From 8ab60b9689158035a4d60a165729135b086e499d Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Mon, 16 May 2022 00:02:17 +0100 Subject: [PATCH 1/6] ci(macos): enable testing using GitHub Actions * Automated using https://github.com/myii/ssf-formula/pull/443 --- .github/workflows/kitchen.macos.yml | 79 +++++++++++++++++++++++++++++ kitchen.macos.yml | 25 +++++++++ test/integration/default/inspec.yml | 1 + 3 files changed, 105 insertions(+) create mode 100644 .github/workflows/kitchen.macos.yml create mode 100644 kitchen.macos.yml diff --git a/.github/workflows/kitchen.macos.yml b/.github/workflows/kitchen.macos.yml new file mode 100644 index 0000000..038ceb6 --- /dev/null +++ b/.github/workflows/kitchen.macos.yml @@ -0,0 +1,79 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +name: 'Kitchen (macOS)' +'on': ['push', 'pull_request'] + +env: + KITCHEN_LOCAL_YAML: 'kitchen.macos.yml' + +jobs: + test-12: + runs-on: 'macos-12' + strategy: + fail-fast: false + matrix: + instance: + - default-macos-12-latest-py3 + steps: + - name: 'Check out code' + uses: 'actions/checkout@v2' + - name: 'Set up Bundler cache' + uses: 'actions/cache@v1' + with: + path: 'vendor/bundle' + key: "${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}" + restore-keys: "${{ runner.os }}-gems-" + - name: 'Run Bundler' + run: | + ruby --version + bundle config path vendor/bundle + bundle install --jobs 4 --retry 3 + - name: 'Run Test Kitchen' + run: 'bundle exec kitchen verify ${{ matrix.instance }}' + test-11: + runs-on: 'macos-11' + strategy: + fail-fast: false + matrix: + instance: + - default-macos-11-latest-py3 + steps: + - name: 'Check out code' + uses: 'actions/checkout@v2' + - name: 'Set up Bundler cache' + uses: 'actions/cache@v1' + with: + path: 'vendor/bundle' + key: "${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}" + restore-keys: "${{ runner.os }}-gems-" + - name: 'Run Bundler' + run: | + ruby --version + bundle config path vendor/bundle + bundle install --jobs 4 --retry 3 + - name: 'Run Test Kitchen' + run: 'bundle exec kitchen verify ${{ matrix.instance }}' + test-1015: + runs-on: 'macos-10.15' + strategy: + fail-fast: false + matrix: + instance: + - default-macos-1015-latest-py3 + steps: + - name: 'Check out code' + uses: 'actions/checkout@v2' + - name: 'Set up Bundler cache' + uses: 'actions/cache@v1' + with: + path: 'vendor/bundle' + key: "${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}" + restore-keys: "${{ runner.os }}-gems-" + - name: 'Run Bundler' + run: | + ruby --version + bundle config path vendor/bundle + bundle install --jobs 4 --retry 3 + - name: 'Run Test Kitchen' + run: 'bundle exec kitchen verify ${{ matrix.instance }}' diff --git a/kitchen.macos.yml b/kitchen.macos.yml new file mode 100644 index 0000000..2528195 --- /dev/null +++ b/kitchen.macos.yml @@ -0,0 +1,25 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +driver: + name: exec + +provisioner: + sudo: true + salt_install: bootstrap + salt_bootstrap_options: -P stable latest + salt_call_command: /opt/salt/bin/salt-call + +platforms: + - name: macos-12-latest-py3 + verifier: + inputs: + saltmajorversion: 3004 + - name: macos-11-latest-py3 + verifier: + inputs: + saltmajorversion: 3004 + - name: macos-1015-latest-py3 + verifier: + inputs: + saltmajorversion: 3004 diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml index 777ca56..c566580 100644 --- a/test/integration/default/inspec.yml +++ b/test/integration/default/inspec.yml @@ -24,4 +24,5 @@ supports: - platform-name: gentoo - platform-name: almalinux - platform-name: rocky + - platform-name: mac_os_x - platform: windows From 3eff2d2acf43eb87015007fdfc5dd92bb8edaaf7 Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Mon, 16 May 2022 12:44:47 +0100 Subject: [PATCH 2/6] refactor(minion): use `pkg.installed` state for macOS Keep consistent with `salt/master.sls`. --- salt/minion.sls | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/salt/minion.sls b/salt/minion.sls index e1eb8b5..c0aef55 100644 --- a/salt/minion.sls +++ b/salt/minion.sls @@ -29,10 +29,13 @@ download-salt-minion: - macpackage: salt-minion - retry: {{ salt_settings.retry_options | json }} {%- elif "workaround https://github.com/saltstack/salt/issues/49348" %} - cmd.run: - - name: /usr/local/bin/brew install {{ salt_settings.salt_minion }} - - onlyif: test -x /usr/local/bin/brew - - runas: {{ salt_settings.rootuser }} + {% if salt_settings.install_packages %} + pkg.installed: + - name: {{ salt_settings.salt_minion }} + {%- if salt_settings.version is defined %} + - version: {{ salt_settings.version }} + {%- endif %} + {% endif %} {%- endif %} salt-minion-macos: @@ -130,7 +133,7 @@ salt-minion: {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} - macpackage: salt-minion {%- elif grains.os == 'MacOS' %} - - cmd: download-salt-minion + - pkg: download-salt-minion {%- else %} - pkg: salt-minion {%- endif %} @@ -155,7 +158,7 @@ restart-salt-minion: {%- if grains.os == 'MacOS' and salt_settings.salt_minion_pkg_source %} - macpackage: salt-minion {%- elif grains.os == 'MacOS' %} - - cmd: download-salt-minion + - pkg: download-salt-minion {%- else %} - pkg: salt-minion {%- endif %} From b2316ed17b7c60e5a4ee394f18fcad70572dc53d Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Tue, 17 May 2022 07:32:17 +0100 Subject: [PATCH 3/6] fix(minion): replace literals with `rootuser` & `rootgroup` from map --- salt/minion.sls | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/salt/minion.sls b/salt/minion.sls index c0aef55..97db5b3 100644 --- a/salt/minion.sls +++ b/salt/minion.sls @@ -20,8 +20,8 @@ download-salt-minion: {% else %} - skip_verify: True {% endif %} - - user: root - - group: wheel + - user: {{ salt_settings.rootuser }} + - group: {{ salt_settings.rootgroup }} - mode: '0644' - unless: - test -n "{{ salt_settings.version }}" && '/opt/salt/bin/salt-minion --version=.*{{ salt_settings.version }}.*' @@ -204,7 +204,7 @@ permissions-minion-config: {%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %} wheel {%- else %} - root + {{ salt_settings.rootgroup }} {%- endif %} {%- if grains['kernel'] != 'Windows' %} - mode: 640 @@ -224,7 +224,7 @@ salt-minion-pki-dir: {%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %} wheel {%- else %} - root + {{ salt_settings.rootgroup }} {%- endif %} {%- if grains['kernel'] != 'Windows' %} - mode: 700 @@ -243,7 +243,7 @@ permissions-minion.pem: {%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %} wheel {%- else %} - root + {{ salt_settings.rootgroup }} {%- endif %} {%- if grains['kernel'] != 'Windows' %} - mode: 400 @@ -264,7 +264,7 @@ permissions-minion.pub: {%- if grains['kernel'] in ['FreeBSD', 'OpenBSD', 'NetBSD'] %} wheel {%- else %} - root + {{ salt_settings.rootgroup }} {%- endif %} {%- if grains['kernel'] != 'Windows' %} - mode: 644 From dc9cff99c5bcc487a68f488bbe419758ac72987c Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Tue, 17 May 2022 07:39:37 +0100 Subject: [PATCH 4/6] test(macos): update for this platform --- test/integration/default/controls/pkgs_spec.rb | 2 ++ test/integration/default/controls/service_spec.rb | 8 ++++++++ 2 files changed, 10 insertions(+) diff --git a/test/integration/default/controls/pkgs_spec.rb b/test/integration/default/controls/pkgs_spec.rb index 389aba1..3bfb34b 100644 --- a/test/integration/default/controls/pkgs_spec.rb +++ b/test/integration/default/controls/pkgs_spec.rb @@ -8,6 +8,8 @@ pkgs = %w[py38-salt] when 'windows' ['Salt Minion'] + when 'mac_os_x' + %w[salt saltstack] else %w[salt-master salt-minion] end diff --git a/test/integration/default/controls/service_spec.rb b/test/integration/default/controls/service_spec.rb index be3dab7..a1d5843 100644 --- a/test/integration/default/controls/service_spec.rb +++ b/test/integration/default/controls/service_spec.rb @@ -6,6 +6,14 @@ services = %w[salt_master salt_minion] when 'windows' %w[salt-minion] + when 'darwin' + # The following is expected but isn't yet working in the GitHub Actions + # macOS runners + # %w[com.saltstack.salt.api + # com.saltstack.salt.master + # com.saltstack.salt.minion + # com.saltstack.salt.syndic] + [] else %w[salt-master salt-minion] end From c1c635fda48384c13284fbb424c88a1bfd3f0486 Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Tue, 17 May 2022 07:41:40 +0100 Subject: [PATCH 5/6] test(macos): add `map.jinja` verification files --- .../default/files/_mapdata/mac_os_x-10.yaml | 115 ++++++++++++++++++ .../default/files/_mapdata/mac_os_x-11.yaml | 115 ++++++++++++++++++ .../default/files/_mapdata/mac_os_x-12.yaml | 115 ++++++++++++++++++ 3 files changed, 345 insertions(+) create mode 100644 test/integration/default/files/_mapdata/mac_os_x-10.yaml create mode 100644 test/integration/default/files/_mapdata/mac_os_x-11.yaml create mode 100644 test/integration/default/files/_mapdata/mac_os_x-12.yaml diff --git a/test/integration/default/files/_mapdata/mac_os_x-10.yaml b/test/integration/default/files/_mapdata/mac_os_x-10.yaml new file mode 100644 index 0000000..b6678b7 --- /dev/null +++ b/test/integration/default/files/_mapdata/mac_os_x-10.yaml @@ -0,0 +1,115 @@ +# yamllint disable rule:indentation rule:line-length +# Mac OS X +--- +values: + formulas_settings: + checkout_orig_branch: false + git_opts: + default: + basedir: /srv/formulas + baseurl: https://github.com/saltstack-formulas + options: + output_loglevel: quiet + rev: master + update: false + list: {} + salt_settings: + api_service: salt-api + api_service_details: + enabled: true + state: running + clean_config_d_dir: true + cloud: + template_sources: + maps: salt://salt/files/cloud.maps.d + profiles: salt://salt/files/cloud.profiles.d + providers: salt://salt/files/cloud.providers.d + config_path: /private/etc/salt + gitfs: + dulwich: + install_from_source: true + gitpython: + install_from_source: false + pygit2: + git: + install_from_package: git + require_state: false + install_from_source: true + libgit2: + build_parent_dir: /usr/src/ + download_hash: 683d1164e361e2a0a8d52652840e2340 + install_from_source: true + version: 0.23.0 + version: 0.23.0 + install_packages: true + master: + ext_pillar: + - cmd_yaml: cat /etc/salt/yaml + - stack: + - /path/to/stack1.cfg + - /path/to/stack2.cfg + - reclass: + inventory_base_uri: /etc/reclass + - saltclass: + - path: /srv/saltclass + file_roots: + base: + - /srv/salt + fileserver_backend: + - rootfs + gitfs_provider: gitpython + pillar_roots: + base: + - /srv/pillar + master_config_use_TOFS: false + master_remove_config: false + master_service: com.saltstack.salt.master + master_service_details: + enabled: true + state: running + minion: + file_roots: + base: + - /srv/salt + fileserver_backend: + - rootfs + master: localhost + master_type: str + pillar_roots: + base: + - /srv/pillar + minion_config_use_TOFS: false + minion_remove_config: false + minion_service: com.saltstack.salt.minion + minion_service_details: + enabled: true + state: running + parallel: true + pin_version: false + pkgrepo: '' + py_ver: py3 + python_dulwich: python-dulwich + python_git: python-git + release: '3004' + restart_via_at: false + retry_options: + attempts: 5 + interval: 10 + splay: 10 + until: true + rootgroup: staff + rootuser: runner + salt_api: salt-api + salt_cloud: salt-cloud + salt_master: salt-master + salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 + salt_minion: salt + salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20 + salt_minion_pkg_hash: '' + salt_minion_pkg_source: '' + salt_ssh: salt-ssh + salt_syndic: salt-syndic + ssh_roster: {} + syndic_service: salt-syndic + use_pip: false + version: '' diff --git a/test/integration/default/files/_mapdata/mac_os_x-11.yaml b/test/integration/default/files/_mapdata/mac_os_x-11.yaml new file mode 100644 index 0000000..b6678b7 --- /dev/null +++ b/test/integration/default/files/_mapdata/mac_os_x-11.yaml @@ -0,0 +1,115 @@ +# yamllint disable rule:indentation rule:line-length +# Mac OS X +--- +values: + formulas_settings: + checkout_orig_branch: false + git_opts: + default: + basedir: /srv/formulas + baseurl: https://github.com/saltstack-formulas + options: + output_loglevel: quiet + rev: master + update: false + list: {} + salt_settings: + api_service: salt-api + api_service_details: + enabled: true + state: running + clean_config_d_dir: true + cloud: + template_sources: + maps: salt://salt/files/cloud.maps.d + profiles: salt://salt/files/cloud.profiles.d + providers: salt://salt/files/cloud.providers.d + config_path: /private/etc/salt + gitfs: + dulwich: + install_from_source: true + gitpython: + install_from_source: false + pygit2: + git: + install_from_package: git + require_state: false + install_from_source: true + libgit2: + build_parent_dir: /usr/src/ + download_hash: 683d1164e361e2a0a8d52652840e2340 + install_from_source: true + version: 0.23.0 + version: 0.23.0 + install_packages: true + master: + ext_pillar: + - cmd_yaml: cat /etc/salt/yaml + - stack: + - /path/to/stack1.cfg + - /path/to/stack2.cfg + - reclass: + inventory_base_uri: /etc/reclass + - saltclass: + - path: /srv/saltclass + file_roots: + base: + - /srv/salt + fileserver_backend: + - rootfs + gitfs_provider: gitpython + pillar_roots: + base: + - /srv/pillar + master_config_use_TOFS: false + master_remove_config: false + master_service: com.saltstack.salt.master + master_service_details: + enabled: true + state: running + minion: + file_roots: + base: + - /srv/salt + fileserver_backend: + - rootfs + master: localhost + master_type: str + pillar_roots: + base: + - /srv/pillar + minion_config_use_TOFS: false + minion_remove_config: false + minion_service: com.saltstack.salt.minion + minion_service_details: + enabled: true + state: running + parallel: true + pin_version: false + pkgrepo: '' + py_ver: py3 + python_dulwich: python-dulwich + python_git: python-git + release: '3004' + restart_via_at: false + retry_options: + attempts: 5 + interval: 10 + splay: 10 + until: true + rootgroup: staff + rootuser: runner + salt_api: salt-api + salt_cloud: salt-cloud + salt_master: salt-master + salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 + salt_minion: salt + salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20 + salt_minion_pkg_hash: '' + salt_minion_pkg_source: '' + salt_ssh: salt-ssh + salt_syndic: salt-syndic + ssh_roster: {} + syndic_service: salt-syndic + use_pip: false + version: '' diff --git a/test/integration/default/files/_mapdata/mac_os_x-12.yaml b/test/integration/default/files/_mapdata/mac_os_x-12.yaml new file mode 100644 index 0000000..b6678b7 --- /dev/null +++ b/test/integration/default/files/_mapdata/mac_os_x-12.yaml @@ -0,0 +1,115 @@ +# yamllint disable rule:indentation rule:line-length +# Mac OS X +--- +values: + formulas_settings: + checkout_orig_branch: false + git_opts: + default: + basedir: /srv/formulas + baseurl: https://github.com/saltstack-formulas + options: + output_loglevel: quiet + rev: master + update: false + list: {} + salt_settings: + api_service: salt-api + api_service_details: + enabled: true + state: running + clean_config_d_dir: true + cloud: + template_sources: + maps: salt://salt/files/cloud.maps.d + profiles: salt://salt/files/cloud.profiles.d + providers: salt://salt/files/cloud.providers.d + config_path: /private/etc/salt + gitfs: + dulwich: + install_from_source: true + gitpython: + install_from_source: false + pygit2: + git: + install_from_package: git + require_state: false + install_from_source: true + libgit2: + build_parent_dir: /usr/src/ + download_hash: 683d1164e361e2a0a8d52652840e2340 + install_from_source: true + version: 0.23.0 + version: 0.23.0 + install_packages: true + master: + ext_pillar: + - cmd_yaml: cat /etc/salt/yaml + - stack: + - /path/to/stack1.cfg + - /path/to/stack2.cfg + - reclass: + inventory_base_uri: /etc/reclass + - saltclass: + - path: /srv/saltclass + file_roots: + base: + - /srv/salt + fileserver_backend: + - rootfs + gitfs_provider: gitpython + pillar_roots: + base: + - /srv/pillar + master_config_use_TOFS: false + master_remove_config: false + master_service: com.saltstack.salt.master + master_service_details: + enabled: true + state: running + minion: + file_roots: + base: + - /srv/salt + fileserver_backend: + - rootfs + master: localhost + master_type: str + pillar_roots: + base: + - /srv/pillar + minion_config_use_TOFS: false + minion_remove_config: false + minion_service: com.saltstack.salt.minion + minion_service_details: + enabled: true + state: running + parallel: true + pin_version: false + pkgrepo: '' + py_ver: py3 + python_dulwich: python-dulwich + python_git: python-git + release: '3004' + restart_via_at: false + retry_options: + attempts: 5 + interval: 10 + splay: 10 + until: true + rootgroup: staff + rootuser: runner + salt_api: salt-api + salt_cloud: salt-cloud + salt_master: salt-master + salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 + salt_minion: salt + salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20 + salt_minion_pkg_hash: '' + salt_minion_pkg_source: '' + salt_ssh: salt-ssh + salt_syndic: salt-syndic + ssh_roster: {} + syndic_service: salt-syndic + use_pip: false + version: '' From c05fddf139e2a7ba9032ed1d1710929b9679b59c Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Mon, 16 May 2022 12:34:50 +0100 Subject: [PATCH 6/6] feat(macos): use `saltstack` as package to install --- salt/osfamilymap.yaml | 1 + test/integration/default/files/_mapdata/mac_os_x-10.yaml | 2 +- test/integration/default/files/_mapdata/mac_os_x-11.yaml | 2 +- test/integration/default/files/_mapdata/mac_os_x-12.yaml | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/salt/osfamilymap.yaml b/salt/osfamilymap.yaml index 6f03da8..e2e48a6 100644 --- a/salt/osfamilymap.yaml +++ b/salt/osfamilymap.yaml @@ -138,6 +138,7 @@ Windows: rootuser: {{ rootuser | d('') }} MacOS: + salt_master: saltstack salt_minion: salt salt_minion_pkg_source: '' salt_minion_pkg_hash: '' diff --git a/test/integration/default/files/_mapdata/mac_os_x-10.yaml b/test/integration/default/files/_mapdata/mac_os_x-10.yaml index b6678b7..b8f0fa7 100644 --- a/test/integration/default/files/_mapdata/mac_os_x-10.yaml +++ b/test/integration/default/files/_mapdata/mac_os_x-10.yaml @@ -101,7 +101,7 @@ values: rootuser: runner salt_api: salt-api salt_cloud: salt-cloud - salt_master: salt-master + salt_master: saltstack salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 salt_minion: salt salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20 diff --git a/test/integration/default/files/_mapdata/mac_os_x-11.yaml b/test/integration/default/files/_mapdata/mac_os_x-11.yaml index b6678b7..b8f0fa7 100644 --- a/test/integration/default/files/_mapdata/mac_os_x-11.yaml +++ b/test/integration/default/files/_mapdata/mac_os_x-11.yaml @@ -101,7 +101,7 @@ values: rootuser: runner salt_api: salt-api salt_cloud: salt-cloud - salt_master: salt-master + salt_master: saltstack salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 salt_minion: salt salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20 diff --git a/test/integration/default/files/_mapdata/mac_os_x-12.yaml b/test/integration/default/files/_mapdata/mac_os_x-12.yaml index b6678b7..b8f0fa7 100644 --- a/test/integration/default/files/_mapdata/mac_os_x-12.yaml +++ b/test/integration/default/files/_mapdata/mac_os_x-12.yaml @@ -101,7 +101,7 @@ values: rootuser: runner salt_api: salt-api salt_cloud: salt-cloud - salt_master: salt-master + salt_master: saltstack salt_master_macos_plist_hash: 8435331b2d48ca8f0759f216e5b15ec9171a4216b1441328c732c6906728b7c9 salt_minion: salt salt_minion_macos_plist_hash: 26b33da12e0d8960ee96b488c8352002c22a377c19bf3df3f986a1e49eca8b20