Skip to content

test: add test cleanup, add flush_handlers #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
richm merged 1 commit into from
Apr 13, 2026
Merged

test: add test cleanup, add flush_handlers #28

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 74 additions & 0 deletions tests/tasks/cleanup.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
# SPDX-License-Identifier: MIT
---
- name: Stat quadlet install directory for cleanup
ansible.builtin.stat:
path: "{{ __trustee_client_quadlet_install_dir }}"
register: __trustee_client_cleanup_quadlet_dir

- name: Find trustee-gc quadlet pod files
ansible.builtin.find:
paths: "{{ __trustee_client_quadlet_install_dir }}"
patterns: trustee-gc*.pod
register: __trustee_client_cleanup_pod_files
when: __trustee_client_cleanup_quadlet_dir.stat.exists

- name: Stop and disable trustee quadlet pod services
ansible.builtin.systemd:
name: "{{ item.path | basename | regex_replace('\\.pod$', '') }}-pod.service"
state: stopped
enabled: false
loop: >-
{{
(__trustee_client_cleanup_pod_files.files | default([]))
if not (__trustee_client_cleanup_pod_files is skipped)
else []
}}
failed_when: false

- name: Stop and disable services tracked by trustee_client role
ansible.builtin.systemd:
name: "{{ item }}"
state: stopped
enabled: false
loop: "{{ __trustee_client_services }}"
failed_when: false

- name: Find trustee-gc quadlet unit files to remove
ansible.builtin.find:
paths: "{{ __trustee_client_quadlet_install_dir }}"
patterns:
- trustee-gc*.container
- trustee-gc*.pod
- trustee-gc*.volume
register: __trustee_client_cleanup_quadlet_files
when: __trustee_client_cleanup_quadlet_dir.stat.exists

- name: Remove trustee-gc quadlet unit files
ansible.builtin.file:
path: "{{ item.path }}"
state: absent
loop: >-
{{
(__trustee_client_cleanup_quadlet_files.files | default([]))
if not (__trustee_client_cleanup_quadlet_files is skipped)
else []
}}

- name: Remove trustee-gc configuration directory
ansible.builtin.file:
path: /etc/trustee-gc
state: absent

- name: Remove secret registration client script
ansible.builtin.file:
path: /usr/local/bin/secret_registration_client.sh
state: absent

- name: Remove secret registration client systemd unit
ansible.builtin.file:
path: /etc/systemd/system/secret_registration_client.service
state: absent

- name: Reload systemd after removing trustee_client units
ansible.builtin.systemd:
daemon_reload: true
153 changes: 82 additions & 71 deletions tests/tests_default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,86 +6,97 @@
trustee_client_trustee_gc: true
trustee_client_encrypt_disk: false
tasks:
- name: Run the role
ansible.builtin.include_tasks:
file: tasks/run_role_with_clear_facts.yml
vars:
__sr_public: true
- name: Run the tests
block:
- name: Run the role
ansible.builtin.include_tasks:
file: tasks/run_role_with_clear_facts.yml
vars:
__sr_public: true

- name: Collect package facts
package_facts:
manager: auto
no_log: true
- name: Flush handlers to start services created by the role
ansible.builtin.meta: flush_handlers

- name: Assert required packages are installed
assert:
that:
- item in ansible_facts.packages
fail_msg: "Required package '{{ item }}' is not installed"
loop: "{{ __trustee_client_trustee_gc_packages }}"
- name: Collect package facts
package_facts:
manager: auto
no_log: true

- name: Stat the quadlet install directory
stat:
path: "{{ __trustee_client_quadlet_install_dir }}"
register: __test_quadlet_dir
- name: Assert required packages are installed
assert:
that:
- item in ansible_facts.packages
fail_msg: "Required package '{{ item }}' is not installed"
loop: "{{ __trustee_client_trustee_gc_packages }}"

- name: Assert quadlet install directory exists
assert:
that:
- __test_quadlet_dir.stat.exists
- __test_quadlet_dir.stat.isdir
fail_msg: >-
Quadlet install directory {{ __trustee_client_quadlet_install_dir }}
does not exist
- name: Stat the quadlet install directory
stat:
path: "{{ __trustee_client_quadlet_install_dir }}"
register: __test_quadlet_dir

- name: Find deployed quadlet files
find:
paths: "{{ __trustee_client_quadlet_install_dir }}"
patterns:
- "*.container"
- "*.volume"
- "*.network"
- "*.kube"
- "*.pod"
register: __test_quadlet_files
- name: Assert quadlet install directory exists
assert:
that:
- __test_quadlet_dir.stat.exists
- __test_quadlet_dir.stat.isdir
fail_msg: >-
Quadlet install directory {{ __trustee_client_quadlet_install_dir }}
does not exist

- name: Assert quadlet files were deployed
assert:
that:
- __test_quadlet_files.files | length > 0
fail_msg: >-
No quadlet files found in {{ __trustee_client_quadlet_install_dir }}
- name: Find deployed quadlet files
find:
paths: "{{ __trustee_client_quadlet_install_dir }}"
patterns:
- "*.container"
- "*.volume"
- "*.network"
- "*.kube"
- "*.pod"
register: __test_quadlet_files

- name: Stat the trustee-gc config directory
stat:
path: /etc/trustee-gc
register: __test_trustee_gc_dir
- name: Assert quadlet files were deployed
assert:
that:
- __test_quadlet_files.files | length > 0
fail_msg: >-
No quadlet files found in {{ __trustee_client_quadlet_install_dir }}

- name: Assert trustee-gc config directory exists
assert:
that:
- __test_trustee_gc_dir.stat.exists
- __test_trustee_gc_dir.stat.isdir
fail_msg: "Trustee GC config directory /etc/trustee-gc does not exist"
- name: Stat the trustee-gc config directory
stat:
path: /etc/trustee-gc
register: __test_trustee_gc_dir

- name: Find trustee pod file
find:
paths: "{{ __trustee_client_quadlet_install_dir }}"
patterns: "*.pod"
recurse: false
register: __test_trustee_pod_files
- name: Assert trustee-gc config directory exists
assert:
that:
- __test_trustee_gc_dir.stat.exists
- __test_trustee_gc_dir.stat.isdir
fail_msg: "Trustee GC config directory /etc/trustee-gc does not exist"

- name: Assert trustee pod file exists
assert:
that: __test_trustee_pod_files.matched | int > 0
fail_msg: "No trustee pod file found in {{ __trustee_client_quadlet_install_dir }}"
- name: Find trustee pod file
find:
paths: "{{ __trustee_client_quadlet_install_dir }}"
patterns: "*.pod"
recurse: false
register: __test_trustee_pod_files

- name: Set trustee pod service name
ansible.builtin.set_fact:
__test_trustee_pod_service: "{{ (__test_trustee_pod_files.files[0].path | basename) | replace('.pod', '') }}-pod"
- name: Assert trustee pod file exists
assert:
that: __test_trustee_pod_files.matched | int > 0
fail_msg: "No trustee pod file found in {{ __trustee_client_quadlet_install_dir }}"

- name: Assert trustee pod service is running
ansible.builtin.service:
name: "{{ __test_trustee_pod_service }}"
state: started
check_mode: true
- name: Set trustee pod service name
ansible.builtin.set_fact:
__test_trustee_pod_service: "{{ (__test_trustee_pod_files.files[0].path | basename) | replace('.pod', '') }}-pod"

- name: Assert trustee pod service is running
ansible.builtin.service:
name: "{{ __test_trustee_pod_service }}"
state: started
check_mode: true
always:
- name: Cleanup trustee_client test resources
ansible.builtin.include_tasks:
file: tasks/cleanup.yml
tags:
- tests::cleanup
Loading
Loading