diff --git a/validations_common/playbooks/verify-package.yaml b/validations_common/playbooks/verify-package.yaml new file mode 100644 index 0000000..1485243 --- /dev/null +++ b/validations_common/playbooks/verify-package.yaml @@ -0,0 +1,64 @@ +--- +# This playbook has been generated by the `validation init` CLI. +# +# As shown here in this template, the validation playbook requires three +# top-level directive: +# ``hosts``, ``vars -> metadata`` and ``roles``. +# +# ``hosts``: specifies which nodes to run the validation on. The options can +# be ``all`` (run on all nodes), or you could use the hosts defined +# in the inventory. +# ``vars``: this section serves for storing variables that are going to be +# available to the Ansible playbook. The validations API uses the +# ``metadata`` section to read each validation's name and description +# These values are then reported by the API. +# +# The validations can be grouped together by specyfying a ``groups`` metadata. +# Groups function similar to tags and a validation can thus be part of many +# groups. To get a full list of the groups available and their description, +# please run the following command on your Ansible Controller host: +# +# $ validation show group +# +# The validations can also be categorized by technical domain and acan belong to +# one or multiple ``categories``. For example, if your validation checks some +# networking related configuration, you may want to put ``networking`` as a +# category. Note that this section is open and you are free to categorize your +# validations as you like. +# +# The ``products`` section refers to the product on which you would like to run +# the validation. It's another way to categorized your community validations. +# Note that, by default, ``community`` is set in the ``products`` section to +# help you list your validations by filtering by products: +# +# $ validation list --product community +# +- hosts: all + gather_facts: false + vars: + metadata: + name: Verify package on RedHat os_family + description: | + This validation will run `rpm --verify' on RedHat OS family and + returns the status. + If selected package isn't installed, it will fail. + If selected package doesn't have the %verify scriptlet, it won't fail. + groups: + - prep + - pre-deploy + - pre-ugrade + - post-upgrade + - pre-system-upgrade + - post-system-upgrade + - pre-undercloud-upgrade + - post-undercloud-upgrade + - pre-overcloud-upgrade + - post-overcloud-upgrade + - pre-update + - post-update + categories: + - package + products: + - common + roles: + - verify_package diff --git a/validations_common/roles/verify_package/README.md b/validations_common/roles/verify_package/README.md new file mode 100644 index 0000000..969a60a --- /dev/null +++ b/validations_common/roles/verify_package/README.md @@ -0,0 +1,37 @@ +Role Name +========= + +Call `rpm --verify '. Note that this validation only works for +rhel-based systems, such as Enterprise Linux, CentOS, Fedora and so on. + +Requirements +------------ + +None + +Role Variables +-------------- + +`verify_package_pkg`: (str) Package name to verify +`verify_package_verbose`: (bool) toggle verbose option for rpm + +Dependencies +------------ + +None + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + vars: + verify_package_pkg: openstack-selinux + roles: + - verify_package + +License +------- + +BSD diff --git a/validations_common/roles/verify_package/defaults/main.yml b/validations_common/roles/verify_package/defaults/main.yml new file mode 100644 index 0000000..369532a --- /dev/null +++ b/validations_common/roles/verify_package/defaults/main.yml @@ -0,0 +1,4 @@ +--- +# defaults file for verify_package +verify_package_pkg: bash +verify_package_verbose: false diff --git a/validations_common/roles/verify_package/tasks/main.yml b/validations_common/roles/verify_package/tasks/main.yml new file mode 100644 index 0000000..a90f02a --- /dev/null +++ b/validations_common/roles/verify_package/tasks/main.yml @@ -0,0 +1,24 @@ +--- +- name: Ensure we have some facts + setup: + gather_subset: min + +- name: "Verify package {{ verify_package_pkg }}" + become: true + when: + - ansible_facts['os_family'] == 'RedHat' + register: pkg_verification + command: "rpm {{verify_package_verbose|ternary('-v','') }} -V {{ verify_package_pkg }}" + failed_when: pkg_verification['rc'] not in [0, 1] + +- name: Fail if needed + when: + - pkg_verification['rc'] != 0 + fail: + msg: "{{ pkg_verification['stderr'] }}" + +- name: Fail if we are not on RedHat family system + when: + - ansible_facts['os_family'] != 'RedHat' + fail: + msg: "This validation does not support {{ ansible_facts['os_family'] }}!"