test(map): verify `map.jinja` dump using `_mapdata` state

* Semi-automated using https://github.com/myii/ssf-formula/pull/285

CODEOWNERS

@@ -16,8 +16,11 @@
 /docs/AUTHORS.rst                           @saltstack-formulas/ssf
 /docs/CHANGELOG.rst                         @saltstack-formulas/ssf
 /docs/TOFS_pattern.rst                      @saltstack-formulas/ssf
+/*/_mapdata/                                @saltstack-formulas/ssf
 /*/libsaltcli.jinja                         @saltstack-formulas/ssf
 /*/libtofs.jinja                            @saltstack-formulas/ssf
+/test/integration/**/_mapdata_spec.rb       @saltstack-formulas/ssf
+/test/integration/**/libraries/system.rb    @saltstack-formulas/ssf
 /test/integration/**/inspec.yml             @saltstack-formulas/ssf
 /test/integration/**/README.md              @saltstack-formulas/ssf
 /.gitignore                                 @saltstack-formulas/ssf

kitchen.github.yml

@@ -25,6 +25,7 @@ suites:
       state_top:
         base:
           '*':
+            - salt._mapdata
             - salt.minion
       pillars:
         top.sls:

kitchen.vagrant.yml

@@ -23,6 +23,7 @@ suites:
       state_top:
         base:
           '*':
+            - salt._mapdata
             - salt.minion
       pillars:
         top.sls:

kitchen.yml

@@ -301,6 +301,7 @@ suites:
       state_top:
         base:
           '*':
+            - salt._mapdata
             - salt.pkgrepo
             - salt.master
             - salt.minion
@@ -337,6 +338,7 @@ suites:
       state_top:
         base:
           '*':
+            - salt._mapdata
             - salt.pkgrepo
             - salt.master
             - salt.minion
@@ -370,6 +372,7 @@ suites:
       state_top:
         base:
           '*':
+            - salt._mapdata
             - salt.pkgrepo
             - salt.master
             - salt.minion
@@ -393,6 +396,7 @@ suites:
       state_top:
         base:
           '*':
+            - salt._mapdata
             - salt.pkgrepo
             - salt.master
             - salt.minion

salt/_mapdata/_mapdata.jinja

@@ -0,0 +1,13 @@
+# yamllint disable rule:indentation rule:line-length
+# {{ grains.get("osfinger", grains.os) }}
+---
+{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
+{{ salt["slsutil.serialize"](
+     "yaml",
+     map,
+     default_flow_style=False,
+     allow_unicode=True,
+   )
+   | regex_replace("^\s+'$", "'", multiline=True)
+   | trim
+}}

salt/_mapdata/init.sls

@@ -0,0 +1,26 @@
+# -*- coding: utf-8 -*-
+# vim: ft=sls
+---
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split("/")[0] %}
+{%- from tplroot ~ "/map.jinja" import salt_settings with context %}
+{%- from tplroot ~ "/map.jinja" import formulas_settings with context %}
+
+{%- set _mapdata = {
+      "values": {
+        "salt_settings": salt_settings,
+        "formulas_settings": formulas_settings,
+      }
+    } %}
+{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %}
+
+{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %}
+{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %}
+
+{{ tplroot }}-mapdata-dump:
+  file.managed:
+    - name: {{ output_file }}
+    - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
+    - template: jinja
+    - context:
+        map: {{ _mapdata | yaml }}

test/integration/share/README.md

@@ -0,0 +1,21 @@
+# InSpec Profile: `share`
+
+This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
+
+Its goal is to share the libraries between all profiles.
+
+## Libraries
+
+### `system`
+
+The `system` library provides easy access to system dependent information:
+
+- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
+  - `system.platform[:family]` provide a family name for Arch and Gentoo
+  - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
+  - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo and Windows:
+    - `Arch` is always `base-latest`
+    - `Amazon Linux` release `2018` is resolved as `1`
+    - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
+    - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
+  - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)

test/integration/share/inspec.yml

@@ -0,0 +1,21 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
+---
+name: share
+title: InSpec shared resources
+maintainer: SaltStack Formulas
+license: Apache-2.0
+summary: shared resources
+supports:
+  - platform-name: debian
+  - platform-name: ubuntu
+  - platform-name: centos
+  - platform-name: fedora
+  - platform-name: opensuse
+  - platform-name: suse
+  - platform-name: freebsd
+  - platform-name: amazon
+  - platform-name: oracle
+  - platform-name: arch
+  - platform-name: gentoo
+  - platform: windows

test/integration/share/libraries/system.rb

@@ -0,0 +1,89 @@
+# frozen_string_literal: true
+
+# system.rb -- InSpec resources for system values
+# Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
+# Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
+
+class SystemResource < Inspec.resource(1)
+  name 'system'
+
+  attr_reader :platform
+
+  def initialize
+    super
+    @platform = build_platform
+  end
+
+  private
+
+  def build_platform
+    {
+      family: build_platform_family,
+      name: build_platform_name,
+      release: build_platform_release,
+      finger: build_platform_finger
+    }
+  end
+
+  def build_platform_family
+    case inspec.platform[:name]
+    when 'arch', 'gentoo'
+      inspec.platform[:name]
+    else
+      inspec.platform[:family]
+    end
+  end
+
+  def build_platform_name
+    case inspec.platform[:name]
+    when 'amazon', 'oracle'
+      "#{inspec.platform[:name]}linux"
+    when 'windows_8.1_pro', 'windows_server_2019_datacenter'
+      'windows'
+    else
+      inspec.platform[:name]
+    end
+  end
+
+  # rubocop:disable Metrics/MethodLength
+  def build_platform_release
+    case inspec.platform[:name]
+    when 'amazon'
+      # `2018` relase is named `1` in kitchen.yaml
+      inspec.platform[:release].gsub(/2018.*/, '1')
+    when 'arch'
+      'base-latest'
+    when 'gentoo'
+      "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
+    when 'windows_8.1_pro'
+      '8.1'
+    when 'windows_server_2019_datacenter'
+      '2019-server'
+    else
+      inspec.platform[:release]
+    end
+  end
+  # rubocop:enable Metrics/MethodLength
+
+  def derive_gentoo_init_system
+    case inspec.command('systemctl').exist?
+    when true
+      'sysd'
+    else
+      'sysv'
+    end
+  end
+
+  def build_platform_finger
+    "#{build_platform_name}-#{build_finger_release}"
+  end
+
+  def build_finger_release
+    case inspec.platform[:name]
+    when 'ubuntu'
+      build_platform_release.split('.').slice(0, 2).join('.')
+    else
+      build_platform_release.split('.')[0]
+    end
+  end
+end

test/integration/v3000-py2/controls/_mapdata_spec.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+control '`map.jinja` YAML dump' do
+  title 'should match the comparison file'
+
+  ### Method
+  # The steps below for each file appear convoluted but they are both required
+  # and similar in nature:
+  # 1. The earliest method was to simply compare the files textually but this often
+  #    led to false positives due to inconsistencies (e.g. spacing, ordering)
+  # 2. The next method was to load the files back into YAML structures and then
+  #    compare but InSpec provided block diffs this way, unusable by end users
+  # 3. The final step was to dump the YAML structures back into a string to use
+  #    for the comparison; this both worked and provided human-friendly diffs
+
+  ### Comparison file for the specific platform
+  ### Static, adjusted as part of code contributions, as map data is changed
+  # Strip the `platform[:finger]` version number down to the "OS major release"
+  platform_finger = system.platform[:finger].split('.').first.to_s
+  # Use that to set the path to the file (relative to the InSpec suite directory)
+  mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
+  # Load the mapdata from profile, into a YAML structure
+  # https://docs.chef.io/inspec/profiles/#profile-files
+  mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path))
+  # Dump the YAML back into a string for comparison
+  mapdata_file_dump = YAML.dump(mapdata_file_yaml)
+
+  ### Output file produced by running the `_mapdata` state
+  ### Dynamic, generated during Kitchen's `converge` phase
+  # Derive the location of the dumped mapdata (differs for Windows)
+  output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
+  # Use that to set the path to the file (absolute path, i.e. within the container)
+  output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
+  # Load the output into a YAML structure using InSpec's `yaml` resource
+  # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
+  output_file_yaml = yaml(output_file_path).params
+  # Dump the YAML back into a string for comparison
+  output_file_dump = YAML.dump(output_file_yaml)
+
+  describe 'File content' do
+    it 'should match profile map data exactly' do
+      expect(output_file_dump).to eq(mapdata_file_dump)
+    end
+  end
+end

test/integration/v3000-py2/inspec.yml

@@ -6,6 +6,9 @@ title: salt formula
 maintainer: SaltStack Formulas
 license: Apache-2.0
 summary: Verify that Salt `v3000-py2` is setup and configured
+depends:
+  - name: share
+    path: test/integration/share
 supports:
   - platform-name: debian
   - platform-name: ubuntu

test/integration/v3000-py3/controls/_mapdata_spec.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+control '`map.jinja` YAML dump' do
+  title 'should match the comparison file'
+
+  ### Method
+  # The steps below for each file appear convoluted but they are both required
+  # and similar in nature:
+  # 1. The earliest method was to simply compare the files textually but this often
+  #    led to false positives due to inconsistencies (e.g. spacing, ordering)
+  # 2. The next method was to load the files back into YAML structures and then
+  #    compare but InSpec provided block diffs this way, unusable by end users
+  # 3. The final step was to dump the YAML structures back into a string to use
+  #    for the comparison; this both worked and provided human-friendly diffs
+
+  ### Comparison file for the specific platform
+  ### Static, adjusted as part of code contributions, as map data is changed
+  # Strip the `platform[:finger]` version number down to the "OS major release"
+  platform_finger = system.platform[:finger].split('.').first.to_s
+  # Use that to set the path to the file (relative to the InSpec suite directory)
+  mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
+  # Load the mapdata from profile, into a YAML structure
+  # https://docs.chef.io/inspec/profiles/#profile-files
+  mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path))
+  # Dump the YAML back into a string for comparison
+  mapdata_file_dump = YAML.dump(mapdata_file_yaml)
+
+  ### Output file produced by running the `_mapdata` state
+  ### Dynamic, generated during Kitchen's `converge` phase
+  # Derive the location of the dumped mapdata (differs for Windows)
+  output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
+  # Use that to set the path to the file (absolute path, i.e. within the container)
+  output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
+  # Load the output into a YAML structure using InSpec's `yaml` resource
+  # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
+  output_file_yaml = yaml(output_file_path).params
+  # Dump the YAML back into a string for comparison
+  output_file_dump = YAML.dump(output_file_yaml)
+
+  describe 'File content' do
+    it 'should match profile map data exactly' do
+      expect(output_file_dump).to eq(mapdata_file_dump)
+    end
+  end
+end

test/integration/v3000-py3/inspec.yml

@@ -6,6 +6,9 @@ title: salt formula
 maintainer: SaltStack Formulas
 license: Apache-2.0
 summary: Verify that Salt `v3000-py3` is setup and configured
+depends:
+  - name: share
+    path: test/integration/share
 supports:
   - platform-name: debian
   - platform-name: ubuntu

test/integration/v3001-py3/controls/_mapdata_spec.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+control '`map.jinja` YAML dump' do
+  title 'should match the comparison file'
+
+  ### Method
+  # The steps below for each file appear convoluted but they are both required
+  # and similar in nature:
+  # 1. The earliest method was to simply compare the files textually but this often
+  #    led to false positives due to inconsistencies (e.g. spacing, ordering)
+  # 2. The next method was to load the files back into YAML structures and then
+  #    compare but InSpec provided block diffs this way, unusable by end users
+  # 3. The final step was to dump the YAML structures back into a string to use
+  #    for the comparison; this both worked and provided human-friendly diffs
+
+  ### Comparison file for the specific platform
+  ### Static, adjusted as part of code contributions, as map data is changed
+  # Strip the `platform[:finger]` version number down to the "OS major release"
+  platform_finger = system.platform[:finger].split('.').first.to_s
+  # Use that to set the path to the file (relative to the InSpec suite directory)
+  mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
+  # Load the mapdata from profile, into a YAML structure
+  # https://docs.chef.io/inspec/profiles/#profile-files
+  mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path))
+  # Dump the YAML back into a string for comparison
+  mapdata_file_dump = YAML.dump(mapdata_file_yaml)
+
+  ### Output file produced by running the `_mapdata` state
+  ### Dynamic, generated during Kitchen's `converge` phase
+  # Derive the location of the dumped mapdata (differs for Windows)
+  output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
+  # Use that to set the path to the file (absolute path, i.e. within the container)
+  output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
+  # Load the output into a YAML structure using InSpec's `yaml` resource
+  # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
+  output_file_yaml = yaml(output_file_path).params
+  # Dump the YAML back into a string for comparison
+  output_file_dump = YAML.dump(output_file_yaml)
+
+  describe 'File content' do
+    it 'should match profile map data exactly' do
+      expect(output_file_dump).to eq(mapdata_file_dump)
+    end
+  end
+end

test/integration/v3001-py3/inspec.yml

@@ -6,6 +6,9 @@ title: salt formula
 maintainer: SaltStack Formulas
 license: Apache-2.0
 summary: Verify that Salt `v3001-py3` is setup and configured
+depends:
+  - name: share
+    path: test/integration/share
 supports:
   - platform-name: debian
   - platform-name: ubuntu

test/integration/v3002-py3/controls/_mapdata_spec.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+control '`map.jinja` YAML dump' do
+  title 'should match the comparison file'
+
+  ### Method
+  # The steps below for each file appear convoluted but they are both required
+  # and similar in nature:
+  # 1. The earliest method was to simply compare the files textually but this often
+  #    led to false positives due to inconsistencies (e.g. spacing, ordering)
+  # 2. The next method was to load the files back into YAML structures and then
+  #    compare but InSpec provided block diffs this way, unusable by end users
+  # 3. The final step was to dump the YAML structures back into a string to use
+  #    for the comparison; this both worked and provided human-friendly diffs
+
+  ### Comparison file for the specific platform
+  ### Static, adjusted as part of code contributions, as map data is changed
+  # Strip the `platform[:finger]` version number down to the "OS major release"
+  platform_finger = system.platform[:finger].split('.').first.to_s
+  # Use that to set the path to the file (relative to the InSpec suite directory)
+  mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
+  # Load the mapdata from profile, into a YAML structure
+  # https://docs.chef.io/inspec/profiles/#profile-files
+  mapdata_file_yaml = YAML.safe_load(inspec.profile.file(mapdata_file_path))
+  # Dump the YAML back into a string for comparison
+  mapdata_file_dump = YAML.dump(mapdata_file_yaml)
+
+  ### Output file produced by running the `_mapdata` state
+  ### Dynamic, generated during Kitchen's `converge` phase
+  # Derive the location of the dumped mapdata (differs for Windows)
+  output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
+  # Use that to set the path to the file (absolute path, i.e. within the container)
+  output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
+  # Load the output into a YAML structure using InSpec's `yaml` resource
+  # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
+  output_file_yaml = yaml(output_file_path).params
+  # Dump the YAML back into a string for comparison
+  output_file_dump = YAML.dump(output_file_yaml)
+
+  describe 'File content' do
+    it 'should match profile map data exactly' do
+      expect(output_file_dump).to eq(mapdata_file_dump)
+    end
+  end
+end

test/integration/v3002-py3/inspec.yml

@@ -6,6 +6,9 @@ title: salt formula
 maintainer: SaltStack Formulas
 license: Apache-2.0
 summary: Verify that Salt `v3002-py3` is setup and configured
+depends:
+  - name: share
+    path: test/integration/share
 supports:
   - platform-name: debian
   - platform-name: ubuntu