Browse Source

Merge pull request #1 from SuperTux88/template-formula

Refactor based on template-formula
tags/v1.0.0
Benjamin Neff 4 years ago
parent
commit
693d17653e
No account linked to committer's email address
55 changed files with 2705 additions and 136 deletions
  1. +16
    -0
      .github/workflows/commitlint.yml
  2. +122
    -0
      .gitignore
  3. +56
    -0
      .pre-commit-config.yaml
  4. +3
    -0
      .rstcheck.cfg
  5. +16
    -0
      .rubocop.yml
  6. +14
    -0
      .salt-lint
  7. +158
    -0
      .travis.yml
  8. +38
    -0
      .yamllint
  9. +43
    -0
      CODEOWNERS
  10. +9
    -0
      FORMULA
  11. +7
    -0
      Gemfile
  12. +529
    -0
      Gemfile.lock
  13. +0
    -29
      README.md
  14. +16
    -0
      bin/install-hooks
  15. +32
    -0
      bin/kitchen
  16. +8
    -0
      commitlint.config.js
  17. +13
    -0
      diaspora/_mapdata/_mapdata.jinja
  18. +18
    -0
      diaspora/_mapdata/init.sls
  19. +9
    -2
      diaspora/defaults.yaml
  20. +26
    -6
      diaspora/install.sls
  21. +40
    -96
      diaspora/map.jinja
  22. +84
    -0
      diaspora/osfamilymap.yaml
  23. +56
    -0
      diaspora/osfingermap.yaml
  24. +31
    -0
      diaspora/osmap.yaml
  25. +13
    -0
      diaspora/service.sls
  26. +141
    -0
      docs/README.rst
  27. +248
    -0
      kitchen.yml
  28. +8
    -3
      pillar.example
  29. +30
    -0
      pre-commit_semantic-release.sh
  30. +18
    -0
      release-rules.js
  31. +106
    -0
      release.config.js
  32. +50
    -0
      test/integration/_mapdata/README.md
  33. +16
    -0
      test/integration/_mapdata/controls/_mapdata_spec.rb
  34. +42
    -0
      test/integration/_mapdata/files/_mapdata/arch-base-latest.yaml
  35. +52
    -0
      test/integration/_mapdata/files/_mapdata/centos-7.yaml
  36. +52
    -0
      test/integration/_mapdata/files/_mapdata/centos-8.yaml
  37. +48
    -0
      test/integration/_mapdata/files/_mapdata/debian-10.yaml
  38. +48
    -0
      test/integration/_mapdata/files/_mapdata/debian-9.yaml
  39. +47
    -0
      test/integration/_mapdata/files/_mapdata/ubuntu-18.yaml
  40. +47
    -0
      test/integration/_mapdata/files/_mapdata/ubuntu-20.yaml
  41. +16
    -0
      test/integration/_mapdata/inspec.yml
  42. +50
    -0
      test/integration/default/README.md
  43. +50
    -0
      test/integration/default/controls/config_spec.rb
  44. +24
    -0
      test/integration/default/controls/http_spec.rb
  45. +10
    -0
      test/integration/default/controls/install_spec.rb
  46. +16
    -0
      test/integration/default/controls/services_spec.rb
  47. +16
    -0
      test/integration/default/inspec.yml
  48. +19
    -0
      test/integration/share/README.md
  49. +19
    -0
      test/integration/share/inspec.yml
  50. +69
    -0
      test/integration/share/libraries/system.rb
  51. +6
    -0
      test/salt/pillar/mysql.sls
  52. +12
    -0
      test/salt/pillar/tests.sls
  53. +26
    -0
      test/salt/states/mysql/init.sls
  54. +51
    -0
      test/salt/states/postgres/init.sls
  55. +11
    -0
      test/salt/states/redis/init.sls

+ 16
- 0
.github/workflows/commitlint.yml View File

@@ -0,0 +1,16 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
name: Commitlint
'on': [pull_request]

jobs:
lint:
runs-on: ubuntu-latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: wagoid/commitlint-github-action@v1

+ 122
- 0
.gitignore View File

@@ -0,0 +1,122 @@
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

# C extensions
*.so

# Distribution / packaging
.Python
env/
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
*.egg-info/
.installed.cfg
*.egg

# PyInstaller
# Usually these files are written by a python script from a packager
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.kitchen
.kitchen.local.yml
kitchen.local.yml
junit-*.xml

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py

# Flask stuff:
instance/
.webassets-cache

# Scrapy stuff:
.scrapy

# Sphinx documentation
docs/_build/

# PyBuilder
target/

# Jupyter Notebook
.ipynb_checkpoints

# pyenv
.python-version

# celery beat schedule file
celerybeat-schedule

# SageMath parsed files
*.sage.py

# dotenv
.env

# virtualenv
.venv
venv/
ENV/

# Spyder project settings
.spyderproject
.spyproject

# Rope project settings
.ropeproject

# mkdocs documentation
/site

# mypy
.mypy_cache/

# Bundler
.bundle/

# copied `.md` files used for conversion to `.rst` using `m2r`
docs/*.md

# Vim
*.sw?

## Collected when centralising formulas (check and sort)
# `collectd-formula`
.pytest_cache/
/.idea/
Dockerfile.*_*
ignore/
tmp/

+ 56
- 0
.pre-commit-config.yaml View File

@@ -0,0 +1,56 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# See https://pre-commit.com for more information
# See https://pre-commit.com/hooks.html for more hooks
default_stages: [commit]
repos:
- repo: https://github.com/dafyddj/commitlint-pre-commit-hook
rev: v2.3.0
hooks:
- id: commitlint
name: Check commit message using commitlint
description: Lint commit message against @commitlint/config-conventional rules
stages: [commit-msg]
additional_dependencies: ['@commitlint/config-conventional@8.3.4']
- id: commitlint-travis
stages: [manual]
additional_dependencies: ['@commitlint/config-conventional@8.3.4']
always_run: true
- repo: https://github.com/adithyabsk/mirrors-rubocop
rev: v0.91.0
hooks:
- id: rubocop
name: Check Ruby files with rubocop
args: [--debug]
always_run: true
pass_filenames: false
- repo: https://github.com/jumanjihouse/pre-commit-hooks
rev: 2.1.3
hooks:
- id: shellcheck
name: Check shell scripts with shellcheck
files: ^.*\.(sh|bash|ksh)$
types: []
args: []
- repo: https://github.com/adrienverge/yamllint.git
rev: v1.23.0
hooks:
- id: yamllint
name: Check YAML syntax with yamllint
args: [--strict, '.']
always_run: true
pass_filenames: false
- repo: https://github.com/warpnet/salt-lint
rev: v0.3.0
hooks:
- id: salt-lint
name: Check Salt files using salt-lint
files: ^.*\.(sls|jinja|j2|tmpl|tst)$
- repo: https://github.com/myint/rstcheck
rev: 3f929574
hooks:
- id: rstcheck
name: Check reST files using rstcheck
exclude: 'docs/CHANGELOG.rst'
args: [--report=warning]

+ 3
- 0
.rstcheck.cfg View File

@@ -0,0 +1,3 @@
[rstcheck]
report=error
ignore_language=rst

+ 16
- 0
.rubocop.yml View File

@@ -0,0 +1,16 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# General overrides used across formulas in the org
Layout/LineLength:
# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
Max: 88
Metrics/BlockLength:
ExcludedMethods:
- control
- describe
# Increase from default of `25`
Max: 30

# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`

+ 14
- 0
.salt-lint View File

@@ -0,0 +1,14 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
exclude_paths: []
rules: {}
skip_list:
# Using `salt-lint` for linting other files as well, such as Jinja macros/templates
- 205 # Use ".sls" as a Salt State file extension
# Skipping `207` and `208` because `210` is sufficient, at least for the time-being
# I.e. Allows 3-digit unquoted codes to still be used, such as `644` and `755`
- 207 # File modes should always be encapsulated in quotation marks
- 208 # File modes should always contain a leading zero
tags: []
verbosity: 1

+ 158
- 0
.travis.yml View File

@@ -0,0 +1,158 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
## Machine config
os: 'linux'
arch: 'amd64'
dist: 'bionic'
version: '~> 1.0'

## Language and cache config
language: 'ruby'
cache: 'bundler'

## Services config
services:
- docker

## Script to run for the test stage
script:
- bin/kitchen verify "${INSTANCE}"

## Stages and jobs matrix
stages:
- test
- name: 'release'
if: 'branch = master AND type != pull_request'
jobs:
include:
## Define the test stage that runs the linters (and testing matrix, if applicable)

# Run all of the linters in a single job
- language: 'node_js'
node_js: 'lts/*'
env: 'Lint'
name: 'Lint: salt-lint, yamllint, rubocop, shellcheck & commitlint'
before_install: 'skip'
script:
# Install and run `salt-lint`
- pip install --user salt-lint
- git ls-files -- '*.sls' '*.jinja' '*.j2' '*.tmpl' '*.tst'
| xargs salt-lint
# Install and run `yamllint`
# Need at least `v1.17.0` for the `yaml-files` setting
- pip install --user yamllint>=1.17.0
- yamllint -s .
# Install and run `rubocop`
- gem install rubocop
- rubocop -d
# Run `shellcheck` (already pre-installed in Travis)
- shellcheck --version
- git ls-files -- '*.sh' '*.bash' '*.ksh'
| xargs shellcheck
# Install and run `commitlint`
- npm i -D @commitlint/config-conventional
@commitlint/travis-cli
- commitlint-travis

# Run `pre-commit` linters in a single job
- language: 'python'
env: 'Lint_pre-commit'
name: 'Lint: pre-commit'
before_install: 'skip'
cache:
directories:
- $HOME/.cache/pre-commit
script:
# Install and run `pre-commit`
- pip install pre-commit==2.7.1
- pre-commit run --all-files --color always --verbose
- pre-commit run --color always --hook-stage manual --verbose commitlint-travis

## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
# NOTE: Please try to select up to six instances that add some meaningful
# testing of the formula's behaviour. If possible, try to refrain from
# the classical "chosing all the instances because I want to test on
# another/all distro/s" trap: it will just add time to the testing (see
# the discussion on #121). As an example, the set chosen below covers
# the most used distros families, systemd and non-systemd and the latest
# three supported Saltstack versions with python2 and 3.
# As for `kitchen.yml`, that should still contain all of the platforms,
# to allow for comprehensive local testing
# Ref: https://github.com/saltstack-formulas/template-formula/issues/118
# Ref: https://github.com/saltstack-formulas/template-formula/issues/121
# - env: INSTANCE=default-debian-10-tiamat-py3
# - env: INSTANCE=default-debian-9-tiamat-py3
# - env: INSTANCE=default-ubuntu-2004-tiamat-py3
# - env: INSTANCE=default-ubuntu-1804-tiamat-py3
# - env: INSTANCE=default-ubuntu-1604-tiamat-py3
# - env: INSTANCE=default-centos-8-tiamat-py3
# - env: INSTANCE=default-centos-7-tiamat-py3
# - env: INSTANCE=default-amazonlinux-2-tiamat-py3
# - env: INSTANCE=default-oraclelinux-8-tiamat-py3
# - env: INSTANCE=default-oraclelinux-7-tiamat-py3
- env: INSTANCE=default-debian-10-master-py3
- env: INSTANCE=default-ubuntu-2004-master-py3
# - env: INSTANCE=default-ubuntu-1804-master-py3
- env: INSTANCE=default-centos-8-master-py3
# - env: INSTANCE=default-fedora-32-master-py3
# - env: INSTANCE=default-fedora-31-master-py3
# - env: INSTANCE=default-opensuse-leap-152-master-py3
# - env: INSTANCE=default-amazonlinux-2-master-py3
# - env: INSTANCE=default-debian-10-3001-py3
# - env: INSTANCE=default-debian-9-3001-py3
# - env: INSTANCE=default-ubuntu-2004-3001-py3
# - env: INSTANCE=default-ubuntu-1804-3001-py3
# - env: INSTANCE=default-centos-8-3001-py3
- env: INSTANCE=default-centos-7-3001-py3
# - env: INSTANCE=default-fedora-32-3001-py3
# - env: INSTANCE=default-fedora-31-3001-py3
# - env: INSTANCE=default-opensuse-leap-152-3001-py3
# - env: INSTANCE=default-amazonlinux-2-3001-py3
# - env: INSTANCE=default-oraclelinux-8-3001-py3
# - env: INSTANCE=default-oraclelinux-7-3001-py3
# - env: INSTANCE=default-debian-10-3000-3-py3
# - env: INSTANCE=default-debian-9-3000-3-py3
# - env: INSTANCE=default-ubuntu-1804-3000-3-py3
# - env: INSTANCE=default-centos-8-3000-3-py3
# - env: INSTANCE=default-centos-7-3000-3-py3
# - env: INSTANCE=default-fedora-31-3000-3-py3
# - env: INSTANCE=default-opensuse-leap-152-3000-3-py3
# - env: INSTANCE=default-amazonlinux-2-3000-3-py3
# - env: INSTANCE=default-ubuntu-1804-3000-3-py2
# - env: INSTANCE=default-ubuntu-1604-3000-3-py2
- env: INSTANCE=default-arch-base-latest-3000-3-py2
# - env: INSTANCE=upstart-centos-6-2019-2-py2
# - env: INSTANCE=upstart-amazonlinux-1-2019-2-py2
# - env: INSTANCE=mysql-debian-10-master-py3
- env: INSTANCE=mysql-debian-9-3001-py3
# - env: INSTANCE=mysql-ubuntu-2004-master-py3
# - env: INSTANCE=mysql-ubuntu-1804-master-py3

## Define the release stage that runs `semantic-release`
- stage: 'release'
language: 'node_js'
node_js: 'lts/*'
env: 'Release'
name: 'Run semantic-release inc. file updates to AUTHORS, CHANGELOG & FORMULA'
before_install: 'skip'
script:
# Update `AUTHORS.md`
- export MAINTAINER_TOKEN=${GH_TOKEN}
- go get github.com/myii/maintainer
- maintainer contributor

# Install all dependencies required for `semantic-release`
- npm i -D @semantic-release/changelog@3
@semantic-release/exec@3
@semantic-release/git@7
deploy:
provider: 'script'
# Opt-in to `dpl v2` to complete the Travis build config validation (beta)
# * https://docs.travis-ci.com/user/build-config-validation
# Deprecated `skip_cleanup` can now be avoided, `cleanup: false` is by default
edge: true
# Run `semantic-release`
script: 'npx semantic-release@15.14'

+ 38
- 0
.yamllint View File

@@ -0,0 +1,38 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# Extend the `default` configuration provided by `yamllint`
extends: default

# Files to ignore completely
# 1. All YAML files under directory `node_modules/`, introduced during the Travis run
# 2. Any SLS files under directory `test/`, which are actually state files
# 3. Any YAML files under directory `.kitchen/`, introduced during local testing
ignore: |
node_modules/
test/**/states/**/*.sls
.kitchen/
diaspora/files/database.yml
diaspora/files/diaspora.yml

yaml-files:
# Default settings
- '*.yaml'
- '*.yml'
- .salt-lint
- .yamllint
# SaltStack Formulas additional settings
- '*.example'
- test/**/*.sls

rules:
empty-values:
forbid-in-block-mappings: true
forbid-in-flow-mappings: true
line-length:
# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
max: 88
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true

+ 43
- 0
CODEOWNERS View File

@@ -0,0 +1,43 @@
# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners

# SECTION: Owner(s) for everything in the repo, unless a later match takes precedence
# FILE PATTERN OWNER(S)
* @SuperTux88

# SECTION: Owner(s) for specific directories
# FILE PATTERN OWNER(S)

# SECTION: Owner(s) for files/directories related to `semantic-release`
# FILE PATTERN OWNER(S)
/.github/workflows/ @saltstack-formulas/ssf
/bin/install-hooks @saltstack-formulas/ssf
/bin/kitchen @saltstack-formulas/ssf
/docs/AUTHORS.rst @saltstack-formulas/ssf
/docs/CHANGELOG.rst @saltstack-formulas/ssf
/docs/TOFS_pattern.rst @saltstack-formulas/ssf
/diaspora/libsaltcli.jinja @saltstack-formulas/ssf
/diaspora/libtofs.jinja @saltstack-formulas/ssf
/test/integration/**/inspec.yml @saltstack-formulas/ssf
/test/integration/**/README.md @saltstack-formulas/ssf
/.gitignore @saltstack-formulas/ssf
/.cirrus.yml @saltstack-formulas/ssf
/.pre-commit-config.yaml @saltstack-formulas/ssf
/.rstcheck.cfg @saltstack-formulas/ssf
/.rubocop.yml @saltstack-formulas/ssf
/.salt-lint @saltstack-formulas/ssf
/.travis.yml @saltstack-formulas/ssf
/.yamllint @saltstack-formulas/ssf
/AUTHORS.md @saltstack-formulas/ssf
/CHANGELOG.md @saltstack-formulas/ssf
/CODEOWNERS @saltstack-formulas/ssf
/commitlint.config.js @saltstack-formulas/ssf
/FORMULA @saltstack-formulas/ssf
/Gemfile @saltstack-formulas/ssf
/Gemfile.lock @saltstack-formulas/ssf
/kitchen.yml @saltstack-formulas/ssf
/pre-commit_semantic-release.sh @saltstack-formulas/ssf
/release-rules.js @saltstack-formulas/ssf
/release.config.js @saltstack-formulas/ssf

# SECTION: Owner(s) for specific files
# FILE PATTERN OWNER(S)

+ 9
- 0
FORMULA View File

@@ -0,0 +1,9 @@
name: diaspora
os: Debian, Ubuntu, RedHat, CentOS, Arch
os_family: Debian, RedHat, Arch
version: 0.1.0
release: 1
minimum_version: 2019.2
summary: diaspora formula
description: A saltstack formula to install and configure diaspora*
top_level_dir: diaspora

+ 7
- 0
Gemfile View File

@@ -0,0 +1,7 @@
# frozen_string_literal: true

source 'https://rubygems.org'

gem 'kitchen-docker', github: 'test-kitchen/kitchen-docker', ref: '41e80fe'
gem 'kitchen-inspec', '>= 2.2.1'
gem 'kitchen-salt', '>= 0.6.3'

+ 529
- 0
Gemfile.lock View File

@@ -0,0 +1,529 @@
GIT
remote: https://github.com/test-kitchen/kitchen-docker.git
revision: 41e80fed3a7cc86323e19c16a5a340cebf7e5848
ref: 41e80fe
specs:
kitchen-docker (2.10.0)
test-kitchen (>= 1.0.0)

GEM
remote: https://rubygems.org/
specs:
activesupport (5.2.4.4)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
aws-eventstream (1.1.0)
aws-partitions (1.380.0)
aws-sdk-apigateway (1.55.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-apigatewayv2 (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-athena (1.33.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-autoscaling (1.22.0)
aws-sdk-core (~> 3, >= 3.52.1)
aws-sigv4 (~> 1.1)
aws-sdk-budgets (1.35.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudformation (1.44.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudfront (1.43.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudhsm (1.27.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudhsmv2 (1.30.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudtrail (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudwatch (1.45.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-cloudwatchlogs (1.38.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-codecommit (1.40.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-codedeploy (1.37.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-codepipeline (1.37.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-configservice (1.53.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-core (3.109.1)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.239.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1.0)
aws-sdk-costandusagereportservice (1.28.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-dynamodb (1.55.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ec2 (1.198.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ecr (1.39.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ecs (1.70.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-efs (1.36.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-eks (1.44.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticache (1.43.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticbeanstalk (1.38.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticloadbalancing (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticloadbalancingv2 (1.53.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-elasticsearchservice (1.43.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-firehose (1.35.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-guardduty (1.42.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-iam (1.46.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-kafka (1.29.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-kinesis (1.30.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-kms (1.39.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-lambda (1.51.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-organizations (1.17.0)
aws-sdk-core (~> 3, >= 3.39.0)
aws-sigv4 (~> 1.0)
aws-sdk-rds (1.102.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-redshift (1.50.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53 (1.44.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53domains (1.28.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-route53resolver (1.21.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-s3 (1.83.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.1)
aws-sdk-securityhub (1.35.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ses (1.36.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-sms (1.27.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-sns (1.32.1)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-sqs (1.34.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sdk-ssm (1.93.0)
aws-sdk-core (~> 3, >= 3.109.0)
aws-sigv4 (~> 1.1)
aws-sigv4 (1.2.2)
aws-eventstream (~> 1, >= 1.0.2)
azure_graph_rbac (0.17.2)
ms_rest_azure (~> 0.12.0)
azure_mgmt_key_vault (0.17.6)
ms_rest_azure (~> 0.12.0)
azure_mgmt_resources (0.18.0)
ms_rest_azure (~> 0.12.0)
azure_mgmt_security (0.18.2)
ms_rest_azure (~> 0.12.0)
azure_mgmt_storage (0.22.0)
ms_rest_azure (~> 0.12.0)
bcrypt_pbkdf (1.0.1)
builder (3.2.4)
chef-config (16.5.77)
addressable
chef-utils (= 16.5.77)
fuzzyurl
mixlib-config (>= 2.2.12, < 4.0)
mixlib-shellout (>= 2.0, < 4.0)
tomlrb (~> 1.2)
chef-telemetry (1.0.14)
chef-config
concurrent-ruby (~> 1.0)
ffi-yajl (~> 2.2)
chef-utils (16.5.77)
coderay (1.1.3)
concurrent-ruby (1.1.7)
declarative (0.0.20)
declarative-option (0.1.0)
diff-lcs (1.4.4)
docker-api (2.0.0)
excon (>= 0.47.0)
multi_json
domain_name (0.5.20190701)
unf (>= 0.0.5, < 1.0.0)
ecma-re-validator (0.2.1)
regexp_parser (~> 1.2)
ed25519 (1.2.4)
erubi (1.9.0)
excon (0.76.0)
faraday (1.0.1)
multipart-post (>= 1.2, < 3)
faraday-cookie_jar (0.0.7)
faraday (>= 0.8.0)
http-cookie (~> 1.0.0)
faraday_middleware (1.0.0)
faraday (~> 1.0)
ffi (1.13.1)
ffi-yajl (2.3.4)
libyajl2 (~> 1.2)
fuzzyurl (0.9.0)
google-api-client (0.44.0)
addressable (~> 2.5, >= 2.5.1)
googleauth (~> 0.9)
httpclient (>= 2.8.1, < 3.0)
mini_mime (~> 1.0)
representable (~> 3.0)
retriable (>= 2.0, < 4.0)
signet (~> 0.12)
googleauth (0.13.0)
faraday (>= 0.17.3, < 2.0)
jwt (>= 1.4, < 3.0)
memoist (~> 0.16)
multi_json (~> 1.11)
os (>= 0.9, < 2.0)
signet (~> 0.14)
gssapi (1.3.0)
ffi (>= 1.0.1)
gyoku (1.3.1)
builder (>= 2.1.2)
hana (1.3.6)
hashie (3.6.0)
http-cookie (1.0.3)
domain_name (~> 0.5)
httpclient (2.8.3)
i18n (1.8.5)
concurrent-ruby (~> 1.0)
inifile (3.0.0)
inspec (4.23.11)
faraday_middleware (>= 0.12.2, < 1.1)
inspec-core (= 4.23.11)
train (~> 3.0)
train-aws (~> 0.1)
train-habitat (~> 0.1)
train-winrm (~> 0.2)
inspec-core (4.23.11)
addressable (~> 2.4)
chef-telemetry (~> 1.0)
faraday (>= 0.9.0, < 1.1)
hashie (~> 3.4)
json_schemer (>= 0.2.1, < 0.2.12)
license-acceptance (>= 0.2.13, < 3.0)
method_source (>= 0.8, < 2.0)
mixlib-log (~> 3.0)
multipart-post (~> 2.0)
parallel (~> 1.9)
parslet (~> 1.5)
pry (~> 0.13)
rspec (~> 3.9)
rspec-its (~> 1.2)
rubyzip (~> 1.2, >= 1.2.2)
semverse (~> 3.0)
sslshake (~> 1.2)
thor (>= 0.20, < 2.0)
tomlrb (~> 1.2.0)
train-core (~> 3.0)
tty-prompt (~> 0.17)
tty-table (~> 0.10)
jmespath (1.4.0)
json (2.3.1)
json_schemer (0.2.11)
ecma-re-validator (~> 0.2)
hana (~> 1.3)
regexp_parser (~> 1.5)
uri_template (~> 0.7)
jwt (2.2.2)
kitchen-inspec (2.2.1)
hashie (~> 3.4)
inspec (>= 2.2.64, < 5.0)
test-kitchen (>= 2.7, < 3)
kitchen-salt (0.6.3)
hashie (>= 3.5)
test-kitchen (>= 1.4)
libyajl2 (1.2.0)
license-acceptance (2.1.2)
pastel (~> 0.7)
tomlrb (~> 1.2)
tty-box (~> 0.6)
tty-prompt (~> 0.20)
little-plugger (1.1.4)
logging (2.3.0)
little-plugger (~> 1.1)
multi_json (~> 1.14)
memoist (0.16.2)
method_source (1.0.0)
mini_mime (1.0.2)
minitest (5.14.2)
mixlib-config (3.0.9)
tomlrb
mixlib-install (3.12.3)
mixlib-shellout
mixlib-versioning
thor
mixlib-log (3.0.9)
mixlib-shellout (3.1.6)
chef-utils
mixlib-versioning (1.2.12)
ms_rest (0.7.6)
concurrent-ruby (~> 1.0)
faraday (>= 0.9, < 2.0.0)
timeliness (~> 0.3.10)
ms_rest_azure (0.12.0)
concurrent-ruby (~> 1.0)
faraday (>= 0.9, < 2.0.0)
faraday-cookie_jar (~> 0.0.6)
ms_rest (~> 0.7.6)
multi_json (1.15.0)
multipart-post (2.1.1)
net-scp (3.0.0)
net-ssh (>= 2.6.5, < 7.0.0)
net-ssh (6.1.0)
net-ssh-gateway (2.0.0)
net-ssh (>= 4.0.0)
nori (2.6.0)
os (1.1.1)
parallel (1.19.2)
parslet (1.8.2)
pastel (0.8.0)
tty-color (~> 0.5)
pry (0.13.1)
coderay (~> 1.1)
method_source (~> 1.0)
public_suffix (4.0.6)
regexp_parser (1.8.1)
representable (3.0.4)
declarative (< 0.1.0)
declarative-option (< 0.2.0)
uber (< 0.2.0)
retriable (3.1.2)
rspec (3.9.0)
rspec-core (~> 3.9.0)
rspec-expectations (~> 3.9.0)
rspec-mocks (~> 3.9.0)
rspec-core (3.9.3)
rspec-support (~> 3.9.3)
rspec-expectations (3.9.2)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.9.0)
rspec-its (1.3.0)
rspec-core (>= 3.0.0)
rspec-expectations (>= 3.0.0)
rspec-mocks (3.9.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.9.0)
rspec-support (3.9.3)
rubyntlm (0.6.2)
rubyzip (1.3.0)
semverse (3.0.0)
signet (0.14.0)
addressable (~> 2.3)
faraday (>= 0.17.3, < 2.0)
jwt (>= 1.5, < 3.0)
multi_json (~> 1.10)
sslshake (1.3.1)
strings (0.2.0)
strings-ansi (~> 0.2)
unicode-display_width (~> 1.5)
unicode_utils (~> 1.4)
strings-ansi (0.2.0)
test-kitchen (2.7.2)
bcrypt_pbkdf (~> 1.0)
ed25519 (~> 1.2)
license-acceptance (>= 1.0.11, < 3.0)
mixlib-install (~> 3.6)
mixlib-shellout (>= 1.2, < 4.0)
net-scp (>= 1.1, < 4.0)
net-ssh (>= 2.9, < 7.0)
net-ssh-gateway (>= 1.2, < 3.0)
thor (>= 0.19, < 2.0)
winrm (~> 2.0)
winrm-elevated (~> 1.0)
winrm-fs (~> 1.1)
thor (1.0.1)
thread_safe (0.3.6)
timeliness (0.3.10)
tomlrb (1.2.9)
train (3.3.24)
activesupport (>= 5.2.4.3, < 6.0.0)
azure_graph_rbac (~> 0.16)
azure_mgmt_key_vault (~> 0.17)
azure_mgmt_resources (~> 0.15)
azure_mgmt_security (~> 0.18)
azure_mgmt_storage (~> 0.18)
docker-api (>= 1.26, < 3.0)
google-api-client (>= 0.23.9, < 0.44.1)
googleauth (>= 0.6.6, < 0.13.1)
inifile (~> 3.0)
train-core (= 3.3.24)
train-winrm (~> 0.2)
train-aws (0.1.18)
aws-sdk-apigateway (~> 1.0)
aws-sdk-apigatewayv2 (~> 1.0)
aws-sdk-athena (~> 1.0)
aws-sdk-autoscaling (~> 1.22.0)
aws-sdk-budgets (~> 1.0)
aws-sdk-cloudformation (~> 1.0)
aws-sdk-cloudfront (~> 1.0)
aws-sdk-cloudhsm (~> 1.0)
aws-sdk-cloudhsmv2 (~> 1.0)
aws-sdk-cloudtrail (~> 1.8)
aws-sdk-cloudwatch (~> 1.13)
aws-sdk-cloudwatchlogs (~> 1.13)
aws-sdk-codecommit (~> 1.0)
aws-sdk-codedeploy (~> 1.0)
aws-sdk-codepipeline (~> 1.0)
aws-sdk-configservice (~> 1.21)
aws-sdk-core (~> 3.0)
aws-sdk-costandusagereportservice (~> 1.6)
aws-sdk-dynamodb (~> 1.31)
aws-sdk-ec2 (~> 1.70)
aws-sdk-ecr (~> 1.18)
aws-sdk-ecs (~> 1.30)
aws-sdk-efs (~> 1.0)
aws-sdk-eks (~> 1.9)
aws-sdk-elasticache (~> 1.0)
aws-sdk-elasticbeanstalk (~> 1.0)
aws-sdk-elasticloadbalancing (~> 1.8)
aws-sdk-elasticloadbalancingv2 (~> 1.0)
aws-sdk-elasticsearchservice (~> 1.0)
aws-sdk-firehose (~> 1.0)
aws-sdk-guardduty (~> 1.31)
aws-sdk-iam (~> 1.13)
aws-sdk-kafka (~> 1.0)
aws-sdk-kinesis (~> 1.0)
aws-sdk-kms (~> 1.13)
aws-sdk-lambda (~> 1.0)
aws-sdk-organizations (~> 1.17.0)
aws-sdk-rds (~> 1.43)
aws-sdk-redshift (~> 1.0)
aws-sdk-route53 (~> 1.0)
aws-sdk-route53domains (~> 1.0)
aws-sdk-route53resolver (~> 1.0)
aws-sdk-s3 (~> 1.30)
aws-sdk-securityhub (~> 1.0)
aws-sdk-ses (~> 1.0)
aws-sdk-sms (~> 1.0)
aws-sdk-sns (~> 1.9)
aws-sdk-sqs (~> 1.10)
aws-sdk-ssm (~> 1.0)
train-core (3.3.24)
addressable (~> 2.5)
ffi (!= 1.13.0)
json (>= 1.8, < 3.0)
mixlib-shellout (>= 2.0, < 4.0)
net-scp (>= 1.2, < 4.0)
net-ssh (>= 2.9, < 7.0)
train-habitat (0.2.13)
train-winrm (0.2.11)
winrm (~> 2.0)
winrm-elevated (~> 1.2.2)
winrm-fs (~> 1.0)
tty-box (0.6.0)
pastel (~> 0.8)
strings (~> 0.2.0)
tty-cursor (~> 0.7)
tty-color (0.5.2)
tty-cursor (0.7.1)
tty-prompt (0.22.0)
pastel (~> 0.8)
tty-reader (~> 0.8)
tty-reader (0.8.0)
tty-cursor (~> 0.7)
tty-screen (~> 0.8)
wisper (~> 2.0)
tty-screen (0.8.1)
tty-table (0.12.0)
pastel (~> 0.8)
strings (~> 0.2.0)
tty-screen (~> 0.8)
tzinfo (1.2.7)
thread_safe (~> 0.1)
uber (0.1.0)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.7)
unicode-display_width (1.7.0)
unicode_utils (1.4.0)
uri_template (0.7.0)
winrm (2.3.4)
builder (>= 2.1.2)
erubi (~> 1.8)
gssapi (~> 1.2)
gyoku (~> 1.0)
httpclient (~> 2.2, >= 2.2.0.2)
logging (>= 1.6.1, < 3.0)
nori (~> 2.0)
rubyntlm (~> 0.6.0, >= 0.6.1)
winrm-elevated (1.2.2)
erubi (~> 1.8)
winrm (~> 2.0)
winrm-fs (~> 1.0)
winrm-fs (1.3.3)
erubi (~> 1.8)
logging (>= 1.6.1, < 3.0)
rubyzip (~> 1.1)
winrm (~> 2.0)
wisper (2.0.1)

PLATFORMS
ruby

DEPENDENCIES
kitchen-docker!
kitchen-inspec (>= 2.2.1)
kitchen-salt (>= 0.6.3)

BUNDLED WITH
2.1.2

+ 0
- 29
README.md View File

@@ -1,29 +0,0 @@
# diaspora-formula

A saltstack formula to install and configure the distributed social network, [diaspora*](https://diasporafoundation.org/).

> Note: See the full [Salt Formulas installation and usage instructions](http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html).
>
> This formula only manages diaspora. You are responsible for installing/configuring PostgreSQL or MariaDB as appropriate.

## Available states

### `diaspora`

Install, configure and run diaspora as a service.

### `diaspora.install`

Installs diaspora from github.

(Includes `diaspora.config`)

### `diaspora.config`

Configures diaspora.

### `diaspora.service`

Creates a service for diaspora and runs it.

(Includes `diaspora.install` and `diaspora.config`)

+ 16
- 0
bin/install-hooks View File

@@ -0,0 +1,16 @@
#!/usr/bin/env sh
set -o nounset # Treat unset variables as an error and immediately exit
set -o errexit # If a command fails exit the whole script

if [ "${DEBUG:-false}" = "true" ]; then
set -x # Run the entire script in debug mode
fi

if ! command -v pre-commit >/dev/null 2>&1; then
echo "pre-commit not found: please install or check your PATH" >&2
echo "See https://pre-commit.com/#installation" >&2
exit 1
fi

pre-commit install --install-hooks
pre-commit install --hook-type commit-msg --install-hooks

+ 32
- 0
bin/kitchen View File

@@ -0,0 +1,32 @@
#!/usr/bin/env ruby
# frozen_string_literal: true

#
# This file was generated by Bundler.
#
# The application 'kitchen' is installed as part of a gem, and
# this file is here to facilitate running it.
#

require 'pathname'
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
Pathname.new(__FILE__).realpath)

bundle_binstub = File.expand_path('bundle', __dir__)

if File.file?(bundle_binstub)
if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
load(bundle_binstub)
else
abort(
'Your `bin/bundle` was not generated by Bundler, '\
'so this binstub cannot run. Replace `bin/bundle` by running '\
'`bundle binstubs bundler --force`, then run this command again.'
)
end
end

require 'rubygems'
require 'bundler/setup'

load Gem.bin_path('test-kitchen', 'kitchen')

+ 8
- 0
commitlint.config.js View File

@@ -0,0 +1,8 @@
module.exports = {
extends: ['@commitlint/config-conventional'],
rules: {
'body-max-line-length': [2, 'always', 120],
'footer-max-line-length': [2, 'always', 120],
'header-max-length': [2, 'always', 72],
},
};

+ 13
- 0
diaspora/_mapdata/_mapdata.jinja View File

@@ -0,0 +1,13 @@
# yamllint disable rule:indentation rule:line-length
# {{ grains.get('osfinger', grains.os) }}
---
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
{{ salt['slsutil.serialize'](
'yaml',
map,
default_flow_style=False,
allow_unicode=True,
)
| regex_replace("^\s+'$", "'", multiline=True)
| trim
}}

+ 18
- 0
diaspora/_mapdata/init.sls View File

@@ -0,0 +1,18 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
---
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import diaspora as mapdata with context %}

{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %}

{%- set output_file = '/tmp/salt_mapdata_dump.yaml' %}

{{ tplroot }}-mapdata-dump:
file.managed:
- name: {{ output_file }}
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
- template: jinja
- context:
map: {{ mapdata | yaml }}

+ 9
- 2
diaspora/defaults.yaml View File

@@ -1,3 +1,6 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
diaspora:
systemd:
web_template: salt://diaspora/files/diaspora-web.service
@@ -7,7 +10,7 @@ diaspora:

ruby_version: 2.6.6

install_redis: True
install_redis: true

user:
username: diaspora
@@ -16,5 +19,9 @@ diaspora:
type: postgresql
host: localhost
username: diaspora
password:
password: ~
database: diaspora

configuration:
server:
rails_environment: production

+ 26
- 6
diaspora/install.sls View File

@@ -4,6 +4,24 @@
include:
- diaspora.config

{%- if grains.os == 'CentOS' and grains.osmajorrelease >= 8 %}
diaspora_centos_enable_powertools_repo:
file.replace:
- name: /etc/yum.repos.d/CentOS-PowerTools.repo
- pattern: '^enabled=[0,1]'
- repl: 'enabled=1'
- require_in:
- pkg: diaspora_dependencies
{%- endif %}

{%- if grains.os_family == 'Arch' %}
diaspora_arch_install_devel_group:
pkg.group_installed:
- name: base-devel
- require_in:
- pkg: diaspora_dependencies
{%- endif %}

diaspora_dependencies:
pkg.installed:
- pkgs: {{ diaspora.dependencies|json }}
@@ -22,10 +40,6 @@ diaspora_database_dependency:
redis_package:
pkg.installed:
- name: {{ diaspora.redis_package }}

redis_service:
service.running:
- name: {{ diaspora.redis_service }}
{%- endif %}

{% set home = diaspora.user.get('home', '/home/' + diaspora.user.username) -%}
@@ -153,7 +167,11 @@ diaspora_create_database:
- name: rvm ruby-{{ diaspora.ruby_version }}@diaspora do bin/rake db:create db:migrate
- runas: {{ diaspora.user.username }}
- cwd: {{ diaspora.install_path }}
- onlyif: bash -c 'cd {{ diaspora.install_path }}; RAILS_ENV={{ environment }} rvm ruby-{{ diaspora.ruby_version }}@diaspora do bin/rails runner "ActiveRecord::Base.connection" |& grep "database \"{{ diaspora.database.database }}\" does not exist (ActiveRecord::NoDatabaseError)"'
- onlyif: >-
bash -c 'cd {{ diaspora.install_path }}; RAILS_ENV={{ environment }}
rvm ruby-{{ diaspora.ruby_version }}@diaspora do bin/rails runner "ActiveRecord::Base.connection"'
|& grep -E "(Unknown database '{{ diaspora.database.database }}'|database \"{{ diaspora.database.database }}\" does not exist)"
| grep "ActiveRecord::NoDatabaseError"
- env:
- RAILS_ENV: {{ environment }}
- require:
@@ -168,7 +186,9 @@ diaspora_migrate_database:
- name: rvm ruby-{{ diaspora.ruby_version }}@diaspora do bin/rake db:migrate
- runas: {{ diaspora.user.username }}
- cwd: {{ diaspora.install_path }}
- onlyif: bash -c 'cd {{ diaspora.install_path }}; RAILS_ENV={{ environment }} rvm ruby-{{ diaspora.ruby_version }}@diaspora do bin/rake db:migrate:status | grep -oE "^\s+down"'
- onlyif: >-
bash -c 'cd {{ diaspora.install_path }}; RAILS_ENV={{ environment }}
rvm ruby-{{ diaspora.ruby_version }}@diaspora do bin/rake db:migrate:status' | grep -oE "^\s+down"
- env:
- RAILS_ENV: {{ environment }}
- require:

+ 40
- 96
diaspora/map.jinja View File

@@ -1,100 +1,44 @@
{% set os_map = salt['grains.filter_by']({
'Debian': {
'dependencies' : [
'build-essential',
'git',
'curl',
'libreadline-dev',
'libcurl4-openssl-dev',
'libidn11-dev',
salt['grains.filter_by']({
'stretch': 'libssl1.0-dev',
'default': 'libssl-dev'
}, grain='oscodename'),
'libxml2-dev',
'libxslt1-dev',
'imagemagick',
'libmagickwand-dev',
'ghostscript',
'nodejs',
salt['grains.filter_by']({
'stretch': 'libjemalloc1',
'default': 'libjemalloc2'
}, grain='oscodename'),
],
'postgresql_package': 'libpq-dev',
'mysql_package' : 'default-libmysqlclient-dev',
'redis_package' : 'redis-server',
'redis_service' : 'redis-server',
'configuration' : {
'environment': {
'certificate_authorities': '/etc/ssl/certs/ca-certificates.crt'
}
},
'libjemalloc': salt['grains.filter_by']({
'stretch': '/usr/lib/x86_64-linux-gnu/libjemalloc.so.1',
'default': '/usr/lib/x86_64-linux-gnu/libjemalloc.so.2'
}, grain='oscodename'),
},
'RedHat': {
'dependencies' : [
'tar',
'make',
'automake',
'gcc',
'gcc-c++',
'git',
'net-tools',
'libcurl-devel',
'libxml2-devel',
'libffi-devel',
'libxslt-devel',
'wget',
'ImageMagick',
'nodejs',
],
'postgresql_package': 'postgresql-devel',
'mysql_package' : 'mariadb-devel',
'redis_package' : 'redis',
'redis_service' : 'redis',
'configuration' : {
'environment': {
'certificate_authorities': '/etc/pki/tls/certs/ca-bundle.crt'
}
},
'libjemalloc': '/usr/lib/x86_64-linux-gnu/libjemalloc.so.1',
},
}, merge=salt['grains.filter_by']({
'Ubuntu': {
'dependencies' : [
'build-essential',
'git',
'curl',
'libcurl4-openssl-dev',
'libssl-dev',
'libxml2-dev',
'libxslt1-dev',
'libgmp-dev',
'imagemagick',
'libmagickwand-dev',
'nodejs',
salt['grains.filter_by']({
'bionic': 'libjemalloc1',
'default': 'libjemalloc2'
}, grain='oscodename'),
],
'libjemalloc': salt['grains.filter_by']({
'bionic': '/usr/lib/x86_64-linux-gnu/libjemalloc.so.1',
'default': '/usr/lib/x86_64-linux-gnu/libjemalloc.so.2'
}, grain='oscodename'),
},
}, grain='os', merge=salt['pillar.get']('diaspora:lookup'))) %}
# -*- coding: utf-8 -*-
# vim: ft=jinja

{% import_yaml "diaspora/defaults.yaml" as defaults %}
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{#- Start imports as #}
{%- import_yaml tplroot ~ "/defaults.yaml" as default_settings %}
{%- import_yaml tplroot ~ "/osfamilymap.yaml" as osfamilymap %}
{%- import_yaml tplroot ~ "/osmap.yaml" as osmap %}
{%- import_yaml tplroot ~ "/osfingermap.yaml" as osfingermap %}

{% do defaults.diaspora.update(os_map) %}
{#- Retrieve the config dict only once #}
{%- set _config = salt['config.get'](tplroot, default={}) %}

# use production as default rails environment
{% do defaults.diaspora.configuration.update({'server': {'rails_environment': 'production'}}) %}
{%- set defaults = salt['grains.filter_by'](
default_settings,
default=tplroot,
merge=salt['grains.filter_by'](
osfamilymap,
grain='os_family',
merge=salt['grains.filter_by'](
osmap,
grain='os',
merge=salt['grains.filter_by'](
osfingermap,
grain='osfinger',
merge=salt['grains.filter_by'](
_config,
default='lookup'
)
)
)
)
)
%}

{% set diaspora = salt['pillar.get']('diaspora', default=defaults.diaspora, merge=True) %}
{%- set config = salt['grains.filter_by'](
{'defaults': defaults},
default='defaults',
merge=_config
)
%}

{%- set diaspora = config %}

+ 84
- 0
diaspora/osfamilymap.yaml View File

@@ -0,0 +1,84 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
#
# Setup variables using grains['os_family'] based logic.
# You just need to add the key:values for an `os_family` that differ
# from `defaults.yaml` + `osarch.yaml`.
# Only add an `os_family` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `os_family` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osfamilymap: {}
---
Debian:
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- ghostscript
- nodejs
- tzdata
- libjemalloc2
postgresql_package: libpq-dev
mysql_package: default-libmysqlclient-dev
redis_package: redis-server
redis_service: redis-server
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.2

RedHat:
dependencies:
- tar
- bzip2
- make
- automake
- gcc
- gcc-c++
- git
- net-tools
- libcurl-devel
- libidn-devel
- libxml2-devel
- libffi-devel
- libxslt-devel
- wget
- ImageMagick
- nodejs
- tzdata
- jemalloc
postgresql_package: libpq-devel
mysql_package: mariadb-devel
redis_package: redis
redis_service: redis
configuration:
environment:
certificate_authorities: /etc/pki/tls/certs/ca-bundle.crt
libjemalloc: /usr/lib64/libjemalloc.so.2

Arch:
dependencies:
- git
- imagemagick
- net-tools
- libidn
- libxslt
- gsfonts
- nodejs
- jemalloc
postgresql_package: postgresql-libs
mysql_package: libmariadbclient
redis_package: redis
redis_service: redis
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
libjemalloc: /usr/lib/libjemalloc.so.2

+ 56
- 0
diaspora/osfingermap.yaml View File

@@ -0,0 +1,56 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
#
# Setup variables using grains['osfinger'] based logic.
# You just need to add the key:values for an `osfinger` that differ
# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml` + `osmap.yaml`.
# Only add an `osfinger` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `os_finger` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osfingermap: {}
---
# os: Debian
Debian-10: {}
Debian-9:
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl1.0-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- ghostscript
- nodejs
- tzdata
- libjemalloc1
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.1

# os: Ubuntu
Ubuntu-20.04: {}
Ubuntu-18.04:
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- nodejs
- tzdata
- libjemalloc1
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.1

# os: CentOS
CentOS Linux-8: {}
CentOS Linux-7:
postgresql_package: postgresql-devel
libjemalloc: /usr/lib64/libjemalloc.so.1

+ 31
- 0
diaspora/osmap.yaml View File

@@ -0,0 +1,31 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
#
# Setup variables using grains['os'] based logic.
# You just need to add the key:values for an `os` that differ
# from `defaults.yaml` + `osarch.yaml` + `os_family.yaml`.
# Only add an `os` which is/will be supported by the formula.
#
# If you do not need to provide defaults via the `os` grain,
# you will need to provide at least an empty dict in this file, e.g.
# osmap: {}
---
# os_family: Debian
Ubuntu:
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- nodejs
- tzdata
- libjemalloc2

# os_family: RedHat
CentOS: {}

+ 13
- 0
diaspora/service.sls View File

@@ -31,6 +31,16 @@ include:
- context:
diaspora: {{ diaspora|json }}

{%- if diaspora.install_redis %}
redis_service:
service.running:
- name: {{ diaspora.redis_service }}
- require:
- pkg: redis_package
- require_in:
- service: diaspora_service
{%- endif %}

diaspora_sidekiq_service:
service.enabled:
- name: diaspora-sidekiq
@@ -67,6 +77,9 @@ diaspora_web_service_restart:
service.running:
- name: diaspora-web.service
- reload: True
- unless: >-
systemctl is-active diaspora-web.service | grep -E 'activ(e|ating)' &&
test $(ps -p $(systemctl show --property MainPID diaspora-web.service | cut -d= -f2) -oetimes=) -lt 10
- require:
- service: diaspora_service
- watch:

+ 141
- 0
docs/README.rst View File

@@ -0,0 +1,141 @@
.. _readme:

diaspora-formula
================

|img_travis| |img_sr| |img_pc|

.. |img_travis| image:: https://travis-ci.com/SuperTux88/diaspora-formula.svg?branch=master
:alt: Travis CI Build Status
:scale: 100%
:target: https://travis-ci.com/SuperTux88/diaspora-formula
.. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg
:alt: Semantic Release
:scale: 100%
:target: https://github.com/semantic-release/semantic-release
.. |img_pc| image:: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white
:alt: pre-commit
:scale: 100%
:target: https://github.com/pre-commit/pre-commit

A saltstack formula to install and configure the distributed social network, `diaspora* <https://diasporafoundation.org/>`_.

.. contents:: **Table of Contents**
:depth: 1

General notes
-------------

See the full `SaltStack Formulas installation and usage instructions
<https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html>`_.

If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section
<https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#writing-formulas>`_.

If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``,
which contains the currently released version. This formula is versioned according to `Semantic Versioning <http://semver.org/>`_.

See `Formula Versioning Section <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#versioning>`_ for more details.

If you need (non-default) configuration, please pay attention to the ``pillar.example`` file and/or `Special notes`_ section.

Contributing to this repo
-------------------------

Commit messages
^^^^^^^^^^^^^^^

**Commit message formatting is significant!!**

Please see `How to contribute <https://github.com/saltstack-formulas/.github/blob/master/CONTRIBUTING.rst>`_ for more details.

pre-commit
^^^^^^^^^^

`pre-commit <https://pre-commit.com/>`_ is configured for this formula, which you may optionally use to ease the steps involved in submitting your changes.
First install the ``pre-commit`` package manager using the appropriate `method <https://pre-commit.com/#installation>`_, then run ``bin/install-hooks`` and
now ``pre-commit`` will run automatically on each ``git commit``. ::

$ bin/install-hooks
pre-commit installed at .git/hooks/pre-commit
pre-commit installed at .git/hooks/commit-msg

Special notes
-------------

This formula only manages diaspora. You are responsible for installing/configuring PostgreSQL or MariaDB as appropriate.

Available states
----------------

.. contents::
:local:

``diaspora``
^^^^^^^^^^^^

*Meta-state (This is a state that includes other states)*.

This installs diaspora,
manages the diaspora configuration file and then
starts the associated diaspora service.

``diaspora.install``
^^^^^^^^^^^^^^^^^^^^

This state will install diaspora from GitHub and has a dependency on ``diaspora.config`` via include list.

``diaspora.config``
^^^^^^^^^^^^^^^^^^^

This state will configure diaspora.

``diaspora.service``
^^^^^^^^^^^^^^^^^^^^

This state will create and start the diaspora services and has a dependency on ``diaspora.install`` via include list.

Testing
-------

Linux testing is done with ``kitchen-salt``.

Requirements
^^^^^^^^^^^^

* Ruby
* Docker

.. code-block:: bash

$ gem install bundler
$ bundle install
$ bin/kitchen test [platform]

Where ``[platform]`` is the platform name defined in ``kitchen.yml``,
e.g. ``debian-9-2019-2-py3``.

``bin/kitchen converge``
^^^^^^^^^^^^^^^^^^^^^^^^

Creates the docker instance and runs the ``diaspora`` main state, ready for testing.

``bin/kitchen verify``
^^^^^^^^^^^^^^^^^^^^^^

Runs the ``inspec`` tests on the actual instance.

``bin/kitchen destroy``
^^^^^^^^^^^^^^^^^^^^^^^

Removes the docker instance.

``bin/kitchen test``
^^^^^^^^^^^^^^^^^^^^

Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.

``bin/kitchen login``
^^^^^^^^^^^^^^^^^^^^^

Gives you SSH access to the instance for manual testing.

+ 248
- 0
kitchen.yml View File

@@ -0,0 +1,248 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# For help on this file's format, see https://kitchen.ci/
driver:
name: docker
use_sudo: false
privileged: true
run_command: /lib/systemd/systemd

# Make sure the platforms listed below match up with
# the `env.matrix` instances defined in `.travis.yml`
platforms:
## SALT `tiamat`
- name: debian-10-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:debian-10
- name: debian-9-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:debian-9
- name: ubuntu-2004-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:ubuntu-20.04
- name: ubuntu-1804-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:ubuntu-18.04
- name: ubuntu-1604-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:ubuntu-16.04
- name: centos-8-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:centos-8
- name: centos-7-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:centos-7
- name: amazonlinux-2-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:amazonlinux-2
- name: oraclelinux-8-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:oraclelinux-8
- name: oraclelinux-7-tiamat-py3
driver:
image: saltimages/salt-tiamat-py3:oraclelinux-7

## SALT `master`
- name: debian-10-master-py3
driver:
image: saltimages/salt-master-py3:debian-10
- name: ubuntu-2004-master-py3
driver:
image: saltimages/salt-master-py3:ubuntu-20.04
- name: ubuntu-1804-master-py3
driver:
image: saltimages/salt-master-py3:ubuntu-18.04
- name: centos-8-master-py3
driver:
image: saltimages/salt-master-py3:centos-8
- name: fedora-32-master-py3
driver:
image: saltimages/salt-master-py3:fedora-32
- name: fedora-31-master-py3
driver:
image: saltimages/salt-master-py3:fedora-31
- name: opensuse-leap-152-master-py3
driver:
image: saltimages/salt-master-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: amazonlinux-2-master-py3
driver:
image: saltimages/salt-master-py3:amazonlinux-2

## SALT `3001`
- name: debian-10-3001-py3
driver:
image: saltimages/salt-3001-py3:debian-10
- name: debian-9-3001-py3
driver:
image: saltimages/salt-3001-py3:debian-9
- name: ubuntu-2004-3001-py3
driver:
image: saltimages/salt-3001-py3:ubuntu-20.04
- name: ubuntu-1804-3001-py3
driver:
image: saltimages/salt-3001-py3:ubuntu-18.04
- name: centos-8-3001-py3
driver:
image: saltimages/salt-3001-py3:centos-8
- name: centos-7-3001-py3
driver:
image: saltimages/salt-3001-py3:centos-7
- name: fedora-32-3001-py3
driver:
image: saltimages/salt-3001-py3:fedora-32
- name: fedora-31-3001-py3
driver:
image: saltimages/salt-3001-py3:fedora-31
- name: opensuse-leap-152-3001-py3
driver:
image: saltimages/salt-3001-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: amazonlinux-2-3001-py3
driver:
image: saltimages/salt-3001-py3:amazonlinux-2
- name: oraclelinux-8-3001-py3
driver:
image: saltimages/salt-3001-py3:oraclelinux-8
- name: oraclelinux-7-3001-py3
driver:
image: saltimages/salt-3001-py3:oraclelinux-7

## SALT `3000.3`
- name: debian-10-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:debian-10
- name: debian-9-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:debian-9
- name: ubuntu-1804-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:ubuntu-18.04
- name: centos-8-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:centos-8
- name: centos-7-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:centos-7
- name: fedora-31-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:fedora-31
- name: opensuse-leap-152-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:opensuse-leap-15.2
run_command: /usr/lib/systemd/systemd
# Workaround to avoid intermittent failures on `opensuse-leap-15.2`:
# => SCP did not finish successfully (255): (Net::SCP::Error)
transport:
max_ssh_sessions: 1
- name: amazonlinux-2-3000-3-py3
driver:
image: saltimages/salt-3000.3-py3:amazonlinux-2
- name: ubuntu-1804-3000-3-py2
driver:
image: saltimages/salt-3000.3-py2:ubuntu-18.04
- name: ubuntu-1604-3000-3-py2
driver:
image: saltimages/salt-3000.3-py2:ubuntu-16.04
- name: arch-base-latest-3000-3-py2
driver:
image: saltimages/salt-3000.3-py2:arch-base-latest
run_command: /usr/lib/systemd/systemd

## SALT `2019.2`
- name: centos-6-2019-2-py2
driver:
image: saltimages/salt-2019.2-py2:centos-6
run_command: /sbin/init
- name: amazonlinux-1-2019-2-py2
driver:
image: saltimages/salt-2019.2-py2:amazonlinux-1
run_command: /sbin/init

provisioner:
name: salt_solo
log_level: debug
salt_install: none
require_chef: false
formula: diaspora
salt_copy_filter:
- .kitchen
- .git

verifier:
# https://www.inspec.io/
name: inspec
sudo: true
# cli, documentation, html, progress, json, json-min, json-rspec, junit
reporter:
- cli

suites:
- name: default
provisioner:
state_top:
base:
'*':
- diaspora._mapdata
- diaspora
- redis
- postgres
pillars:
top.sls:
base:
'*':
- diaspora
- tests
pillars_from_files:
diaspora.sls: pillar.example
tests.sls: test/salt/pillar/tests.sls
dependencies:
- name: redis
path: test/salt/states
- name: postgres
path: test/salt/states
verifier:
inspec_tests:
- path: test/integration/_mapdata
- path: test/integration/default
- name: mysql
includes:
- debian-10-master-py3
- debian-9-3001-py3
- ubuntu-2004-master-py3
- ubuntu-1804-master-py3
provisioner:
state_top:
base:
'*':
- diaspora
- redis
- mysql
pillars:
top.sls:
base:
'*':
- diaspora
- tests
- mysql
pillars_from_files:
diaspora.sls: pillar.example
tests.sls: test/salt/pillar/tests.sls
mysql.sls: test/salt/pillar/mysql.sls
dependencies:
- name: redis
path: test/salt/states
- name: mysql
path: test/salt/states
verifier:
inspec_tests:
- path: test/integration/default

+ 8
- 3
pillar.example View File

@@ -1,12 +1,17 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
diaspora:
repository: git://github.com/diaspora/diaspora.git
repository: https://github.com/diaspora/diaspora.git

# version can be a branch or a tag
version: develop

install_path: /srv/diaspora

ruby_version: 2.3.4
ruby_version: 2.6.6

install_redis: false

user:
username: diaspora
@@ -20,7 +25,7 @@ diaspora:
password: secret
database: diaspora

# have a look at https://github.com/diaspora/diaspora/blob/develop/config/diaspora.yml.example
# see https://github.com/diaspora/diaspora/blob/develop/config/diaspora.toml.example
configuration:
environment:
url: "https://example.org/"

+ 30
- 0
pre-commit_semantic-release.sh View File

@@ -0,0 +1,30 @@
#!/bin/sh

###############################################################################
# (A) Update `FORMULA` with `${nextRelease.version}`
###############################################################################
sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA


###############################################################################
# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst`
###############################################################################

# Install `m2r`
sudo -H pip install m2r

# Copy and then convert the `.md` docs
cp ./*.md docs/
cd docs/ || exit
m2r --overwrite ./*.md

# Change excess `H1` headings to `H2` in converted `CHANGELOG.rst`
sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst
sed -i -e '1,4s/-/=/g' CHANGELOG.rst

# Use for debugging output, when required
# cat AUTHORS.rst
# cat CHANGELOG.rst

# Return back to the main directory
cd ..

+ 18
- 0
release-rules.js View File

@@ -0,0 +1,18 @@
// No release is triggered for the types commented out below.
// Commits using these types will be incorporated into the next release.
//
// NOTE: Any changes here must be reflected in `CONTRIBUTING.md`.
module.exports = [
{breaking: true, release: 'major'},
// {type: 'build', release: 'patch'},
// {type: 'chore', release: 'patch'},
// {type: 'ci', release: 'patch'},
{type: 'docs', release: 'patch'},
{type: 'feat', release: 'minor'},
{type: 'fix', release: 'patch'},
{type: 'perf', release: 'patch'},
{type: 'refactor', release: 'patch'},
{type: 'revert', release: 'patch'},
{type: 'style', release: 'patch'},
{type: 'test', release: 'patch'},
];

+ 106
- 0
release.config.js View File

@@ -0,0 +1,106 @@
module.exports = {
branch: 'master',
plugins: [
['@semantic-release/commit-analyzer', {
preset: 'angular',
releaseRules: './release-rules.js',
}],
'@semantic-release/release-notes-generator',
['@semantic-release/changelog', {
changelogFile: 'CHANGELOG.md',
changelogTitle: '# Changelog',
}],
['@semantic-release/exec', {
prepareCmd: 'sh ./pre-commit_semantic-release.sh ${nextRelease.version}',
}],
['@semantic-release/git', {
assets: ['*.md', 'docs/*.rst', 'FORMULA'],
}],
'@semantic-release/github',
],
generateNotes: {
preset: 'angular',
writerOpts: {
// Required due to upstream bug preventing all types being displayed.
// Bug: https://github.com/conventional-changelog/conventional-changelog/issues/317
// Fix: https://github.com/conventional-changelog/conventional-changelog/pull/410
transform: (commit, context) => {
const issues = []

commit.notes.forEach(note => {
note.title = `BREAKING CHANGES`
})

// NOTE: Any changes here must be reflected in `CONTRIBUTING.md`.
if (commit.type === `feat`) {
commit.type = `Features`
} else if (commit.type === `fix`) {
commit.type = `Bug Fixes`
} else if (commit.type === `perf`) {
commit.type = `Performance Improvements`
} else if (commit.type === `revert`) {
commit.type = `Reverts`
} else if (commit.type === `docs`) {
commit.type = `Documentation`
} else if (commit.type === `style`) {
commit.type = `Styles`
} else if (commit.type === `refactor`) {
commit.type = `Code Refactoring`
} else if (commit.type === `test`) {
commit.type = `Tests`
} else if (commit.type === `build`) {
commit.type = `Build System`
// } else if (commit.type === `chore`) {
// commit.type = `Maintenance`
} else if (commit.type === `ci`) {
commit.type = `Continuous Integration`
} else {
return
}

if (commit.scope === `*`) {
commit.scope = ``
}

if (typeof commit.hash === `string`) {
commit.shortHash = commit.hash.substring(0, 7)
}

if (typeof commit.subject === `string`) {
let url = context.repository
? `${context.host}/${context.owner}/${context.repository}`
: context.repoUrl
if (url) {
url = `${url}/issues/`
// Issue URLs.
commit.subject = commit.subject.replace(/#([0-9]+)/g, (_, issue) => {
issues.push(issue)
return `[#${issue}](${url}${issue})`
})
}
if (context.host) {
// User URLs.
commit.subject = commit.subject.replace(/\B@([a-z0-9](?:-?[a-z0-9/]){0,38})/g, (_, username) => {
if (username.includes('/')) {
return `@${username}`
}

return `[@${username}](${context.host}/${username})`
})
}
}

// remove references that already appear in the subject
commit.references = commit.references.filter(reference => {
if (issues.indexOf(reference.issue) === -1) {
return true
}

return false
})

return commit
},
},
},
};

+ 50
- 0
test/integration/_mapdata/README.md View File

@@ -0,0 +1,50 @@
# InSpec Profile: `default`

This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).

## Verify a profile

InSpec ships with built-in features to verify a profile structure.

```bash
$ inspec check default
Summary
-------
Location: default
Profile: profile
Controls: 4
Timestamp: 2019-06-24T23:09:01+00:00
Valid: true

Errors
------

Warnings
--------
```

## Execute a profile

To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.

```bash
$ inspec exec default
..

Finished in 0.0025 seconds (files took 0.12449 seconds to load)
8 examples, 0 failures
```

## Execute a specific control from a profile

To run one control from the profile use `inspec exec /path/to/profile --controls name`.

```bash
$ inspec exec default --controls package
.

Finished in 0.0025 seconds (files took 0.12449 seconds to load)
1 examples, 0 failures
```

See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).

+ 16
- 0
test/integration/_mapdata/controls/_mapdata_spec.rb View File

@@ -0,0 +1,16 @@
# frozen_string_literal: true

# Keep only first 2 digits from Ubuntu finger
mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml"

# Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files
mapdata_dump = inspec.profile.file(mapdata_file)

control '`map.jinja` YAML dump' do
title 'should contain the lines'

describe file('/tmp/salt_mapdata_dump.yaml') do
it { should exist }
its('content') { should eq mapdata_dump }
end
end

+ 42
- 0
test/integration/_mapdata/files/_mapdata/arch-base-latest.yaml View File

@@ -0,0 +1,42 @@
# yamllint disable rule:indentation rule:line-length
# Arch
---
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- git
- imagemagick
- net-tools
- libidn
- libxslt
- gsfonts
- nodejs
- jemalloc
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib/libjemalloc.so.2
mysql_package: libmariadbclient
postgresql_package: postgresql-libs
redis_package: redis
redis_service: redis
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 52
- 0
test/integration/_mapdata/files/_mapdata/centos-7.yaml View File

@@ -0,0 +1,52 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-7
---
configuration:
environment:
certificate_authorities: /etc/pki/tls/certs/ca-bundle.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- tar
- bzip2
- make
- automake
- gcc
- gcc-c++
- git
- net-tools
- libcurl-devel
- libidn-devel
- libxml2-devel
- libffi-devel
- libxslt-devel
- wget
- ImageMagick
- nodejs
- tzdata
- jemalloc
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib64/libjemalloc.so.1
mysql_package: mariadb-devel
postgresql_package: postgresql-devel
redis_package: redis
redis_service: redis
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 52
- 0
test/integration/_mapdata/files/_mapdata/centos-8.yaml View File

@@ -0,0 +1,52 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-8
---
configuration:
environment:
certificate_authorities: /etc/pki/tls/certs/ca-bundle.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- tar
- bzip2
- make
- automake
- gcc
- gcc-c++
- git
- net-tools
- libcurl-devel
- libidn-devel
- libxml2-devel
- libffi-devel
- libxslt-devel
- wget
- ImageMagick
- nodejs
- tzdata
- jemalloc
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib64/libjemalloc.so.2
mysql_package: mariadb-devel
postgresql_package: libpq-devel
redis_package: redis
redis_service: redis
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 48
- 0
test/integration/_mapdata/files/_mapdata/debian-10.yaml View File

@@ -0,0 +1,48 @@
# yamllint disable rule:indentation rule:line-length
# Debian-10
---
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- ghostscript
- nodejs
- tzdata
- libjemalloc2
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.2
mysql_package: default-libmysqlclient-dev
postgresql_package: libpq-dev
redis_package: redis-server
redis_service: redis-server
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 48
- 0
test/integration/_mapdata/files/_mapdata/debian-9.yaml View File

@@ -0,0 +1,48 @@
# yamllint disable rule:indentation rule:line-length
# Debian-9
---
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl1.0-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- ghostscript
- nodejs
- tzdata
- libjemalloc1
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.1
mysql_package: default-libmysqlclient-dev
postgresql_package: libpq-dev
redis_package: redis-server
redis_service: redis-server
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 47
- 0
test/integration/_mapdata/files/_mapdata/ubuntu-18.yaml View File

@@ -0,0 +1,47 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-18.04
---
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- nodejs
- tzdata
- libjemalloc1
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.1
mysql_package: default-libmysqlclient-dev
postgresql_package: libpq-dev
redis_package: redis-server
redis_service: redis-server
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 47
- 0
test/integration/_mapdata/files/_mapdata/ubuntu-20.yaml View File

@@ -0,0 +1,47 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-20.04
---
configuration:
environment:
certificate_authorities: /etc/ssl/certs/ca-certificates.crt
url: https://example.org/
server:
listen: 127.0.0.1:3000
rails_environment: production
settings:
pod_name: example diaspora* pod
database:
database: diaspora
host: localhost
password: secret
type: postgresql
username: diaspora
dependencies:
- build-essential
- git
- curl
- libcurl4-openssl-dev
- libidn11-dev
- libssl-dev
- libxml2-dev
- libxslt1-dev
- imagemagick
- libmagickwand-dev
- nodejs
- tzdata
- libjemalloc2
install_path: /srv/diaspora
install_redis: true
libjemalloc: /usr/lib/x86_64-linux-gnu/libjemalloc.so.2
mysql_package: default-libmysqlclient-dev
postgresql_package: libpq-dev
redis_package: redis-server
redis_service: redis-server
repository: https://github.com/diaspora/diaspora.git
ruby_version: 2.6.6
systemd:
web_template: salt://diaspora/files/diaspora-web.service
user:
shell: /bin/bash
username: diaspora
version: develop

+ 16
- 0
test/integration/_mapdata/inspec.yml View File

@@ -0,0 +1,16 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
name: _mapdata
title: diaspora formula
maintainer: SaltStack Formulas
license: Apache-2.0
summary: Verify the diaspora formula _mapdata dumps
depends:
- name: share
path: test/integration/share
supports:
- platform-name: debian
- platform-name: ubuntu
- platform-name: centos
- platform-name: arch

+ 50
- 0
test/integration/default/README.md View File

@@ -0,0 +1,50 @@
# InSpec Profile: `default`

This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).

## Verify a profile

InSpec ships with built-in features to verify a profile structure.

```bash
$ inspec check default
Summary
-------
Location: default
Profile: profile
Controls: 4
Timestamp: 2019-06-24T23:09:01+00:00
Valid: true

Errors
------

Warnings
--------
```

## Execute a profile

To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.

```bash
$ inspec exec default
..

Finished in 0.0025 seconds (files took 0.12449 seconds to load)
8 examples, 0 failures
```

## Execute a specific control from a profile

To run one control from the profile use `inspec exec /path/to/profile --controls name`.

```bash
$ inspec exec default --controls package
.

Finished in 0.0025 seconds (files took 0.12449 seconds to load)
1 examples, 0 failures
```

See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).

+ 50
- 0
test/integration/default/controls/config_spec.rb View File

@@ -0,0 +1,50 @@
# frozen_string_literal: true

control 'diaspora configuration' do
title 'should match desired lines'

describe file('/srv/diaspora/config/database.yml') do
it { should be_file }
it { should be_owned_by 'diaspora' }
it { should be_grouped_into 'root' }
its('mode') { should cmp '0600' }

its('content') do
should include '# This file is managed by Salt! Do not edit by hand!'
end

its('content') do
should include <<~CONTENT
postgresql: &postgresql
adapter: postgresql
host: localhost
port: 5432
username: diaspora
password: "secret"
encoding: unicode
CONTENT
end
end

ca_file =
case platform[:family]
when 'debian', 'arch'
'/etc/ssl/certs/ca-certificates.crt'
when 'redhat'
'/etc/pki/tls/certs/ca-bundle.crt'
end

describe file('/srv/diaspora/config/diaspora.yml') do
it { should be_file }
it { should be_owned_by 'diaspora' }
it { should be_grouped_into 'root' }
its('mode') { should cmp '0600' }

its('content') do
should include '# This file is managed by Salt! Do not edit by hand!'
end

its('content') { should include 'rails_environment: production' }
its('content') { should include "certificate_authorities: #{ca_file}" }
end
end

+ 24
- 0
test/integration/default/controls/http_spec.rb View File

@@ -0,0 +1,24 @@
# frozen_string_literal: true

control 'diaspora webserver' do
impact 0.5
title 'should be working'

https_header = { 'X-Forwarded-Proto': 'https' }

30.times do
break if port(3000).listening?

puts "Port 3000 isn't ready, retrying.."
sleep 1
end

describe http('http://localhost:3000', headers: https_header) do
its('status') { should cmp 302 }
its('headers.Location') { should cmp 'https://localhost:3000/podmin' }
end

describe http('http://localhost:3000/podmin', headers: https_header) do
its('status') { should cmp 200 }
end
end

+ 10
- 0
test/integration/default/controls/install_spec.rb View File

@@ -0,0 +1,10 @@
# frozen_string_literal: true

control 'diaspora' do
impact 0.5
title 'should be installed'

describe directory('/srv/diaspora/.git') do
it { should be_owned_by 'diaspora' }
end
end

+ 16
- 0
test/integration/default/controls/services_spec.rb View File

@@ -0,0 +1,16 @@
# frozen_string_literal: true

control 'diaspora services' do
impact 0.5
title 'should be running and enabled'

services = ['diaspora-sidekiq.service', 'diaspora-web.service']

services.each do |service_name|
describe service(service_name) do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
end
end

+ 16
- 0
test/integration/default/inspec.yml View File

@@ -0,0 +1,16 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
name: default
title: diaspora formula
maintainer: SaltStack Formulas
license: Apache-2.0
summary: Verify that the diaspora formula is setup and configured correctly
depends:
- name: share
path: test/integration/share
supports:
- platform-name: debian
- platform-name: ubuntu
- platform-name: centos
- platform-name: arch

+ 19
- 0
test/integration/share/README.md View File

@@ -0,0 +1,19 @@
# InSpec Profile: `share`

This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).

Its goal is to share the libraries between all profiles.

## Libraries

### `system`

The `system` library provides easy access to system dependent information:

- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
- `system.platform[:family]` provide a family name for Arch
- `system.platform[:name]` modify `amazon` to `amazonlinux`
- `system.platform[:release]` tweak Arch and Amazon Linux:
- `Arch` is always `base-latest`
- `Amazon Linux` release `2018` is resolved as `1`
- `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)

+ 19
- 0
test/integration/share/inspec.yml View File

@@ -0,0 +1,19 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
name: share
title: InSpec shared resources
maintainer: SaltStack Formulas
license: Apache-2.0
summary: shared resources
supports:
- platform-name: debian
- platform-name: ubuntu
- platform-name: centos
- platform-name: fedora
- platform-name: opensuse
- platform-name: suse
- platform-name: freebsd
- platform-name: amazon
- platform-name: oracle
- platform-name: arch

+ 69
- 0
test/integration/share/libraries/system.rb View File

@@ -0,0 +1,69 @@
# frozen_string_literal: true

# system.rb -- InSpec resources for system values
# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr>

class SystemResource < Inspec.resource(1)
name 'system'

attr_reader :platform

def initialize
@platform = build_platform
end

private

def build_platform
{
family: build_platform_family,
name: build_platform_name,
release: build_platform_release,
finger: build_platform_finger
}
end

def build_platform_family
case inspec.platform[:name]
when 'arch'
'arch'
else
inspec.platform[:family]
end
end

def build_platform_name
case inspec.platform[:name]
when 'amazon'
'amazonlinux'
else
inspec.platform[:name]
end
end

def build_platform_release
case inspec.platform[:name]
when 'amazon'
# `2018` relase is named `1` in kitchen.yaml
inspec.platform[:release].gsub(/2018.*/, '1')
when 'arch'
'base-latest'
else
inspec.platform[:release]
end
end

def build_platform_finger
"#{build_platform_name}-#{build_finger_release}"
end

def build_finger_release
case inspec.platform[:name]
when 'ubuntu'
build_platform_release.split('.').slice(0, 2).join('.')
else
build_platform_release.split('.')[0]
end
end
end

+ 6
- 0
test/salt/pillar/mysql.sls View File

@@ -0,0 +1,6 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
diaspora:
database:
type: mysql

+ 12
- 0
test/salt/pillar/tests.sls View File

@@ -0,0 +1,12 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
diaspora:
install_redis: true

user:
shell: /bin/bash

configuration:
server:
listen: 127.0.0.1:3000

+ 26
- 0
test/salt/states/mysql/init.sls View File

@@ -0,0 +1,26 @@
mysql_package:
pkg.installed:
- pkgs:
- mariadb-server
- python3-mysqldb

mysql_service:
service.running:
- name: mariadb
- require:
- pkg: mysql_package

mysql_user:
mysql_user.present:
- name: {{ salt['pillar.get']('diaspora:database:username') }}
- password: {{ salt['pillar.get']('diaspora:database:password') }}
- require:
- service: mysql_service
mysql_grants.present:
- grant: all privileges
- database: {{ salt['pillar.get']('diaspora:database:database') }}.*
- user: {{ salt['pillar.get']('diaspora:database:username') }}
- require:
- mysql_user: mysql_user
- require_in:
- cmd: diaspora_create_database

+ 51
- 0
test/salt/states/postgres/init.sls View File

@@ -0,0 +1,51 @@
{% set pkg = salt['grains.filter_by']({
'Debian': 'postgresql',
'RedHat': 'postgresql-server',
'Arch': 'postgresql',
}) -%}

pgsql_package:
pkg.installed:
- name: {{ pkg }}

{%- if grains.os_family == 'RedHat' %}
pgsql_initdb_redhat:
cmd.run:
- name: postgresql-setup initdb
- require:
- pkg: pgsql_package
pgsql_pg_hba_redhat:
file.replace:
- name: /var/lib/pgsql/data/pg_hba.conf
- pattern: ' ident'
- repl: ' md5'
- require:
- cmd: pgsql_initdb_redhat
- require_in:
- service: pgsql_service
{%- elif grains.os_family == 'Arch' %}
pgsql_initdb_arch:
cmd.run:
- name: initdb --locale en_US.UTF-8 -D '/var/lib/postgres/data'
- runas: postgres
- require:
- pkg: pgsql_package
- require_in:
- service: pgsql_service
{%- endif %}

pgsql_service:
service.running:
- name: postgresql
- require:
- pkg: pgsql_package

pgsql_user:
postgres_user.present:
- name: {{ salt['pillar.get']('diaspora:database:username') }}
- password: {{ salt['pillar.get']('diaspora:database:password') }}
- createdb: True
- require:
- service: pgsql_service
- require_in:
- cmd: diaspora_create_database

+ 11
- 0
test/salt/states/redis/init.sls View File

@@ -0,0 +1,11 @@
{%- if grains.get('osfinger', grains.os) == 'Ubuntu-18.04' %}
redis_config:
file.replace:
- name: '/etc/redis/redis.conf'
- pattern: '^bind .*$'
- repl: 'bind 127.0.0.1'
- require:
- pkg: redis_package
- require_in:
- service: redis_service
{%- endif %}

Loading…
Cancel
Save