1
0
Fork 0
mirror of synced 2024-12-11 00:15:35 -05:00

feat: implementing kitchen tests and activate them on travis

This commit is contained in:
Eric Veiras Galisson 2019-05-27 16:12:27 +02:00
parent b925a00048
commit 1774df001e
8 changed files with 364 additions and 0 deletions

113
.gitignore vendored Normal file
View file

@ -0,0 +1,113 @@
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class
# C extensions
*.so
# Distribution / packaging
.Python
env/
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
*.egg-info/
.installed.cfg
*.egg
# PyInstaller
# Usually these files are written by a python script from a packager
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.kitchen
.kitchen.local.yml
kitchen.local.yml
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
target/
# Jupyter Notebook
.ipynb_checkpoints
# pyenv
.python-version
# celery beat schedule file
celerybeat-schedule
# SageMath parsed files
*.sage.py
# dotenv
.env
# virtualenv
.venv
venv/
ENV/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
# Bundler
Gemfile.lock
# copied `.md` files used for conversion to `.rst` using `m2r`
docs/*.md
# Vim
*.sw?

48
.travis.yml Normal file
View file

@ -0,0 +1,48 @@
stages:
- test
#sudo: required
cache: bundler
language: ruby
services:
- docker
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
# NOTE: Please try to select up to six instances that add some meaningful
# testing of the formula's behaviour. If possible, try to refrain from
# the classical "chosing all the instances because I want to test on
# another/all distro/s" trap: it will just add time to the testing (see
# the discussion on #121). As an example, the set chosen below covers
# the most used distros families, systemd and non-systemd and the latest
# three supported Saltstack versions with python2 and 3."
# As for `kitchen.yml`, that should still contain all of the platforms,
# to allow for comprehensive local testing
# Ref: https://github.com/saltstack-formulas/template-formula/issues/118
# Ref: https://github.com/saltstack-formulas/template-formula/issues/121
env:
matrix:
- INSTANCE: default-debian-9-2019-2-py3
# - INSTANCE: default-ubuntu-1804-2019-2-py3
- INSTANCE: default-centos-7-2019-2-py3
# - INSTANCE: default-fedora-29-2019-2-py3
- INSTANCE: default-opensuse-leap-15-2019-2-py3
# - INSTANCE: default-debian-9-2018-3-py2
- INSTANCE: default-ubuntu-1604-2018-3-py2
# - INSTANCE: default-centos-7-2018-3-py2
- INSTANCE: default-fedora-29-2018-3-py2
# TODO: Use this when fixed instead of `opensuse-leap-42`
# Ref: https://github.com/netmanagers/salt-image-builder/issues/2
# - INSTANCE: default-opensuse-leap-15-2018-3-py2
# - INSTANCE: default-opensuse-leap-42-2018-3-py2
# - INSTANCE: default-debian-8-2017-7-py2
# - INSTANCE: default-ubuntu-1604-2017-7-py2
# TODO: Enable after improving the formula to work with other than `systemd`
- INSTANCE: default-centos-6-2017-7-py2
# - INSTANCE: default-fedora-28-2017-7-py2
# - INSTANCE: default-opensuse-leap-42-2017-7-py2
script:
- bundle exec kitchen verify ${INSTANCE}

6
Gemfile Normal file
View file

@ -0,0 +1,6 @@
source "https://rubygems.org"
gem 'kitchen-docker', '>= 2.9'
gem 'kitchen-salt', '>= 0.6.0'
gem 'kitchen-inspec', '>= 1.1'

110
kitchen.yml Normal file
View file

@ -0,0 +1,110 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# For help on this file's format, see https://kitchen.ci/
driver:
name: docker
use_sudo: false
privileged: true
run_command: /lib/systemd/systemd
# Make sure the platforms listed below match up with
# the `env.matrix` instances defined in `.travis.yml`
platforms:
## SALT 2019.2
- name: debian-9-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:debian-9
- name: ubuntu-1804-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:ubuntu-18.04
- name: centos-7-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:centos-7
- name: fedora-29-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:fedora-29
- name: opensuse-leap-15-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:opensuse-leap-15
run_command: /usr/lib/systemd/systemd
## SALT 2018.3
- name: debian-9-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:debian-9
- name: ubuntu-1604-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:ubuntu-16.04
- name: centos-7-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:centos-7
- name: fedora-29-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:fedora-29
# TODO: Use this when fixed instead of `opensuse-leap-42`
# Ref: https://github.com/netmanagers/salt-image-builder/issues/2
# - name: opensuse-leap-15-2018-3-py2
# driver:
# image: netmanagers/salt-2018.3-py2:opensuse-leap-15
# run_command: /usr/lib/systemd/systemd
- name: opensuse-leap-42-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:opensuse-leap-42
run_command: /usr/lib/systemd/systemd
## SALT 2017.7
- name: debian-8-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:debian-8
- name: ubuntu-1604-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:ubuntu-16.04
# TODO: Modify the formula to work for non-`systemd` platforms
- name: centos-6-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:centos-6
run_command: /sbin/init
- name: fedora-28-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:fedora-28
- name: opensuse-leap-42-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:opensuse-leap-42
run_command: /usr/lib/systemd/systemd
provisioner:
name: salt_solo
log_level: info
salt_install: none
require_chef: false
formula: sudoers
salt_copy_filter:
- .kitchen
- .git
state_top:
base:
'*':
- sudoers
pillars:
top.sls:
base:
'*':
- kitchen
- sudoers
pillars_from_files:
kitchen.sls: test/salt/pillar/kitchen.sls
sudoers.sls: test/salt/pillar/default.sls
verifier:
# https://www.inspec.io/
name: inspec
sudo: true
# cli, documentation, html, progress, json, json-min, json-rspec, junit
reporter:
- cli
inspec_tests:
- path: test/integration/default
suites:
- name: default

View file

@ -0,0 +1,8 @@
control 'Sudo package' do
title 'should be installed'
describe package('sudo') do
it { should be_installed }
end
end

View file

@ -0,0 +1,12 @@
name: sudoers
title: Sudoers Formula
maintainer: Saltstack-formulas
license: Apache-2.0
summary: Verify that the sudoers formula is setup and configured correctly
supports:
- os-name: debian
- os-name: ubuntu
- os-name: centos
- os-name: fedora
- os-name: opensuse
- os-name: suse

View file

@ -0,0 +1,60 @@
sudoers:
# By default the main sudoers file is managed by this formula (False to skip)
manage_main_config: True
users:
johndoe:
- 'ALL=(ALL) ALL'
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
groups:
sudo:
- 'ALL=(ALL) ALL'
- 'ALL=(nodejs) NOPASSWD: ALL'
netgroups:
sysadmins:
- 'ALL=(ALL) ALL'
defaults:
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
user_list:
johndoe: '!requiretty'
ADMINS: '!lecture'
host_list:
www1: 'log_year, logfile=/var/log/sudo.log'
command_list:
PROCESSES: 'noexec'
runas_list:
root: '!set_logname'
aliases:
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
includedir: /etc/sudoers.d
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- 'ALL=(ALL) ALL'
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- 'ALL=(ALL) ALL'

View file

@ -0,0 +1,7 @@
# Pillar needed to run Inspec inside Docker image using sudo to authenticate
# Must be added to pillar of all test suites
sudoers:
users:
kitchen:
- 'ALL=(root) NOPASSWD: ALL'