[ci] Fix kitchen tests & salt states
Changes:
- added 'is defined' check to compute|controller.enable opts
- added creation of an empty policy.json file for newton+ release
to allow to manage rules. (policy.json for nova is removed
in stable/ocata, defaults are taken from code)
- any nova manage * commands wrapped into 'noservice' condition
- fixed .kitchen.yaml to manage releases in properly way (before
change, Liberty release always used)
wrong ways:
pillars:
- top.sls
- nova <-------- will be created just 'nova' file, not 'nova.sls'
pillars:
- top.sls
- nova.sls: <--- does not overwrite anything (file already exists)
nova:
version: ocata
Change-Id: I8c51f65979071148e22fb72a5f04b78e83074043
diff --git a/.kitchen.yml b/.kitchen.yml
index c3e27e9..418d93e 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -32,11 +32,7 @@
"*":
- linux_repo_openstack
- nova
- nova:
- controller:
- version: <%= ENV['OS_VERSION'] || 'mitaka' %>
- compute:
- version: <%= ENV['OS_VERSION'] || 'mitaka' %>
+ - release
pillars-from-files:
linux_repo_openstack.sls: tests/pillar/repo_mcp_openstack_<%= ENV['OS_VERSION'] || 'mitaka' %>.sls
@@ -56,10 +52,20 @@
provisioner:
pillars-from-files:
nova.sls: tests/pillar/compute_cluster.sls
+ pillars:
+ release.sls:
+ nova:
+ compute:
+ version: <%= ENV['OS_VERSION'] || 'mitaka' %>
- name: control_cluster
provisioner:
pillars-from-files:
nova.sls: tests/pillar/control_cluster.sls
+ pillars:
+ release.sls:
+ nova:
+ controller:
+ version: <%= ENV['OS_VERSION'] || 'mitaka' %>
# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/nova/compute.sls b/nova/compute.sls
index b2d0142..226df97 100644
--- a/nova/compute.sls
+++ b/nova/compute.sls
@@ -1,5 +1,6 @@
{%- from "nova/map.jinja" import compute with context %}
-{%- if compute.enabled %}
+
+{%- if compute.get('enabled') %}
nova_compute_packages:
pkg.installed:
@@ -63,7 +64,7 @@
{%- endif %}
-{%- if pillar.nova.controller is not defined %}
+{%- if not pillar.nova.get('controller',{}).get('enabled') %}
/etc/nova/nova.conf:
file.managed:
- source: salt://nova/files/{{ compute.version }}/nova-compute.conf.{{ grains.os_family }}
diff --git a/nova/controller.sls b/nova/controller.sls
index d6df274..664cb2b 100644
--- a/nova/controller.sls
+++ b/nova/controller.sls
@@ -1,6 +1,6 @@
{% from "nova/map.jinja" import controller with context %}
-{%- if controller.enabled %}
+{%- if controller.get('enabled') %}
{%- if grains.os_family == 'Debian' %}
debconf-set-prerequisite:
@@ -69,6 +69,20 @@
- require:
- pkg: nova_controller_packages
+{% if controller.get('policy', {}) and controller.version not in ['liberty', 'mitaka', 'newton'] %}
+{# nova no longer ships with a default policy.json #}
+
+/etc/nova/policy.json:
+ file.managed:
+ - contents: '{}'
+ - replace: False
+ - user: nova
+ - group: nova
+ - require:
+ - pkg: nova_controller_packages
+
+{% endif %}
+
{%- for name, rule in controller.get('policy', {}).iteritems() %}
{%- if rule != None %}
@@ -79,6 +93,9 @@
- rule: {{ rule }}
- require:
- pkg: nova_controller_packages
+ {% if controller.version not in ['liberty', 'mitaka', 'newton'] %}
+ - file: /etc/nova/policy.json
+ {% endif%}
{%- else %}
@@ -88,6 +105,9 @@
- name: {{ name }}
- require:
- pkg: nova_controller_packages
+ {% if controller.version not in ['liberty', 'mitaka', 'newton'] %}
+ - file: /etc/nova/policy.json
+ {% endif%}
{%- endif %}
@@ -120,10 +140,16 @@
nova_controller_map_cell0:
cmd.run:
- name: nova-manage cell_v2 map_cell0
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
nova_cell1_create:
cmd.run:
- name: nova-manage cell_v2 create_cell --name=cell1
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- unless: 'nova-manage cell_v2 list_cells | grep cell1'
nova_placement_service_mask:
@@ -153,6 +179,9 @@
nova_controller_discover_hosts:
cmd.run:
- name: nova-manage cell_v2 discover_hosts
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- cmd: nova_controller_map_cell0
- cmd: nova_cell1_create
@@ -160,6 +189,9 @@
nova_controller_map_instances:
novang.map_instances:
- name: 'cell1'
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- cmd: nova_controller_discover_hosts
- pkg: nova_controller_packages
@@ -182,6 +214,9 @@
cmd.run:
- names:
- nova-manage db sync
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- file: /etc/nova/nova.conf
@@ -190,6 +225,9 @@
nova_controller_online_data_migrations:
cmd.run:
- name: nova-manage db online_data_migrations
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- cmd: nova_controller_syncdb
@@ -201,6 +239,9 @@
service.running:
- enable: true
- name: apache2
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- cmd: nova_controller_syncdb
- watch:
@@ -214,6 +255,9 @@
service.running:
- enable: true
- names: {{ controller.services }}
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- cmd: nova_controller_syncdb
- watch:
diff --git a/tests/pillar/control_cluster.sls b/tests/pillar/control_cluster.sls
index 84da744..9744dd1 100644
--- a/tests/pillar/control_cluster.sls
+++ b/tests/pillar/control_cluster.sls
@@ -42,7 +42,7 @@
password: password
virtual_host: '/openstack'
glance:
- host:
+ host:
port: 9292
network:
engine: neutron
@@ -59,7 +59,6 @@
filter_factory: 'keystonemiddleware.audit:filter_factory'
map_file: '/etc/pycadf/nova_api_audit_map.conf'
policy:
- context_is_admin: 'role:admin or role:administrator'
+ 'context_is_admin': 'role:admin or role:administrator'
'compute:create': 'rule:admin_or_owner'
'compute:create:attach_network':
-
diff --git a/tests/pillar/control_single.sls b/tests/pillar/control_single.sls
index ce33f8c..78eaa40 100644
--- a/tests/pillar/control_single.sls
+++ b/tests/pillar/control_single.sls
@@ -57,6 +57,6 @@
- host: 127.0.0.1
port: 11211
policy:
- context_is_admin: 'role:admin or role:administrator'
+ 'context_is_admin': 'role:admin or role:administrator'
'compute:create': 'rule:admin_or_owner'
'compute:create:attach_network':