test: add cleanup to all tests - parameterize path names

richm · richm · commit e9d30df15e27 · 2023-05-03T08:57:47.000-06:00
In order to make the tests more friendly to all of our test
environments, add a cleanup section to all tests.  The
certificate test already had one.

Improve the clean up by removing all files and paths created
by the role and tests.

Parameterize paths used by the role to make it easier to remove
them in the tests.

Fix a few spelling errors.

Fix some ansible-lint issues.
diff --git a/tasks/certificate.yml b/tasks/certificate.yml
@@ -1,6 +1,9 @@
 ---
 - name: Generate certificate using PostgreSQL role
   when: postgresql_certificates | length > 0
+  vars:
+    __pg_server_crt: "{{ __postgresql_data_dir }}/server.crt"
+    __pg_server_key: "{{ __postgresql_data_dir }}/server.key"
   block:
     - name: Generate certificates
       include_role:
@@ -13,37 +16,36 @@
         src: >-
           /etc/pki/tls/certs/{{ (postgresql_certificates |
           first)['name'] }}.crt
-        dest: /var/lib/pgsql/data/server.crt
+        dest: "{{ __pg_server_crt }}"
         state: link
         owner: postgres
-      when: ( postgresql_certificates | first )['name'] is not abs
+      when: (postgresql_certificates | first)['name'] is not abs
 
     - name: Install certificate from the default path
       file:
         src: >-
           /etc/pki/tls/private/{{ (postgresql_certificates |
           first)['name'] }}.key
-        dest: /var/lib/pgsql/data/server.key
+        dest: "{{ __pg_server_key }}"
         state: link
         owner: postgres
-      when: ( postgresql_certificates | first )['name'] is not abs
+      when: (postgresql_certificates | first)['name'] is not abs
 
     - name: Install certificate from custom path
       file:
         src: "{{ (postgresql_certificates | first)['name'] }}.crt"
-        dest: /var/lib/pgsql/data/server.crt
+        dest: "{{ __pg_server_crt }}"
         state: link
         owner: postgres
-      when: ( postgresql_certificates | first )['name'] is abs
+      when: (postgresql_certificates | first)['name'] is abs
 
     - name: Install certificate from custom path
       file:
         src: "{{ (postgresql_certificates | first)['name'] }}.key"
-        dest: /var/lib/pgsql/data/server.key
+        dest: "{{ __pg_server_key }}"
         state: link
         owner: postgres
-      when: ( postgresql_certificates | first )['name'] is abs
-
+      when: (postgresql_certificates | first)['name'] is abs
 
 - name: Install user provided TLS certificates for postgresql
   when:
@@ -54,13 +56,13 @@
     - name: Install certificate file
       file:
         src: "{{ postgresql_cert_name }}.crt"
-        dest: /var/lib/pgsql/data/server.crt
+        dest: "{{ __pg_server_crt }}"
         state: link
         owner: postgres
 
     - name: Install postgresql server private key
       file:
         src: "{{ postgresql_cert_name }}.key"
-        dest: /var/lib/pgsql/data/server.key
+        dest: "{{ __pg_server_key }}"
         state: link
         owner: postgres
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -45,7 +45,7 @@
     - name: Init DB
       command:
         cmd: postgresql-setup --initdb
-        creates: /var/lib/pgsql/data/postgresql.conf
+        creates: "{{ __postgresql_main_conf_file }}"
 
     - name: Start Postgresql server
       service:
@@ -76,7 +76,7 @@
 
     - name: Enable logging in by password
       replace:
-        path: /var/lib/pgsql/data/pg_hba.conf
+        path: "{{ __postgresql_hba_conf_file }}"
         regexp: '(peer|ident)$'
         replace: 'md5'
         backup: true
@@ -93,7 +93,7 @@
   become: true
   template:
     backup: true
-    dest: "/var/lib/pgsql/data/pg_hba.conf"
+    dest: "{{ __postgresql_hba_conf_file }}"
     src: pg_hba.conf.j2
     mode: 0600
     owner: postgres
@@ -109,16 +109,16 @@
 
 - name: Link generated conf file with server one
   lineinfile:
-    path: /var/lib/pgsql/data/postgresql.conf
-    line: "include_if_exists = '/etc/postgresql/system-roles-internal.conf'"
+    path: "{{ __postgresql_main_conf_file }}"
+    line: "include_if_exists = '{{ __postgresql_internal_conf_file }}'"
     insertafter: "EOF"
   notify: Restart postgresql
 
 - name: Generate postgresql system-roles-internal.conf
   become: true
   template:
     backup: true
-    dest: "/etc/postgresql/system-roles-internal.conf"
+    dest: "{{ __postgresql_internal_conf_file }}"
     src: postgresql-internal.conf.j2
     mode: 0600
     owner: postgres
@@ -131,14 +131,14 @@
       become: true
       template:
         backup: true
-        dest: "/etc/postgresql/system-roles.conf"
+        dest: "{{ __postgresql_conf_file }}"
         src: postgresql.conf.j2
         mode: 0600
         owner: postgres
         group: postgres
 
     - name: Link generated conf file with server one
       lineinfile:
-        path: /var/lib/pgsql/data/postgresql.conf
-        line: "include_if_exists = '/etc/postgresql/system-roles.conf'"
+        path: "{{ __postgresql_main_conf_file }}"
+        line: "include_if_exists = '{{ __postgresql_conf_file }}'"
       notify: Restart postgresql
diff --git a/tasks/set_vars.yml b/tasks/set_vars.yml
@@ -24,7 +24,7 @@
 
 - name: Check postgresql.conf
   stat:
-    path: /var/lib/pgsql/data/postgresql.conf
+    path: "{{ __postgresql_main_conf_file }}"
   register: __postgresql_conf
 
 - name: Check TLS crt file
diff --git a/tests/clean_instance.yml b/tests/clean_instance.yml
diff --git a/tests/tasks/clean_instance.yml b/tests/tasks/clean_instance.yml
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: MIT
+---
+- name: Run handlers
+  meta: flush_handlers
+
+- name: Uninstall postgresql
+  package:
+    name: "{{ __postgresql_packages }}"
+    state: absent
+
+- name: Remove data directory
+  file:
+    path: "{{ __postgresql_data_dir }}"
+    state: absent
+
+- name: Remove config files
+  file:
+    path: "{{ item }}"
+    state: absent
+  loop:
+    - "{{ __postgresql_main_conf_file }}"
+    - "{{ __postgresql_hba_conf_file }}"
+    - "{{ __postgresql_conf_file }}"
+    - "{{ __postgresql_internal_conf_file }}"
+
+- name: Dump logs
+  command: journalctl -u postgresql
+  changed_when: false
diff --git a/tests/tests_certificate.yml b/tests/tests_certificate.yml
@@ -9,6 +9,7 @@
         - name: Deploy postgresql
           include_role:
             name: linux-system-roles.postgresql
+            public: true
           vars:
             postgresql_certificates:
               - name: test_crt
@@ -44,4 +45,5 @@
           changed_when: false
 
         - name: Clean up
-          include_tasks: clean_instance.yml
+          include_tasks: tasks/clean_instance.yml
+          tags: tests::cleanup
diff --git a/tests/tests_config_files.yml b/tests/tests_config_files.yml
@@ -1,48 +1,56 @@
 ---
 - name: Test PostgreSQL config file logic, handling
   hosts: all
-  vars:
-    __main_conf_file: /var/lib/pgsql/data/postgresql.conf
-    __generated_conf_files:
-      - /var/lib/pgsql/data/pg_hba.conf
-      - /etc/postgresql/system-roles.conf
-      - /etc/postgresql/system-roles-internal.conf
   tasks:
-    - name: Run role with given config
-      include_role:
-        name: linux-system-roles.postgresql
-      vars:
-        postgresql_pg_hba_conf:
-          - type: local
-            database: all
-            user: all
-            auth_method: peer
-          - type: host
-            database: all
-            user: all
-            address: '127.0.0.1/32'
-            auth_method: ident
-        postgresql_server_conf:
-          shared_buffers: 128MB
-          huge_pages: try
+    - name: Run test and cleanup
+      block:
+        - name: Run role with given config
+          include_role:
+            name: linux-system-roles.postgresql
+            public: true
+          vars:
+            postgresql_pg_hba_conf:
+              - type: local
+                database: all
+                user: all
+                auth_method: peer
+              - type: host
+                database: all
+                user: all
+                address: '127.0.0.1/32'
+                auth_method: ident
+            postgresql_server_conf:
+              shared_buffers: 128MB
+              huge_pages: try
 
-    - name: Verify existence of config files
-      stat:
-        path: "{{ item }}"
-      register: __stat
-      failed_when: not __stat.stat.exists
-      loop: "{{ __generated_conf_files }}"
+        - name: Verify existence of config files
+          stat:
+            path: "{{ item }}"
+          register: __stat
+          failed_when: not __stat.stat.exists
+          loop:
+            - "{{ __postgresql_hba_conf_file }}"
+            - "{{ __postgresql_conf_file }}"
+            - "{{ __postgresql_internal_conf_file }}"
 
-    - name: Verify main conf has link to system roles
-      command: >-
-        grep /etc/postgresql/system-roles-internal.conf
-        {{ __main_conf_file }}
-      changed_when: false
+        - name: Verify main conf has link to system roles
+          command: >-
+            grep {{ __postgresql_internal_conf_file }}
+            {{ __postgresql_main_conf_file }}
+          changed_when: false
 
-    - name: Check headers for ansible_managed, fingerprint
-      include_tasks: tasks/check_header.yml
-      loop: "{{ __generated_conf_files }}"
-      loop_control:
-        loop_var: __file
-      vars:
-        __fingerprint: "system_role:postgresql"
+        - name: Check headers for ansible_managed, fingerprint
+          include_tasks: tasks/check_header.yml
+          loop:
+            - "{{ __postgresql_hba_conf_file }}"
+            - "{{ __postgresql_conf_file }}"
+            - "{{ __postgresql_internal_conf_file }}"
+          loop_control:
+            loop_var: __file
+          vars:
+            __fingerprint: "system_role:postgresql"
+
+      always:
+        - name: Clean up
+          include_tasks: tasks/clean_instance.yml
+          tags: tests::cleanup
diff --git a/tests/tests_default.yml b/tests/tests_default.yml
@@ -10,6 +10,7 @@
         - name: Run postgresql role
           include_role:
             name: linux-system-roles.postgresql
+            public: true
 
         - name: Flush handlers
           meta: flush_handlers
@@ -24,16 +25,16 @@
           command: systemctl is-enabled postgresql
           changed_when: false
 
-        - name: Test - database is accesible for super user usign Unix socket
+        - name: Test - database is accessible for super user using Unix socket
           become: true
           become_user: postgres
           shell: |
             set -euo pipefail
             echo '\q' | psql
-          async: 3             # in case of password promt we need to fail
+          async: 3             # in case of password prompt we need to fail
           changed_when: false
 
-        - name: Check - server tunning is used - shared buffers
+        - name: Check - server tuning is used - shared buffers
           become: true
           become_user: postgres
           shell: |
@@ -42,13 +43,13 @@
           register: result
           changed_when: false
 
-        - name: Test - server tunning is used - shared buffers
+        - name: Test - server tuning is used - shared buffers
           assert:
             that: >
              (ansible_memory_mb.real.total/4) | int | abs | string
               in result.stdout
 
-        - name: Check - server tunning is used - effective cache size
+        - name: Check - server tuning is used - effective cache size
           become: true
           become_user: postgres
           shell: |
@@ -57,8 +58,13 @@
           register: result
           changed_when: false
 
-        - name: Test - server tunning is used - effective cache size
+        - name: Test - server tuning is used - effective cache size
           assert:
             that: >
               (ansible_memory_mb.real.total/2) | int | abs | string
                in result.stdout
+
+      always:
+        - name: Clean up
+          include_tasks: tasks/clean_instance.yml
+          tags: tests::cleanup
diff --git a/tests/tests_input_file.yml b/tests/tests_input_file.yml
diff --git a/vars/main.yml b/vars/main.yml
