Merge pull request #282 from myii/ci/add-freebsd-vagrant-in-github-actions

ci: enable FreeBSD Vagrant-based testing using GitHub Actions

.github/workflows/kitchen.vagrant.yml

@@ -0,0 +1,36 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: 'Kitchen Vagrant (FreeBSD)'
+'on': ['push', 'pull_request']
+
+env:
+  KITCHEN_LOCAL_YAML: 'kitchen.vagrant.yml'
+
+jobs:
+  test:
+    runs-on: 'macos-10.15'
+    strategy:
+      fail-fast: false
+      matrix:
+        instance:
+          - default-freebsd-122-latest-py3
+          # - freebsd-122-latest-py3
+          - default-freebsd-114-latest-py3
+          # - freebsd-114-latest-py3
+    steps:
+      - name: 'Check out code'
+        uses: 'actions/checkout@v2'
+      - name: 'Set up Bundler cache'
+        uses: 'actions/cache@v1'
+        with:
+          path: 'vendor/bundle'
+          key: "${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}"
+          restore-keys: "${{ runner.os }}-gems-"
+      - name: 'Run Bundler'
+        run: |
+          ruby --version
+          bundle config path vendor/bundle
+          bundle install --jobs 4 --retry 3
+      - name: 'Run Test Kitchen'
+        run: 'bundle exec kitchen verify ${{ matrix.instance }}'

.pre-commit-config.yaml

@@ -17,6 +17,14 @@ repos:
         stages: [manual]
         additional_dependencies: ['@commitlint/config-conventional@8.3.4']
         always_run: true
+  - repo: https://github.com/rubocop-hq/rubocop
+    rev: v1.9.1
+    hooks:
+      - id: rubocop
+        name: Check Ruby files with rubocop
+        args: [--debug]
+        always_run: true
+        pass_filenames: false
   - repo: https://github.com/shellcheck-py/shellcheck-py
     rev: v0.7.1.1
     hooks:

.travis.yml

@@ -36,17 +36,14 @@ stages:
   # - name: 'release'
   #   if: 'branch = master AND type != pull_request'
 jobs:
-  allow_failures:
-    - env: Lint_rubocop
-  fast_finish: true
   include:
     ## Define the test stage that runs the linters (and testing matrix, if applicable)
 
-    # Run all of the linters in a single job (except `rubocop`)
+    # Run all of the linters in a single job
     - language: 'node_js'
       node_js: 'lts/*'
       env: 'Lint'
-      name: 'Lint: salt-lint, yamllint, shellcheck & commitlint'
+      name: 'Lint: salt-lint, yamllint, rubocop, shellcheck & commitlint'
       before_install: 'skip'
       script:
         # Install and run `salt-lint`
@@ -57,6 +54,9 @@ jobs:
         # Need at least `v1.17.0` for the `yaml-files` setting
         - pip install --user yamllint>=1.17.0
         - yamllint -s .
+        # Install and run `rubocop`
+        - gem install rubocop
+        - rubocop -d
         # Run `shellcheck` (already pre-installed in Travis)
         - shellcheck --version
         - git ls-files -- '*.sh' '*.bash' '*.ksh'
@@ -65,17 +65,6 @@ jobs:
         - npm i -D @commitlint/config-conventional
                    @commitlint/travis-cli
         - commitlint-travis
-    # Run the `rubocop` linter in a separate job that is allowed to fail
-    # Once these lint errors are fixed, this can be merged into a single job
-    - language: node_js
-      node_js: lts/*
-      env: Lint_rubocop
-      name: 'Lint: rubocop'
-      before_install: skip
-      script:
-        # Install and run `rubocop`
-        - gem install rubocop
-        - rubocop -d
 
     # Run `pre-commit` linters in a single job
     - language: 'python'

Gemfile

@@ -12,3 +12,7 @@ gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure
 # rubocop:enable Layout/LineLength
 gem 'kitchen-inspec', '>= 2.2.1'
 gem 'kitchen-salt', '>= 0.6.3'
+
+group :vagrant do
+  gem 'kitchen-vagrant'
+end

Gemfile.lock

@@ -292,6 +292,8 @@ GEM
     kitchen-salt (0.6.3)
       hashie (>= 3.5)
       test-kitchen (>= 1.4)
+    kitchen-vagrant (1.7.0)
+      test-kitchen (>= 1.4, < 3)
     libyajl2 (1.2.0)
     license-acceptance (1.0.19)
       pastel (~> 0.7)
@@ -525,6 +527,7 @@ DEPENDENCIES
   kitchen-docker!
   kitchen-inspec (>= 2.2.1)
   kitchen-salt (>= 0.6.3)
+  kitchen-vagrant
 
 BUNDLED WITH
    2.1.2

kitchen.vagrant.yml

@@ -0,0 +1,23 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+driver:
+  name: vagrant
+  cache_directory: false
+  customize:
+    usbxhci: 'off'
+  gui: false
+  linked_clone: true
+  ssh:
+    shell: /bin/sh
+
+platforms:
+  - name: freebsd-122-latest-py3
+    driver:
+      box: bento/freebsd-12.2
+  - name: freebsd-114-latest-py3
+    driver:
+      box: bento/freebsd-11.4
+
+provisioner:
+  salt_install: bootstrap

kitchen.yml

@@ -326,6 +326,13 @@ suites:
         - path: test/integration/default
   - name: passenger
     includes:
+      - debian-10-tiamat-py3
+      - debian-9-tiamat-py3
+      - ubuntu-2004-tiamat-py3
+      - ubuntu-1804-tiamat-py3
+      - centos-8-tiamat-py3
+      - centos-7-tiamat-py3
+      - oraclelinux-8-tiamat-py3
       - debian-10-master-py3
       - debian-9-master-py3
       - ubuntu-2004-master-py3
@@ -333,6 +340,27 @@ suites:
       - centos-8-master-py3
       - centos-7-master-py3
       - oraclelinux-8-master-py3
+      - debian-10-3002-5-py3
+      - debian-9-3002-5-py3
+      - ubuntu-2004-3002-5-py3
+      - ubuntu-1804-3002-5-py3
+      - centos-8-3002-5-py3
+      - centos-7-3002-5-py3
+      - oraclelinux-8-3002-5-py3
+      - debian-10-3001-6-py3
+      - debian-9-3001-6-py3
+      - ubuntu-2004-3001-6-py3
+      - ubuntu-1804-3001-6-py3
+      - centos-8-3001-6-py3
+      - centos-7-3001-6-py3
+      - oraclelinux-8-3001-6-py3
+      - debian-10-3000-8-py3
+      - debian-9-3000-8-py3
+      - ubuntu-1804-3000-8-py3
+      - centos-8-3000-8-py3
+      - centos-7-3000-8-py3
+      - oraclelinux-8-3000-8-py3
+      - ubuntu-1804-3000-8-py2
     provisioner:
       state_top:
         base:

nginx/map.jinja

@@ -105,6 +105,7 @@
             'server_enabled': '/usr/local/etc/nginx/sites-enabled',
             'snippets_dir': '/usr/local/etc/nginx/snippets',
             'server_use_symlink': True,
+            'openssl_package': 'openssl',
             'pid_file': '/var/run/nginx.pid',
         },
     }, default='Debian' ),

test/integration/default/controls/config.rb

@@ -2,27 +2,36 @@
 
 # Set defaults, use debian as base
 
-server_available = '/etc/nginx/sites-available'
-server_enabled = '/etc/nginx/sites-enabled'
-
 # Override by platform family
-case platform[:family]
-when 'redhat', 'fedora'
-  server_available = '/etc/nginx/conf.d'
-  server_enabled   = '/etc/nginx/conf.d'
-when 'suse'
-  server_available = '/etc/nginx/vhosts.d'
-  server_enabled   = '/etc/nginx/vhosts.d'
-end
+server_available, server_enabled =
+  case platform[:family]
+  when 'redhat', 'fedora'
+    %w[/etc/nginx/conf.d /etc/nginx/conf.d]
+  when 'suse'
+    %w[/etc/nginx/vhosts.d /etc/nginx/vhosts.d]
+  when 'bsd'
+    %w[/usr/local/etc/nginx/sites-available /usr/local/etc/nginx/sites-enabled]
+  else
+    %w[/etc/nginx/sites-available /etc/nginx/sites-enabled]
+  end
+
+nginx_conf, snippets_letsencrypt_conf, file_owner, file_group =
+  case platform[:family]
+  when 'bsd'
+    %w[/usr/local/etc/nginx/nginx.conf /usr/local/etc/nginx/snippets/letsencrypt.conf
+       root wheel]
+  else
+    %w[/etc/nginx/nginx.conf /etc/nginx/snippets/letsencrypt.conf root root]
+  end
 
 control 'Nginx configuration' do
   title 'should match desired lines'
 
   # main configuration
-  describe file('/etc/nginx/nginx.conf') do
+  describe file(nginx_conf) do
     it { should be_file }
-    it { should be_owned_by 'root' }
-    it { should be_grouped_into 'root' }
+    it { should be_owned_by file_owner }
+    it { should be_grouped_into file_group }
     its('mode') { should cmp '0644' }
     its('content') do
       # rubocop:disable Metrics/LineLength
@@ -34,10 +43,10 @@ control 'Nginx configuration' do
   end
 
   # snippets configuration
-  describe file('/etc/nginx/snippets/letsencrypt.conf') do
+  describe file(snippets_letsencrypt_conf) do
     it { should be_file }
-    it { should be_owned_by 'root' }
-    it { should be_grouped_into 'root' }
+    it { should be_owned_by file_owner }
+    it { should be_grouped_into file_group }
     its('mode') { should cmp '0644' }
     its('content') { should include 'location ^~ /.well-known/acme-challenge/ {' }
     its('content') { should include 'proxy_pass http://localhost:9999;' }
@@ -52,8 +61,8 @@ control 'Nginx configuration' do
 
     describe file "#{dir}/mysite" do
       it { should be_file }
-      it { should be_owned_by 'root' }
-      it { should be_grouped_into 'root' }
+      it { should be_owned_by file_owner }
+      it { should be_grouped_into file_group }
       its('mode') { should cmp '0644' }
       its('content') { should include 'server_name localhost;' }
       its('content') { should include 'listen 80 default_server;' }