azure: Run Base and XMLRPC tests is isolated network

The tests in these envs make DNS requests to wild(internet) NSs, though usually tests assume the opposite making requests to `test.` zone. This makes CI unstable and dependent on wild resolvers and logically wrong. In future there can be tests which may want to check BIND as resolver(cache) for external networks. In this case such tests should be placed on not isolated mode. By default, a test env is not isolated from internet(as it was before), but it may be a good idea to change this default in future. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-02-25 18:55:28 -06:00 · 2021-05-14 11:35:46 +03:00 · 2021-05-14 11:35:46 +03:00 · fc0c6b44a8
commit fc0c6b44a8
parent 65700bf743
5 changed files with 30 additions and 2 deletions
--- a/ipatests/azure/Dockerfiles/docker-compose.yml
+++ b/ipatests/azure/Dockerfiles/docker-compose.yml
@ -56,3 +56,4 @@ networks:
      driver: default
      config:
      - subnet: ${IPA_IPV6_SUBNET}
+    internal: ${IPA_NETWORK_INTERNAL}
--- a/ipatests/azure/azure_definitions/base-fedora.yml
+++ b/ipatests/azure/azure_definitions/base-fedora.yml
@ -13,6 +13,7 @@ vms:
    - test_xmlrpc/test_dns_plugin.py
    args: "-k 'not test_dns_soa'"
    type: base
+    isolated: "true"

  - container_job: xmlrpc
    tests:
@ -20,3 +21,4 @@ vms:
    ignore:
    - test_xmlrpc/test_dns_plugin.py
    type: base
+    isolated: "true"
--- a/ipatests/azure/scripts/azure-run-base-tests.sh
+++ b/ipatests/azure/scripts/azure-run-base-tests.sh
@ -28,13 +28,29 @@ server_password=Secret123

 echo "Installing FreeIPA master for the domain ${IPA_TESTS_DOMAIN} and realm ${IPA_TESTS_REALM}"

+case "$IPA_NETWORK_INTERNAL" in
+    true )
+    AUTO_FORWARDERS='--no-forwarders'
+    ;;
+
+    false )
+    AUTO_FORWARDERS='--auto-forwarders'
+    ;;
+
+    * )
+    echo "Unsupported value for IPA_NETWORK_INTERNAL: '$IPA_NETWORK_INTERNAL'"
+    exit 1
+    ;;
+esac
+
 install_result=1
 { ipa-server-install -U \
    --domain "$IPA_TESTS_DOMAIN" \
    --realm "$IPA_TESTS_REALM" \
    -p "$server_password" -a "$server_password" \
-    --setup-dns --setup-kra --auto-forwarders && install_result=0 ; } || \
-    install_result=$?
+    --setup-dns --setup-kra \
+    $AUTO_FORWARDERS \
+    && install_result=0 ; } || install_result=$?

 rm -rf "$IPA_TESTS_LOGSDIR"
 mkdir "$IPA_TESTS_LOGSDIR"
--- a/ipatests/azure/scripts/azure-run-tests.sh
+++ b/ipatests/azure/scripts/azure-run-tests.sh
@ -44,6 +44,9 @@ IPA_TESTS_REPLICAS="${!IPA_TESTS_REPLICAS_VARNAME:-0}"
 IPA_TESTS_CONTROLLER="${PROJECT_ID}_master_1"
 IPA_TESTS_LOGSDIR="${IPA_TESTS_REPO_PATH}/ipa_envs/${IPA_TESTS_ENV_NAME}/${CI_RUNNER_LOGS_DIR}"

+IPA_TESTS_NETWORK_INTERNAL_VARNAME="IPA_TESTS_NETWORK_INTERNAL_${PROJECT_ID}"
+IPA_NETWORK_INTERNAL="${!IPA_TESTS_NETWORK_INTERNAL_VARNAME:-false}"
+
 IPA_TESTS_DOMAIN="${IPA_TESTS_DOMAIN:-ipa.test}"
 # bash4
 IPA_TESTS_REALM="${IPA_TESTS_DOMAIN^^}"
@ -102,6 +105,7 @@ pushd "$project_dir"
 BUILD_REPOSITORY_LOCALPATH="$BUILD_REPOSITORY_LOCALPATH" \
 IPA_DOCKER_IMAGE="${IPA_DOCKER_IMAGE:-freeipa-azure-builder}" \
 IPA_NETWORK="${IPA_NETWORK:-ipanet}" \
+IPA_NETWORK_INTERNAL="$IPA_NETWORK_INTERNAL" \
 IPA_IPV6_SUBNET="2001:db8:1:${PROJECT_ID}::/64" \
 docker-compose -p "$PROJECT_ID" up \
    --scale replica="$IPA_TESTS_REPLICAS" \
@ -141,6 +145,7 @@ tests_result=1
    --env IPA_TESTS_TO_RUN="$IPA_TESTS_TO_RUN" \
    --env IPA_TESTS_TO_IGNORE="$IPA_TESTS_TO_IGNORE" \
    --env IPA_TESTS_ARGS="$IPA_TESTS_ARGS" \
+    --env IPA_NETWORK_INTERNAL="$IPA_NETWORK_INTERNAL" \
    "$IPA_TESTS_CONTROLLER" \
    $BASH_CMD \
    -eux "$tests_runner" && tests_result=0 ; } || tests_result=$?
@ -176,6 +181,7 @@ pushd "$project_dir"
 BUILD_REPOSITORY_LOCALPATH="$BUILD_REPOSITORY_LOCALPATH" \
 IPA_DOCKER_IMAGE="${IPA_DOCKER_IMAGE:-freeipa-azure-builder}" \
 IPA_NETWORK="${IPA_NETWORK:-ipanet}" \
+IPA_NETWORK_INTERNAL="$IPA_NETWORK_INTERNAL" \
 IPA_IPV6_SUBNET="2001:db8:1:${PROJECT_ID}::/64" \
 docker-compose -p "$PROJECT_ID" down
 popd
--- a/ipatests/azure/scripts/generate-matrix.py
+++ b/ipatests/azure/scripts/generate-matrix.py
@ -28,6 +28,9 @@ with open(args.azure_template) as f:
            jobs[f'ipa_tests_type_{job_id}'] = vm_job.get(
                'type', 'integration')
            jobs[f'ipa_tests_args_{job_id}'] = vm_job.get('args', '')
+            jobs[f'ipa_tests_network_internal_{job_id}'] = vm_job.get(
+                'isolated', 'false'
+            )

            containers = vm_job.get('containers')
            replicas = 0