* Semi-automated using https://github.com/myii/ssf-formula/pull/245pull/68/head
Imran Iqbal
3 years ago
parent
cd2950289e
commit
63865a286e
@ -0,0 +1,13 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# {{ grains.get('osfinger', grains.os) }} |
||||
--- |
||||
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} |
||||
{{ salt['slsutil.serialize']( |
||||
'yaml', |
||||
map, |
||||
default_flow_style=False, |
||||
allow_unicode=True, |
||||
) |
||||
| regex_replace("^\s+'$", "'", multiline=True) |
||||
| trim |
||||
}} |
||||
@ -0,0 +1,21 @@ |
||||
# -*- coding: utf-8 -*- |
||||
# vim: ft=sls |
||||
--- |
||||
{#- Get the `tplroot` from `tpldir` #} |
||||
{%- set tplroot = tpldir.split('/')[0] %} |
||||
{%- from tplroot ~ "/map.jinja" import sudoers with context %} |
||||
|
||||
{%- set map = { |
||||
'sudoers': sudoers, |
||||
} %} |
||||
{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ map | yaml(False)) %} |
||||
|
||||
{%- set output_file = '/tmp/salt_mapdata_dump.yaml' %} |
||||
|
||||
{{ tplroot }}-mapdata-dump: |
||||
file.managed: |
||||
- name: {{ output_file }} |
||||
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja |
||||
- template: jinja |
||||
- context: |
||||
map: {{ map | yaml }} |
||||
@ -0,0 +1,13 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
control '`map.jinja` YAML dump' do |
||||
title 'should contain the lines' |
||||
|
||||
mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml" |
||||
mapdata_dump = inspec.profile.file(mapdata_file) |
||||
|
||||
describe file('/tmp/salt_mapdata_dump.yaml') do |
||||
it { should exist } |
||||
its('content') { should include mapdata_dump } |
||||
end |
||||
end |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Amazon Linux AMI-2018 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Amazon Linux-2 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Arch |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# CentOS-6 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# CentOS Linux-7 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# CentOS Linux-8 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Debian-10 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Debian-9 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Fedora-31 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Fedora-32 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Leap-15 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Ubuntu-16.04 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Ubuntu-18.04 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,5 @@ |
||||
# yamllint disable rule:indentation rule:line-length |
||||
# Ubuntu-20.04 |
||||
--- |
||||
sudoers: |
||||
pkg: sudo |
||||
@ -0,0 +1,38 @@ |
||||
# InSpec Profile: `share` |
||||
|
||||
This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). |
||||
|
||||
It's goal is to share the libraries between all profiles. |
||||
|
||||
## Verify a profile |
||||
|
||||
InSpec ships with built-in features to verify a profile structure. |
||||
|
||||
```bash |
||||
$ inspec check share |
||||
Summary |
||||
------- |
||||
Location: share |
||||
Profile: profile |
||||
Controls: 4 |
||||
Timestamp: 2019-06-24T23:09:01+00:00 |
||||
Valid: true |
||||
|
||||
Errors |
||||
------ |
||||
|
||||
Warnings |
||||
-------- |
||||
``` |
||||
|
||||
## Execute a profile |
||||
|
||||
To run all **supported** controls on a local machine use `inspec exec /path/to/profile`. |
||||
|
||||
```bash |
||||
$ inspec exec share |
||||
.. |
||||
|
||||
Finished in 0.0025 seconds (files took 0.12449 seconds to load) |
||||
8 examples, 0 failures |
||||
``` |
||||
@ -0,0 +1,18 @@ |
||||
# -*- coding: utf-8 -*- |
||||
# vim: ft=yaml |
||||
--- |
||||
name: share |
||||
title: sudoers formula |
||||
maintainer: SaltStack Formulas |
||||
license: Apache-2.0 |
||||
summary: shared resources |
||||
supports: |
||||
- platform-name: debian |
||||
- platform-name: ubuntu |
||||
- platform-name: centos |
||||
- platform-name: fedora |
||||
- platform-name: opensuse |
||||
- platform-name: suse |
||||
- platform-name: freebsd |
||||
- platform-name: amazon |
||||
- platform-name: arch |
||||
@ -0,0 +1,99 @@ |
||||
# frozen_string_literal: true |
||||
|
||||
# system.rb -- InSpec resources for system values |
||||
# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr> |
||||
# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr> |
||||
|
||||
HOSTNAME_CMDS = %w[hostname hostnamectl].freeze |
||||
HOSTNAME_CMDS_OPT = { |
||||
'hostname' => '-s', |
||||
'hostnamectl' => '--static' |
||||
}.freeze |
||||
|
||||
class SystemResource < Inspec.resource(1) |
||||
name 'system' |
||||
|
||||
attr_reader :platform |
||||
attr_reader :hostname |
||||
|
||||
def initialize |
||||
@platform = build_platform |
||||
@hostname = found_hostname |
||||
end |
||||
|
||||
private |
||||
|
||||
def found_hostname |
||||
cmd = guess_hostname_cmd |
||||
|
||||
unless cmd.exit_status.zero? |
||||
raise Inspec::Exceptions::ResourceSkipped, |
||||
"Error running '#{cmd}': #{cmd.stderr}" |
||||
end |
||||
|
||||
cmd.stdout.chomp |
||||
end |
||||
|
||||
def guess_hostname_cmd |
||||
HOSTNAME_CMDS.each do |cmd| |
||||
if inspec.command(cmd).exist? |
||||
return inspec.command("#{cmd} #{HOSTNAME_CMDS_OPT[cmd]}") |
||||
end |
||||
end |
||||
|
||||
raise Inspec::Exceptions::ResourceSkipped, |
||||
"Error: #{@platform[:finger]}} has none of #{HOSTNAME_CMDS.join(', ')}" |
||||
end |
||||
|
||||
def build_platform |
||||
{ |
||||
family: build_platform_family, |
||||
name: build_platform_name, |
||||
release: build_platform_release, |
||||
finger: build_platform_finger |
||||
} |
||||
end |
||||
|
||||
def build_platform_family |
||||
case inspec.platform[:name] |
||||
when 'arch' |
||||
'arch' |
||||
else |
||||
inspec.platform[:family] |
||||
end |
||||
end |
||||
|
||||
def build_platform_name |
||||
case inspec.platform[:name] |
||||
when 'amazon' |
||||
'amazonlinux' |
||||
else |
||||
inspec.platform[:name] |
||||
end |
||||
end |
||||
|
||||
def build_platform_release |
||||
case inspec.platform[:name] |
||||
when 'amazon' |
||||
# `2018` relase is named `1` in kitchen.yaml |
||||
inspec.platform[:release].gsub(/2018.*/, '1') |
||||
when 'arch' |
||||
'base-latest' |
||||
else |
||||
inspec.platform[:release] |
||||
end |
||||
end |
||||
|
||||
def build_platform_finger |
||||
"#{build_platform_name}-#{build_finger_release}" |
||||
end |
||||
|
||||
def build_finger_release |
||||
case inspec.platform[:name] |
||||
when 'ubuntu' |
||||
build_platform_release.split('.').slice(0, 2).join('.') |
||||
else |
||||
build_platform_release.split('.')[0] |
||||
end |
||||
end |
||||
end |
||||
Loading…
Reference in new issue