - container.json + - sandbox.json + - name: Check running a container with runtime {{ container_runtime }} + block: + - name: Run container + command: + argv: + - "{{ bin_dir }}/crictl" + - run + - --with-pull + - --runtime + - "{{ container_runtime }}" + - /tmp/container.json + - /tmp/sandbox.json + - name: Check log file + slurp: + src: "/tmp/{{ container_runtime }}1.0.log" + register: log_file + failed_when: > + log_file is failed or + 'Hello from Docker' not in (log_file.content | b64decode) + rescue: + - name: Display container manager config on error + command: "{{ bin_dir }}/crictl info" + - name: Check container manager logs + command: journalctl -u {{ container_manager }} + failed_when: true