1 files changed, 148 insertions, 0 deletions

diff --git a/distro/tests/knot-resolver-test.yaml b/distro/tests/knot-resolver-test.yaml
new file mode 100644
index 0000000..33d07aa
--- /dev/null
+++ b/distro/tests/knot-resolver-test.yaml
@@ -0,0 +1,148 @@
+---
+- hosts: all
+
+  remote_user: root
+  become: true
+
+  vars:
+    dig_package:
+      Debian: dnsutils
+      Ubuntu: dnsutils
+      Fedora: bind-utils
+      CentOS: bind-utils
+      openSUSE Leap: bind-utils
+      openSUSE Tumbleweed: bind-utils
+      Archlinux: bind-tools
+    configure_obs_repo:
+      Fedora: |
+        dnf config-manager --add-repo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Fedora_{{ ansible_distribution_major_version }}/home:CZ-NIC:{{ item }}.repo
+      CentOS: |
+        yum install -y wget &&
+        wget -i wget https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/CentOS_7_EPEL/home:CZ-NIC:{{ item }}.repo -O /etc/yum.repos.d/home:CZ-NIC:{{ item }}.repo
+      Debian: |
+        echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Debian_9.0/ /' > /etc/apt/sources.list.d/{{ item }}.list &&
+        wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/Debian_9.0/Release.key -O Release.key &&
+        apt-key add - < Release.key &&
+        apt-get update
+      Ubuntu: |
+        echo 'deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/xUbuntu_{{ ansible_distribution_version }}/ /' > /etc/apt/sources.list.d/{{ item }}.list &&
+        wget -nv https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/xUbuntu_{{ ansible_distribution_version }}/Release.key -O Release.key &&
+        apt-key add - < Release.key &&
+        apt-get update
+      openSUSE Tumbleweed: |
+        zypper addrepo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/openSUSE_Tumbleweed/home:CZ-NIC:{{ item }}.repo &&
+        zypper --gpg-auto-import-keys refresh
+      openSUSE Leap: |
+        zypper addrepo https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/openSUSE_Leap_15.0/home:CZ-NIC:{{ item }}.repo &&
+        zypper --gpg-auto-import-keys refresh
+    show_package_version:
+      Archlinux:
+        pacman -Qi knot-resolver | grep '^Version'
+      Fedora: &pkg_version_rpm |
+        rpm -qi knot-resolver | grep '^Version'
+      CentOS: *pkg_version_rpm
+      openSUSE Leap: *pkg_version_rpm
+      openSUSE Tumbleweed: *pkg_version_rpm
+      Debian:
+        dpkg -s knot-resolver | grep '^Version'
+      Ubuntu: |
+        dpkg -s knot-resolver | grep '^Version'
+  vars_files:
+    - repos.yaml
+
+  gather_facts: false
+  pre_tasks:
+    - name: install python3 (Arch)
+      raw: |
+        (pacman-key --init && pacman-key --populate archlinux && \
+         pacman -Sy python3 --noconfirm) || :
+      ignore_errors: true
+    - name: gather facts
+      setup:
+
+  tasks:
+    - name: install epel
+      package:
+        name: epel-release
+        state: present
+      when: ansible_distribution == 'CentOS'
+
+    - name: configure OBS repository
+      shell: "{{ configure_obs_repo[ansible_distribution] }}"
+      args:
+        warn: false
+      with_items: "{{ repos }}"
+      when: ansible_distribution_file_variety != 'Archlinux'
+
+    - block:
+        - name: configure OBS repository (Arch)
+          blockinfile:
+            block: |
+              [home_CZ-NIC_{{ item }}_Arch]
+              SigLevel = Never
+              Server = https://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/Arch/$arch
+            insertbefore: '^\[core\]'
+            path: /etc/pacman.conf
+            state: present
+          with_items: "{{ repos }}"
+        - name: set up package mirrors
+          copy:
+            content: |
+              ## Arch Linux repository mirrorlist
+              ## Generated on 2018-12-10
+              ## Czechia
+              Server = http://mirrors.nic.cz/archlinux/$repo/os/$arch
+              Server = http://ftp.fi.muni.cz/pub/linux/arch/$repo/os/$arch
+              Server = http://ftp.sh.cvut.cz/arch/$repo/os/$arch
+              Server = http://gluttony.sin.cvut.cz/arch/$repo/os/$arch
+            dest: /etc/pacman.d/mirrorlist
+        - name: sync repos (Arch)
+          shell: pacman -Syu --noconfirm
+          args:
+            warn: false
+      when: ansible_distribution_file_variety == 'Archlinux'
+
+    - name: install knot-resolver
+      package:
+        name: knot-resolver
+        state: latest
+
+    - name: get installed package version
+      shell: "{{ show_package_version[ansible_distribution] }}"
+      args:
+        warn: false
+      register: package_version
+
+    - name: install dig
+      package:
+        name: "{{ dig_package[ansible_distribution] }}"
+        state: present
+
+    - name: testing block
+      block:
+        - name: start kresd@1.service
+          service:
+            name: kresd@1.service
+            state: restarted
+
+        - name: resolve nic.cz
+          shell: dig @127.0.0.1 nic.cz
+          register: res
+          failed_when: '"status: NOERROR" not in res.stdout'
+
+        - name: test dnssec is turned on
+          block:
+            - name: test dnssec-failed.org +cd returns NOERROR
+              shell: dig +cd @127.0.0.1 dnssec-failed.org
+              register: res
+              failed_when: '"status: NOERROR" not in res.stdout'
+
+            - name: test dnssec-failed.org returns SERVFAIL
+              shell: dig @127.0.0.1 dnssec-failed.org
+              register: res
+              failed_when: '"status: SERVFAIL" not in res.stdout'
+
+      always:
+        - name: show installed version
+          debug:
+            var: package_version.stdout