From 69c53666defa0a82f29ef1cd655f2d361ce03f60 Mon Sep 17 00:00:00 2001
From: Sorin Sbarnea <ssbarnea@redhat.com>
Date: Wed, 1 Apr 2020 13:46:06 +0100
Subject: [PATCH] Add support for RedHat platforms on ensure-podman

- makes ensure-podman work on additional platforms
- prevents regression on new platforms fedora-30 and centos-8
- enables validation of podman engine

Change-Id: I5842ad22d94522f707ef743622b8950839d96dff
---
 roles/ensure-podman/README.rst         |  4 ++++
 roles/ensure-podman/defaults/main.yaml |  1 +
 roles/ensure-podman/tasks/RedHat.yaml  |  4 ++++
 roles/ensure-podman/tasks/main.yaml    | 10 ++++++++
 test-playbooks/ensure-podman/main.yaml |  2 ++
 zuul-tests.d/container-roles-jobs.yaml | 32 +++++++++++++++++++++++++-
 6 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 roles/ensure-podman/defaults/main.yaml
 create mode 100644 roles/ensure-podman/tasks/RedHat.yaml

diff --git a/roles/ensure-podman/README.rst b/roles/ensure-podman/README.rst
index 0103e63db..99f577c0f 100644
--- a/roles/ensure-podman/README.rst
+++ b/roles/ensure-podman/README.rst
@@ -2,3 +2,7 @@ Install podman container manager
 
 **Role Variables**
 
+.. zuul:rolevar:: ensure_podman_validate
+   :default: false
+
+   Used to enable validation of podman engine.
diff --git a/roles/ensure-podman/defaults/main.yaml b/roles/ensure-podman/defaults/main.yaml
new file mode 100644
index 000000000..7990f35b5
--- /dev/null
+++ b/roles/ensure-podman/defaults/main.yaml
@@ -0,0 +1 @@
+ensure_podman_validate: false
diff --git a/roles/ensure-podman/tasks/RedHat.yaml b/roles/ensure-podman/tasks/RedHat.yaml
new file mode 100644
index 000000000..ac4bfa285
--- /dev/null
+++ b/roles/ensure-podman/tasks/RedHat.yaml
@@ -0,0 +1,4 @@
+- name: Install podman (RedHat)
+  become: true
+  package:
+    name: podman
diff --git a/roles/ensure-podman/tasks/main.yaml b/roles/ensure-podman/tasks/main.yaml
index 6c8da737d..37a305d54 100644
--- a/roles/ensure-podman/tasks/main.yaml
+++ b/roles/ensure-podman/tasks/main.yaml
@@ -6,3 +6,13 @@
     - "{{ ansible_distribution }}.yaml"
     - "{{ ansible_os_family }}.yaml"
     - "default.yaml"
+
+- name: Validate podman engine
+  when: ensure_podman_validate
+  # on purpose to verify that non-root user can call docker/podman
+  become: false
+  shell: |
+    podman version
+    podman info
+    podman ps
+  changed_when: false
diff --git a/test-playbooks/ensure-podman/main.yaml b/test-playbooks/ensure-podman/main.yaml
index 7d2ff92e4..96a90772f 100644
--- a/test-playbooks/ensure-podman/main.yaml
+++ b/test-playbooks/ensure-podman/main.yaml
@@ -1,4 +1,6 @@
 - hosts: all
+  vars:
+    ensure_podman_validate: true
   roles:
     - ensure-podman
 
diff --git a/zuul-tests.d/container-roles-jobs.yaml b/zuul-tests.d/container-roles-jobs.yaml
index 0371a26cf..9d806d708 100644
--- a/zuul-tests.d/container-roles-jobs.yaml
+++ b/zuul-tests.d/container-roles-jobs.yaml
@@ -263,11 +263,39 @@
       This job tests the ensure-podman role.  It is not meant to be
       used directly but rather run on changes to roles in the
       zuul-jobs repo.
+    abstract: true
     files:
       - roles/ensure-podman/.*
       - test-playbooks/ensure-podman/.*
     run: test-playbooks/ensure-podman/main.yaml
 
+- job:
+    name: zuul-jobs-test-ensure-podman-centos-8
+    description: Tests ensure-podman role on centos-8
+    parent: zuul-jobs-test-ensure-podman
+    nodeset:
+      nodes:
+        - name: centos-8
+          label: centos-8
+
+- job:
+    name: zuul-jobs-test-ensure-podman-fedora-30
+    description: Tests ensure-podman role on fedora-30
+    parent: zuul-jobs-test-ensure-podman
+    nodeset:
+      nodes:
+        - name: fedora-30
+          label: fedora-30
+
+- job:
+    name: zuul-jobs-test-ensure-podman-ubuntu-bionic
+    description: Tests ensure-podman role on ubuntu-bionic
+    parent: zuul-jobs-test-ensure-podman
+    nodeset:
+      nodes:
+        - name: ubuntu-bionic
+          label: ubuntu-bionic
+
 # -* AUTOGENERATED *-
 #  The following project section is autogenerated by
 #    tox -e update-test-platforms
@@ -290,6 +318,8 @@
         - zuul-jobs-test-registry-buildset-registry-openshift-docker
         - zuul-jobs-test-ensure-kubernetes-docker
         - zuul-jobs-test-ensure-kubernetes-crio
-        - zuul-jobs-test-ensure-podman
+        - zuul-jobs-test-ensure-podman-centos-8
+        - zuul-jobs-test-ensure-podman-fedora-30
+        - zuul-jobs-test-ensure-podman-ubuntu-bionic
     gate:
       jobs: *id001