paste : move testing host to paste99, remove https hacks

Move the paste testing server to paste99 to distinguish it in testing from the actual production paste service. Since we have certificates setup now, we can directly test against "paste99.opendev.org", removing the insecure flags to various calls. Change-Id: Ifd5e270604102806736dffa86dff2bf8b23799c5
7 months ago · 939233e4e4
parent 72a0ad6d19
commit 939233e4e4
8 changed files with 21 additions and 20 deletions
--- a/inventory/service/group_vars/paste.yaml
+++ b/inventory/service/group_vars/paste.yaml
@ -0,0 +1,3 @@
+borg_backup_excludes_extra:
+  # live db; dumped with mysqldump
+  - /var/lib/lodgeit
--- a/inventory/service/host_vars/paste01.opendev.org.yaml
+++ b/inventory/service/host_vars/paste01.opendev.org.yaml
@ -3,6 +3,3 @@ letsencrypt_certs:
    - paste01.opendev.org
    - paste.opendev.org
    - paste.openstack.org
-borg_backup_excludes_extra:
-  # live db; dumped with mysqldump
-  - /var/lib/lodgeit
--- a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
+++ b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
@ -171,6 +171,9 @@
 - name: letsencrypt updated paste01-opendev-org-main
  include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml

+- name: letsencrypt updated paste99-opendev-org-main
+  include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
+
 # review

 - name: letsencrypt updated review02-opendev-org-main
--- a/playbooks/zuul/run-base.yaml
+++ b/playbooks/zuul/run-base.yaml
@ -148,7 +148,7 @@
        - host_vars/mirror01.openafs.provider.opendev.org.yaml
        - host_vars/mirror02.openafs.provider.opendev.org.yaml
        - host_vars/mirror-update01.opendev.org.yaml
-        - host_vars/paste01.opendev.org.yaml
+        - host_vars/paste99.opendev.org.yaml
        - host_vars/refstack01.openstack.org.yaml
        - host_vars/review99.opendev.org.yaml
    - name: Display group membership
--- a/playbooks/zuul/templates/host_vars/paste01.opendev.org.yaml.j2
+++ b/playbooks/zuul/templates/host_vars/paste01.opendev.org.yaml.j2
@ -1,2 +0,0 @@
-lodgeit_secret_key: secretkey
-lodgeit_db_password: password
--- a/playbooks/zuul/templates/host_vars/paste99.opendev.org.yaml.j2
+++ b/playbooks/zuul/templates/host_vars/paste99.opendev.org.yaml.j2
@ -0,0 +1,7 @@
+lodgeit_secret_key: secretkey
+lodgeit_db_password: password
+letsencrypt_certs:
+  paste99-opendev-org-main:
+    - paste99.opendev.org
+    - paste.opendev.org
+    - paste.openstack.org
--- a/testinfra/test_paste.py
+++ b/testinfra/test_paste.py
@ -16,7 +16,7 @@ import requests

 from util import take_screenshots

-testinfra_hosts = ['paste01.opendev.org']
+testinfra_hosts = ['paste99.opendev.org']


 def test_lodgeit_container_web_listening(host):
@ -27,9 +27,7 @@ def test_lodgeit_container_web_listening(host):
    assert paste_https.is_listening

 def test_paste(host):
-    cmd = host.run('curl --insecure '
-                   '--resolve paste.opendev.org:443:127.0.0.1 '
-                   'https://paste.opendev.org')
+    cmd = host.run('curl https://paste99.opendev.org')
    assert 'New Paste' in cmd.stdout
    # ensure we paste private by default
    assert '<input type="checkbox" name="private" id="private" checked>' \
@ -37,27 +35,22 @@ def test_paste(host):

 def test_paste_redirects(host):
    # http site should redirect all agents but Pastebinit
-    r = requests.get(
-        'http://%s' % host.backend.get_hostname(), allow_redirects=False)
+    r = requests.get('http://paste99.opendev.org', allow_redirects=False)
    assert r.status_code == 301
    assert r.headers['Location'] == 'https://paste.opendev.org/'

    headers = {
        'User-Agent': 'Pastebinit v1.2.3'
    }
-    r = requests.get('http://%s' % (host.backend.get_hostname()))
+    r = requests.get('http://paste99.opendev.org')
    assert r.status_code == 200

 def test_paste_logo(host):
-    cmd = host.run('curl --insecure '
-                   '--resolve paste.opendev.org:443:127.0.0.1 '
-                   'https://paste.opendev.org/assets/opendev.svg')
+    cmd = host.run('curl https://paste99.opendev.org/assets/opendev.svg')
    assert 'image/svg+xml' in cmd.stdout

 def test_paste_robots(host):
-    cmd = host.run('curl --insecure '
-                   '--resolve paste.opendev.org:443:127.0.0.1 '
-                   'https://paste.opendev.org/robots.txt')
+    cmd = host.run('curl https://paste99.opendev.org/robots.txt')
    assert 'Disallow: /' in cmd.stdout

 def test_paste_screenshots(host):
--- a/zuul.d/system-config-run.yaml
+++ b/zuul.d/system-config-run.yaml
@ -778,7 +778,7 @@
      nodes:
        - name: bridge.openstack.org
          label: ubuntu-bionic
-        - name: paste01.opendev.org
+        - name: paste99.opendev.org
          label: ubuntu-focal
    vars:
      run_playbooks: