Skip to content

Commit

Permalink
Merge pull request #35 from dafyddj/34-update-testing
Browse files Browse the repository at this point in the history
Update `kitchen.yml` to use pre-salted images
  • Loading branch information
myii authored Jul 10, 2019
2 parents 9cf9681 + dee3748 commit 82f76d1
Show file tree
Hide file tree
Showing 7 changed files with 178 additions and 38 deletions.
34 changes: 30 additions & 4 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,42 @@ stages:
sudo: required
cache: bundler
language: ruby
dist: xenial

services:
- docker

# Make sure the instances listed below match up with
# the `platforms` defined in `kitchen.yml`
env:
- PLATFORM=ubuntu
- PLATFORM=centos
- PLATFORM=amazon
matrix:
- INSTANCE: debian-9-develop-py3
# - INSTANCE: ubuntu-1804-develop-py3
# - INSTANCE: centos-7-develop-py3
# - INSTANCE: fedora-30-develop-py3
# - INSTANCE: opensuse-leap-15-develop-py3
# - INSTANCE: debian-9-2019-2-py3
- INSTANCE: ubuntu-1804-2019-2-py3
- INSTANCE: centos-7-2019-2-py3
# - INSTANCE: fedora-30-2019-2-py3
# - INSTANCE: opensuse-leap-15-2019-2-py3
# - INSTANCE: debian-9-2018-3-py2
# - INSTANCE: ubuntu-1604-2018-3-py2
# - INSTANCE: centos-7-2018-3-py2
- INSTANCE: fedora-29-2018-3-py2
# TODO: Use this when fixed instead of `opensuse-leap-42`
# Ref: https://github.com/netmanagers/salt-image-builder/issues/2
# - INSTANCE: opensuse-leap-15-2018-3-py2
- INSTANCE: opensuse-leap-42-2018-3-py2
- INSTANCE: debian-8-2017-7-py2
# - INSTANCE: ubuntu-1604-2017-7-py2
# TODO: Enable after improving the formula to work with other than `systemd`
# - INSTANCE: centos-6-2017-7-py2
# - INSTANCE: fedora-29-2017-7-py2
# - INSTANCE: opensuse-leap-15-2017-7-py2

script: bundle exec kitchen test ${PLATFORM}
script:
- bundle exec kitchen test ${INSTANCE}

jobs:
include:
Expand Down
6 changes: 3 additions & 3 deletions FORMULA
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
name: vault
os: Debian, Ubuntu, RedHat, Fedora, CentOS, Amazon
os_family: Debian, RedHat
os: Debian, Ubuntu, RedHat, Fedora, CentOS, Amazon, SUSE
os_family: Debian, RedHat, Suse
version: 1.0.6
release: 1
minimum_version: 2018.3
minimum_version: 2017.7
summary: Vault formula
description: Formula to install and configure Hashicorp Vault
top_level_dir: vault
144 changes: 120 additions & 24 deletions kitchen.yml
Original file line number Diff line number Diff line change
@@ -1,40 +1,136 @@
# -*- coding: utf-8 -*-
# vim: ft=yaml
---
# For help on this file's format, see https://kitchen.ci/
driver:
name: docker
use_sudo: false
privileged: true
run_command: /sbin/init
provision_command:
- curl -L https://bootstrap.saltstack.com | sh -s -- -X # install Salt and dependencies here to make use of Docker build cache, speeding up tests massively
run_command: /lib/systemd/systemd

verifier:
name: inspec
# Make sure the platforms listed below match up with
# the `env.matrix` instances defined in `.travis.yml`
platforms:
- name: amazonlinux
driver:
image: amazonlinux:1
platform: rhel
run_command: /sbin/init
provision_command:
- curl -L https://bootstrap.saltstack.com | sh -s -- -X # install latest stable Salt

## SALT `develop`
- name: debian-9-develop-py3
driver:
image: netmanagers/salt-develop-py3:debian-9
provision_command:
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
- name: ubuntu-1804-develop-py3
driver:
image: netmanagers/salt-develop-py3:ubuntu-18.04
provision_command:
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
- name: centos-7-develop-py3
driver:
image: netmanagers/salt-develop-py3:centos-7
provision_command:
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
- name: fedora-30-develop-py3
driver:
image: netmanagers/salt-develop-py3:fedora-30
provision_command:
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
- name: opensuse-leap-15-develop-py3
driver:
image: netmanagers/salt-develop-py3:opensuse-leap-15
provision_command:
- curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
- sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
run_command: /usr/lib/systemd/systemd

## SALT 2019.2
- name: debian-9-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:debian-9
- name: ubuntu-1804-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:ubuntu-18.04
- name: centos-7-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:centos-7
- name: fedora-30-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:fedora-30
- name: opensuse-leap-15-2019-2-py3
driver:
image: netmanagers/salt-2019.2-py3:opensuse-leap-15
run_command: /usr/lib/systemd/systemd

## SALT 2018.3
- name: debian-9-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:debian-9
- name: ubuntu-1604-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:ubuntu-16.04
- name: centos-7-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:centos-7
- name: fedora-29-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:fedora-29
# TODO: Use this when fixed instead of `opensuse-leap-42`
# Ref: https://github.com/netmanagers/salt-image-builder/issues/2
# - name: opensuse-leap-15-2018-3-py2
# driver:
# image: netmanagers/salt-2018.3-py2:opensuse-leap-15
# run_command: /usr/lib/systemd/systemd
- name: opensuse-leap-42-2018-3-py2
driver:
image: netmanagers/salt-2018.3-py2:opensuse-leap-42
run_command: /usr/lib/systemd/systemd

## SALT 2017.7
- name: debian-8-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:debian-8
- name: ubuntu-1604-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:ubuntu-16.04
# TODO: Modify the formula to work for non-`systemd` platforms
- name: centos-6-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:centos-6
run_command: /sbin/init
- name: fedora-29-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:fedora-29
- name: opensuse-leap-15-2017-7-py2
driver:
image: netmanagers/salt-2017.7-py2:opensuse-leap-15
run_command: /usr/lib/systemd/systemd

provisioner:
name: salt_solo
salt_version: latest
log_level: info
salt_install: none
require_chef: false
formula: vault
salt_copy_filter:
- .kitchen
- .git

platforms:
- name: ubuntu-16.04
driver:
name: docker
provision_command:
- apt-get install -y locales net-tools && locale-gen en_US.UTF-8
- curl -L https://bootstrap.saltstack.com | sh -s -- -X
- name: centos-7
driver:
name: docker
provision_command:
- yum -y install net-tools # needed by inspec
- curl -L https://bootstrap.saltstack.com | sh -s -- -X
- name: amazonlinux
driver:
name: docker
image: amazonlinux:1
platform: rhel
verifier:
# https://www.inspec.io/
name: inspec
sudo: true
# cli, documentation, html, progress, json, json-min, json-rspec, junit
reporter:
- cli

suites:
- name: install_binary
Expand Down
8 changes: 8 additions & 0 deletions test/integration/prod_server/vault_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,16 @@
its(:stdout) { should match(/\/vault = cap_ipc_lock\+ep$/) }
end

describe user('vault') do
it { should exist }
its('group') { should eq 'vault' }
end

describe file('/etc/vault/conf.d/config.json') do
it { should be_a_file }
its('owner') { should eq 'root' }
its('group') { should eq 'vault' }
its('mode') { should cmp '0640' }
end

describe.one do
Expand Down
3 changes: 3 additions & 0 deletions vault/defaults.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@

vault:
version: 1.1.0
platform: linux_amd64
gpg_pkg: gnupg2
setcap_pkg: libcap
dev_mode: False
verify_download: True
self_signed_cert:
Expand Down
11 changes: 5 additions & 6 deletions vault/osfamilymap.yaml
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
# -*- coding: utf-8 -*-
# vim: ft=sls syntax=yaml softtabstop=2 tabstop=2 shiftwidth=2 expandtab autoindent

RedHat:
platform: linux_amd64
gpg_pkg: gnupg2

Debian:
gpg_pkg: gnupg2
platform: linux_amd64
setcap_pkg: libcap2-bin

Suse:
gpg_pkg: gpg2
setcap_pkg: libcap-progs

MacOS:
platform: darwin_amd64
10 changes: 9 additions & 1 deletion vault/package/install.sls
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,10 @@ vault-package-install-user-present:
user.present:
- name: vault
- system: True
- gid_from_name: True
- gid: vault
- home: /var/lib/vault
- require:
- group: vault-package-install-group-present

vault-package-install-file-directory:
file.directory:
Expand Down Expand Up @@ -51,8 +53,14 @@ vault-package-install-file-symlink:
- target: /opt/vault/bin/vault
- force: true

vault-package-install-pkg-installed:
pkg.installed:
- name: {{ vault.setcap_pkg }}

vault-package-install-cmd-run:
cmd.run:
- name: setcap cap_ipc_lock=+ep /opt/vault/bin/vault
- require:
- pkg: vault-package-install-pkg-installed
- onchanges:
- archive: vault-package-install-archive-extracted

0 comments on commit 82f76d1

Please sign in to comment.