* Automated using https://github.com/myii/ssf-formula/pull/302tags/v1.2.5
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`) | # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`) | ||||
Max: 88 | Max: 88 | ||||
Metrics/BlockLength: | Metrics/BlockLength: | ||||
ExcludedMethods: | |||||
IgnoredMethods: | |||||
- control | - control | ||||
- describe | - describe | ||||
# Increase from default of `25` | # Increase from default of `25` |
# Use the latest version of `inspec` prior to `4.23.4`, which introduces a | # Use the latest version of `inspec` prior to `4.23.4`, which introduces a | ||||
# regression where the diff isn't displayed when comparing using `eq`. | # regression where the diff isn't displayed when comparing using `eq`. | ||||
gem 'inspec', '~> 4.22.22' | gem 'inspec', '~> 4.22.22' | ||||
# Install the `kitchen-docker` gem from GitHub because the latest version | |||||
# Install the `kitchen-docker` gem using `git` because the latest version | |||||
# currently available (`2.10.0`) doesn't include a recent fix for Gentoo. | # currently available (`2.10.0`) doesn't include a recent fix for Gentoo. | ||||
# rubocop:disable Layout/LineLength | # rubocop:disable Layout/LineLength | ||||
gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf' | gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf' |
# yamllint disable rule:indentation rule:line-length | |||||
# {{ grains.get("osfinger", grains.os) }} | |||||
--- | |||||
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} | |||||
{{ salt["slsutil.serialize"]( | |||||
"yaml", | |||||
map, | |||||
default_flow_style=False, | |||||
allow_unicode=True, | |||||
) | |||||
| regex_replace("^\s+'$", "'", multiline=True) | |||||
| trim | |||||
}} |
# -*- coding: utf-8 -*- | |||||
# vim: ft=sls | |||||
--- | |||||
{#- Get the `tplroot` from `tpldir` #} | |||||
{%- set tplroot = tpldir.split("/")[0] %} | |||||
{%- from tplroot ~ "/map.jinja" import chrony with context %} | |||||
{%- set _mapdata = { | |||||
"values": chrony, | |||||
} %} | |||||
{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %} | |||||
{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %} | |||||
{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %} | |||||
{{ tplroot }}-mapdata-dump: | |||||
file.managed: | |||||
- name: {{ output_file }} | |||||
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja | |||||
- template: jinja | |||||
- context: | |||||
map: {{ _mapdata | yaml }} |
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- chrony._mapdata | |||||
- chrony | - chrony | ||||
pillars: | pillars: | ||||
top.sls: | top.sls: |
maintainer: SaltStack Formulas | maintainer: SaltStack Formulas | ||||
license: Apache-2.0 | license: Apache-2.0 | ||||
summary: Verify that the chrony formula is setup and configured correctly | summary: Verify that the chrony formula is setup and configured correctly | ||||
depends: | |||||
- name: share | |||||
path: test/integration/share | |||||
supports: | supports: | ||||
- platform-name: debian | - platform-name: debian | ||||
- platform-name: ubuntu | - platform-name: ubuntu | ||||
- platform-name: opensuse | - platform-name: opensuse | ||||
- platform-name: suse | - platform-name: suse | ||||
- platform-name: freebsd | - platform-name: freebsd | ||||
- platform-name: openbsd | |||||
- platform-name: amazon | - platform-name: amazon | ||||
- platform-name: oracle | - platform-name: oracle | ||||
- platform-name: arch | - platform-name: arch |
# InSpec Profile: `share` | |||||
This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). | |||||
Its goal is to share the libraries between all profiles. | |||||
## Libraries | |||||
### `system` | |||||
The `system` library provides easy access to system dependent information: | |||||
- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective | |||||
- `system.platform[:family]` provide a family name for Arch and Gentoo | |||||
- `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows` | |||||
- `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows: | |||||
- `Arch` is always `base-latest` | |||||
- `Amazon Linux` release `2018` is resolved as `1` | |||||
- `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`) | |||||
- `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format | |||||
- `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version | |||||
- `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example) |
# -*- coding: utf-8 -*- | |||||
# vim: ft=yaml | |||||
--- | |||||
name: share | |||||
title: InSpec shared resources | |||||
maintainer: SaltStack Formulas | |||||
license: Apache-2.0 | |||||
summary: shared resources | |||||
supports: | |||||
- platform-name: debian | |||||
- platform-name: ubuntu | |||||
- platform-name: centos | |||||
- platform-name: fedora | |||||
- platform-name: opensuse | |||||
- platform-name: suse | |||||
- platform-name: freebsd | |||||
- platform-name: openbsd | |||||
- platform-name: amazon | |||||
- platform-name: oracle | |||||
- platform-name: arch | |||||
- platform-name: gentoo | |||||
- platform: windows |
# frozen_string_literal: true | |||||
# system.rb -- InSpec resources for system values | |||||
# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr> | |||||
# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr> | |||||
class SystemResource < Inspec.resource(1) | |||||
name 'system' | |||||
attr_reader :platform | |||||
def initialize | |||||
super | |||||
@platform = build_platform | |||||
end | |||||
private | |||||
def build_platform | |||||
{ | |||||
family: build_platform_family, | |||||
name: build_platform_name, | |||||
release: build_platform_release, | |||||
finger: build_platform_finger | |||||
} | |||||
end | |||||
def build_platform_family | |||||
case inspec.platform[:name] | |||||
when 'arch', 'gentoo' | |||||
inspec.platform[:name] | |||||
else | |||||
inspec.platform[:family] | |||||
end | |||||
end | |||||
def build_platform_name | |||||
case inspec.platform[:name] | |||||
when 'amazon', 'oracle' | |||||
"#{inspec.platform[:name]}linux" | |||||
when /^windows_/ | |||||
inspec.platform[:family] | |||||
else | |||||
inspec.platform[:name] | |||||
end | |||||
end | |||||
# rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity | |||||
def build_platform_release | |||||
case inspec.platform[:name] | |||||
when 'amazon' | |||||
# `2018` relase is named `1` in kitchen.yaml | |||||
inspec.platform[:release].gsub(/2018.*/, '1') | |||||
when 'arch' | |||||
'base-latest' | |||||
when 'gentoo' | |||||
"#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" | |||||
when 'opensuse' | |||||
# rubocop:disable Style/NumericLiterals,Layout/LineLength | |||||
inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release] | |||||
# rubocop:enable Style/NumericLiterals,Layout/LineLength | |||||
when 'windows_8.1_pro' | |||||
'8.1' | |||||
when 'windows_server_2019_datacenter' | |||||
'2019-server' | |||||
when 'windows_server_2016_datacenter' | |||||
'2016-server' | |||||
else | |||||
inspec.platform[:release] | |||||
end | |||||
end | |||||
# rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity | |||||
def derive_gentoo_init_system | |||||
inspec.command('systemctl').exist? ? 'sysd' : 'sysv' | |||||
end | |||||
def build_platform_finger | |||||
"#{build_platform_name}-#{build_finger_release}" | |||||
end | |||||
def build_finger_release | |||||
case inspec.platform[:name] | |||||
when 'ubuntu' | |||||
build_platform_release.split('.').slice(0, 2).join('.') | |||||
else | |||||
build_platform_release.split('.')[0] | |||||
end | |||||
end | |||||
end |