Add kitchen tests + travis ci

- enable topics on test pillar
- add integration test for sudo enabled groups
- use loop devices only for storage suite
- example inspec test for sudo state

.kitchen.yml

@@ -0,0 +1,66 @@
+---
+driver:
+  name: docker
+  hostname: linux.ci.local
+  use_sudo: sudo
+
+provisioner:
+  name: salt_solo
+  salt_install: bootstrap
+  salt_bootstrap_url: https://bootstrap.saltstack.com
+  salt_version: latest
+  require_chef: false
+  log_level: error
+  formula: linux
+  grains:
+    noservices: true
+  state_top:
+    base:
+      "*":
+        - linux
+  pillars:
+    top.sls:
+      base:
+        "*":
+          - linux
+
+verifier:
+  name: inspec
+  sudo: true
+
+platforms:
+  - name: <%=ENV['PLATFORM'] || 'ubuntu-xenial'%>
+    driver_config:
+      image: <%=ENV['PLATFORM'] || 'trevorj/salty-whales:xenial'%>
+      platform: ubuntu
+
+
+suites:
+
+  - name: network
+    provisioner:
+      pillars-from-files:
+        linux.sls: tests/pillar/network.sls
+
+  #- name: storage
+    #provisioner:
+      #pillars-from-files:
+        #linux.sls: tests/pillar/storage.sls
+      #init_environment: |
+        #sudo mkdir -p /tmp/node
+        #sudo dd if=/dev/zero of=/tmp/loop_dev0 bs=1024 count=$((30*1024));
+        #sudo dd if=/dev/zero of=/tmp/loop_dev1 bs=1024 count=$((30*1024));
+        #sudo dd if=/dev/zero of=/tmp/loop_dev2 bs=1024 count=$((30*1024));
+        #sudo dd if=/dev/zero of=/tmp/loop_dev3 bs=1024 count=$((30*1024));
+        #sudo dd if=/dev/zero of=/tmp/loop_dev4 bs=1024 count=$((30*1024));
+        #sudo mkfs.ext4 /tmp/loop_dev1
+        #sudo mkswap /tmp/loop_dev2
+        #sudo chown root /tmp/loop_dev*;
+        #sudo chmod 0600 /tmp/loop_dev*;
+
+  - name: system
+    provisioner:
+      pillars-from-files:
+        linux.sls: tests/pillar/system.sls
+
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125

.travis.yml

@@ -0,0 +1,30 @@
+sudo: required
+services:
+  - docker
+
+install:
+  - pip install PyYAML
+  - pip install virtualenv
+  - |
+    test -e Gemfile || cat <<EOF > Gemfile
+    source 'https://rubygems.org'
+    gem 'rake'
+    gem 'test-kitchen'
+    gem 'kitchen-docker'
+    gem 'kitchen-inspec'
+    gem 'inspec'
+    gem 'kitchen-salt', :git => 'https://github.com/epcim/kitchen-salt.git', :branch => 'dependencis-pkg-repo2'
+    #Waiting for PR#78
+    #gem 'kitchen-salt', '>=0.2.25'
+  - bundle install
+
+env:
+  - PLATFORM=trevorj/salty-whales:trusty
+  - PLATFORM=trevorj/salty-whales:xenial
+
+before_script:
+  - make test | tail
+
+script:
+  - test ! -e .kitchen.yml || bundle exec kitchen converge || true
+  - test ! -e .kitchen.yml || bundle exec kitchen verify -t tests/integration

tests/integration/system/sudoer_spec.rb

@@ -0,0 +1,8 @@
+describe command('grep "" /etc/sudoers.d/*') do
+    its('stdout') { should_not match /sudogroup0/  }
+    its('stdout') { should match /salt-ops ALL=\(DBA\) NOPASSWD/  }
+    its('stdout') { should match /sudogroup2.*localhost=/  }
+    its('stdout') { should match /db-ops.*less/  }
+    its('stdout') { should_not match /sudogroup0/  }
+    its('stdout') { should_not match /sudogroup1 .* !SUDO_RESTRICTED_SU/  }
+end

tests/pillar/network.sls

@@ -1,25 +1,26 @@
 linux:
   system:
     enabled: true
-    domain: local
+    domain: ci.local
+    name: linux
   network:
     enabled: true
-    hostname: test01
-    fqdn: test01.local
+    hostname: linux
+    fqdn: linux.ci.local
     network_manager: false
-    interface:
-      eth0:
-        enabled: true
-        type: eth
-        address: 192.168.0.102
-        netmask: 255.255.255.0
-        gateway: 192.168.0.1
-        name_servers:
-        - 8.8.8.8
-        - 8.8.4.4
-        mtu: 1500
-      vlan69:
-        enabled: true
-        type: vlan
-        use_interfaces:
-        - interface: ${linux:interface:eth0}
+    #interface:
+      #eth0:
+        #enabled: true
+        #type: eth
+        #address: 192.168.0.102
+        #netmask: 255.255.255.0
+        #gateway: 192.168.0.1
+        #name_servers:
+        #- 8.8.8.8
+        #- 8.8.4.4
+        #mtu: 1500
+      #vlan69:
+        #enabled: true
+        #type: vlan
+        #use_interfaces:
+        #- interface: ${linux:interface:eth0}

tests/pillar/storage.sls

@@ -5,23 +5,42 @@ linux:
       file:
         enabled: true
         engine: file
-        device: /swapfile
-        size: 512
+        device: /tmp/loop_dev2
+        size: 5
+    mount:
+      # NOTE: simple dummy loop devices, use for test purposes only
+      dev0:
+        enabled: false
+        device: /tmp/loop_dev0
+        path: /tmp/node/dev0
+        file_system: xfs
+        opts: noatime,nobarrier,logbufs=8,nobootwait,nobarrier
+        user: root
+        group: root
+        mode: 755
+      dev1:
+        enabled: true
+        device: /tmp/loop_dev1
+        path: /mnt
+        file_system: ext4
+        #opts: noatime,nobarrier,logbufs=8,nobootwait,nobarrier
+        user: root
+        group: root
     lvm:
       vg0:
         name: vg0-dummy
         enabled: true
         devices:
-          - /dev/vdb
+          - /tmp/loop_dev3
         volume:
           lv01:
-            size: 512M
+            size: 5M
             mount:
-              path: /srv
+              path: /mnt
     disk1:
       enabled: true
-      device: /dev/dummy
-      path: /srv/dummy
+      device: /dev/loop_dev4
+      path: /tmp/dummy
       file_system: xfs
       options: "noatime,nobarrier,logbufs=8"
       user: nobody

tests/pillar/system.sls

@@ -3,7 +3,6 @@ linux:
     enabled: true
     cluster: default
     name: linux
-    timezone: Europe/Prague
     domain: local
     environment: prd
     hostname: system.pillar.local
@@ -11,24 +10,10 @@ linux:
       enabled: false
     haveged:
       enabled: true
-    console:
-      tty0:
-        autologin: root
-      ttyS0:
-        autologin: root
-        rate: 115200
-        term: xterm
     prompt:
       default: "linux.ci.local$"
     kernel:
-      sriov: True
       isolcpu: 1,2,3,4
-      hugepages:
-        large:
-          default: true
-          size: 1G
-          count: 210
-          mount_point: /mnt/hugepages_1GB
     motd:
       - warning: |
           #!/bin/sh
@@ -107,11 +92,6 @@ linux:
       opencontrail:
         source: "deb http://ppa.launchpad.net/tcpcloud/contrail-2.20/ubuntu trusty main"
         architectures: amd64
-    policyrcd:
-      - package: cassandra
-        action: exit 101
-      - package: '*'
-        action: switch
     locale:
       en_US.UTF-8:
         enabled: true

tests/pillar/system_extra.sls

@@ -0,0 +1,28 @@
+
+linux:
+  system:
+    enabled: true
+    cluster: default
+    name: linux
+    timezone: Europe/Prague
+    console:
+      tty0:
+        autologin: root
+      ttyS0:
+        autologin: root
+        rate: 115200
+        term: xterm
+    kernel:
+      sriov: True
+      isolcpu: 1,2,3,4
+      hugepages:
+        large:
+          default: true
+          size: 1G
+          count: 210
+          mount_point: /mnt/hugepages_1GB
+    policyrcd:
+      - package: cassandra
+        action: exit 101
+      - package: '*'
+        action: switch