Ver código fonte

ci(kitchen+travis): test with pre-salted Docker images

tags/v0.4.0
Nicolas Rodriguez 5 anos atrás
pai
commit
f27ec2e262
8 arquivos alterados com 133 adições e 45 exclusões
  1. +21
    -4
      .travis.yml
  2. +94
    -29
      kitchen.yml
  3. +0
    -0
      test/integration/default/controls/config_spec.rb
  4. +0
    -0
      test/integration/default/controls/package_spec.rb
  5. +12
    -0
      test/integration/default/inspec.yml
  6. +0
    -10
      test/integration/ufw/inspec.yml
  7. +3
    -1
      ufw/config/applications.sls
  8. +3
    -1
      ufw/config/services.sls

+ 21
- 4
.travis.yml Ver arquivo

@@ -11,14 +11,31 @@ language: ruby
services:
- docker

# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
env:
matrix:
- DISTRIB=debian:stretch/9
- DISTRIB=ubuntu:xenial/16.04
- DISTRIB=ubuntu:bionic/18.04
- INSTANCE: default-debian-9-2019-2-py3
- INSTANCE: default-ubuntu-1804-2019-2-py3
- INSTANCE: default-centos-7-2019-2-py3
- INSTANCE: default-fedora-29-2019-2-py3
- INSTANCE: default-opensuse-leap-15-2019-2-py3
# - INSTANCE: default-debian-9-2018-3-py2
# - INSTANCE: default-ubuntu-1604-2018-3-py2
# - INSTANCE: default-centos-7-2018-3-py2
# - INSTANCE: default-fedora-29-2018-3-py2
# TODO: Use this when fixed instead of `opensuse-leap-42`
# Ref: https://github.com/netmanagers/salt-image-builder/issues/2
# - INSTANCE: default-opensuse-leap-15-2018-3-py2
# - INSTANCE: default-opensuse-leap-42-2018-3-py2
# - INSTANCE: default-debian-8-2017-7-py2
# - INSTANCE: default-ubuntu-1604-2017-7-py2
# - INSTANCE: default-centos-6-2017-7-py2
# - INSTANCE: default-fedora-28-2017-7-py2
# - INSTANCE: default-opensuse-leap-42-2017-7-py2

script:
- bundle exec kitchen test
- bundle exec kitchen verify ${INSTANCE}

jobs:
include:

+ 94
- 29
kitchen.yml Ver arquivo

@@ -1,32 +1,103 @@
<%
distrib, infos = ENV.fetch('DISTRIB', 'debian:stretch/9').split(':')
codename, version = infos.split('/')
%>
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# For help on this file's format, see https://kitchen.ci/
driver:
name: docker
use_sudo: false
privileged: true
run_command: /lib/systemd/systemd

provisioner:
name: salt_solo
formula: ufw
# Make sure the platforms listed below match up with
# the `env.matrix` instances defined in `.travis.yml`
platforms:
## SALT 2019.2
- name: debian-9-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:debian-9
provision_command:
- apt-get update && apt-get install -y locales
- echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
- locale-gen en_US.UTF-8
- name: ubuntu-1804-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:ubuntu-18.04
- name: centos-7-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:centos-7
- name: fedora-29-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:fedora-29
- name: opensuse-leap-15-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:opensuse-leap-15
run_command: /usr/lib/systemd/systemd

# Install Salt from official repositories
salt_install: apt
salt_version: latest
salt_apt_repo: https://repo.saltstack.com/apt/<%= distrib %>/<%= version %>/amd64
salt_apt_repo_key: https://repo.saltstack.com/apt/<%= distrib %>/<%= version %>/amd64/latest/SALTSTACK-GPG-KEY.pub
## SALT 2018.3
- name: debian-9-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:debian-9
provision_command:
- apt-get update && apt-get install -y locales
- echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
- locale-gen en_US.UTF-8
- name: ubuntu-1604-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:ubuntu-16.04
- name: centos-7-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:centos-7
- name: fedora-29-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:fedora-29
# TODO: Use this when fixed instead of `opensuse-leap-42`
# Ref: https://github.com/netmanagers/salt-image-builder/issues/2
# - name: opensuse-leap-15-2018-3-py2
# driver:
# image: netmanagers/salt-2018.3-py2:opensuse-leap-15
# run_command: /usr/lib/systemd/systemd
- name: opensuse-leap-42-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:opensuse-leap-42
run_command: /usr/lib/systemd/systemd

# Don't install Chef
require_chef: false
## SALT 2017.7
- name: debian-8-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:debian-8
provision_command:
- apt-get update && apt-get install -y locales
- echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
- locale-gen en_US.UTF-8
- name: ubuntu-1604-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:ubuntu-16.04
- name: centos-6-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:centos-6
run_command: /sbin/init
run_options: -v /lib/modules:/lib/modules:ro
- name: fedora-28-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:fedora-28
- name: opensuse-leap-42-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:opensuse-leap-42
run_command: /usr/lib/systemd/systemd

# Configure Salt
provisioner:
name: salt_solo
log_level: info
salt_install: none
require_chef: false
formula: ufw
salt_copy_filter:
- .kitchen
- .git
state_top:
base:
'*':
- ufw

pillars:
top.sls:
base:
@@ -67,21 +138,15 @@ provisioner:
protocol: tcp
comment: Allow HTTPS

platforms:
- name: <%= distrib %>-<%= codename %>
driver_config:
image: "<%= distrib %>:<%= codename %>"
platform: <%= distrib %>
provision_command:
- apt-get update && apt-get install -y locales
- echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
- locale-gen en_US.UTF-8
run_command: /lib/systemd/systemd

verifier:
# https://www.inspec.io/
name: inspec
sudo: true
# cli, documentation, html, progress, json, json-min, json-rspec, junit
reporter:
- progress
- cli
inspec_tests:
- path: test/integration/default

suites:
- name: ufw
- name: default

test/integration/ufw/controls/config_spec.rb → test/integration/default/controls/config_spec.rb Ver arquivo


test/integration/ufw/controls/package_spec.rb → test/integration/default/controls/package_spec.rb Ver arquivo


+ 12
- 0
test/integration/default/inspec.yml Ver arquivo

@@ -0,0 +1,12 @@
name: ufw
title: UFW Formula
maintainer: Alexandre Anriot
license: Apache-2.0
summary: Verify that the ufw formula is setup and configured correctly
supports:
- os-name: debian
- os-name: ubuntu
- os-name: centos
- os-name: fedora
- os-name: opensuse
- os-name: suse

+ 0
- 10
test/integration/ufw/inspec.yml Ver arquivo

@@ -1,10 +0,0 @@
name: ufw
title: Ufw Profile
maintainer: Alexandre Anriot
copyright: Alexandre Anriot
copyright_email: alexandre@atlantilde.com
license: MIT
summary: Ufw Compliance Profile
version: 0.1.0
supports:
- os-family: linux

+ 3
- 1
ufw/config/applications.sls Ver arquivo

@@ -39,7 +39,9 @@ ufw-app-{{method}}-{{app_name}}:
{%- if to_addr is not none %}
- to_addr: {{to_addr}}
{%- endif %}
{%- if comment is not none %}
# Debian Jessie doesn't implement the **comment** directive
# CentOS-6 throws an UTF-8 error
{%- if comment is not none and salt['grains.get']('osfinger') != 'Debian-8' and salt['grains.get']('osfinger') != 'CentOS-6' %}
- comment: '"{{comment}}"'
{%- endif %}
- listen_in:

+ 3
- 1
ufw/config/services.sls Ver arquivo

@@ -43,7 +43,9 @@ ufw-svc-{{method}}-{{service_name}}-{{from_addr}}:
{%- if to_addr is not none %}
- to_addr: {{to_addr}}
{%- endif %}
{%- if comment is not none %}
# Debian Jessie doesn't implement the **comment** directive
# CentOS-6 throws an UTF-8 error
{%- if comment is not none and salt['grains.get']('osfinger') != 'Debian-8' and salt['grains.get']('osfinger') != 'CentOS-6' %}
- comment: '"{{comment}}"'
{%- endif %}
- to_port: "{{to_port}}"

Carregando…
Cancelar
Salvar