From eb53a965dc68fa01334c264323294dd550db6472 Mon Sep 17 00:00:00 2001 From: Martin Schurz Date: Mon, 7 Oct 2024 22:58:25 +0200 Subject: [PATCH] Don't run tests if the environment is not correct Signed-off-by: Martin Schurz --- CONTRIBUTING.md | 15 +++++++++++++++ molecule/mysql_hardening/molecule.yml | 2 ++ molecule/nginx_hardening/molecule.yml | 2 ++ molecule/os_hardening/molecule.yml | 2 ++ molecule/os_hardening_vm/molecule.yml | 2 ++ molecule/shared/prerequisites.yml | 9 +++++++++ molecule/ssh_hardening/molecule.yml | 2 ++ molecule/ssh_hardening_bsd/molecule.yml | 2 ++ molecule/ssh_hardening_custom_tests/molecule.yml | 2 ++ 9 files changed, 38 insertions(+) create mode 100644 molecule/shared/prerequisites.yml diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index da3d4f87a..ee619116e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -93,6 +93,21 @@ We generally include test for coding guidelines: Remember: Code is generally read much more often than written. +### Local testing of roles in this collection + +We are using Molecule to test our roles. +If you want to execute the tests on your machine you need Docker and Molecule. +You will also need to set the `MOLECULE_DISTRO` environment variable to execute the tests. +To find valid values for the variable you can take a look at our GitHub Action workflows in `.github/workflows/`. + +Example for executing tests locally: + +```bash +pip install -r requirements.txt +export MOLECULE_DISTRO="debian12" +molecule test -s os_hardening +``` + ### Use Markdown Wherever possible, please refrain from any other formats and stick to simple markdown. diff --git a/molecule/mysql_hardening/molecule.yml b/molecule/mysql_hardening/molecule.yml index cbef51a59..edfb28484 100644 --- a/molecule/mysql_hardening/molecule.yml +++ b/molecule/mysql_hardening/molecule.yml @@ -33,6 +33,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -48,6 +49,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create diff --git a/molecule/nginx_hardening/molecule.yml b/molecule/nginx_hardening/molecule.yml index 2153c5609..71c28cad7 100644 --- a/molecule/nginx_hardening/molecule.yml +++ b/molecule/nginx_hardening/molecule.yml @@ -32,6 +32,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -47,6 +48,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create diff --git a/molecule/os_hardening/molecule.yml b/molecule/os_hardening/molecule.yml index a20a3053b..318407195 100644 --- a/molecule/os_hardening/molecule.yml +++ b/molecule/os_hardening/molecule.yml @@ -28,6 +28,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -43,6 +44,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create diff --git a/molecule/os_hardening_vm/molecule.yml b/molecule/os_hardening_vm/molecule.yml index d50a30e81..59b2a5f41 100644 --- a/molecule/os_hardening_vm/molecule.yml +++ b/molecule/os_hardening_vm/molecule.yml @@ -37,6 +37,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -52,6 +53,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create diff --git a/molecule/shared/prerequisites.yml b/molecule/shared/prerequisites.yml new file mode 100644 index 000000000..0682015af --- /dev/null +++ b/molecule/shared/prerequisites.yml @@ -0,0 +1,9 @@ +--- +- name: Verify prerequisites + hosts: localhost + tasks: + - name: Make sure environment variable for MOLECULE_DISTRO is set + ansible.builtin.assert: + that: + - "lookup('env','MOLECULE_DISTRO')" + fail_msg: "You need to set MOLECULE_DISTRO to a supported image name. See CONTRIBUTING.md" diff --git a/molecule/ssh_hardening/molecule.yml b/molecule/ssh_hardening/molecule.yml index d7a29984e..834b709c8 100644 --- a/molecule/ssh_hardening/molecule.yml +++ b/molecule/ssh_hardening/molecule.yml @@ -34,6 +34,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -49,6 +50,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create diff --git a/molecule/ssh_hardening_bsd/molecule.yml b/molecule/ssh_hardening_bsd/molecule.yml index 42dc195bd..2c98fd415 100644 --- a/molecule/ssh_hardening_bsd/molecule.yml +++ b/molecule/ssh_hardening_bsd/molecule.yml @@ -33,6 +33,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -48,6 +49,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create diff --git a/molecule/ssh_hardening_custom_tests/molecule.yml b/molecule/ssh_hardening_custom_tests/molecule.yml index a20a3053b..318407195 100644 --- a/molecule/ssh_hardening_custom_tests/molecule.yml +++ b/molecule/ssh_hardening_custom_tests/molecule.yml @@ -28,6 +28,7 @@ scenario: - prepare check_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - create - prepare @@ -43,6 +44,7 @@ scenario: - destroy test_sequence: - dependency + - verify ../shared/prerequisites.yml - destroy - syntax - create