* Semi-automated using https://github.com/myii/ssf-formula/pull/285tags/v1.7.3
/docs/AUTHORS.rst @saltstack-formulas/ssf | /docs/AUTHORS.rst @saltstack-formulas/ssf | ||||
/docs/CHANGELOG.rst @saltstack-formulas/ssf | /docs/CHANGELOG.rst @saltstack-formulas/ssf | ||||
/docs/TOFS_pattern.rst @saltstack-formulas/ssf | /docs/TOFS_pattern.rst @saltstack-formulas/ssf | ||||
/*/_mapdata/ @saltstack-formulas/ssf | |||||
/*/libsaltcli.jinja @saltstack-formulas/ssf | /*/libsaltcli.jinja @saltstack-formulas/ssf | ||||
/*/libtofs.jinja @saltstack-formulas/ssf | /*/libtofs.jinja @saltstack-formulas/ssf | ||||
/test/integration/**/_mapdata_spec.rb @saltstack-formulas/ssf | |||||
/test/integration/**/libraries/system.rb @saltstack-formulas/ssf | |||||
/test/integration/**/inspec.yml @saltstack-formulas/ssf | /test/integration/**/inspec.yml @saltstack-formulas/ssf | ||||
/test/integration/**/README.md @saltstack-formulas/ssf | /test/integration/**/README.md @saltstack-formulas/ssf | ||||
/.gitignore @saltstack-formulas/ssf | /.gitignore @saltstack-formulas/ssf |
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- salt._mapdata | |||||
- salt.minion | - salt.minion | ||||
pillars: | pillars: | ||||
top.sls: | top.sls: |
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- salt._mapdata | |||||
- salt.minion | - salt.minion | ||||
pillars: | pillars: | ||||
top.sls: | top.sls: |
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- salt._mapdata | |||||
- salt.pkgrepo | - salt.pkgrepo | ||||
- salt.master | - salt.master | ||||
- salt.minion | - salt.minion | ||||
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- salt._mapdata | |||||
- salt.pkgrepo | - salt.pkgrepo | ||||
- salt.master | - salt.master | ||||
- salt.minion | - salt.minion | ||||
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- salt._mapdata | |||||
- salt.pkgrepo | - salt.pkgrepo | ||||
- salt.master | - salt.master | ||||
- salt.minion | - salt.minion | ||||
state_top: | state_top: | ||||
base: | base: | ||||
'*': | '*': | ||||
- salt._mapdata | |||||
- salt.pkgrepo | - salt.pkgrepo | ||||
- salt.master | - salt.master | ||||
- salt.minion | - salt.minion |
# yamllint disable rule:indentation rule:line-length | |||||
# {{ grains.get("osfinger", grains.os) }} | |||||
--- | |||||
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} | |||||
{{ salt["slsutil.serialize"]( | |||||
"yaml", | |||||
map, | |||||
default_flow_style=False, | |||||
allow_unicode=True, | |||||
) | |||||
| regex_replace("^\s+'$", "'", multiline=True) | |||||
| trim | |||||
}} |
# -*- coding: utf-8 -*- | |||||
# vim: ft=sls | |||||
--- | |||||
{#- Get the `tplroot` from `tpldir` #} | |||||
{%- set tplroot = tpldir.split("/")[0] %} | |||||
{%- from tplroot ~ "/map.jinja" import salt_settings with context %} | |||||
{%- from tplroot ~ "/map.jinja" import formulas_settings with context %} | |||||
{%- set _mapdata = { | |||||
"values": { | |||||
"salt_settings": salt_settings, | |||||
"formulas_settings": formulas_settings, | |||||
} | |||||
} %} | |||||
{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %} | |||||
{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %} | |||||
{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %} | |||||
{{ tplroot }}-mapdata-dump: | |||||
file.managed: | |||||
- name: {{ output_file }} | |||||
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja | |||||
- template: jinja | |||||
- context: | |||||
map: {{ _mapdata | yaml }} |
# InSpec Profile: `share` | |||||
This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). | |||||
Its goal is to share the libraries between all profiles. | |||||
## Libraries | |||||
### `system` | |||||
The `system` library provides easy access to system dependent information: | |||||
- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective | |||||
- `system.platform[:family]` provide a family name for Arch and Gentoo | |||||
- `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows` | |||||
- `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo and Windows: | |||||
- `Arch` is always `base-latest` | |||||
- `Amazon Linux` release `2018` is resolved as `1` | |||||
- `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`) | |||||
- `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version | |||||
- `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example) |
# -*- coding: utf-8 -*- | |||||
# vim: ft=yaml | |||||
--- | |||||
name: share | |||||
title: InSpec shared resources | |||||
maintainer: SaltStack Formulas | |||||
license: Apache-2.0 | |||||
summary: shared resources | |||||
supports: | |||||
- platform-name: debian | |||||
- platform-name: ubuntu | |||||
- platform-name: centos | |||||
- platform-name: fedora | |||||
- platform-name: opensuse | |||||
- platform-name: suse | |||||
- platform-name: freebsd | |||||
- platform-name: amazon | |||||
- platform-name: oracle | |||||
- platform-name: arch | |||||
- platform-name: gentoo | |||||
- platform: windows |
# frozen_string_literal: true | |||||
# system.rb -- InSpec resources for system values | |||||
# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr> | |||||
# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr> | |||||
class SystemResource < Inspec.resource(1) | |||||
name 'system' | |||||
attr_reader :platform | |||||
def initialize | |||||
super | |||||
@platform = build_platform | |||||
end | |||||
private | |||||
def build_platform | |||||
{ | |||||
family: build_platform_family, | |||||
name: build_platform_name, | |||||
release: build_platform_release, | |||||
finger: build_platform_finger | |||||
} | |||||
end | |||||
def build_platform_family | |||||
case inspec.platform[:name] | |||||
when 'arch', 'gentoo' | |||||
inspec.platform[:name] | |||||
else | |||||
inspec.platform[:family] | |||||
end | |||||
end | |||||
def build_platform_name | |||||
case inspec.platform[:name] | |||||
when 'amazon', 'oracle' | |||||
"#{inspec.platform[:name]}linux" | |||||
when 'windows_8.1_pro', 'windows_server_2019_datacenter' | |||||
'windows' | |||||
else | |||||
inspec.platform[:name] | |||||
end | |||||
end | |||||
# rubocop:disable Metrics/MethodLength | |||||
def build_platform_release | |||||
case inspec.platform[:name] | |||||
when 'amazon' | |||||
# `2018` relase is named `1` in kitchen.yaml | |||||
inspec.platform[:release].gsub(/2018.*/, '1') | |||||
when 'arch' | |||||
'base-latest' | |||||
when 'gentoo' | |||||
"#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" | |||||
when 'windows_8.1_pro' | |||||
'8.1' | |||||
when 'windows_server_2019_datacenter' | |||||
'2019-server' | |||||
else | |||||
inspec.platform[:release] | |||||
end | |||||
end | |||||
# rubocop:enable Metrics/MethodLength | |||||
def derive_gentoo_init_system | |||||
case inspec.command('systemctl').exist? | |||||
when true | |||||
'sysd' | |||||
else | |||||
'sysv' | |||||
end | |||||
end | |||||
def build_platform_finger | |||||
"#{build_platform_name}-#{build_finger_release}" | |||||
end | |||||
def build_finger_release | |||||
case inspec.platform[:name] | |||||
when 'ubuntu' | |||||
build_platform_release.split('.').slice(0, 2).join('.') | |||||
else | |||||
build_platform_release.split('.')[0] | |||||
end | |||||
end | |||||
end |
# frozen_string_literal: true | |||||
require 'yaml' | |||||
control '`map.jinja` YAML dump' do | |||||
title 'should match the comparison file' | |||||
### Method | |||||
# The steps below for each file appear convoluted but they are both required | |||||
# and similar in nature: | |||||
# 1. The earliest method was to simply compare the files textually but this often | |||||
# led to false positives due to inconsistencies (e.g. spacing, ordering) | |||||
# 2. The next method was to load the files back into YAML structures and then | |||||
# compare but InSpec provided block diffs this way, unusable by end users | |||||
# 3. The final step was to dump the YAML structures back into a string to use | |||||
# for the comparison; this both worked and provided human-friendly diffs | |||||
### Comparison file for the specific platform | |||||
### Static, adjusted as part of code contributions, as map data is changed | |||||
# Strip the `platform[:finger]` version number down to the "OS major release" | |||||
platform_finger = system.platform[:finger].split('.').first.to_s | |||||
# Use that to set the path to the file (relative to the InSpec suite directory) | |||||
mapdata_file_path = "_mapdata/#{platform_finger}.yaml" | |||||
# Load the mapdata from profile, into a YAML structure | |||||
# https://docs.chef.io/inspec/profiles/#profile-files | |||||
mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path)) | |||||
# Dump the YAML back into a string for comparison | |||||
mapdata_file_dump = YAML.dump(mapdata_file_yaml) | |||||
### Output file produced by running the `_mapdata` state | |||||
### Dynamic, generated during Kitchen's `converge` phase | |||||
# Derive the location of the dumped mapdata (differs for Windows) | |||||
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' | |||||
# Use that to set the path to the file (absolute path, i.e. within the container) | |||||
output_file_path = "#{output_dir}/salt_mapdata_dump.yaml" | |||||
# Load the output into a YAML structure using InSpec's `yaml` resource | |||||
# https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29 | |||||
output_file_yaml = yaml(output_file_path).params | |||||
# Dump the YAML back into a string for comparison | |||||
output_file_dump = YAML.dump(output_file_yaml) | |||||
describe 'File content' do | |||||
it 'should match profile map data exactly' do | |||||
expect(output_file_dump).to eq(mapdata_file_dump) | |||||
end | |||||
end | |||||
end |
maintainer: SaltStack Formulas | maintainer: SaltStack Formulas | ||||
license: Apache-2.0 | license: Apache-2.0 | ||||
summary: Verify that Salt `v3000-py2` is setup and configured | summary: Verify that Salt `v3000-py2` is setup and configured | ||||
depends: | |||||
- name: share | |||||
path: test/integration/share | |||||
supports: | supports: | ||||
- platform-name: debian | - platform-name: debian | ||||
- platform-name: ubuntu | - platform-name: ubuntu |
# frozen_string_literal: true | |||||
require 'yaml' | |||||
control '`map.jinja` YAML dump' do | |||||
title 'should match the comparison file' | |||||
### Method | |||||
# The steps below for each file appear convoluted but they are both required | |||||
# and similar in nature: | |||||
# 1. The earliest method was to simply compare the files textually but this often | |||||
# led to false positives due to inconsistencies (e.g. spacing, ordering) | |||||
# 2. The next method was to load the files back into YAML structures and then | |||||
# compare but InSpec provided block diffs this way, unusable by end users | |||||
# 3. The final step was to dump the YAML structures back into a string to use | |||||
# for the comparison; this both worked and provided human-friendly diffs | |||||
### Comparison file for the specific platform | |||||
### Static, adjusted as part of code contributions, as map data is changed | |||||
# Strip the `platform[:finger]` version number down to the "OS major release" | |||||
platform_finger = system.platform[:finger].split('.').first.to_s | |||||
# Use that to set the path to the file (relative to the InSpec suite directory) | |||||
mapdata_file_path = "_mapdata/#{platform_finger}.yaml" | |||||
# Load the mapdata from profile, into a YAML structure | |||||
# https://docs.chef.io/inspec/profiles/#profile-files | |||||
mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path)) | |||||
# Dump the YAML back into a string for comparison | |||||
mapdata_file_dump = YAML.dump(mapdata_file_yaml) | |||||
### Output file produced by running the `_mapdata` state | |||||
### Dynamic, generated during Kitchen's `converge` phase | |||||
# Derive the location of the dumped mapdata (differs for Windows) | |||||
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' | |||||
# Use that to set the path to the file (absolute path, i.e. within the container) | |||||
output_file_path = "#{output_dir}/salt_mapdata_dump.yaml" | |||||
# Load the output into a YAML structure using InSpec's `yaml` resource | |||||
# https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29 | |||||
output_file_yaml = yaml(output_file_path).params | |||||
# Dump the YAML back into a string for comparison | |||||
output_file_dump = YAML.dump(output_file_yaml) | |||||
describe 'File content' do | |||||
it 'should match profile map data exactly' do | |||||
expect(output_file_dump).to eq(mapdata_file_dump) | |||||
end | |||||
end | |||||
end |
maintainer: SaltStack Formulas | maintainer: SaltStack Formulas | ||||
license: Apache-2.0 | license: Apache-2.0 | ||||
summary: Verify that Salt `v3000-py3` is setup and configured | summary: Verify that Salt `v3000-py3` is setup and configured | ||||
depends: | |||||
- name: share | |||||
path: test/integration/share | |||||
supports: | supports: | ||||
- platform-name: debian | - platform-name: debian | ||||
- platform-name: ubuntu | - platform-name: ubuntu |
# frozen_string_literal: true | |||||
require 'yaml' | |||||
control '`map.jinja` YAML dump' do | |||||
title 'should match the comparison file' | |||||
### Method | |||||
# The steps below for each file appear convoluted but they are both required | |||||
# and similar in nature: | |||||
# 1. The earliest method was to simply compare the files textually but this often | |||||
# led to false positives due to inconsistencies (e.g. spacing, ordering) | |||||
# 2. The next method was to load the files back into YAML structures and then | |||||
# compare but InSpec provided block diffs this way, unusable by end users | |||||
# 3. The final step was to dump the YAML structures back into a string to use | |||||
# for the comparison; this both worked and provided human-friendly diffs | |||||
### Comparison file for the specific platform | |||||
### Static, adjusted as part of code contributions, as map data is changed | |||||
# Strip the `platform[:finger]` version number down to the "OS major release" | |||||
platform_finger = system.platform[:finger].split('.').first.to_s | |||||
# Use that to set the path to the file (relative to the InSpec suite directory) | |||||
mapdata_file_path = "_mapdata/#{platform_finger}.yaml" | |||||
# Load the mapdata from profile, into a YAML structure | |||||
# https://docs.chef.io/inspec/profiles/#profile-files | |||||
mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path)) | |||||
# Dump the YAML back into a string for comparison | |||||
mapdata_file_dump = YAML.dump(mapdata_file_yaml) | |||||
### Output file produced by running the `_mapdata` state | |||||
### Dynamic, generated during Kitchen's `converge` phase | |||||
# Derive the location of the dumped mapdata (differs for Windows) | |||||
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' | |||||
# Use that to set the path to the file (absolute path, i.e. within the container) | |||||
output_file_path = "#{output_dir}/salt_mapdata_dump.yaml" | |||||
# Load the output into a YAML structure using InSpec's `yaml` resource | |||||
# https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29 | |||||
output_file_yaml = yaml(output_file_path).params | |||||
# Dump the YAML back into a string for comparison | |||||
output_file_dump = YAML.dump(output_file_yaml) | |||||
describe 'File content' do | |||||
it 'should match profile map data exactly' do | |||||
expect(output_file_dump).to eq(mapdata_file_dump) | |||||
end | |||||
end | |||||
end |
maintainer: SaltStack Formulas | maintainer: SaltStack Formulas | ||||
license: Apache-2.0 | license: Apache-2.0 | ||||
summary: Verify that Salt `v3001-py3` is setup and configured | summary: Verify that Salt `v3001-py3` is setup and configured | ||||
depends: | |||||
- name: share | |||||
path: test/integration/share | |||||
supports: | supports: | ||||
- platform-name: debian | - platform-name: debian | ||||
- platform-name: ubuntu | - platform-name: ubuntu |
# frozen_string_literal: true | |||||
require 'yaml' | |||||
control '`map.jinja` YAML dump' do | |||||
title 'should match the comparison file' | |||||
### Method | |||||
# The steps below for each file appear convoluted but they are both required | |||||
# and similar in nature: | |||||
# 1. The earliest method was to simply compare the files textually but this often | |||||
# led to false positives due to inconsistencies (e.g. spacing, ordering) | |||||
# 2. The next method was to load the files back into YAML structures and then | |||||
# compare but InSpec provided block diffs this way, unusable by end users | |||||
# 3. The final step was to dump the YAML structures back into a string to use | |||||
# for the comparison; this both worked and provided human-friendly diffs | |||||
### Comparison file for the specific platform | |||||
### Static, adjusted as part of code contributions, as map data is changed | |||||
# Strip the `platform[:finger]` version number down to the "OS major release" | |||||
platform_finger = system.platform[:finger].split('.').first.to_s | |||||
# Use that to set the path to the file (relative to the InSpec suite directory) | |||||
mapdata_file_path = "_mapdata/#{platform_finger}.yaml" | |||||
# Load the mapdata from profile, into a YAML structure | |||||
# https://docs.chef.io/inspec/profiles/#profile-files | |||||
mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path)) | |||||
# Dump the YAML back into a string for comparison | |||||
mapdata_file_dump = YAML.dump(mapdata_file_yaml) | |||||
### Output file produced by running the `_mapdata` state | |||||
### Dynamic, generated during Kitchen's `converge` phase | |||||
# Derive the location of the dumped mapdata (differs for Windows) | |||||
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' | |||||
# Use that to set the path to the file (absolute path, i.e. within the container) | |||||
output_file_path = "#{output_dir}/salt_mapdata_dump.yaml" | |||||
# Load the output into a YAML structure using InSpec's `yaml` resource | |||||
# https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29 | |||||
output_file_yaml = yaml(output_file_path).params | |||||
# Dump the YAML back into a string for comparison | |||||
output_file_dump = YAML.dump(output_file_yaml) | |||||
describe 'File content' do | |||||
it 'should match profile map data exactly' do | |||||
expect(output_file_dump).to eq(mapdata_file_dump) | |||||
end | |||||
end | |||||
end |
maintainer: SaltStack Formulas | maintainer: SaltStack Formulas | ||||
license: Apache-2.0 | license: Apache-2.0 | ||||
summary: Verify that Salt `v3002-py3` is setup and configured | summary: Verify that Salt `v3002-py3` is setup and configured | ||||
depends: | |||||
- name: share | |||||
path: test/integration/share | |||||
supports: | supports: | ||||
- platform-name: debian | - platform-name: debian | ||||
- platform-name: ubuntu | - platform-name: ubuntu |