ramondelafuente
commented
3 years ago Hi @Talismanic - these are excellent questions, thanks for asking!
Yes, I agree that having test-specific files/packages is not meant for production.
Instead of cleanup I would propose not running the tests when actively installing an environment. So a pipeline could confirm that runnign this role end up in a working state (by running the tests), but that environment can be discarded after confirming. The role can then confidently be used to provision an actual part of the infrastructure.
In this case:
The file you reference is part of a separate package HanXHX.mysql that comes from ansible galaxy. While we have committed this role in our repository (to make sure we do not depend on galaxy in order to provision), we do not actively run the tests of this role - those tests are for the maintainer. So these packages are never installed in our infrastructure in the first place.
The second question (addig a step for removal of the packages) might be better suited at the reository of the maintainer of that package: https://github.com/HanXHX/ansible-mysql
I hope you don't mind me closing this issue - if I have not addressed your concerns feel free to open another.
Talismanic
Greetings, I am an engineer who is interested in infrastructure as code testing. Currently, I am looking for testing anti-patterns in iac test scripts. I noticed that for testing purpose we sometimes install different packages, but do not clean those after the testing is completed. This may lead to problem in sub-sequent tests if the same environment is used in multiple testing or keep some unwanted packages installed in the environment. For example, in this file, we can see that task is installing ca-certificates, curl, strace & vim packages. After the test, it is not cleaning any of them. However, we might not want strace in production system without any urgent need.
So I have the following queries: Do you principally agree that if any package is installed for testing purpose, we should remove the package at the end of the testing?
Do you want to add a step to remove the packages?
Any feedback is appreciated.