#!/bin/bash

# Validate that a highstate works for all roles

# Parameters:
# $1 - role numbers (actually line numbers for get_roles.py output) to test. Expects a format for   sed -n "$1 p"   - for example '1,10' or '50,$'
# if $1 is empty, that means   sed -n " p"   which will test all roles.


[[ $(whoami) == 'root' ]] || { echo 'Please run this script as root'; exit 1; }

# sysctl: cannot stat /proc/sys/net/core/netdev_max_backlog (and some other /proc files): No such file or directory
( cd /sbin/ ; ln -sf /usr/bin/true sysctl )

echo 'features: {"x509_v2": true}' > /etc/salt/minion.d/features_x509_v2.conf

source bin/get_colors.sh


# === role-specific workarounds ===

# countdown, warning only
useradd countdown

# documentation, warning only
useradd relsync

# - jekyll_master, warning only
# - web_jekyll, warning only
useradd web_jekyll

# mail_reminder, warning only
useradd mail_reminder

# mailman3, error
groupadd mailman
useradd mailman
groupadd mailmanweb
useradd mailmanweb

# matrix, errors
groupadd synapse
useradd synapse

# - mirrorcache-backstage, warning only
# - mirrorcache-webui, warning only
useradd mirrorcache

# mirrors_static, warning only
useradd mirrors_static
# mirrors_static error:   salt.exceptions.CommandExecutionError: Specified cwd '/home/mirrors_static/git/mirrors_static' either not absolute or does not exist
mkdir -p /home/mirrors_static/git/mirrors_static/
# git.set_config needs (even in test mode) a fully valid git repo with at least one commit
(cd /home/mirrors_static/git/mirrors_static/ && git init && git config user.email 'user@example.com' && touch foo && git add foo && git commit -m 'add foo')
chown -R mirrors_static /home/mirrors_static/git/mirrors_static/

# nameserver.recursor, warning only
groupadd pdns

# nameserver.secondary, warning only
# groupadd pdns, see above
useradd pdns

# paste, error
useradd paste

# pagure, warning only
groupadd git

# pgbouncer, warning only
groupadd pgbouncer

# postgresql, warning only
groupadd postgres

# saltmaster, error in git.cloned
useradd cloneboy
# saltmaster, error:   fatal: detected dubious ownership in repository at '/builds/infra/salt'
git config --system --add safe.directory /builds/infra/salt

# - static_master, warning only
# - web_static, warning only
useradd web_static

# tsp, error in git.cloned
useradd tsp

# wikisearch, warning only
groupadd elasticsearch
useradd elasticsearch

# mirrorcache packages not available
mkdir /etc/mirrorcache
touch /etc/mirrorcache/conf.{env,ini}

# dummy OpenVPN user
mkdir -p /etc/openvpn/ccd-tcp
echo '1204::100' > /etc/openvpn/ccd-tcp/foo
pushd $PWD/salt/profile/vpn/openvpn/files/
ln -s odin $(hostname)
popd

# secrets for nameserver.primary
cat pillar/secrets/id/chip_infra_opensuse_org.sls >> pillar/secrets/id/$(hostname).sls

# === END role-specific workarounds ===

cp test/fixtures/minion* /etc/salt/pki/minion/
cp /etc/salt/pki/minion/minion.pub /etc/salt/pki/master/minions/$(hostname)

install -o salt -g salt -d -m 0750 /var/log/salt
chown -R salt: /var/cache/salt/master

tee >/etc/salt/master <<EOF
file_roots:
  base:
  - /srv/salt
  - /usr/share/salt-formulas/states
interface: 127.0.0.1
log_level: info
user: salt
EOF
systemctl start salt-master
tee >/etc/salt/minion <<EOF
master: 127.0.0.1
#log_level: info
EOF
systemctl start salt-minion
salt-call test.ping


sed -i -e '/virtual/d' -e '/virt_cluster/ s/:.*/: test/' /etc/salt/grains
echo "== /etc/salt/grains =="
cat "/etc/salt/grains"
echo "== /etc/salt/grains END =="

IDFILE="pillar/id/$(hostname).sls"

echo "  virt_cluster: test" >> "$IDFILE"
sed s/runner/$(hostname)/ test/pillar/clusters.yaml >> "$IDFILE"
cat test/pillar/{mirrorcache,suse_ha}.sls >> "$IDFILE"

echo "== $IDFILE =="
cat "$IDFILE"
echo "== $IDFILE END =="

IDFILE_BASE="$IDFILE.base.sls"

cp "$IDFILE" "$IDFILE_BASE"

salt $(hostname) saltutil.refresh_grains
salt $(hostname) saltutil.refresh_pillar
salt $(hostname) mine.update

printf '[mysqld]\nskip-grant-tables\n' > /etc/my.cnf.d/danger.cnf
systemctl start mariadb

reset_role() {
    cp "$IDFILE_BASE" "$IDFILE"
    printf "roles:\n- $role" >> "$IDFILE"
    salt --out=raw --out-file=/dev/null $(hostname) saltutil.refresh_pillar
}

succeeded_roles=""
failed_roles=""
nr=0

for role in $(bin/get_roles.py | sed -n "$1 p"); do
    nr=$((( $nr  + 1)))
    rolestatus=0
    sls_role="salt/role/${role/./\/}.sls"
    out="$role.txt"
    echo "START OF $role" > "$out"

    echo_INFO "Testing role $nr: $role"
    echo "Testing role $role ..." >> "$out"

    reset_role

    salt-call --retcode-passthrough --state-output=full --output-diff state.apply test=True >> "$out"
    rolestatus=$?
    echo >> "$out"

    if test $rolestatus = 0; then
        succeeded_roles="$succeeded_roles $role"
        echo_PASSED
    else
        failed_roles="$failed_roles $role"
        echo_FAILED
        # tail -n100 "$out"
        STATUS=1
    fi
    echo

    echo "END OF $role" >> "$out"
done

cp /var/log/salt/minion minion_log.txt
cp /var/log/salt/master master_log.txt

echo "succeeded roles ($(echo $succeeded_roles | wc -w)): $succeeded_roles"
echo
echo "failed roles ($(echo $failed_roles | wc -w)): $failed_roles"
exit $STATUS

vim:expandtab