CI: remove shell usage for test playbooks

General cleanup + has the advantages of not requiring bash on the hosts.
2026-05-07 09:27:38 -02:30 · 2024-10-25 14:53:24 +02:00
parent 2ba28a3389
commit 5cb07e0aac
2 changed files with 31 additions and 62 deletions
--- a/tests/testcases/040_check-network-adv.yml
+++ b/tests/testcases/040_check-network-adv.yml
@@ -3,13 +3,16 @@
  hosts: kube_node
  tasks:
    - name: Test tunl0 routes
-      shell: "set -o pipefail && ! /sbin/ip ro | grep '/{{ calico_pool_blocksize }} | default(26) via' | grep -v tunl0"
-      args:
-        executable: /bin/bash
+      command: "/sbin/ip route"
+      register: routes
+      failed_when: routes.stdout_lines
+        | select('contains', '/' ~ calico_pool_blocksize|d(26))
+        | select('contains', 'tunl0') | length == 0
      when:
        - (calico_ipip_mode is defined and calico_ipip_mode != 'Never' or cloud_provider is defined)
        - kube_network_plugin | default('calico') == 'calico'

+
 - name: Advanced testcases for network
  hosts: k8s_cluster
  vars:
@@ -32,26 +35,16 @@
        name: cluster-dump

    - name: Wait for netchecker server
-      shell: "set -o pipefail && {{ bin_dir }}/kubectl get pods -o wide --namespace {{ netcheck_namespace }} | grep ^netchecker-server"
-      args:
-        executable: /bin/bash
-      register: ncs_pod
-      until: ncs_pod.stdout.find('Running') != -1
+      command: "{{ bin_dir }}/kubectl get pods --field-selector=status.phase==Running -o jsonpath-as-json={.items[*].metadata.name} --namespace {{ netcheck_namespace }}"
+      register: pods_json
+      until:
+        - pods_json.stdout | from_json | select('match', 'netchecker-server.*') | length == 1
+        - (pods_json.stdout | from_json | select('match', 'netchecker-agent.*') | length)
+          >= (groups['k8s_cluster'] | intersect(ansible_play_hosts) | length * 2)
      retries: 3
      delay: 10
      when: inventory_hostname == groups['kube_control_plane'][0]

-    - name: Wait for netchecker agents
-      shell: "set -o pipefail && {{ bin_dir }}/kubectl get pods -o wide --namespace {{ netcheck_namespace }} | grep '^netchecker-agent-.*Running'"
-      args:
-        executable: /bin/bash
-      register: nca_pod
-      until: nca_pod.stdout_lines | length >= groups['k8s_cluster'] | intersect(ansible_play_hosts) | length * 2
-      retries: 3
-      delay: 10
-      failed_when: false
-      when: inventory_hostname == groups['kube_control_plane'][0]
-
    - name: Get netchecker pods
      command: "{{ bin_dir }}/kubectl -n {{ netcheck_namespace }} describe pod -l app={{ item }}"
      run_once: true
@@ -60,7 +53,7 @@
      with_items:
        - netchecker-agent
        - netchecker-agent-hostnet
-      when: not nca_pod is success
+      when: not pods_json is success

    - debug:  # noqa name[missing]
        var: nca_pod.stdout_lines
@@ -99,7 +92,7 @@
        - agents.content != '{}'

    - debug:  # noqa name[missing]
-        var: ncs_pod
+        var: pods_json
      run_once: true

    - name: Get kube-proxy logs
@@ -169,14 +162,9 @@
      run_once: true

    - name: Create macvlan network conf
-      # We cannot use only shell: below because Ansible will render the text
-      # with leading spaces, which means the shell will never find the string
-      # EOF at the beginning of a line. We can avoid Ansible's unhelpful
-      # heuristics by using the cmd parameter like this:
-      shell:
-        cmd: |
-          set -o pipefail
-          cat <<EOF | {{ bin_dir }}/kubectl create -f -
+      command:
+        cmd: "{{ bin_dir }}/kubectl create -f -"
+        stdin: |
          apiVersion: "k8s.cni.cncf.io/v1"
          kind: NetworkAttachmentDefinition
          metadata:
@@ -198,21 +186,7 @@
              "gateway": "192.168.1.1"
            }
          }'
-          EOF
-        executable: /bin/bash
-      when:
-        - inventory_hostname == groups['kube_control_plane'][0]
-        - kube_network_plugin_multus | default(false) | bool
-
-    - name: Annotate pod with macvlan network
-      # We cannot use only shell: below because Ansible will render the text
-      # with leading spaces, which means the shell will never find the string
-      # EOF at the beginning of a line. We can avoid Ansible's unhelpful
-      # heuristics by using the cmd parameter like this:
-      shell:
-        cmd: |
-          set -o pipefail
-          cat <<EOF | {{ bin_dir }}/kubectl create -f -
+          ---
          apiVersion: v1
          kind: Pod
          metadata:
@@ -224,8 +198,6 @@
            - name: samplepod
              command: ["/bin/bash", "-c", "sleep 2000000000000"]
              image: dougbtv/centos-network
-          EOF
-        executable: /bin/bash
      when:
        - inventory_hostname == groups['kube_control_plane'][0]
        - kube_network_plugin_multus | default(false) | bool