Change MongoDB version from 8.0 to 8.2 #3235

Workflow file for this run

	name: CI
	on:
	pull_request:
	schedule:
	- cron: "0 3 * * *"

	jobs:
	x509_membership_auth:
	runs-on: ubuntu-22.04
	defaults:
	run:
	working-directory: ansible_collections/community/mongodb/tests/ansible-operator
	steps:

	- name: Check out code
	uses: actions/checkout@v5
	with:
	path: ansible_collections/community/mongodb

	- name: Set up Docker
	uses: docker/setup-docker-action@v4

	- name: Enable and start docker
	run: \|
	sudo systemctl enable --now docker
	sudo systemctl status docker

	- name: Setup Minikube
	uses: manusa/[email protected]
	with:
	minikube version: 'v1.35.0'
	kubernetes version: 'v1.33.0'
	github token: ${{ secrets.GITHUB_TOKEN }}
	driver: docker

	- name: Install mongodb-mongosh
	uses: nick-fields/retry@v3
	with:
	timeout_minutes: 3
	max_attempts: 3
	command: \|
	sudo apt-get install gnupg curl
	curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc \| \
	sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor
	echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] https://repo.mongodb.org/apt/ubuntu noble/mongodb-org/8.0 multiverse" \| sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list
	sudo apt-get update
	sudo apt-get install mongodb-mongosh

	- name: Install cert-manager
	run: \|
	kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.18.2/cert-manager.yaml

	- name: Generate certs
	run: \|
	openssl genrsa -out ca.key 8192
	openssl req -x509 -new -nodes -key ca.key -sha256 -subj "/CN=mongodb-cluster-ca.local" -days 36500 -reqexts v3_req -extensions v3_ca -out ca.crt

	- name: Wait for cert-manager webhook to be ready
	run: \|
	kubectl rollout status deployment/cert-manager-webhook -n cert-manager --timeout=300s
	kubectl wait --for=condition=Available=True deployment/cert-manager-webhook -n cert-manager --timeout=300s
	# Additional wait to ensure the webhook service is reachable
	for i in {1..10}; do
	kubectl get svc cert-manager-webhook -n cert-manager && break \|\| sleep 15
	done

	- name: debug cert-manager
	run: \|
	kubectl get pods,secrets -n cert-manager

	- name: Register the certs with k8
	run: \|
	kubectl create secret tls mongodb-cluster-ca-key-pair --key=ca.key --cert=ca.crt
	kubectl apply -f ca-issuer.yaml

	- name: make install
	run: make install

	- name: Create k8 namesapce
	run: kubectl create ns ansible-operator-system

	- name: make docker-build
	run: \|
	eval $(minikube docker-env --shell sh)
	make docker-build IMG=test-mongodb-operator:latest

	- name: make deploy
	run: \|
	eval $(minikube docker-env --shell sh)
	make deploy IMG=test-mongodb-operator:latest

	- name: Debug controller
	run: kubectl get all -n ansible-operator-system

	- name: Wait for controller to be ready
	run: kubectl wait --for=condition=available deployment/ansible-operator-controller-manager -n ansible-operator-system --timeout=120s

	- name: Load image into minikube
	run: \|
	eval $(minikube docker-env --shell sh)
	minikube image load test-mongodb-operator:latest

	- name: Setup the k8 mongodb env
	run: \|
	eval $(minikube docker-env --shell sh)
	kubectl apply -f config/samples/mongodb_v1alpha1_mongodb.yaml
	sleep 10
	kubectl -n ansible-operator-system logs deployment.apps/ansible-operator-controller-manager -c manager

	- name: Wait for a bit
	run: sleep 60

	- name: Install socat
	run: \|
	sudo apt update
	sudo apt install socat

	- name: Forward the local port 27017 to k8
	run: kubectl port-forward mongodb-sample-0 27017:27017 --address 0.0.0.0 &

	- name: Copy the certs to the localhost
	run: \|
	managerpod=$(kubectl get pods -n ansible-operator-system --no-headers \| tr -s ' ' \| cut -d ' ' -f 1)
	kubectl cp ansible-operator-system/${managerpod}:/tmp/mongodb-sample.default/ca.crt ca.crt -c manager
	kubectl cp ansible-operator-system/${managerpod}:/tmp/mongodb-sample.default/tls.key tls.key -c manager

	- name: Run mongosh shell command to test x509 membership connectivity
	run: \|
	kubectl -n ansible-operator-system exec -ti deployment.apps/ansible-operator-controller-manager -c manager -- \
	/usr/bin/mongosh mongodb://mongodb-sample.default.svc.cluster.local \
	--tls \
	--tlsCAFile /tmp/mongodb-sample.default/ca.crt \
	--tlsCertificateKeyFile /tmp/mongodb-sample.default/tls.key \
	--authenticationMechanism MONGODB-X509 \
	--authenticationDatabase '$external' \
	--eval "db.adminCommand('listDatabases')"

	- name: Run mongosh shell command to test x509 membership connectivity from localhost
	run: \|
	/usr/bin/mongosh mongodb://127.0.0.1 \
	--tls \
	--tlsCAFile ca.crt \
	--tlsCertificateKeyFile tls.key \
	--tlsAllowInvalidHostnames \
	--authenticationMechanism MONGODB-X509 \
	--authenticationDatabase '$external' \
	--eval "db.adminCommand('listDatabases')"

	- name: Set up Python 3.13
	uses: actions/setup-python@v5
	with:
	python-version: "3.13"

	- name: Install ansible-base devel
	uses: nick-invision/retry@v3
	with:
	timeout_minutes: 3
	max_attempts: 3
	command: pip install https://github.com/ansible/ansible/archive/devel.tar.gz --disable-pip-version-check

	- name: Build the collection
	run: ansible-galaxy collection build
	working-directory: ansible_collections/community/mongodb

	- name: Rename the build artifact
	run: mv community-mongodb-*.tar.gz community-mongodb-latest.tar.gz
	working-directory: ansible_collections/community/mongodb

	- name: Install collection
	run: ansible-galaxy collection install community-mongodb-*.tar.gz
	working-directory: ansible_collections/community/mongodb

	- name: Install pymongo
	uses: nick-fields/retry@v3
	with:
	timeout_minutes: 3
	max_attempts: 3
	command: pip install pymongo

	- name: Run mongodb_user module with membership auth
	run: ansible localhost -m community.mongodb.mongodb_user -a "login_host=localhost login_port=27017 login_database='$external' database='admin' password='secret' ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 name="test" state=present connection_options='tlsAllowInvalidHostnames=true'"

	- name: Run mongodb_info module with membership auth
	run: ansible localhost -m community.mongodb.mongodb_info -a "login_host=localhost login_port=27017 login_database='$external' ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 connection_options='tlsAllowInvalidHostnames=true'"

	- name: Run mongodb_parameter module with membership auth
	run: ansible localhost -m community.mongodb.mongodb_parameter -a "login_host=localhost login_port=27017 login_database='$external' param=syncdelay value=60 param_type=int ssl=true ssl_ca_certs=ca.crt ssl_certfile=tls.key auth_mechanism=MONGODB-X509 connection_options='tlsAllowInvalidHostnames=true'"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Change MongoDB version from 8.0 to 8.2 #3235

Workflow file

Change MongoDB version from 8.0 to 8.2 #3235

Uh oh!

Jobs

Run details

Workflow file for this run