ExternalMirrors
/
users-formula
mirror of https://github.com/saltstack-formulas/users-formula
Watch 1
Star 0
Fork 1
Code Issues 0 Releases 13 Wiki Activity
Browse Source

Merge pull request #212 from myii/ci/merge-matrix-and-add-salt-lint-and-rubocop 

ci: merge travis matrix, add `salt-lint` & `rubocop` to `lint` job
tags/v0.48.1
Imran Iqbal 5 years ago
parent
23b6725e4f f17d156e6e
commit
5e6846b173
No account linked to committer's email address
9 changed files with 129 additions and 64 deletions
Unified View Show Diff Stats
  1. +10
    -0
      .rubocop.yml
  2. +13
    -0
      .salt-lint
  3. +71
    -46
      .travis.yml
  4. +1
    -0
      .yamllint
  5. +4
    -3
      Gemfile
  6. +12
    -9
      bin/kitchen
  7. +14
    -2
      users/googleauth.sls
  8. +2
    -2
      users/init.sls
  9. +2
    -2
      users/sudo.sls

+ 10
- 0
.rubocop.yml View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# General overrides used across formulas in the org
Metrics/LineLength:
# Increase from default of `80`
# Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`)
Max: 88

# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config`

+ 13
- 0
.salt-lint View File

# -*- coding: utf-8 -*-
# vim: ft=yaml
---
exclude_paths: []
skip_list:
# Using `salt-lint` for linting other files as well, such as Jinja macros/templates
- 205 # Use ".sls" as a Salt State file extension
# Skipping `207` and `208` because `210` is sufficient, at least for the time-being
# I.e. Allows 3-digit unquoted codes to still be used, such as `644` and `755`
- 207 # File modes should always be encapsulated in quotation marks
- 208 # File modes should always contain a leading zero
tags: []
verbosity: 1

+ 71
- 46
.travis.yml View File

# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# vim: ft=yaml # vim: ft=yaml
--- ---
## Machine config
dist: bionic dist: bionic
stages:
- test
- lint
- name: release
if: branch = master AND type != pull_request

sudo: required sudo: required
cache: bundler
language: ruby

services: services:
- docker - docker


# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
env:
matrix:
- INSTANCE: default-debian-10-develop-py3
# - INSTANCE: default-ubuntu-1804-develop-py3
# - INSTANCE: default-centos-7-develop-py3
# - INSTANCE: default-fedora-30-develop-py3
# - INSTANCE: default-opensuse-leap-15-develop-py3
# - INSTANCE: default-amazonlinux-2-develop-py2
# - INSTANCE: default-arch-base-latest-develop-py2
# - INSTANCE: default-debian-9-2019-2-py3
- INSTANCE: default-ubuntu-1804-2019-2-py3
# - INSTANCE: default-centos-7-2019-2-py3
# - INSTANCE: default-fedora-30-2019-2-py3
# - INSTANCE: default-opensuse-leap-15-2019-2-py3
- INSTANCE: default-amazonlinux-2-2019-2-py2
# - INSTANCE: default-arch-base-latest-2019-2-py2
# - INSTANCE: default-debian-9-2018-3-py2
# - INSTANCE: default-ubuntu-1604-2018-3-py2
# - INSTANCE: default-centos-7-2018-3-py2
- INSTANCE: default-fedora-29-2018-3-py2
- INSTANCE: default-opensuse-leap-15-2018-3-py2
# - INSTANCE: default-amazonlinux-2-2018-3-py2
# - INSTANCE: default-arch-base-latest-2018-3-py2
# - INSTANCE: default-debian-8-2017-7-py2
# - INSTANCE: default-ubuntu-1604-2017-7-py2
- INSTANCE: default-centos-6-2017-7-py2
# - INSTANCE: default-fedora-29-2017-7-py2
# - INSTANCE: default-opensuse-leap-15-2017-7-py2
# - INSTANCE: default-amazonlinux-2-2017-7-py2
# - INSTANCE: default-arch-base-latest-2017-7-py2
## Language and cache config
language: ruby
cache: bundler


## Script to run for the test stage
script: script:
- bin/kitchen verify ${INSTANCE}
- bin/kitchen verify "${INSTANCE}"


## Stages and jobs matrix
stages:
- test
- name: release
if: branch = master AND type != pull_request
jobs: jobs:
allow_failures:
- env: Lint_rubocop
fast_finish: true
include: include:
# Define the `lint` stage (runs `yamllint` and `commitlint`)
- stage: lint
language: node_js
## Define the test stage that runs the linters (and testing matrix, if applicable)

# Run all of the linters in a single job (except `rubocop`)
- language: node_js
node_js: lts/* node_js: lts/*
env: Lint
name: 'Lint: salt-lint, yamllint & commitlint'
before_install: skip before_install: skip
script: script:
# Install and run `salt-lint`
- pip install --user salt-lint
- git ls-files | grep '\.sls$\|\.jinja$\|\.j2$\|\.tmpl$'
| xargs -I {} salt-lint {}
# Install and run `yamllint` # Install and run `yamllint`
# Need at least `v1.17.0` for the `yaml-files` setting # Need at least `v1.17.0` for the `yaml-files` setting
- pip install --user yamllint>=1.17.0 - pip install --user yamllint>=1.17.0
- npm install @commitlint/config-conventional -D - npm install @commitlint/config-conventional -D
- npm install @commitlint/travis-cli -D - npm install @commitlint/travis-cli -D
- commitlint-travis - commitlint-travis
# Define the release stage that runs `semantic-release`
# Run the `rubocop` linter in a separate job that is allowed to fail
# Once these lint errors are fixed, this can be merged into a single job
- language: node_js
node_js: lts/*
env: Lint_rubocop
name: 'Lint: rubocop'
before_install: skip
script:
# Install and run `rubocop`
- gem install rubocop
- rubocop -d

## Define the rest of the matrix based on Kitchen testing
# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
- env: INSTANCE=default-debian-10-develop-py3
# - env: INSTANCE=default-ubuntu-1804-develop-py3
# - env: INSTANCE=default-centos-7-develop-py3
# - env: INSTANCE=default-fedora-30-develop-py3
# - env: INSTANCE=default-opensuse-leap-15-develop-py3
# - env: INSTANCE=default-amazonlinux-2-develop-py2
# - env: INSTANCE=default-arch-base-latest-develop-py2
# - env: INSTANCE=default-debian-9-2019-2-py3
- env: INSTANCE=default-ubuntu-1804-2019-2-py3
# - env: INSTANCE=default-centos-7-2019-2-py3
# - env: INSTANCE=default-fedora-30-2019-2-py3
# - env: INSTANCE=default-opensuse-leap-15-2019-2-py3
- env: INSTANCE=default-amazonlinux-2-2019-2-py2
# - env: INSTANCE=default-arch-base-latest-2019-2-py2
# - env: INSTANCE=default-debian-9-2018-3-py2
# - env: INSTANCE=default-ubuntu-1604-2018-3-py2
# - env: INSTANCE=default-centos-7-2018-3-py2
- env: INSTANCE=default-fedora-29-2018-3-py2
- env: INSTANCE=default-opensuse-leap-15-2018-3-py2
# - env: INSTANCE=default-amazonlinux-2-2018-3-py2
# - env: INSTANCE=default-arch-base-latest-2018-3-py2
# - env: INSTANCE=default-debian-8-2017-7-py2
# - env: INSTANCE=default-ubuntu-1604-2017-7-py2
- env: INSTANCE=default-centos-6-2017-7-py2
# - env: INSTANCE=default-fedora-29-2017-7-py2
# - env: INSTANCE=default-opensuse-leap-15-2017-7-py2
# - env: INSTANCE=default-amazonlinux-2-2017-7-py2
# - env: INSTANCE=default-arch-base-latest-2017-7-py2

## Define the release stage that runs `semantic-release`
- stage: release - stage: release
language: node_js language: node_js
node_js: lts/* node_js: lts/*
env: Release
name: 'Run semantic-release inc. file updates to AUTHORS, CHANGELOG & FORMULA'
before_install: skip before_install: skip
script: script:
# Update `AUTHORS.md` # Update `AUTHORS.md`

+ 1
- 0
.yamllint View File

# Default settings # Default settings
- '*.yaml' - '*.yaml'
- '*.yml' - '*.yml'
- .salt-lint
- .yamllint - .yamllint
# SaltStack Formulas additional settings # SaltStack Formulas additional settings
- '*.example' - '*.example'

+ 4
- 3
Gemfile View File

source "https://rubygems.org"
# frozen_string_literal: true

source 'https://rubygems.org'


gem 'kitchen-docker', '>= 2.9' gem 'kitchen-docker', '>= 2.9'
gem 'kitchen-salt', '>= 0.6.0'
gem 'kitchen-inspec', '>= 1.1' gem 'kitchen-inspec', '>= 1.1'
gem 'kitchen-salt', '>= 0.6.0'

+ 12
- 9
bin/kitchen View File

# this file is here to facilitate running it. # this file is here to facilitate running it.
# #


require "pathname"
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
Pathname.new(__FILE__).realpath)
require 'pathname'
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile',
Pathname.new(__FILE__).realpath)


bundle_binstub = File.expand_path("../bundle", __FILE__)
bundle_binstub = File.expand_path('bundle', __dir__)


if File.file?(bundle_binstub) if File.file?(bundle_binstub)
if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
load(bundle_binstub) load(bundle_binstub)
else else
abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
abort(
'Your `bin/bundle` was not generated by Bundler, '\
'so this binstub cannot run. Replace `bin/bundle` by running '\
'`bundle binstubs bundler --force`, then run this command again.'
)
end end
end end


require "rubygems"
require "bundler/setup"
require 'rubygems'
require 'bundler/setup'


load Gem.bin_path("test-kitchen", "kitchen")
load Gem.bin_path('test-kitchen', 'kitchen')

+ 14
- 2
users/googleauth.sls View File

pkg.installed: pkg.installed:
- name: {{ users.googleauth_package }} - name: {{ users.googleauth_package }}
- require: - require:
- file: {{ users.googleauth_dir }}
- file: {{ users.googleauth_dir }}


users_{{ users.googleauth_dir }}: users_{{ users.googleauth_dir }}:
file.directory: file.directory:
{%- if 'google_auth' in user %} {%- if 'google_auth' in user %}
{%- for svc in user['google_auth'] %} {%- for svc in user['google_auth'] %}
{%- if user.get('google_2fa', True) %} {%- if user.get('google_2fa', True) %}
{%- set repl = '{0} {1} {2} {3} {4}{5}/{6}_{7} {8}\n{9}'.format(
'auth',
'[success=done new_authtok_reqd=done default=die]',
'pam_google_authenticator.so',
'user=root',
'secret=',
users.googleauth_dir,
'${USER}',
svc,
'echo_verification_code',
'@include common-auth',
) %}
users_googleauth-pam-{{ svc }}-{{ name }}: users_googleauth-pam-{{ svc }}-{{ name }}:
file.replace: file.replace:
- name: /etc/pam.d/{{ svc }} - name: /etc/pam.d/{{ svc }}
- pattern: "^@include common-auth" - pattern: "^@include common-auth"
- repl: "auth [success=done new_authtok_reqd=done default=die] pam_google_authenticator.so user=root secret={{ users.googleauth_dir }}/${USER}_{{ svc }} echo_verification_code\n@include common-auth"
- repl: "{{ repl }}"
- unless: grep pam_google_authenticator.so /etc/pam.d/{{ svc }} - unless: grep pam_google_authenticator.so /etc/pam.d/{{ svc }}
- backup: .bak - backup: .bak
{%- endif %} {%- endif %}

+ 2
- 2
users/init.sls View File

{% elif grains['kernel'] == 'Linux' and {% elif grains['kernel'] == 'Linux' and
user['expire'] > 84006 %} user['expire'] > 84006 %}
{# 2932896 days since epoch equals 9999-12-31 #} {# 2932896 days since epoch equals 9999-12-31 #}
- expire: {{ (user['expire'] / 86400) | int}}
- expire: {{ (user['expire'] / 86400) | int }}
{% else %} {% else %}
- expire: {{ user['expire'] }} - expire: {{ user['expire'] }}
{% endif %} {% endif %}
{% if 'optional_groups' in user %} {% if 'optional_groups' in user %}
- optional_groups: - optional_groups:
{% for optional_group in user['optional_groups'] -%} {% for optional_group in user['optional_groups'] -%}
- {{optional_group}}
- {{ optional_group }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
- require: - require:

+ 2
- 2
users/sudo.sls View File

pkg.installed: pkg.installed:
- name: {{ users.sudo_package }} - name: {{ users.sudo_package }}
- require: - require:
- file: {{ users.sudoers_dir }}
- file: {{ users.sudoers_dir }}
- unless: test "`uname`" = "Darwin" - unless: test "`uname`" = "Darwin"


users_{{ users.sudoers_dir }}: users_{{ users.sudoers_dir }}:


users_sudoer-defaults: users_sudoer-defaults:
file.append: file.append:
- name: {{ users.sudoers_file }}
- name: {{ users.sudoers_file }}
- require: - require:
- pkg: users_sudo-package - pkg: users_sudo-package
- text: - text:

Write Preview
Loading…
Cancel
Save