Issue#152: TA - AWX Configuration and deployment

Signed-off-by: ptrinesh <palakurthi_trinesh@dellteam.com>

appliance/test/test_vars/test_web_ui_vars.yml

@@ -0,0 +1,39 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# Usage: tasks/main.yml
+awx_url: http://localhost
+return_status: 200
+fail_return_status: -1
+awx_listening_port: 80
+time: 1
+actual_containers: 4
+empty_password: ""
+boundary_password: "a1b2c3d4"
+lengthy_password: "a1b2c3d4e5f6g7h8i9j10k11"
+unsupported_password: "un supported-password"
+package: "docker-ce"
+awx_exists_msg: "Installation Skipped: AWX instance is already running on your system"
+awx_not_exists_msg: "AWX does not exist"
+validate_password_success_msg: "Password validation succesful"
+validate_password_fail_msg: "Password validation failed"
+resource_exists_success_msg: "Success: Requested resource(s) exists"
+resource_exists_fail_msg: "Failure: Requested resource(s) does not exists"
+compute_group_name: "compute"
+manager_group_name: "manager"
+tower_cli_package_name: "ansible-tower-cli"
+docker_container_name: "awx_web"
+container_up_status_success_msg: "Container is running successfully after the reboot"
+container_up_status_fail_msg: "Container is not running after the reboot"

appliance/test/test_web_ui.yml

@@ -0,0 +1,266 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# Testcase OMNIA_CRM_US_AWXD_TC_001
+# Test case to validate the AWX password with empty string
+- name: OMNIA_CRM_US_AWXD_TC_001
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - ../roles/common/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - block:
+        - name: Test the awx password with empty string
+          include_tasks: ../roles/web_ui/tasks/awx_password.yml
+          vars:
+            no_prompt: true
+            admin_password: "{{ empty_password }}"
+            admin_password_confirm: "{{ empty_password }}"
+
+      rescue:
+        - name: Validate error message
+          assert:
+            that: fail_msg_pwd_format in msg_pwd_format.msg
+            success_msg: "{{ validate_password_success_msg }}"
+            fail_msg: "{{ validate_password_fail_msg }}"
+      tags: TC_001
+
+# Testcase OMNIA_CRM_US_AWXD_TC_002
+# Test case to validate the AWX password with exactly 8 characters
+- name: OMNIA_CRM_US_AWXD_TC_002
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - ../roles/common/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - name: Test the awx password with 8 characters
+      include_tasks: ../roles/web_ui/tasks/awx_password.yml
+      vars:
+        no_prompt: true
+        admin_password: "{{ boundary_password }}"
+        admin_password_confirm: "{{ boundary_password }}"
+      tags: TC_002
+
+    - name: Validate success message
+      assert:
+        that: success_msg_pwd_format in msg_pwd_format.msg
+        success_msg: "{{ validate_password_success_msg }}"
+        fail_msg: "{{ validate_password_fail_msg }}"
+      tags: TC_002
+
+# Testcase OMNIA_CRM_US_AWXD_TC_003
+# Test case to validate the AWX password with length greater than 15 characters
+- name: OMNIA_CRM_US_AWXD_TC_003
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - ../roles/common/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - name: Test the awx password with length greater than 15 characters
+      include_tasks: ../roles/web_ui/tasks/awx_password.yml
+      vars:
+        no_prompt: true
+        admin_password: "{{ lengthy_password }}"
+        admin_password_confirm: "{{ lengthy_password }}"
+      tags: TC_003
+
+    - name: Validate success message
+      assert:
+        that: success_msg_pwd_format in msg_pwd_format.msg
+        success_msg: "{{ validate_password_success_msg }}"
+        fail_msg: "{{ validate_password_fail_msg }}"
+      tags: TC_003
+
+# Testcase OMNIA_CRM_US_AWXD_TC_004
+# Test case to validate the AWX password when confirm password is given incorrect
+- name: OMNIA_CRM_US_AWXD_TC_004
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - ../roles/common/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - block:
+        - name: Test the awx installation if confirm password is given incorrect
+          include_tasks: ../roles/web_ui/tasks/awx_password.yml
+          vars:
+            no_prompt: true
+            admin_password: "{{ boundary_password }}"
+            admin_password_confirm: "{{ lengthy_password }}"
+
+      rescue:
+        - name: Validate error message
+          assert:
+            that: fail_msg_pwd_confirm in msg_pwd_confirm.msg
+            success_msg: "{{ validate_password_success_msg }}"
+            fail_msg: "{{ validate_password_fail_msg }}"
+      tags: TC_004
+
+# Testcase OMNIA_CRM_US_AWXD_TC_005
+# Test case to validate the AWX password with unsupported strings
+- name: OMNIA_CRM_US_AWXD_TC_005
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - ../roles/common/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - block:
+        - name: Test the awx password with unsupported strings
+          include_tasks: ../roles/web_ui/tasks/awx_password.yml
+          vars:
+            no_prompt: true
+            admin_password: "{{ unsupported_password }}"
+            admin_password_confirm: "{{ unsupported_password }}"
+
+      rescue:
+        - name: Validate error message
+          assert:
+            that: fail_msg_pwd_format in msg_pwd_format.msg
+            success_msg: "{{ validate_password_success_msg }}"
+            fail_msg: "{{ validate_password_fail_msg }}"
+      tags: TC_005
+
+# Testcase OMNIA_CRM_US_AWXD_TC_006
+# Test case to verify the prerequisites are installed and execute the AWX deployment
+- name: OMNIA_CRM_US_AWXD_TC_006
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - name: Get the docker package facts
+      package_facts:
+        manager: auto
+      tags: TC_006
+
+    - name: Check if docker-ce is already installed
+      debug:
+        var: ansible_facts.packages['{{ package }}']
+      tags: TC_006
+
+    - block:
+        - name: Calling the role to be tested
+          include_role:
+            name: ../roles/web_ui
+      tags: TC_006
+
+    - name: Check that you can connect to github repo and it returns a status 200
+      uri:
+        url: "{{ awx_git_repo }}"
+        status_code: "{{ return_status }}"
+        return_content: true
+      tags: TC_006
+
+    - name: Check that you can can connect to AWX UI and it returns a status 200
+      uri:
+        url: "{{ awx_url }}"
+        status_code: "{{ return_status }}"
+        return_content: true
+      tags: TC_006
+
+    - name: verify awx-server is listening on 80
+      wait_for:
+        port: "{{ awx_listening_port }}"
+        timeout: "{{ time }}"
+      tags: TC_006
+
+    - name: Get the containers count
+      shell: |
+        set -o pipefail
+        docker ps -a | grep awx | wc -l
+      register: containers_count
+      changed_when: False
+      tags: TC_006
+
+    - name: Validate the containers count
+      assert:
+        that: containers_count.stdout | int >= actual_containers
+        success_msg: "{{ awx_exists_msg }}"
+        fail_msg: "{{ awx_not_exists_msg }}"
+      tags: TC_006
+
+# Testcase OMNIA_CRM_US_AWXD_TC_007
+# Test case to verify regression testing
+- name: OMNIA_CRM_US_AWXD_TC_007
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - block:
+        - name: Calling the role to be tested
+          include_role:
+            name: ../roles/web_ui
+      tags: TC_007
+
+    - name: Check that you can connect to github repo and it returns a status 200
+      uri:
+        url: "{{ awx_git_repo }}"
+        status_code: "{{ return_status }}"
+        return_content: true
+      tags: TC_007
+
+    - name: Check that you can can connect to AWX UI and it returns a status 200
+      uri:
+        url: "{{ awx_url }}"
+        status_code: "{{ return_status }}"
+        return_content: true
+      tags: TC_007
+
+    - name: verify awx-server is listening on 80
+      wait_for:
+        port: "{{ awx_listening_port }}"
+        timeout: "{{ time }}"
+      tags: TC_007
+
+    - name: Get the containers count
+      shell: |
+        set -o pipefail
+        docker ps -a | grep awx | wc -l
+      register: containers_count
+      changed_when: False
+      tags: TC_007
+
+    - name: Validate the containers count
+      assert:
+        that: containers_count.stdout | int >= actual_containers
+        success_msg: "{{ awx_exists_msg }}"
+        fail_msg: "{{ awx_not_exists_msg }}"
+      tags: TC_007

appliance/test/test_web_ui_awxc.yml

@@ -0,0 +1,212 @@
+#  Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+---
+
+# Testcase OMNIA_CRM_US_AWXD_TC_008
+# Test case to validate the AWX configuration
+- name: OMNIA_CRM_US_AWXD_TC_008
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - ../roles/web_ui/vars/main.yml
+    - ../roles/common/vars/main.yml
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+
+    - block:
+        - name: Call the role to be tested
+          include_role:
+            name: ../roles/web_ui
+      tags: TC_008
+
+    - name: Get the package facts
+      package_facts:
+        manager: auto
+      tags: TC_008
+
+    - name: Check if ansible-tower-cli is already installed
+      assert:
+        that: "'{{ tower_cli_package_name }}' in ansible_facts.packages"
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+    - name: Get the existing organizations
+      command: >-
+        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}" organizations list -f human
+      register: organizations_array
+      changed_when: False
+      tags: TC_008
+
+    - name: Check for organization
+      assert:
+        that: organization_name in organizations_array.stdout
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+    - name: Get the existing projects
+      command: >-
+        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}" projects list -f human
+      changed_when: False
+      register: projects_array
+      tags: TC_008
+
+    - name: Check for project
+      assert:
+        that: project_name in projects_array.stdout
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+    - name: Get the existing inventories
+      command: >-
+        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}" inventory list -f human
+      changed_when: False
+      register: inventory_array
+      tags: TC_008
+
+    - name: Check for inventories
+      assert:
+        that: omnia_inventory_name in inventory_array.stdout
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+    - name: Get the existing groups if omnia-inventory exists
+      command: >-
+        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}"
+        groups list --inventory "{{ omnia_inventory_name }}" -f human
+      changed_when: False
+      register: groups_array
+      when: omnia_inventory_name in inventory_array.stdout
+      tags: TC_008
+
+    - name: Check for manager and compute groups
+      assert:
+        that: manager_group_name and compute_group_name in groups_array.stdout
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+    - name: Get the existing job templates
+      command: >-
+        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}" job_templates list -f human
+      changed_when: False
+      register: templates_array
+      tags: TC_008
+
+    - name: Check for templates
+      assert:
+        that: omnia_template_name and inventory_template_name in templates_array.stdout
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+    - name: Get the existing schedules for job templates
+      command: >-
+        awx --conf.host "{{ awx_ip }}" --conf.username "{{ awx_user }}" --conf.password "{{ admin_password }}" schedules list -f human
+      changed_when: False
+      register: schedules_array
+      tags: TC_008
+
+    - name: Check for schedules to job template
+      assert:
+        that: schedule_name in schedules_array.stdout
+        success_msg: "{{ resource_exists_success_msg }}"
+        fail_msg: "{{ resource_exists_fail_msg }}"
+      tags: TC_008
+
+# Testcase OMNIA_CRM_US_AWXD_TC_009
+# Execute common role in management station without internet connectivity
+- name: OMNIA_CRM_US_AWXD_TC_009
+  hosts: localhost
+  connection: local
+  gather_subset:
+    - 'min'
+  vars_files:
+    - test_vars/test_common_vars.yml
+    - ../roles/common/vars/main.yml
+  tasks:
+    - name: Down internet connectivity
+      lineinfile:
+        path: /etc/hosts
+        line: "172.16.0.5 github.com"
+        state: present
+        backup: yes
+      tags: TC_009
+
+    - block:
+        - name: Call common role
+          include_role:
+            name: ../roles/web_ui
+
+      rescue:
+        - name: Validate internet connectivity failure message
+          assert:
+            that: internet_status in internet_value.msg
+            success_msg: "{{ internet_check_success_msg }}"
+            fail_msg: "{{ internet_check_fail_msg }}"
+      tags: TC_009
+
+    - name: Up internet connectivity
+      lineinfile:
+        path: /etc/hosts
+        line: "172.16.0.5 github.com"
+        state: absent
+      tags: TC_009
+
+# Testcase OMNIA_CRM_US_AWXD_TC_010
+# Execute provision role in management station and reboot management station
+- name: OMNIA_CRM_US_AWXD_TC_010
+  hosts: localhost
+  connection: local
+  vars_files:
+    - test_vars/test_web_ui_vars.yml
+  tasks:
+    - name: Check last uptime of the server
+      shell: |
+        current_time=$(date +"%Y-%m-%d %H")
+        uptime -s | grep "$current_time"
+      register: uptime_status
+      changed_when: false
+      ignore_errors: yes
+      tags: TC_010
+
+    - block:
+        - name: Call web_ui role
+          include_role:
+            name: ../roles/web_ui
+          vars:
+            no_prompt: true
+      tags: TC_010
+
+    - name: Reboot localhost
+      command: reboot
+      when: uptime_status.stdout|length < 1
+      tags: TC_010
+
+    - name: Inspect AWX web container
+      docker_container_info:
+        name: "{{ docker_container_name }}"
+      register: awx_container_status
+      tags: TC_010
+
+    - name: Verify AWX container is running after reboot
+      assert:
+        that:
+          - "'running' in awx_container_status.container.State.Status"
+      tags: TC_010

kubernetes/roles/computeGPU/files/nvidia

@@ -1,3 +0,0 @@
-#!/bin/sh
-PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" exec nvidia-container-runtime-hook "$@"
-

kubernetes/roles/computeGPU/tasks/main.yml

@@ -13,25 +13,16 @@
 #  limitations under the License.
 
 ---
-- name: add Nvidia container runtime support
+- name: add nvidia-docker2 Repo
   get_url:
-    url: https://nvidia.github.io/nvidia-container-runtime/centos7/nvidia-container-runtime.repo
-    dest: /etc/yum.repos.d/nvidia-container-runtime.repo
+    url: https://nvidia.github.io/nvidia-docker/centos7/nvidia-docker.repo
+    dest: /etc/yum.repos.d/nvidia-docker.repo
   tags: install, testing
 
-- name:  disable gpg key for nvidia-container-runtime
-  replace:
-    path: /etc/yum.repos.d/nvidia-container-runtime.repo
-    regexp: 'repo_gpgcheck=1'
-    replace: 'repo_gpgcheck=0'
-    backup: yes
-  tags: install
-
-- name: install Nvidia-container-runtime-hook
+- name: install Nvidia driver and nvidia-docker2
   package:
     name:
       - kmod-nvidia
-      - nvidia-container-runtime-hook
       - nvidia-docker2
     state: present
   tags: install

kubernetes/roles/manager/files/nvidia

@@ -1,3 +0,0 @@
-#!/bin/sh
-PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" exec nvidia-container-runtime-hook "$@"
-

kubernetes/roles/startmanager/files/enable_gpu_k8s.sh

@@ -1 +0,0 @@
-kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/v1.11/nvidia-device-plugin.yml

kubernetes/roles/startmanager/tasks/main.yml

@@ -78,16 +78,6 @@
   #shell: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
   #tags: init
 
-- name: Enabled GPU support in Kubernetes
-  shell: kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/1.0.0-beta4/nvidia-device-plugin.yml
-                           #https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/v1.11/nvidia-device-plugin.yml
-  register: gpu_enable
-  tags: init
-
-- name: Deploy Xilinx Device Plugin
-  shell: kubectl create -f https://raw.githubusercontent.com/Xilinx/FPGA_as_a_Service/master/k8s-fpga-device-plugin/fpga-device-plugin.yml
-  register: fpga_enable
-  tags: init
 
 - name: Create yaml repo for setup
   file:

kubernetes/roles/startservices/tasks/main.yml

@@ -13,10 +13,6 @@
 #  limitations under the License.
 
 ---
-#- name: Kick CoreDNS (this is a hack that needs to be fixed)
-  #shell:  kubectl get pods -n kube-system --no-headers=true | awk '/coredns/{print $1}'|xargs kubectl delete -n kube-system pod
-  #tags: init
-
 - name: Wait for CoreDNS to restart
   shell: kubectl rollout status deployment/coredns -n kube-system
   tags: init
@@ -84,3 +80,8 @@
 - name: Install GPU Feature Discovery
   shell: helm install  --version=0.2.0  --generate-name  --set migStrategy={{ MIG_STRATEGY }}  nvgfd/gpu-feature-discovery
   tags: init
+
+- name: Deploy Xilinx Device Plugin
+  shell: kubectl create -f https://raw.githubusercontent.com/Xilinx/FPGA_as_a_Service/master/k8s-fpga-device-plugin/fpga-device-plugin.yml
+  register: fpga_enable
+  tags: init