Added SNI support for ansible_plugins via OS packages

Some Linux distributions, such as CentOS 7 and Xenial, have trouble
validating SSL certificates when using get_url with servers
that use Server Name Indication (SNI).

This patch adds those packages to the list of required packages and
uses bindep to install them in developer test environments the same
way that the gate tests install them.

Change-Id: I80355c8a82a0a0b295672c97c0740809659405b1
This commit is contained in:
Shashank Tavildar 2016-08-17 21:10:15 +00:00 committed by SHASHANK TAVILDAR (shasha_tavil)
parent 9259f702a4
commit 7e931aabef
2 changed files with 47 additions and 17 deletions

View File

@ -10,11 +10,29 @@
# will fall back to installing its default packages which # will fall back to installing its default packages which
# will potentially be detrimental to the tests executed. # will potentially be detrimental to the tests executed.
# OpenStack-CI's Jenkins needs curl # Base requirements for Ubuntu
# TODO(odyssey4me) remove this once https://review.openstack.org/288634 has merged build-essential [platform:dpkg]
# and the disk images are rebuilt and redeployed. git-core [platform:dpkg]
curl libssl-dev [platform:dpkg]
libffi-dev [platform:dpkg]
python2.7 [platform:dpkg]
python-dev [platform:dpkg]
# Requirements for Paramiko 2.0 # Base requirements for CentOS
libssl-dev gcc [platform:rpm]
libffi-dev gcc-c++ [platform:rpm]
git [platform:rpm]
python-devel [platform:rpm]
libffi-devel [platform:rpm]
openssl-devel [platform:rpm]
# For SELinux
libselinux-python [platform:rpm]
# For SSL SNI support
python-pyasn1 [platform:dpkg]
python-openssl [platform:dpkg]
python-ndg-httpsclient [platform:ubuntu !platform:ubuntu-trusty]
python2-pyasn1 [platform:rpm]
pyOpenSSL [platform:rpm]
python-ndg_httpsclient [platform:rpm]

View File

@ -17,25 +17,37 @@ set -euov
FUNCTIONAL_TEST=${FUNCTIONAL_TEST:-true} FUNCTIONAL_TEST=${FUNCTIONAL_TEST:-true}
# prep the host # Install pip
if [ "$(which apt-get)" ]; then
apt-get install -y build-essential python2.7 python-dev git-core libssl-dev
fi
# get pip, if necessary
if [ ! "$(which pip)" ]; then if [ ! "$(which pip)" ]; then
curl --silent --show-error --retry 5 \ curl --silent --show-error --retry 5 \
https://bootstrap.pypa.io/get-pip.py | sudo python2.7 https://bootstrap.pypa.io/get-pip.py | sudo python2.7
fi fi
# install tox # Install bindep and tox
pip install tox pip install bindep tox
# CentOS 7 requires two additional packages:
# redhat-lsb-core - for bindep profile support
# epel-release - required to install python-ndg_httpsclient/python2-pyasn1
if [ "$(which yum)" ]; then
yum -y install redhat-lsb-core epel-release
fi
# Install OS packages using bindep
if apt-get -v >/dev/null 2>&1 ; then
apt-get update
DEBIAN_FRONTEND=noninteractive \
apt-get -q --option "Dpkg::Options::=--force-confold" \
--assume-yes install `bindep -b -f bindep.txt test`
else
yum install -y `bindep -b -f bindep.txt test`
fi
# run through each tox env and execute the test # run through each tox env and execute the test
for tox_env in $(awk -F= '/envlist/ {print $2}' tox.ini | sed 's/,/ /g'); do for tox_env in $(awk -F= '/envlist/ {print $2}' tox.ini | sed 's/,/ /g'); do
if [ "${tox_env}" != "functional" ]; then if [ "${tox_env}" != "ansible-functional" ]; then
tox -e ${tox_env} tox -e ${tox_env}
elif [ "${tox_env}" == "functional" ]; then elif [ "${tox_env}" == "ansible-functional" ]; then
if ${FUNCTIONAL_TEST}; then if ${FUNCTIONAL_TEST}; then
tox -e ${tox_env} tox -e ${tox_env}
fi fi