--- # Requirements : # gem install kitchen-docker kitchen-ansible driver: name: docker require_chef_omnibus: false # No need of chef require_ruby_for_busser: true # Command used to run container at kitchen create. You can use it to override ssh parameters like MaxSessions (https://github.com/test-kitchen/test-kitchen/pull/1047) #run_command: '/usr/sbin/sshd -D -o UseDNS=no -o UsePAM=no -o PasswordAuthentication=yes -o MaxSessions=40 -o UsePrivilegeSeparation=no -o PidFile=/tmp/sshd.pid' #provision_command: echo 'bla driver' # work at create # This part specify the public key and private used to connect to containers (used by kitchen cli). # But we will use this key later also to be able to connect from bastion to others containers. # If not exist, kitchen will generate public and private key # /!\ spec directory should be created before run kitchen ci. # The spec directory is used because this directory will be copied inside the container by default. # The public key is automatically added in all containers authorized_keys. # /!\ The public key should not have \n at the and or you will have a ruby error during the create step private_key: spec/id_rsa public_key: spec/id_rsa.pub provisioner: name: ansible_playbook # Specify the role path in case you are testing a role. In case of playbook let it commented #roles_path: . require_ansible_repo: true ansible_verbose: true # e.g.: 1 => '-v', 2 => '-vv', 3 => '-vvv", ... ansible_verbosity: 2 ansible_version: latest # If not specified kitchen-ansible will run locally the playbook. Default local ansible run ansible_connection: ssh # Avoid kitchen-ansible to be blocked on ssh key verification ansible_host_key_checking: false # We are testing a playbook so I need to give his name playbook: site.yml # Specify the private key of the container put during converge private_key: spec/id_rsa # ---------------------------##########################################################--- Not needed ? require_chef_for_busser: false # No need of chef # Give dedicated ansible hosts file for kitchen. See the role example if you want to avoid it ansible_inventory: kitchen-hosts # Add some random variables extra_vars: a: b # BUG Related to https://github.com/test-kitchen/test-kitchen/pull/1047 transport: max_ssh_sessions: 2 platforms: # The important fact is that we define 2 images. # * One with pre-installed ansible for bastion to run faster tests (no need overhead of ansible setup for each build.) # * One basic clean debian image - name: debian-kitchen driver_config: image: gaell/debian-kitchen platform: debian - name: debian driver_config: image: debian platform: debian verifier: name: busser plugin: - Ansiblespec ruby_bindir: '/usr/bin' # kitchen will run each "suites" on each "platforms". # Because of our "hack" to have one pre build image for the bastion and one image for others nodes. # We are not using kitchen like this so, we specify platforms to exclude on each suites. suites: - name: web provisioner: ansible_playbook_command: echo 'NOOOP ANSIBLE' # Work at converge, disable ansible # If we disable all ansible require, the install_busser_prereqs will not be handled require_ansible_omnibus: false # No need ansible on this container require_ansible_source: false # No need ansible on this container require_ansible_repo: false # No need ansible on this container require_ruby_for_busser: true # see note [1] driver: # work at create provision_command: - sudo apt-get install -y ruby # see note [1] - sudo apt-get install -y net-tools # For netstat used by serverspec # Create a share volume to share source code of our app with the back container. volume: /mnt driver_config: instance_name: web excludes: - debian-kitchen - name: back provisioner: ansible_playbook_command: echo 'NOOOP ANSIBLE' # Work at converge, disable ansible # If we disable all ansible require, the install_busser_prereqs will not be handled require_ansible_omnibus: false # No need ansible on this container require_ansible_source: false # No need ansible on this container require_ansible_repo: false # No need ansible on this container require_ruby_for_busser: true # see note [1] driver: # work at create provision_command: - sudo apt-get install -y ruby # see note [1] - sudo apt-get install -y net-tools # For netstat used by serverspec # Get shared volume from the web container volumes_from: web driver_config: instance_name: back excludes: - debian-kitchen - name: ansible provisioner: require_ansible_omnibus: false # No force ansible from repo require_ansible_source: false # No force ansible from repo require_ansible_repo: true require_ruby_for_busser: true # see note [1] because of require_ansible_repo, don't need of manual ruby install # Specify the private key path inside the container that ansible will use to run # See copy_private_key_cmd function in github to know more on this subject : # https://github.com/neillturner/kitchen-ansible/blob/master/lib/kitchen/provisioner/ansible_playbook.rb # This private key will be copied in kitchen home directory at the kitchen converge step. Juste before run ansible private_key: spec/id_rsa driver_config: hostname: ansible.local instance_name: ansible # The bastion need to be declared at the end. Docker need to create first containers on which you are linked links: - "web:web" - "back:back" excludes: - debian # Notes : # [1] # Install ruby manualy. Because even if you put require_ruby_for_busser true, kitchen-ansible will not install it if # you don't select require_ansible_omnibus or require_ansible_source or require_ansible_repo # see : https://github.com/neillturner/kitchen-ansible/blob/847d2517617f8e1109cfe6862bd6809773f58b20/lib/kitchen/provisioner/ansible_playbook.rb#L98