Merge pull request #68 from myii/test/verify_map.jinja_dump

test(map): verify `map.jinja` dump using `_mapdata` state

.travis.yml

@@ -59,34 +59,36 @@ jobs:
     # Make sure the instances listed below match up with
     # the `platforms` defined in `kitchen.yml`
     - env: INSTANCE=default-debian-10-master-py3
+    - env: INSTANCE=default-ubuntu-2004-master-py3
     # - env: INSTANCE=default-ubuntu-1804-master-py3
-    # - env: INSTANCE=default-centos-8-master-py3
+    - env: INSTANCE=default-centos-8-master-py3
+    - env: INSTANCE=default-fedora-32-master-py3
     # - env: INSTANCE=default-fedora-31-master-py3
-    # - env: INSTANCE=default-opensuse-leap-151-master-py3
+    - env: INSTANCE=default-opensuse-leap-152-master-py3
-    # - env: INSTANCE=default-amazonlinux-2-master-py3
+    - env: INSTANCE=default-amazonlinux-2-master-py3
+    # - env: INSTANCE=default-debian-10-3000-3-py3
+    # - env: INSTANCE=default-debian-9-3000-3-py3
+    # - env: INSTANCE=default-ubuntu-1804-3000-3-py3
+    # - env: INSTANCE=default-centos-8-3000-3-py3
+    # - env: INSTANCE=default-centos-7-3000-3-py3
+    # - env: INSTANCE=default-fedora-31-3000-3-py3
+    # - env: INSTANCE=default-opensuse-leap-152-3000-3-py3
+    # - env: INSTANCE=default-amazonlinux-2-3000-3-py3
+    # - env: INSTANCE=default-ubuntu-1804-3000-3-py2
+    # - env: INSTANCE=default-ubuntu-1604-3000-3-py2
+    # - env: INSTANCE=default-arch-base-latest-3000-3-py2
     # - env: INSTANCE=default-debian-10-2019-2-py3
     # - env: INSTANCE=default-debian-9-2019-2-py3
-    - env: INSTANCE=default-ubuntu-1804-2019-2-py3
+    # - env: INSTANCE=default-ubuntu-1804-2019-2-py3
+    # - env: INSTANCE=default-ubuntu-1604-2019-2-py3
     # - env: INSTANCE=default-centos-8-2019-2-py3
+    # - env: INSTANCE=default-centos-7-2019-2-py3
     # - env: INSTANCE=default-fedora-31-2019-2-py3
-    - env: INSTANCE=default-opensuse-leap-151-2019-2-py3
+    # - env: INSTANCE=default-opensuse-leap-152-2019-2-py3
-    # - env: INSTANCE=default-centos-7-2019-2-py2
+    # - env: INSTANCE=default-amazonlinux-2-2019-2-py3
-    - env: INSTANCE=default-amazonlinux-2-2019-2-py3
+    # - env: INSTANCE=default-centos-6-2019-2-py2
-    # - env: INSTANCE=default-arch-base-latest-2019-2-py2
+    # - env: INSTANCE=default-amazonlinux-1-2019-2-py2
-    - env: INSTANCE=default-fedora-30-2018-3-py3
+    - env: INSTANCE=default-arch-base-latest-2019-2-py2
-    # - env: INSTANCE=default-debian-9-2018-3-py2
-    # - env: INSTANCE=default-ubuntu-1604-2018-3-py2
-    # - env: INSTANCE=default-centos-7-2018-3-py2
-    # - env: INSTANCE=default-opensuse-leap-151-2018-3-py2
-    # - env: INSTANCE=default-amazonlinux-1-2018-3-py2
-    - env: INSTANCE=default-arch-base-latest-2018-3-py2
-    # - env: INSTANCE=default-debian-8-2017-7-py2
-    # - env: INSTANCE=default-ubuntu-1604-2017-7-py2
-    - env: INSTANCE=default-centos-6-2017-7-py2
-    # - env: INSTANCE=default-fedora-30-2017-7-py2
-    # - env: INSTANCE=default-opensuse-leap-151-2017-7-py2
-    # - env: INSTANCE=default-amazonlinux-1-2017-7-py2
-    # - env: INSTANCE=default-arch-base-latest-2017-7-py2
 
     ## Define the release stage that runs `semantic-release`
     - stage: 'release'

kitchen.yml

@@ -15,20 +15,26 @@ platforms:
   - name: debian-10-master-py3
     driver:
       image: saltimages/salt-master-py3:debian-10
+  - name: ubuntu-2004-master-py3
+    driver:
+      image: saltimages/salt-master-py3:ubuntu-20.04
   - name: ubuntu-1804-master-py3
     driver:
       image: saltimages/salt-master-py3:ubuntu-18.04
   - name: centos-8-master-py3
     driver:
       image: saltimages/salt-master-py3:centos-8
+  - name: fedora-32-master-py3
+    driver:
+      image: saltimages/salt-master-py3:fedora-32
   - name: fedora-31-master-py3
     driver:
       image: saltimages/salt-master-py3:fedora-31
-  - name: opensuse-leap-151-master-py3
+  - name: opensuse-leap-152-master-py3
     driver:
-      image: netmanagers/salt-master-py3:opensuse-leap-15.1
+      image: saltimages/salt-master-py3:opensuse-leap-15.2
       run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
+    # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
     # => SCP did not finish successfully (255):  (Net::SCP::Error)
     transport:
       max_ssh_sessions: 1
@@ -36,6 +42,47 @@ platforms:
     driver:
       image: saltimages/salt-master-py3:amazonlinux-2
 
+  ## SALT `3000.3`
+  - name: debian-10-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:debian-10
+  - name: debian-9-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:debian-9
+  - name: ubuntu-1804-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:ubuntu-18.04
+  - name: centos-8-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:centos-8
+  - name: centos-7-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:centos-7
+  - name: fedora-31-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:fedora-31
+  - name: opensuse-leap-152-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:opensuse-leap-15.2
+      run_command: /usr/lib/systemd/systemd
+    # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
+    # => SCP did not finish successfully (255):  (Net::SCP::Error)
+    transport:
+      max_ssh_sessions: 1
+  - name: amazonlinux-2-3000-3-py3
+    driver:
+      image: saltimages/salt-3000.3-py3:amazonlinux-2
+  - name: ubuntu-1804-3000-3-py2
+    driver:
+      image: saltimages/salt-3000.3-py2:ubuntu-18.04
+  - name: ubuntu-1604-3000-3-py2
+    driver:
+      image: saltimages/salt-3000.3-py2:ubuntu-16.04
+  - name: arch-base-latest-3000-3-py2
+    driver:
+      image: saltimages/salt-3000.3-py2:arch-base-latest
+      run_command: /usr/lib/systemd/systemd
+
   ## SALT `2019.2`
   - name: debian-10-2019-2-py3
     driver:
@@ -46,92 +93,42 @@ platforms:
   - name: ubuntu-1804-2019-2-py3
     driver:
       image: saltimages/salt-2019.2-py3:ubuntu-18.04
+  - name: ubuntu-1604-2019-2-py3
+    driver:
+      image: saltimages/salt-2019.2-py3:ubuntu-16.04
   - name: centos-8-2019-2-py3
     driver:
       image: saltimages/salt-2019.2-py3:centos-8
+  - name: centos-7-2019-2-py3
+    driver:
+      image: saltimages/salt-2019.2-py3:centos-7
   - name: fedora-31-2019-2-py3
     driver:
       image: saltimages/salt-2019.2-py3:fedora-31
-  - name: opensuse-leap-151-2019-2-py3
+  - name: opensuse-leap-152-2019-2-py3
     driver:
-      image: netmanagers/salt-2019.2-py3:opensuse-leap-15.1
+      image: saltimages/salt-2019.2-py3:opensuse-leap-15.2
       run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
+    # Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
     # => SCP did not finish successfully (255):  (Net::SCP::Error)
     transport:
       max_ssh_sessions: 1
-  - name: centos-7-2019-2-py2
-    driver:
-      image: netmanagers/salt-2019.2-py2:centos-7
   - name: amazonlinux-2-2019-2-py3
     driver:
       image: saltimages/salt-2019.2-py3:amazonlinux-2
+  - name: centos-6-2019-2-py2
+    driver:
+      image: saltimages/salt-2019.2-py2:centos-6
+      run_command: /sbin/init
+  - name: amazonlinux-1-2019-2-py2
+    driver:
+      image: saltimages/salt-2019.2-py2:amazonlinux-1
+      run_command: /sbin/init
   - name: arch-base-latest-2019-2-py2
     driver:
       image: saltimages/salt-2019.2-py2:arch-base-latest
       run_command: /usr/lib/systemd/systemd
 
-  ## SALT `2018.3`
-  - name: fedora-30-2018-3-py3
-    driver:
-      image: netmanagers/salt-2018.3-py3:fedora-30
-  - name: debian-9-2018-3-py2
-    driver:
-      image: netmanagers/salt-2018.3-py2:debian-9
-  - name: ubuntu-1604-2018-3-py2
-    driver:
-      image: netmanagers/salt-2018.3-py2:ubuntu-16.04
-  - name: centos-7-2018-3-py2
-    driver:
-      image: netmanagers/salt-2018.3-py2:centos-7
-  - name: opensuse-leap-151-2018-3-py2
-    driver:
-      image: netmanagers/salt-2018.3-py2:opensuse-leap-15.1
-      run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
-    # => SCP did not finish successfully (255):  (Net::SCP::Error)
-    transport:
-      max_ssh_sessions: 1
-  - name: amazonlinux-1-2018-3-py2
-    driver:
-      image: netmanagers/salt-2018.3-py2:amazonlinux-1
-      run_command: /sbin/init
-  - name: arch-base-latest-2018-3-py2
-    driver:
-      image: netmanagers/salt-2018.3-py2:arch-base-latest
-      run_command: /usr/lib/systemd/systemd
-
-  ## SALT `2017.7`
-  - name: debian-8-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:debian-8
-  - name: ubuntu-1604-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:ubuntu-16.04
-  - name: centos-6-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:centos-6
-      run_command: /sbin/init
-  - name: fedora-30-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:fedora-30
-  - name: opensuse-leap-151-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:opensuse-leap-15.1
-      run_command: /usr/lib/systemd/systemd
-    # Workaround to avoid intermittent failures on `opensuse-leap-15.1`:
-    # => SCP did not finish successfully (255):  (Net::SCP::Error)
-    transport:
-      max_ssh_sessions: 1
-  - name: amazonlinux-1-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:amazonlinux-1
-      run_command: /sbin/init
-  - name: arch-base-latest-2017-7-py2
-    driver:
-      image: netmanagers/salt-2017.7-py2:arch-base-latest
-      run_command: /usr/lib/systemd/systemd
-
 provisioner:
   name: salt_solo
   log_level: debug
@@ -156,6 +153,7 @@ suites:
       state_top:
         base:
           '*':
+            - sudoers._mapdata
             - sudoers
             - sudoers.included
       pillars:

sudoers/_mapdata/_mapdata.jinja

@@ -0,0 +1,13 @@
+# yamllint disable rule:indentation rule:line-length
+# {{ grains.get('osfinger', grains.os) }}
+---
+{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
+{{ salt['slsutil.serialize'](
+     'yaml',
+     map,
+     default_flow_style=False,
+     allow_unicode=True,
+   )
+   | regex_replace("^\s+'$", "'", multiline=True)
+   | trim
+}}

sudoers/_mapdata/init.sls

@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+---
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- from tplroot ~ "/map.jinja" import sudoers with context %}
+
+{%- set map = {
+      'sudoers': sudoers,
+    } %}
+{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ map | yaml(False)) %}
+
+{%- set output_file = '/tmp/salt_mapdata_dump.yaml' %}
+
+{{ tplroot }}-mapdata-dump:
+  file.managed:
+    - name: {{ output_file }}
+    - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
+    - template: jinja
+    - context:
+        map: {{ map | yaml }}

test/integration/default/controls/_mapdata_spec.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+control '`map.jinja` YAML dump' do
+  title 'should contain the lines'
+
+  mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml"
+  mapdata_dump = inspec.profile.file(mapdata_file)
+
+  describe file('/tmp/salt_mapdata_dump.yaml') do
+    it { should exist }
+    its('content') { should include mapdata_dump }
+  end
+end

test/integration/default/files/_mapdata/amazonlinux-1.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Amazon Linux AMI-2018
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/amazonlinux-2.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Amazon Linux-2
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/arch-base-latest.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Arch
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/centos-6.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# CentOS-6
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/centos-7.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# CentOS Linux-7
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/centos-8.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# CentOS Linux-8
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/debian-10.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Debian-10
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/debian-9.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Debian-9
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/fedora-31.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Fedora-31
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/fedora-32.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Fedora-32
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/opensuse-15.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Leap-15
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/ubuntu-16.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Ubuntu-16.04
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/ubuntu-18.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Ubuntu-18.04
+---
+sudoers:
+  pkg: sudo

test/integration/default/files/_mapdata/ubuntu-20.yaml

@@ -0,0 +1,5 @@
+# yamllint disable rule:indentation rule:line-length
+# Ubuntu-20.04
+---
+sudoers:
+  pkg: sudo

test/integration/default/inspec.yml

@@ -6,6 +6,9 @@ title: sudoers formula
 maintainer: SaltStack Formulas
 license: Apache-2.0
 summary: Verify that the sudoers formula is setup and configured correctly
+depends:
+  - name: share
+    path: test/integration/share
 supports:
   - platform-name: debian
   - platform-name: ubuntu

test/integration/share/README.md

@@ -0,0 +1,38 @@
+# InSpec Profile: `share`
+
+This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
+
+It's goal is to share the libraries between all profiles.
+
+## Verify a profile
+
+InSpec ships with built-in features to verify a profile structure.
+
+```bash
+$ inspec check share
+Summary
+-------
+Location: share
+Profile: profile
+Controls: 4
+Timestamp: 2019-06-24T23:09:01+00:00
+Valid: true
+
+Errors
+------
+
+Warnings
+--------
+```
+
+## Execute a profile
+
+To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
+
+```bash
+$ inspec exec share
+..
+
+Finished in 0.0025 seconds (files took 0.12449 seconds to load)
+8 examples, 0 failures
+```

test/integration/share/inspec.yml

@@ -0,0 +1,18 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: share
+title: sudoers formula
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: shared resources
+supports:
+  - platform-name: debian
+  - platform-name: ubuntu
+  - platform-name: centos
+  - platform-name: fedora
+  - platform-name: opensuse
+  - platform-name: suse
+  - platform-name: freebsd
+  - platform-name: amazon
+  - platform-name: arch

test/integration/share/libraries/system.rb

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+
+# system.rb -- InSpec resources for system values
+# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
+# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
+
+HOSTNAME_CMDS = %w[hostname hostnamectl].freeze
+HOSTNAME_CMDS_OPT = {
+  'hostname' => '-s',
+  'hostnamectl' => '--static'
+}.freeze
+
+class SystemResource < Inspec.resource(1)
+  name 'system'
+
+  attr_reader :platform
+  attr_reader :hostname
+
+  def initialize
+    @platform = build_platform
+    @hostname = found_hostname
+  end
+
+  private
+
+  def found_hostname
+    cmd = guess_hostname_cmd
+
+    unless cmd.exit_status.zero?
+      raise Inspec::Exceptions::ResourceSkipped,
+            "Error running '#{cmd}': #{cmd.stderr}"
+    end
+
+    cmd.stdout.chomp
+  end
+
+  def guess_hostname_cmd
+    HOSTNAME_CMDS.each do |cmd|
+      if inspec.command(cmd).exist?
+        return inspec.command("#{cmd} #{HOSTNAME_CMDS_OPT[cmd]}")
+      end
+    end
+
+    raise Inspec::Exceptions::ResourceSkipped,
+          "Error: #{@platform[:finger]}} has none of #{HOSTNAME_CMDS.join(', ')}"
+  end
+
+  def build_platform
+    {
+      family: build_platform_family,
+      name: build_platform_name,
+      release: build_platform_release,
+      finger: build_platform_finger
+    }
+  end
+
+  def build_platform_family
+    case inspec.platform[:name]
+    when 'arch'
+      'arch'
+    else
+      inspec.platform[:family]
+    end
+  end
+
+  def build_platform_name
+    case inspec.platform[:name]
+    when 'amazon'
+      'amazonlinux'
+    else
+      inspec.platform[:name]
+    end
+  end
+
+  def build_platform_release
+    case inspec.platform[:name]
+    when 'amazon'
+      # `2018` relase is named `1` in kitchen.yaml
+      inspec.platform[:release].gsub(/2018.*/, '1')
+    when 'arch'
+      'base-latest'
+    else
+      inspec.platform[:release]
+    end
+  end
+
+  def build_platform_finger
+    "#{build_platform_name}-#{build_finger_release}"
+  end
+
+  def build_finger_release
+    case inspec.platform[:name]
+    when 'ubuntu'
+      build_platform_release.split('.').slice(0, 2).join('.')
+    else
+      build_platform_release.split('.')[0]
+    end
+  end
+end