Sfoglia il codice sorgente

Add kitchen tests

tags/v0.2.0
Alexandre Anriot 6 anni fa
parent
commit
b749509eb1
6 ha cambiato i file con 124 aggiunte e 6 eliminazioni
  1. +2
    -0
      .gitignore
  2. +62
    -0
      .kitchen.yml
  3. +7
    -0
      Gemfile
  4. +12
    -6
      README.md
  5. +31
    -0
      test/integration/ufw/controls/ufw.rb
  6. +10
    -0
      test/integration/ufw/inspec.yml

+ 2
- 0
.gitignore Vedi File

@@ -0,0 +1,2 @@
.kitchen/
Gemfile.lock

+ 62
- 0
.kitchen.yml Vedi File

@@ -0,0 +1,62 @@
<%
distrib, infos = ENV.fetch('DISTRIB', 'debian:stretch/9').split(':')
codename, version = infos.split('/')
%>
---
driver:
name: docker
use_sudo: false
privileged: true

provisioner:
name: salt_solo
formula: ufw

# Install Salt from official repositories
salt_install: apt
salt_version: latest
salt_apt_repo: https://repo.saltstack.com/apt/<%= distrib %>/<%= version %>/amd64
salt_apt_repo_key: https://repo.saltstack.com/apt/<%= distrib %>/<%= version %>/amd64/latest/SALTSTACK-GPG-KEY.pub

# Don't install Chef
require_chef: false

# Configure Salt
state_top:
base:
'*':
- ufw

pillars:
top.sls:
base:
'*':
- ufw
ufw.sls:
ufw:
enabled: True
settings:
loglevel: 'low'
services:
'22':
protocol: tcp
comment: Allow SSH

platforms:
- name: <%= distrib %>-<%= codename %>
driver_config:
image: "<%= distrib %>:<%= codename %>"
platform: <%= distrib %>
provision_command:
- apt-get update && apt-get install -y locales
- echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
- locale-gen en_US.UTF-8
run_command: /lib/systemd/systemd

verifier:
name: inspec
reporter: progress

suites:
- name: ufw


+ 7
- 0
Gemfile Vedi File

@@ -0,0 +1,7 @@
source 'https://rubygems.org'
ruby '2.3.5'

gem 'test-kitchen'
gem 'kitchen-docker'
gem 'kitchen-salt'
gem 'kitchen-inspec'

+ 12
- 6
README.md Vedi File

@@ -1,12 +1,10 @@
ufw-formula
===========
# Ufw Salt Formula

This module manages your firewall using ufw with pillar configured rules.

See the full [Salt Formulas installation and usage instructions](http://docs.saltstack.com/topics/development/conventions/formulas.html).

Usage
-----
## Usage

All the configuration for the firewall is done via pillar (pillar.example).

@@ -77,8 +75,16 @@ ufw:
- OpenSSH
```

Authors
-------
## Run tests

This formula is tested with [Kitchen](https://kitchen.ci/) and [Inspec](https://www.inspec.io/) in a Docker container.

To run tests you need to

* install Ruby dependencies : `bundle install`
* run Kitchen : `kitchen test`

## Authors

Original state and module based on the work from [Yigal Duppen](https://github.com/publysher/infra-example-nginx/tree/develop).


+ 31
- 0
test/integration/ufw/controls/ufw.rb Vedi File

@@ -0,0 +1,31 @@
# encoding: utf-8

title 'Test Ufw installation'

describe package('ufw') do
it { should be_installed }
end

describe directory('/etc/ufw') do
it { should exist }
end

describe file('/etc/ufw/ufw.conf') do
its('content') { should include 'ENABLED=' }
its('content') { should include 'LOGLEVEL=' }
end

describe command('ufw status verbose | grep Status') do
its('exit_status') { should eq 0 }
its('stdout') { should match /active/ }
end

describe command('ufw status verbose | grep Logging') do
its('exit_status') { should eq 0 }
its('stdout') { should match /low/ }
end

describe command('ufw status | grep 22/tcp') do
its('exit_status') { should eq 0 }
its('stdout') { should match /ALLOW/ }
end

+ 10
- 0
test/integration/ufw/inspec.yml Vedi File

@@ -0,0 +1,10 @@
name: ufw
title: Ufw Profile
maintainer: Alexandre Anriot
copyright: Alexandre Anriot
copyright_email: alexandre@atlantilde.com
license: MIT
summary: Ufw Compliance Profile
version: 0.1.0
supports:
- os-family: linux

Loading…
Annulla
Salva