- enable topics on test pillar - add integration test for sudo enabled groups - use loop devices only for storage suite - example inspec test for sudo statetags/2017.4
--- | |||||
driver: | |||||
name: docker | |||||
hostname: linux.ci.local | |||||
use_sudo: sudo | |||||
provisioner: | |||||
name: salt_solo | |||||
salt_install: bootstrap | |||||
salt_bootstrap_url: https://bootstrap.saltstack.com | |||||
salt_version: latest | |||||
require_chef: false | |||||
log_level: error | |||||
formula: linux | |||||
grains: | |||||
noservices: true | |||||
state_top: | |||||
base: | |||||
"*": | |||||
- linux | |||||
pillars: | |||||
top.sls: | |||||
base: | |||||
"*": | |||||
- linux | |||||
verifier: | |||||
name: inspec | |||||
sudo: true | |||||
platforms: | |||||
- name: <%=ENV['PLATFORM'] || 'ubuntu-xenial'%> | |||||
driver_config: | |||||
image: <%=ENV['PLATFORM'] || 'trevorj/salty-whales:xenial'%> | |||||
platform: ubuntu | |||||
suites: | |||||
- name: network | |||||
provisioner: | |||||
pillars-from-files: | |||||
linux.sls: tests/pillar/network.sls | |||||
#- name: storage | |||||
#provisioner: | |||||
#pillars-from-files: | |||||
#linux.sls: tests/pillar/storage.sls | |||||
#init_environment: | | |||||
#sudo mkdir -p /tmp/node | |||||
#sudo dd if=/dev/zero of=/tmp/loop_dev0 bs=1024 count=$((30*1024)); | |||||
#sudo dd if=/dev/zero of=/tmp/loop_dev1 bs=1024 count=$((30*1024)); | |||||
#sudo dd if=/dev/zero of=/tmp/loop_dev2 bs=1024 count=$((30*1024)); | |||||
#sudo dd if=/dev/zero of=/tmp/loop_dev3 bs=1024 count=$((30*1024)); | |||||
#sudo dd if=/dev/zero of=/tmp/loop_dev4 bs=1024 count=$((30*1024)); | |||||
#sudo mkfs.ext4 /tmp/loop_dev1 | |||||
#sudo mkswap /tmp/loop_dev2 | |||||
#sudo chown root /tmp/loop_dev*; | |||||
#sudo chmod 0600 /tmp/loop_dev*; | |||||
- name: system | |||||
provisioner: | |||||
pillars-from-files: | |||||
linux.sls: tests/pillar/system.sls | |||||
# vim: ft=yaml sw=2 ts=2 sts=2 tw=125 |
sudo: required | |||||
services: | |||||
- docker | |||||
install: | |||||
- pip install PyYAML | |||||
- pip install virtualenv | |||||
- | | |||||
test -e Gemfile || cat <<EOF > Gemfile | |||||
source 'https://rubygems.org' | |||||
gem 'rake' | |||||
gem 'test-kitchen' | |||||
gem 'kitchen-docker' | |||||
gem 'kitchen-inspec' | |||||
gem 'inspec' | |||||
gem 'kitchen-salt', :git => 'https://github.com/epcim/kitchen-salt.git', :branch => 'dependencis-pkg-repo2' | |||||
#Waiting for PR#78 | |||||
#gem 'kitchen-salt', '>=0.2.25' | |||||
- bundle install | |||||
env: | |||||
- PLATFORM=trevorj/salty-whales:trusty | |||||
- PLATFORM=trevorj/salty-whales:xenial | |||||
before_script: | |||||
- make test | tail | |||||
script: | |||||
- test ! -e .kitchen.yml || bundle exec kitchen converge || true | |||||
- test ! -e .kitchen.yml || bundle exec kitchen verify -t tests/integration |
describe command('grep "" /etc/sudoers.d/*') do | |||||
its('stdout') { should_not match /sudogroup0/ } | |||||
its('stdout') { should match /salt-ops ALL=\(DBA\) NOPASSWD/ } | |||||
its('stdout') { should match /sudogroup2.*localhost=/ } | |||||
its('stdout') { should match /db-ops.*less/ } | |||||
its('stdout') { should_not match /sudogroup0/ } | |||||
its('stdout') { should_not match /sudogroup1 .* !SUDO_RESTRICTED_SU/ } | |||||
end |
linux: | linux: | ||||
system: | system: | ||||
enabled: true | enabled: true | ||||
domain: local | |||||
domain: ci.local | |||||
name: linux | |||||
network: | network: | ||||
enabled: true | enabled: true | ||||
hostname: test01 | |||||
fqdn: test01.local | |||||
hostname: linux | |||||
fqdn: linux.ci.local | |||||
network_manager: false | network_manager: false | ||||
interface: | |||||
eth0: | |||||
enabled: true | |||||
type: eth | |||||
address: 192.168.0.102 | |||||
netmask: 255.255.255.0 | |||||
gateway: 192.168.0.1 | |||||
name_servers: | |||||
- 8.8.8.8 | |||||
- 8.8.4.4 | |||||
mtu: 1500 | |||||
vlan69: | |||||
enabled: true | |||||
type: vlan | |||||
use_interfaces: | |||||
- interface: ${linux:interface:eth0} | |||||
#interface: | |||||
#eth0: | |||||
#enabled: true | |||||
#type: eth | |||||
#address: 192.168.0.102 | |||||
#netmask: 255.255.255.0 | |||||
#gateway: 192.168.0.1 | |||||
#name_servers: | |||||
#- 8.8.8.8 | |||||
#- 8.8.4.4 | |||||
#mtu: 1500 | |||||
#vlan69: | |||||
#enabled: true | |||||
#type: vlan | |||||
#use_interfaces: | |||||
#- interface: ${linux:interface:eth0} |
file: | file: | ||||
enabled: true | enabled: true | ||||
engine: file | engine: file | ||||
device: /swapfile | |||||
size: 512 | |||||
device: /tmp/loop_dev2 | |||||
size: 5 | |||||
mount: | |||||
# NOTE: simple dummy loop devices, use for test purposes only | |||||
dev0: | |||||
enabled: false | |||||
device: /tmp/loop_dev0 | |||||
path: /tmp/node/dev0 | |||||
file_system: xfs | |||||
opts: noatime,nobarrier,logbufs=8,nobootwait,nobarrier | |||||
user: root | |||||
group: root | |||||
mode: 755 | |||||
dev1: | |||||
enabled: true | |||||
device: /tmp/loop_dev1 | |||||
path: /mnt | |||||
file_system: ext4 | |||||
#opts: noatime,nobarrier,logbufs=8,nobootwait,nobarrier | |||||
user: root | |||||
group: root | |||||
lvm: | lvm: | ||||
vg0: | vg0: | ||||
name: vg0-dummy | name: vg0-dummy | ||||
enabled: true | enabled: true | ||||
devices: | devices: | ||||
- /dev/vdb | |||||
- /tmp/loop_dev3 | |||||
volume: | volume: | ||||
lv01: | lv01: | ||||
size: 512M | |||||
size: 5M | |||||
mount: | mount: | ||||
path: /srv | |||||
path: /mnt | |||||
disk1: | disk1: | ||||
enabled: true | enabled: true | ||||
device: /dev/dummy | |||||
path: /srv/dummy | |||||
device: /dev/loop_dev4 | |||||
path: /tmp/dummy | |||||
file_system: xfs | file_system: xfs | ||||
options: "noatime,nobarrier,logbufs=8" | options: "noatime,nobarrier,logbufs=8" | ||||
user: nobody | user: nobody |
enabled: true | enabled: true | ||||
cluster: default | cluster: default | ||||
name: linux | name: linux | ||||
timezone: Europe/Prague | |||||
domain: local | domain: local | ||||
environment: prd | environment: prd | ||||
hostname: system.pillar.local | hostname: system.pillar.local | ||||
enabled: false | enabled: false | ||||
haveged: | haveged: | ||||
enabled: true | enabled: true | ||||
console: | |||||
tty0: | |||||
autologin: root | |||||
ttyS0: | |||||
autologin: root | |||||
rate: 115200 | |||||
term: xterm | |||||
prompt: | prompt: | ||||
default: "linux.ci.local$" | default: "linux.ci.local$" | ||||
kernel: | kernel: | ||||
sriov: True | |||||
isolcpu: 1,2,3,4 | isolcpu: 1,2,3,4 | ||||
hugepages: | |||||
large: | |||||
default: true | |||||
size: 1G | |||||
count: 210 | |||||
mount_point: /mnt/hugepages_1GB | |||||
motd: | motd: | ||||
- warning: | | - warning: | | ||||
#!/bin/sh | #!/bin/sh | ||||
opencontrail: | opencontrail: | ||||
source: "deb http://ppa.launchpad.net/tcpcloud/contrail-2.20/ubuntu trusty main" | source: "deb http://ppa.launchpad.net/tcpcloud/contrail-2.20/ubuntu trusty main" | ||||
architectures: amd64 | architectures: amd64 | ||||
policyrcd: | |||||
- package: cassandra | |||||
action: exit 101 | |||||
- package: '*' | |||||
action: switch | |||||
locale: | locale: | ||||
en_US.UTF-8: | en_US.UTF-8: | ||||
enabled: true | enabled: true |
linux: | |||||
system: | |||||
enabled: true | |||||
cluster: default | |||||
name: linux | |||||
timezone: Europe/Prague | |||||
console: | |||||
tty0: | |||||
autologin: root | |||||
ttyS0: | |||||
autologin: root | |||||
rate: 115200 | |||||
term: xterm | |||||
kernel: | |||||
sriov: True | |||||
isolcpu: 1,2,3,4 | |||||
hugepages: | |||||
large: | |||||
default: true | |||||
size: 1G | |||||
count: 210 | |||||
mount_point: /mnt/hugepages_1GB | |||||
policyrcd: | |||||
- package: cassandra | |||||
action: exit 101 | |||||
- package: '*' | |||||
action: switch |