浏览代码

ci(kitchen+travis): implement `inspec` test matrix

tags/v0.2.1
Imran Iqbal 5 年前
父节点
当前提交
0fb718da68
没有帐户链接到提交者的电子邮件
共有 7 个文件被更改,包括 232 次插入0 次删除
  1. +67
    -0
      .travis.yml
  2. +6
    -0
      Gemfile
  3. +95
    -0
      kitchen.yml
  4. +28
    -0
      test/integration/default/controls/config_spec.rb
  5. +7
    -0
      test/integration/default/controls/packages_spec.rb
  6. +18
    -0
      test/integration/default/controls/services_spec.rb
  7. +11
    -0
      test/integration/default/inspec.yml

+ 67
- 0
.travis.yml 查看文件

@@ -0,0 +1,67 @@
stages:
- test
# - commitlint
# - name: release
# if: branch = master AND type != pull_request

sudo: required
cache: bundler
language: ruby

services:
- docker

before_install:
- bundle install

# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
env:
matrix:
- INSTANCE: default-debian-9-2019-2-py3
- INSTANCE: default-ubuntu-1804-2019-2-py3
- INSTANCE: default-centos-7-2019-2-py2
- INSTANCE: default-fedora-29-2019-2-py2
- INSTANCE: default-opensuse-423-2018-3-py2
- INSTANCE: default-debian-8-2018-3-py2
- INSTANCE: default-ubuntu-1604-2018-3-py2
- INSTANCE: default-fedora-28-2018-3-py2
- INSTANCE: default-debian-8-2017-7-py2
- INSTANCE: default-ubuntu-1604-2017-7-py2

script:
- bundle exec kitchen verify ${INSTANCE}

# jobs:
# include:
# # Define the commitlint stage
# - stage: commitlint
# language: node_js
# node_js: lts/*
# before_install: skip
# script:
# - npm install @commitlint/config-conventional -D
# - npm install @commitlint/travis-cli -D
# - commitlint-travis
# # Define the release stage that runs semantic-release
# - stage: release
# language: node_js
# node_js: lts/*
# before_install: skip
# script:
# # Update `AUTHORS.md`
# - export MAINTAINER_TOKEN=${GH_TOKEN}
# - go get github.com/myii/maintainer
# - maintainer contributor
#
# # Install all dependencies required for `semantic-release`
# - npm install @semantic-release/changelog@3 -D
# - npm install @semantic-release/exec@3 -D
# - npm install @semantic-release/git@7 -D
# deploy:
# provider: script
# skip_cleanup: true
# script:
# # Run `semantic-release`
# - npx semantic-release@15


+ 6
- 0
Gemfile 查看文件

@@ -0,0 +1,6 @@
source "https://rubygems.org"

gem 'kitchen-docker', '>= 2.9'
gem 'kitchen-salt', '>= 0.6.0'
gem 'kitchen-inspec', '>= 1.1'


+ 95
- 0
kitchen.yml 查看文件

@@ -0,0 +1,95 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# For help on this file's format, see https://kitchen.ci/
driver:
name: docker
use_sudo: false
privileged: true
run_command: /lib/systemd/systemd

# Make sure the platforms listed below match up with
# the `env.matrix` instances defined in `.travis.yml`
platforms:
## SALT 2019.2
- name: debian-9-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:debian-9
- name: ubuntu-1804-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:ubuntu-1804
- name: centos-7-2019-2-py2
driver:
image: netmanagers/salt-2019.2-py2:centos-7
- name: fedora-29-2019-2-py2
driver:
image: netmanagers/salt-2019.2-py2:fedora-29

## SALT 2018.3
- name: opensuse-423-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:opensuse-423
run_command: /usr/lib/systemd/systemd
- name: debian-8-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:debian-8
- name: ubuntu-1604-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:ubuntu-1604
- name: fedora-28-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:fedora-28

# centos-6 guest fails on Debian hosts due to vsyscall issues, see
# https://hub.docker.com/_/centos, "A note about vsyscall"
# Disabled for `template-formula` because not `systemd` based
# - name: centos-6-2018-3
# driver:
# image: netmanagers/salt-2018.3-py2:centos-6
# run_command: /sbin/init

##S SALT 2017.7
- name: debian-8-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:debian-8
- name: ubuntu-1604-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:ubuntu-1604
# - name: centos-6-2017-7
# driver:
# image: netmanagers/salt-2017.7-py2:centos-6
# run_command: /sbin/init

provisioner:
name: salt_solo
log_level: info
salt_install: none
require_chef: false
formula: chrony
salt_copy_filter:
- .kitchen
- .git
state_top:
base:
'*':
- chrony
pillars:
top.sls:
base:
'*':
- chrony
pillars_from_files:
chrony.sls: pillar.example

verifier:
# https://www.inspec.io/
name: inspec
sudo: true
# cli, documentation, html, progress, json, json-min, json-rspec, junit
reporter:
- cli
inspec_tests:
- path: test/integration/default

suites:
- name: default

+ 28
- 0
test/integration/default/controls/config_spec.rb 查看文件

@@ -0,0 +1,28 @@
# Overide by OS
keyfile = 'keyfile '
driftfile = '/var/lib/chrony/'
logdir = 'logdir /var/log/chrony'
case os[:name]
when 'debian', 'ubuntu'
config_file = '/etc/chrony/chrony.conf'
keyfile += '/etc/chrony/chrony.keys'
driftfile += 'chrony.drift'
else
config_file = '/etc/chrony.conf'
keyfile += '/etc/chrony.keys'
driftfile += 'drift'
end

control 'Chrony configuration' do
title 'should match desired lines'

describe file(config_file) do
it { should be_file }
it { should be_owned_by 'root' }
it { should be_grouped_into 'root' }
its('mode') { should cmp '0644' }
its('content') { should include keyfile }
its('content') { should include driftfile }
its('content') { should include logdir }
end
end

+ 7
- 0
test/integration/default/controls/packages_spec.rb 查看文件

@@ -0,0 +1,7 @@
control 'Chrony package' do
title 'should be installed'

describe package('chrony') do
it { should be_installed }
end
end

+ 18
- 0
test/integration/default/controls/services_spec.rb 查看文件

@@ -0,0 +1,18 @@
# Overide by OS
service_name =
case os[:name]
when 'debian', 'ubuntu'
'chrony'
else
'chronyd'
end

control 'Chron service' do
impact 0.5
title 'should be running and enabled'

describe service(service_name) do
it { should be_enabled }
it { should be_running }
end
end

+ 11
- 0
test/integration/default/inspec.yml 查看文件

@@ -0,0 +1,11 @@
name: chrony
title: Chrony Formula
maintainer: Your Name
license: Apache-2.0
summary: Verify that the chrony formula is setup and configured correctly
supports:
- os-name: debian
- os-name: ubuntu
- os-name: centos
- os-name: fedora
- os-name: opensuse

正在加载...
取消
保存