Merge pull request #12 from n-rodriguez/wip/travis
ci(travis): add Inspec tests
This commit is contained in:
commit
3cf2865ec7
|
@ -1 +1,122 @@
|
||||||
*.swp
|
# Byte-compiled / optimized / DLL files
|
||||||
|
__pycache__/
|
||||||
|
*.py[cod]
|
||||||
|
*$py.class
|
||||||
|
|
||||||
|
# C extensions
|
||||||
|
*.so
|
||||||
|
|
||||||
|
# Distribution / packaging
|
||||||
|
.Python
|
||||||
|
env/
|
||||||
|
build/
|
||||||
|
develop-eggs/
|
||||||
|
dist/
|
||||||
|
downloads/
|
||||||
|
eggs/
|
||||||
|
.eggs/
|
||||||
|
lib/
|
||||||
|
lib64/
|
||||||
|
parts/
|
||||||
|
sdist/
|
||||||
|
var/
|
||||||
|
wheels/
|
||||||
|
*.egg-info/
|
||||||
|
.installed.cfg
|
||||||
|
*.egg
|
||||||
|
|
||||||
|
# PyInstaller
|
||||||
|
# Usually these files are written by a python script from a packager
|
||||||
|
# before PyInstaller builds the exe, so as to inject date/other infos into it.
|
||||||
|
*.manifest
|
||||||
|
*.spec
|
||||||
|
|
||||||
|
# Installer logs
|
||||||
|
pip-log.txt
|
||||||
|
pip-delete-this-directory.txt
|
||||||
|
|
||||||
|
# Unit test / coverage reports
|
||||||
|
htmlcov/
|
||||||
|
.tox/
|
||||||
|
.coverage
|
||||||
|
.coverage.*
|
||||||
|
.cache
|
||||||
|
nosetests.xml
|
||||||
|
coverage.xml
|
||||||
|
*.cover
|
||||||
|
.hypothesis/
|
||||||
|
.kitchen
|
||||||
|
.kitchen.local.yml
|
||||||
|
kitchen.local.yml
|
||||||
|
junit-*.xml
|
||||||
|
|
||||||
|
# Translations
|
||||||
|
*.mo
|
||||||
|
*.pot
|
||||||
|
|
||||||
|
# Django stuff:
|
||||||
|
*.log
|
||||||
|
local_settings.py
|
||||||
|
|
||||||
|
# Flask stuff:
|
||||||
|
instance/
|
||||||
|
.webassets-cache
|
||||||
|
|
||||||
|
# Scrapy stuff:
|
||||||
|
.scrapy
|
||||||
|
|
||||||
|
# Sphinx documentation
|
||||||
|
docs/_build/
|
||||||
|
|
||||||
|
# PyBuilder
|
||||||
|
target/
|
||||||
|
|
||||||
|
# Jupyter Notebook
|
||||||
|
.ipynb_checkpoints
|
||||||
|
|
||||||
|
# pyenv
|
||||||
|
.python-version
|
||||||
|
|
||||||
|
# celery beat schedule file
|
||||||
|
celerybeat-schedule
|
||||||
|
|
||||||
|
# SageMath parsed files
|
||||||
|
*.sage.py
|
||||||
|
|
||||||
|
# dotenv
|
||||||
|
.env
|
||||||
|
|
||||||
|
# virtualenv
|
||||||
|
.venv
|
||||||
|
venv/
|
||||||
|
ENV/
|
||||||
|
|
||||||
|
# Spyder project settings
|
||||||
|
.spyderproject
|
||||||
|
.spyproject
|
||||||
|
|
||||||
|
# Rope project settings
|
||||||
|
.ropeproject
|
||||||
|
|
||||||
|
# mkdocs documentation
|
||||||
|
/site
|
||||||
|
|
||||||
|
# mypy
|
||||||
|
.mypy_cache/
|
||||||
|
|
||||||
|
# Bundler
|
||||||
|
Gemfile.lock
|
||||||
|
|
||||||
|
# copied `.md` files used for conversion to `.rst` using `m2r`
|
||||||
|
docs/*.md
|
||||||
|
|
||||||
|
# Vim
|
||||||
|
*.sw?
|
||||||
|
|
||||||
|
## Collected when centralising formulas (check and sort)
|
||||||
|
# `collectd-formula`
|
||||||
|
.pytest_cache/
|
||||||
|
/.idea/
|
||||||
|
Dockerfile.*_*
|
||||||
|
ignore/
|
||||||
|
tmp/
|
||||||
|
|
|
@ -0,0 +1,45 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# vim: ft=yaml
|
||||||
|
---
|
||||||
|
stages:
|
||||||
|
- test
|
||||||
|
|
||||||
|
sudo: required
|
||||||
|
cache: bundler
|
||||||
|
language: ruby
|
||||||
|
dist: xenial
|
||||||
|
|
||||||
|
services:
|
||||||
|
- docker
|
||||||
|
|
||||||
|
# Make sure the instances listed below match up with
|
||||||
|
# the `platforms` defined in `kitchen.yml`
|
||||||
|
env:
|
||||||
|
matrix:
|
||||||
|
- INSTANCE: default-debian-10-develop-py3
|
||||||
|
# - INSTANCE: default-ubuntu-1804-develop-py3
|
||||||
|
# - INSTANCE: default-centos-7-develop-py3
|
||||||
|
# - INSTANCE: default-fedora-30-develop-py3
|
||||||
|
# - INSTANCE: default-opensuse-leap-15-develop-py3
|
||||||
|
# - INSTANCE: default-amazonlinux-2-develop-py2
|
||||||
|
# - INSTANCE: default-debian-9-2019-2-py3
|
||||||
|
- INSTANCE: default-ubuntu-1804-2019-2-py3
|
||||||
|
# - INSTANCE: default-centos-7-2019-2-py3
|
||||||
|
# - INSTANCE: default-fedora-30-2019-2-py3
|
||||||
|
# - INSTANCE: default-opensuse-leap-15-2019-2-py3
|
||||||
|
- INSTANCE: default-amazonlinux-2-2019-2-py2
|
||||||
|
# - INSTANCE: default-debian-9-2018-3-py2
|
||||||
|
# - INSTANCE: default-ubuntu-1604-2018-3-py2
|
||||||
|
# - INSTANCE: default-centos-7-2018-3-py2
|
||||||
|
- INSTANCE: default-fedora-29-2018-3-py2
|
||||||
|
- INSTANCE: default-opensuse-leap-15-2018-3-py2
|
||||||
|
# - INSTANCE: default-amazonlinux-2-2018-3-py2
|
||||||
|
# - INSTANCE: default-debian-8-2017-7-py2
|
||||||
|
# - INSTANCE: default-ubuntu-1604-2017-7-py2
|
||||||
|
- INSTANCE: centos6-centos-6-2017-7-py2
|
||||||
|
# - INSTANCE: default-fedora-29-2017-7-py2
|
||||||
|
# - INSTANCE: default-opensuse-leap-15-2017-7-py2
|
||||||
|
# - INSTANCE: default-amazonlinux-2-2017-7-py2
|
||||||
|
|
||||||
|
script:
|
||||||
|
- bin/kitchen verify ${INSTANCE}
|
|
@ -0,0 +1,6 @@
|
||||||
|
source "https://rubygems.org"
|
||||||
|
|
||||||
|
gem 'kitchen-docker', '>= 2.9'
|
||||||
|
gem 'kitchen-salt', '>= 0.6.0'
|
||||||
|
gem 'kitchen-inspec', '>= 1.1'
|
||||||
|
|
|
@ -0,0 +1,29 @@
|
||||||
|
#!/usr/bin/env ruby
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
#
|
||||||
|
# This file was generated by Bundler.
|
||||||
|
#
|
||||||
|
# The application 'kitchen' is installed as part of a gem, and
|
||||||
|
# this file is here to facilitate running it.
|
||||||
|
#
|
||||||
|
|
||||||
|
require "pathname"
|
||||||
|
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
|
||||||
|
Pathname.new(__FILE__).realpath)
|
||||||
|
|
||||||
|
bundle_binstub = File.expand_path("../bundle", __FILE__)
|
||||||
|
|
||||||
|
if File.file?(bundle_binstub)
|
||||||
|
if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
|
||||||
|
load(bundle_binstub)
|
||||||
|
else
|
||||||
|
abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
|
||||||
|
Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
require "rubygems"
|
||||||
|
require "bundler/setup"
|
||||||
|
|
||||||
|
load Gem.bin_path("test-kitchen", "kitchen")
|
|
@ -0,0 +1,171 @@
|
||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
# vim: ft=yaml
|
||||||
|
---
|
||||||
|
# For help on this file's format, see https://kitchen.ci/
|
||||||
|
driver:
|
||||||
|
name: docker
|
||||||
|
use_sudo: false
|
||||||
|
privileged: true
|
||||||
|
run_command: /lib/systemd/systemd
|
||||||
|
|
||||||
|
# Make sure the platforms listed below match up with
|
||||||
|
# the `env.matrix` instances defined in `.travis.yml`
|
||||||
|
platforms:
|
||||||
|
## SALT `develop`
|
||||||
|
- name: debian-10-develop-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-develop-py3:debian-10
|
||||||
|
provision_command:
|
||||||
|
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||||
|
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
|
||||||
|
- name: ubuntu-1804-develop-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-develop-py3:ubuntu-18.04
|
||||||
|
provision_command:
|
||||||
|
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||||
|
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
|
||||||
|
- name: centos-7-develop-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-develop-py3:centos-7
|
||||||
|
provision_command:
|
||||||
|
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||||
|
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
|
||||||
|
- name: fedora-30-develop-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-develop-py3:fedora-30
|
||||||
|
provision_command:
|
||||||
|
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||||
|
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
|
||||||
|
- name: opensuse-leap-15-develop-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-develop-py3:opensuse-leap-15
|
||||||
|
provision_command:
|
||||||
|
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||||
|
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
|
||||||
|
run_command: /usr/lib/systemd/systemd
|
||||||
|
- name: amazonlinux-2-develop-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-develop-py2:amazonlinux-2
|
||||||
|
provision_command:
|
||||||
|
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
|
||||||
|
- sh bootstrap-salt.sh -XdPbfrq -x python2 git develop
|
||||||
|
|
||||||
|
## SALT `2019.2`
|
||||||
|
- name: debian-9-2019-2-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2019.2-py3:debian-9
|
||||||
|
- name: ubuntu-1804-2019-2-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2019.2-py3:ubuntu-18.04
|
||||||
|
- name: centos-7-2019-2-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2019.2-py3:centos-7
|
||||||
|
- name: fedora-30-2019-2-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2019.2-py3:fedora-30
|
||||||
|
- name: opensuse-leap-15-2019-2-py3
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2019.2-py3:opensuse-leap-15
|
||||||
|
run_command: /usr/lib/systemd/systemd
|
||||||
|
- name: amazonlinux-2-2019-2-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2019.2-py2:amazonlinux-2
|
||||||
|
|
||||||
|
## SALT `2018.3`
|
||||||
|
- name: debian-9-2018-3-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2018.3-py2:debian-9
|
||||||
|
- name: ubuntu-1604-2018-3-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2018.3-py2:ubuntu-16.04
|
||||||
|
- name: centos-7-2018-3-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2018.3-py2:centos-7
|
||||||
|
- name: fedora-29-2018-3-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2018.3-py2:fedora-29
|
||||||
|
- name: opensuse-leap-15-2018-3-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2018.3-py2:opensuse-leap-15
|
||||||
|
run_command: /usr/lib/systemd/systemd
|
||||||
|
- name: amazonlinux-2-2018-3-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2018.3-py2:amazonlinux-2
|
||||||
|
|
||||||
|
## SALT `2017.7`
|
||||||
|
- name: debian-8-2017-7-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2017.7-py2:debian-8
|
||||||
|
- name: ubuntu-1604-2017-7-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2017.7-py2:ubuntu-16.04
|
||||||
|
- name: centos-6-2017-7-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2017.7-py2:centos-6
|
||||||
|
run_command: /sbin/init
|
||||||
|
- name: fedora-29-2017-7-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2017.7-py2:fedora-29
|
||||||
|
- name: opensuse-leap-15-2017-7-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2017.7-py2:opensuse-leap-15
|
||||||
|
run_command: /usr/lib/systemd/systemd
|
||||||
|
- name: amazonlinux-2-2017-7-py2
|
||||||
|
driver:
|
||||||
|
image: netmanagers/salt-2017.7-py2:amazonlinux-2
|
||||||
|
|
||||||
|
provisioner:
|
||||||
|
name: salt_solo
|
||||||
|
log_level: info
|
||||||
|
salt_install: none
|
||||||
|
require_chef: false
|
||||||
|
formula: timezone
|
||||||
|
salt_copy_filter:
|
||||||
|
- .kitchen
|
||||||
|
- .git
|
||||||
|
|
||||||
|
verifier:
|
||||||
|
# https://www.inspec.io/
|
||||||
|
name: inspec
|
||||||
|
sudo: true
|
||||||
|
# cli, documentation, html, progress, json, json-min, json-rspec, junit
|
||||||
|
reporter:
|
||||||
|
- cli
|
||||||
|
|
||||||
|
suites:
|
||||||
|
- name: default
|
||||||
|
excludes:
|
||||||
|
- centos-6-2017-7-py2
|
||||||
|
provisioner:
|
||||||
|
state_top:
|
||||||
|
base:
|
||||||
|
'*':
|
||||||
|
- timezone
|
||||||
|
pillars:
|
||||||
|
top.sls:
|
||||||
|
base:
|
||||||
|
'*':
|
||||||
|
- timezone
|
||||||
|
pillars_from_files:
|
||||||
|
timezone.sls: test/salt/pillar/timezone.sls
|
||||||
|
verifier:
|
||||||
|
inspec_tests:
|
||||||
|
- path: test/integration/default
|
||||||
|
- name: centos6
|
||||||
|
includes:
|
||||||
|
- centos-6-2017-7-py2
|
||||||
|
provisioner:
|
||||||
|
state_top:
|
||||||
|
base:
|
||||||
|
'*':
|
||||||
|
- timezone
|
||||||
|
pillars:
|
||||||
|
top.sls:
|
||||||
|
base:
|
||||||
|
'*':
|
||||||
|
- timezone
|
||||||
|
pillars_from_files:
|
||||||
|
timezone.sls: test/salt/pillar/timezone.sls
|
||||||
|
verifier:
|
||||||
|
inspec_tests:
|
||||||
|
- path: test/integration/default
|
|
@ -0,0 +1,50 @@
|
||||||
|
# InSpec Profile: `default`
|
||||||
|
|
||||||
|
This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
|
||||||
|
|
||||||
|
## Verify a profile
|
||||||
|
|
||||||
|
InSpec ships with built-in features to verify a profile structure.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ inspec check default
|
||||||
|
Summary
|
||||||
|
-------
|
||||||
|
Location: default
|
||||||
|
Profile: profile
|
||||||
|
Controls: 4
|
||||||
|
Timestamp: 2019-06-24T23:09:01+00:00
|
||||||
|
Valid: true
|
||||||
|
|
||||||
|
Errors
|
||||||
|
------
|
||||||
|
|
||||||
|
Warnings
|
||||||
|
--------
|
||||||
|
```
|
||||||
|
|
||||||
|
## Execute a profile
|
||||||
|
|
||||||
|
To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ inspec exec default
|
||||||
|
..
|
||||||
|
|
||||||
|
Finished in 0.0025 seconds (files took 0.12449 seconds to load)
|
||||||
|
8 examples, 0 failures
|
||||||
|
```
|
||||||
|
|
||||||
|
## Execute a specific control from a profile
|
||||||
|
|
||||||
|
To run one control from the profile use `inspec exec /path/to/profile --controls name`.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ inspec exec default --controls package
|
||||||
|
.
|
||||||
|
|
||||||
|
Finished in 0.0025 seconds (files took 0.12449 seconds to load)
|
||||||
|
1 examples, 0 failures
|
||||||
|
```
|
||||||
|
|
||||||
|
See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).
|
|
@ -0,0 +1,22 @@
|
||||||
|
control 'Timezone configuration' do
|
||||||
|
title 'should match desired lines'
|
||||||
|
|
||||||
|
def test_file_content(config_file)
|
||||||
|
describe file(config_file) do
|
||||||
|
its('content') { should include 'Europe/Paris' }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_symlink(config_file)
|
||||||
|
describe file(config_file) do
|
||||||
|
its('link_path') { should eq '/usr/share/zoneinfo/Europe/Paris' }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
case os[:family]
|
||||||
|
when 'debian'
|
||||||
|
test_file_content('/etc/timezone')
|
||||||
|
else
|
||||||
|
test_symlink('/etc/localtime')
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,15 @@
|
||||||
|
control 'Timezone package' do
|
||||||
|
title 'should be installed'
|
||||||
|
|
||||||
|
package_name =
|
||||||
|
case os[:family]
|
||||||
|
when 'suse'
|
||||||
|
'timezone'
|
||||||
|
else
|
||||||
|
'tzdata'
|
||||||
|
end
|
||||||
|
|
||||||
|
describe package(package_name) do
|
||||||
|
it { should be_installed }
|
||||||
|
end
|
||||||
|
end
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
name: default
|
||||||
|
title: timezone formula
|
||||||
|
maintainer: SaltStack Formulas
|
||||||
|
license: Apache-2.0
|
||||||
|
summary: Verify that the timezone formula is setup and configured correctly
|
||||||
|
supports:
|
||||||
|
- platform-name: debian
|
||||||
|
- platform-name: ubuntu
|
||||||
|
- platform-name: centos
|
||||||
|
- platform-name: fedora
|
||||||
|
- platform-name: opensuse
|
||||||
|
- platform-name: suse
|
||||||
|
- platform-name: freebsd
|
||||||
|
- platform-name: amazon
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
timezone:
|
||||||
|
name: 'Europe/Paris'
|
||||||
|
utc: true
|
Loading…
Reference in New Issue