policy_file

About The Role

This role will check if there is a file named Policy.yaml in the controlers. The file should be located at the manila’s configuration folder in the container.

Requirements

No Requirements.

Dependencies

No dependencies.

Example Playbook

- hosts: "{{ controller_rolename | default('Controller') }}"
  vars:
  metadata:
    name: Verify that keystone admin token is disabled
      description: |
        This validation checks that policy file of manilas configuration folder inside of the container,exists.
      groups:
        - post-deployment
      categories:
        - controller
      products:
        - tripleo
   manilas_policy_file: "/var/lib/config-data/puppet-generated/manila/etc/manila/policy.yaml"
  roles:
    - check_manila_policy_file

Author Information

Red Hat Manila

Full Description

Role Documentation

Welcome to the “check_manila_policy_file” role documentation.

Role Variables: main.yml

# While options found within the vars/ path can be overridden using extra
# vars, items within this path are considered part of the role and not
# intended to be modified.

# All variables within this role should have a prefix of "check_policy_file"

# !!!! IMPORTANT !!!!
# Add a comment above every variables describing them.
# This will be included in the sphinx role documentation
# !!!! IMPORTANT !!!!
manilas_policy_file: /var/lib/config-data/puppet-generated/manila/etc/manila/policy.yaml

Molecule Scenarios

Molecule is being used to test the “check_manila_policy_file” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.

Scenario: default

Driver: podman:

Molecule Platform(s)

- name: centos
  hostname: centos
  image: centos/centos:stream8
  registry:
    url: quay.io
  dockerfile: ../../../../.config/molecule/Dockerfile
  pkg_extras: python*-setuptools python*-pyyaml
  volumes:
  - /etc/ci/mirror_info.sh:/etc/ci/mirror_info.sh:ro
  privileged: true
  environment:
    http_proxy: "{{ lookup('env', 'http_proxy') }}"
    https_proxy: "{{ lookup('env', 'https_proxy') }}"
  ulimits:
  - host

Molecule Inventory

hosts:
  all:
    hosts:
      centos:
        ansible_python_interpreter: /usr/bin/python3

Example default playbook

- name: Converge
  hosts: all
  vars:
    manila_policy_path: /var/lib/config-data/puppet-generated/manila/etc/manila/
    policy_file_name: policy.yaml
  tasks:
  - name: Create manila directory
    file:
      path: '{{ manila_policy_path }}'
      state: directory
      mode: 0755
      recurse: true

  - name: Add policy file
    file:
      path: '{{ manila_policy_path }}{{ policy_file_name }}'
      state: touch
      mode: 0755

  - name: Test pass - policy file exists
    include_role:
      name: check_manila_policy_file
    vars:
      manila_policy_file: '{{ manila_policy_path }}{{ policy_file_name }}'

  - name: Remove policy file
    file:
      path: '{{ manila_policy_path }}{{ policy_file_name }}'
      state: absent

  - name: Test fails - policy file doesnt exists
    block:
    - name: Load role with failure
      include_role:
        name: check_manila_policy_file
    rescue:
    - name: Clear host error
      meta: clear_host_errors

    - name: Status message
      debug:
        msg: Successfully detected policy file doesnt exists!

    - name: End play
      meta: end_play

  - name: Fail if we get to this place
    fail:
      msg: 'Unit test failed: Did not detect that policy file doesnt exists!'