diff --git a/.github/workflows/ee.yml b/.github/workflows/ee.yml new file mode 100644 index 00000000..a2d5e47f --- /dev/null +++ b/.github/workflows/ee.yml @@ -0,0 +1,108 @@ +--- +name: execution environment +on: + # Run CI against all pushes (direct commits, also merged PRs), Pull Requests + push: + branches: + - main + - stable-* + pull_request: + # Run CI once per day (at 03:00 UTC) + # This ensures that even if there haven't been commits that we are still testing against latest version of ansible-builder + schedule: + - cron: '0 3 * * *' + +env: + NAMESPACE: community + COLLECTION_NAME: dns + +jobs: + build: + name: Build and test EE (Ⓐ${{ matrix.runner_tag }}) + strategy: + matrix: + runner_tag: + - devel + - stable-2.12-latest + - stable-2.11-latest + - stable-2.9-latest + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v3 + with: + path: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }} + + - name: Set up Python + uses: actions/setup-python@v3 + with: + python-version: '3.10' + + - name: Install ansible-builder and ansible-navigator + run: pip install ansible-builder ansible-navigator + + - name: Verify requirements + run: ansible-builder introspect --sanitize . + + - name: Make sure galaxy.yml has version entry + run: >- + python -c + 'import yaml ; + f = open("galaxy.yml", "rb") ; + data = yaml.safe_load(f) ; + f.close() ; + data["version"] = data.get("version") or "0.0.1" ; + f = open("galaxy.yml", "wb") ; + f.write(yaml.dump(data).encode("utf-8")) ; + f.close() ; + ' + working-directory: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }} + + - name: Build collection + run: | + ansible-galaxy collection build --output-path ../../../ + working-directory: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }} + + - name: Create files for building execution environment + run: | + COLLECTION_FILENAME="$(ls "${{ env.NAMESPACE }}-${{ env.COLLECTION_NAME }}"-*.tar.gz)" + + # EE config + cat > execution-environment.yml < requirements.yml < + ansible-navigator run + --mode stdout + --pull-policy never + --set-environment-variable ANSIBLE_PRIVATE_ROLE_VARS=true + --execution-environment-image test-ee:latest + all.yml + working-directory: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }}/tests/ee diff --git a/changelogs/fragments/93-ee.yml b/changelogs/fragments/93-ee.yml new file mode 100644 index 00000000..5a0d8e19 --- /dev/null +++ b/changelogs/fragments/93-ee.yml @@ -0,0 +1,2 @@ +minor_changes: + - "Prepare collection for inclusion in an Execution Environment by declaring its dependencies (https://github.com/ansible-collections/community.dns/pull/93)." diff --git a/meta/ee-requirements.txt b/meta/ee-requirements.txt new file mode 100644 index 00000000..914392af --- /dev/null +++ b/meta/ee-requirements.txt @@ -0,0 +1,2 @@ +dnspython +lxml diff --git a/meta/execution-environment.yml b/meta/execution-environment.yml new file mode 100644 index 00000000..c8994939 --- /dev/null +++ b/meta/execution-environment.yml @@ -0,0 +1,4 @@ +--- +version: 1 +dependencies: + python: meta/ee-requirements.txt diff --git a/tests/ee/all.yml b/tests/ee/all.yml new file mode 100644 index 00000000..1a937d4c --- /dev/null +++ b/tests/ee/all.yml @@ -0,0 +1,13 @@ +- hosts: localhost + tasks: + - name: Find all roles + find: + paths: + - "{{ playbook_dir ~ '/roles/' }}" + file_type: directory + depth: 1 + register: result + - name: Include all roles + include_role: + name: "{{ item }}" + loop: "{{ result.files | map(attribute='path') | map('regex_replace', '.*/', '') | sort }}" diff --git a/tests/ee/roles/filter_domain_suffix/tasks/main.yml b/tests/ee/roles/filter_domain_suffix/tasks/main.yml new file mode 100644 index 00000000..d85444d5 --- /dev/null +++ b/tests/ee/roles/filter_domain_suffix/tasks/main.yml @@ -0,0 +1,73 @@ +- name: "Test get_public_suffix filter" + assert: + that: + - "'' | community.dns.get_public_suffix == ''" + - "'' | community.dns.get_public_suffix(keep_leading_period=false) == ''" + - "'www.ansible.com' | community.dns.get_public_suffix == '.com'" + - "'www.ansible.com' | community.dns.get_public_suffix(keep_leading_period=false) == 'com'" + - "'some.random.prefixes.ansible.co.uk' | community.dns.get_public_suffix == '.co.uk'" + - "'no.known.suffixafdlkjsaflkjsaflkjslkjfds' | community.dns.get_public_suffix == '.suffixafdlkjsaflkjsaflkjslkjfds'" + - "'no.known.suffixafdlkjsaflkjsaflkjslkjfds' | community.dns.get_public_suffix(keep_unknown_suffix=False) == ''" + - "'ëçãmplê' | community.dns.get_public_suffix(normalize_result=True) == 'xn--mpl-llatwb'" + - "'www.example.cloudfront.net' | community.dns.get_public_suffix(icann_only=false) == '.cloudfront.net'" + - "'www.example.cloudfront.net' | community.dns.get_public_suffix(icann_only=true) == '.net'" + - "'www.ck' | community.dns.get_public_suffix == '.ck'" + - "'thisisaninvalidlabelbecauseitiswaytoolongitscharacterlengthislargerthan63' | community.dns.get_public_suffix == ''" + +- name: "Test remove_public_suffix filter" + assert: + that: + - "'' | community.dns.remove_public_suffix == ''" + - "'' | community.dns.remove_public_suffix(keep_trailing_period=true) == ''" + - "'com' | community.dns.remove_public_suffix == ''" + - "'com' | community.dns.remove_public_suffix(keep_trailing_period=true) == ''" + - "'www.ansible.com' | community.dns.remove_public_suffix == 'www.ansible'" + - "'www.ansible.com' | community.dns.remove_public_suffix(keep_trailing_period=true) == 'www.ansible.'" + - "'some.random.prefixes.ansible.co.uk' | community.dns.remove_public_suffix == 'some.random.prefixes.ansible'" + - "'no.known.suffixafdlkjsaflkjsaflkjslkjfds' | community.dns.remove_public_suffix == 'no.known'" + - "'no.known.suffixafdlkjsaflkjsaflkjslkjfds' | community.dns.remove_public_suffix(keep_unknown_suffix=False) == 'no.known.suffixafdlkjsaflkjsaflkjslkjfds'" + - "'www.example.cloudfront.net' | community.dns.remove_public_suffix(icann_only=false) == 'www.example'" + - "'www.example.cloudfront.net' | community.dns.remove_public_suffix(icann_only=true) == 'www.example.cloudfront'" + - "'www.ck' | community.dns.remove_public_suffix == 'www'" + - "'thisisaninvalidlabelbecauseitiswaytoolongitscharacterlengthislargerthan63' | community.dns.remove_public_suffix == 'thisisaninvalidlabelbecauseitiswaytoolongitscharacterlengthislargerthan63'" + +- name: "Test get_registrable_domain filter" + assert: + that: + - "'' | community.dns.get_registrable_domain == ''" + - "'com' | community.dns.get_registrable_domain == ''" + - "'com' | community.dns.get_registrable_domain(only_if_registerable=true) == ''" + - "'com' | community.dns.get_registrable_domain(only_if_registerable=false) == 'com'" + - "'www.ansible.com' | community.dns.get_registrable_domain == 'ansible.com'" + - "'www.ansible.com.' | community.dns.get_registrable_domain == 'ansible.com.'" + - "'www.ansible.com' | community.dns.get_registrable_domain(only_if_registerable=true) == 'ansible.com'" + - "'some.random.prefixes.ansible.co.uk' | community.dns.get_registrable_domain == 'ansible.co.uk'" + - "'some.invalid.example' | community.dns.get_registrable_domain == 'invalid.example'" + - "'some.invalid.example' | community.dns.get_registrable_domain(keep_unknown_suffix=False) == ''" + - "'ëçãmplê.com' | community.dns.get_registrable_domain(normalize_result=True) == 'xn--mpl-llatwb.com'" + - "'www.example.cloudfront.net' | community.dns.get_registrable_domain(icann_only=false) == 'example.cloudfront.net'" + - "'www.example.cloudfront.net' | community.dns.get_registrable_domain(icann_only=true) == 'cloudfront.net'" + - "'prefix.www.ck' | community.dns.get_registrable_domain == 'www.ck'" + - "'thisisaninvalidlabelbecauseitiswaytoolongitscharacterlengthislargerthan63' | community.dns.get_registrable_domain == ''" + +- name: "Test remove_registrable_domain filter" + assert: + that: + - "'' | community.dns.remove_registrable_domain == ''" + - "'' | community.dns.remove_registrable_domain(keep_trailing_period=true) == ''" + - "'com' | community.dns.remove_registrable_domain == 'com'" + - "'com' | community.dns.remove_registrable_domain(only_if_registerable=true) == 'com'" + - "'com' | community.dns.remove_registrable_domain(only_if_registerable=false) == ''" + - "'com' | community.dns.remove_registrable_domain(keep_trailing_period=true) == 'com'" + - "'www.ansible.com' | community.dns.remove_registrable_domain == 'www'" + - "'www.ansible.com' | community.dns.remove_registrable_domain(only_if_registerable=true) == 'www'" + - "'www.ansible.com' | community.dns.remove_registrable_domain(keep_trailing_period=true) == 'www.'" + - "'www.ansible.com.' | community.dns.remove_registrable_domain == 'www'" + - "'ansible.com.' | community.dns.remove_registrable_domain == ''" + - "'some.random.prefixes.ansible.co.uk' | community.dns.remove_registrable_domain == 'some.random.prefixes'" + - "'some.invalid.example' | community.dns.remove_registrable_domain == 'some'" + - "'some.invalid.example' | community.dns.remove_registrable_domain(keep_unknown_suffix=False) == 'some.invalid.example'" + - "'www.example.cloudfront.net' | community.dns.remove_registrable_domain(icann_only=false) == 'www'" + - "'www.example.cloudfront.net' | community.dns.remove_registrable_domain(icann_only=true) == 'www.example'" + - "'prefix.www.ck' | community.dns.remove_registrable_domain == 'prefix'" + - "'thisisaninvalidlabelbecauseitiswaytoolongitscharacterlengthislargerthan63' | community.dns.remove_registrable_domain == 'thisisaninvalidlabelbecauseitiswaytoolongitscharacterlengthislargerthan63'" diff --git a/tests/ee/roles/wait_for_txt/tasks/main.yml b/tests/ee/roles/wait_for_txt/tasks/main.yml new file mode 100644 index 00000000..09173175 --- /dev/null +++ b/tests/ee/roles/wait_for_txt/tasks/main.yml @@ -0,0 +1,73 @@ +- name: Get TXT records for github.com + shell: | + dig -t TXT github.com +short | sed -e 's/" "//g' -e 's/"//g' + register: dig + +- name: Wait for existing TXT entry + community.dns.wait_for_txt: + records: + - name: github.com + values: "{{ dig.stdout_lines }}" + - name: github.io + values: [] + timeout: 0 + register: success + +- name: Validate results + assert: + that: + - success is not changed + - success.msg == 'All checks passed' + - success.completed == 2 + - success.records | length == 2 + - success.records[0].name == 'github.com' + - success.records[0].done == true + - "'values' in success.records[0]" + - success.records[0].check_count == 1 + - success.records[1].name == 'github.io' + - success.records[1].done == true + - "'values' in success.records[1]" + - success.records[1].check_count == 1 + +- name: Wait for non-existing TXT entry + community.dns.wait_for_txt: + records: + - name: does_not_exist.ansible.com + values: test + timeout: 0 + ignore_errors: true + register: timeout + +- name: Validate results + assert: + that: + - timeout is failed + - timeout.msg == 'Timeout (0 out of 1 check(s) passed).' + - timeout.completed == 0 + - timeout.records | length == 1 + - timeout.records[0].name == 'does_not_exist.ansible.com' + - timeout.records[0].done == false + - "'values' in timeout.records[0]" + - timeout.records[0].check_count == 1 + +- name: Wait for non-existing TXT value + community.dns.wait_for_txt: + records: + - name: github.com + # random digits generated by https://www.random.org/ + values: x9717627475397185312575692320809591701005198751588993668249007340758823426405452359342719842260291210 + timeout: 0 + ignore_errors: true + register: timeout + +- name: Validate results + assert: + that: + - timeout is failed + - timeout.msg == 'Timeout (0 out of 1 check(s) passed).' + - timeout.completed == 0 + - timeout.records | length == 1 + - timeout.records[0].name == 'github.com' + - timeout.records[0].done == false + - "'values' in timeout.records[0]" + - timeout.records[0].check_count == 1