Saltstack Official FirewallD Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647
  1. # frozen_string_literal: true
  2. require 'yaml'
  3. control 'firewalld._mapdata' do
  4. title '`map.jinja` should match the reference file'
  5. ### Method
  6. # The steps below for each file appear convoluted but they are both required
  7. # and similar in nature:
  8. # 1. The earliest method was to simply compare the files textually but this often
  9. # led to false positives due to inconsistencies (e.g. spacing, ordering)
  10. # 2. The next method was to load the files back into YAML structures and then
  11. # compare but InSpec provided block diffs this way, unusable by end users
  12. # 3. The final step was to dump the YAML structures back into a string to use
  13. # for the comparison; this both worked and provided human-friendly diffs
  14. ### Comparison file for the specific platform
  15. ### Static, adjusted as part of code contributions, as map data is changed
  16. # Strip the `platform[:finger]` version number down to the "OS major release"
  17. platform_finger = system.platform[:finger].split('.').first.to_s
  18. # Use that to set the path to the file (relative to the InSpec suite directory)
  19. mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
  20. # Load the mapdata from profile, into a YAML structure
  21. # https://docs.chef.io/inspec/profiles/#profile-files
  22. mapdata_file_yaml = YAML.load(inspec.profile.file(mapdata_file_path))
  23. # Dump the YAML back into a string for comparison
  24. mapdata_file_dump = YAML.dump(mapdata_file_yaml)
  25. ### Output file produced by running the `_mapdata` state
  26. ### Dynamic, generated during Kitchen's `converge` phase
  27. # Derive the location of the dumped mapdata (differs for Windows)
  28. output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
  29. # Use that to set the path to the file (absolute path, i.e. within the container)
  30. output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
  31. # Load the output into a YAML structure using InSpec's `yaml` resource
  32. # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
  33. output_file_yaml = yaml(output_file_path).params
  34. # Dump the YAML back into a string for comparison
  35. output_file_dump = YAML.dump(output_file_yaml)
  36. describe 'File content' do
  37. it 'should match profile map data exactly' do
  38. expect(output_file_dump).to eq(mapdata_file_dump)
  39. end
  40. end
  41. end