Skip to content

Commit 6ee6d83

Browse files
chris-rockchris-rock
committed
Merge pull request #114 from atomic111/master
Use new InSpec integration tests
2 parents 867307f + c8f9fbe commit 6ee6d83

File tree

9 files changed

+191
-88
lines changed

9 files changed

+191
-88
lines changed

.kitchen.vagrant.yml

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
---
2+
driver:
3+
name: vagrant
4+
5+
provisioner:
6+
name: chef_solo
7+
8+
platforms:
9+
- name: ubuntu-12.04
10+
driver_config:
11+
box: ubuntu/precise64
12+
box_url: https://atlas.hashicorp.com/ubuntu/boxes/precise64/versions/20150730.1.0/providers/virtualbox.box
13+
- name: ubuntu-14.04
14+
driver_config:
15+
box: ubuntu/trusty64
16+
box_url: https://atlas.hashicorp.com/ubuntu/boxes/trusty64/versions/20150609.0.10/providers/virtualbox.box
17+
- name: centos-6.4
18+
driver_config:
19+
box: opscode-centos-6.4
20+
box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
21+
- name: centos-6.5
22+
driver_config:
23+
box: opscode-centos-6.5
24+
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box
25+
- name: centos-7.1
26+
driver_config:
27+
box: opscode-centos-7.1
28+
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-7.1_chef-provisionerless.box
29+
- name: oracle-6.4
30+
driver_config:
31+
box: oracle-6.4
32+
box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel64-64.box
33+
- name: oracle-6.5
34+
driver_config:
35+
box: oracle-6.5
36+
box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
37+
- name: debian-6
38+
driver_config:
39+
box: ffuenf/debian-6.0.10-amd64
40+
box_url: https://atlas.hashicorp.com/ffuenf/boxes/debian-6.0.10-amd64/versions/1.0.11/providers/virtualbox.box
41+
- name: debian-7
42+
driver_config:
43+
box: debian/wheezy64
44+
box_url: https://atlas.hashicorp.com/debian/boxes/wheezy64/versions/7.8.5/providers/virtualbox.box
45+
- name: debian-8
46+
driver_config:
47+
box: debian/jessie64
48+
box_url: https://atlas.hashicorp.com/debian/boxes/jessie64/versions/8.1.0/providers/virtualbox.box
49+
50+
verifier:
51+
name: inspec
52+
sudo: true
53+
54+
suites:
55+
- name: default
56+
run_list:
57+
- recipe[ssh-hardening]
58+
verifier:
59+
inspec_tests:
60+
- https://github.com/dev-sec/tests-ssh-hardening

.kitchen.yml

Lines changed: 67 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -1,53 +1,78 @@
11
---
22
driver:
3-
name: vagrant
3+
name: dokken
4+
chef_version: 12.5.1
5+
privileged: true # because Docker and SystemD/Upstart
6+
7+
transport:
8+
name: dokken
9+
410
provisioner:
5-
name: chef_solo
6-
test_repo_uri: https://github.com/TelekomLabs/tests-ssh-hardening.git
11+
name: dokken
12+
13+
verifier:
14+
name: inspec
15+
sudo: true
16+
717
platforms:
818
- name: ubuntu-12.04
9-
driver_config:
10-
box: ubuntu/precise64
11-
box_url: https://atlas.hashicorp.com/ubuntu/boxes/precise64/versions/20150730.1.0/providers/virtualbox.box
19+
driver:
20+
image: ubuntu:12.04
1221
- name: ubuntu-14.04
13-
driver_config:
14-
box: ubuntu/trusty64
15-
box_url: https://atlas.hashicorp.com/ubuntu/boxes/trusty64/versions/20150609.0.10/providers/virtualbox.box
16-
- name: centos-6.4
17-
driver_config:
18-
box: opscode-centos-6.4
19-
box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
20-
- name: centos-6.5
21-
driver_config:
22-
box: opscode-centos-6.5
23-
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box
24-
- name: centos-7.1
25-
driver_config:
26-
box: opscode-centos-7.1
27-
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-7.1_chef-provisionerless.box
28-
- name: oracle-6.4
29-
driver_config:
30-
box: oracle-6.4
31-
box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel64-64.box
32-
- name: oracle-6.5
33-
driver_config:
34-
box: oracle-6.5
35-
box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
36-
- name: debian-6
37-
driver_config:
38-
box: ffuenf/debian-6.0.10-amd64
39-
box_url: https://atlas.hashicorp.com/ffuenf/boxes/debian-6.0.10-amd64/versions/1.0.11/providers/virtualbox.box
22+
driver:
23+
image: ubuntu:14.04
24+
- name: ubuntu-15.10
25+
driver:
26+
image: ubuntu:15.10
27+
pid_one_command: /bin/systemd
28+
- name: ubuntu-16.04
29+
driver:
30+
image: ubuntu:16.04
31+
intermediate_instructions:
32+
- RUN /usr/bin/apt-get update
33+
pid_one_command: /bin/systemd
34+
- name: centos-6.6
35+
driver:
36+
image: centos:6.6
37+
- name: centos-6.7
38+
driver:
39+
image: centos:6.7
40+
intermediate_instructions:
41+
- RUN yum install -y initscripts
42+
- name: centos-7
43+
driver:
44+
image: centos:7
45+
pid_one_command: /usr/lib/systemd/systemd
46+
- name: oracle-6.6
47+
driver:
48+
image: oraclelinux:6.6
49+
- name: oracle-6.7
50+
driver:
51+
image: oraclelinux:6.7
52+
- name: oracle-7.1
53+
driver:
54+
image: oraclelinux:7.1
55+
pid_one_command: /usr/lib/systemd/systemd
4056
- name: debian-7
41-
driver_config:
42-
box: debian/wheezy64
43-
box_url: https://atlas.hashicorp.com/debian/boxes/wheezy64/versions/7.8.5/providers/virtualbox.box
57+
driver:
58+
image: debian:7
59+
intermediate_instructions:
60+
- RUN /usr/bin/apt-get update
61+
- RUN /usr/bin/apt-get install -y procps
4462
- name: debian-8
45-
driver_config:
46-
box: debian/jessie64
47-
box_url: https://atlas.hashicorp.com/debian/boxes/jessie64/versions/8.1.0/providers/virtualbox.box
48-
verifier:
49-
name: inspec
63+
driver:
64+
image: debian:8
65+
intermediate_instructions:
66+
- RUN /usr/bin/apt-get update
67+
- RUN /usr/bin/apt-get install -y procps
68+
pid_one_command: /bin/systemd
69+
5070
suites:
5171
- name: default
5272
run_list:
53-
- - role[ssh]
73+
- recipe[apt]
74+
- recipe[yum]
75+
- recipe[ssh-hardening::default]
76+
verifier:
77+
inspec_tests:
78+
- https://github.com/dev-sec/tests-ssh-hardening

.rubocop.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ AllCops:
55
- test/**/*
66
- metadata.rb
77
- Berksfile
8+
- Guardfile
89
Documentation:
910
Enabled: false
1011
AlignParameters:

.travis.yml

Lines changed: 26 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,28 @@
11
---
2-
rvm:
3-
- 2.0.0
4-
- 2.1.3
5-
gemfile:
6-
- Gemfile
7-
- gemfile.chef-11
2+
sudo: required
83
language: ruby
9-
bundler_args: "--without development integration openstack"
4+
cache: bundler
5+
dist: trusty
6+
7+
services:
8+
- docker
9+
10+
before_install:
11+
- gem --version
12+
- bundle version
13+
14+
matrix:
15+
include:
16+
# verify lint and unit
17+
- rvm: 2.3.1
18+
gemfile: Gemfile
19+
bundler_args: "--without integration guard tools"
20+
# integration tests
21+
- rvm: 2.3.1
22+
bundler_args: "--without guard tools"
23+
script: bundle exec rake test:integration OS='centos oracle'
24+
gemfile: Gemfile
25+
- rvm: 2.3.1
26+
bundler_args: "--without guard tools"
27+
script: bundle exec rake test:integration OS='ubuntu debian'
28+
gemfile: Gemfile

Berksfile

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,6 @@ source "https://supermarket.getchef.com"
22

33
metadata
44

5-
cookbook "chef-solo-search", :git => "https://github.com/edelight/chef-solo-search"
5+
cookbook "chef-solo-search", :git => "https://github.com/edelight/chef-solo-search"
6+
cookbook "apt"
7+
cookbook "yum"

Gemfile

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -4,16 +4,20 @@ source 'https://rubygems.org'
44

55
gem 'berkshelf', '~> 4.0'
66
gem 'chef', '>= 12.0'
7-
gem 'inspec', '~> 0.9'
7+
8+
# pin dependency for Ruby 1.9.3 since bundler is not
9+
# detecting that net-ssh 3 does not work with 1.9.3
10+
if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new('1.9.3')
11+
gem 'net-ssh', '~> 2.9'
12+
end
813

914
group :test do
1015
gem 'rake'
1116
gem 'chefspec', '~> 4.2.0'
1217
gem 'foodcritic', '~> 4.0'
1318
gem 'thor-foodcritic'
14-
gem 'rubocop', '~> 0.28.0'
19+
gem 'rubocop', '~> 0.31.0'
1520
gem 'coveralls', require: false
16-
gem 'bundler', '~> 1.5'
1721
gem 'minitest', '~> 5.5'
1822
gem 'simplecov', '~> 0.10'
1923
end
@@ -29,15 +33,12 @@ end
2933
group :integration do
3034
gem 'test-kitchen', '~> 1.0'
3135
gem 'kitchen-vagrant'
32-
gem 'kitchen-inspec', '~> 0.9'
36+
gem 'kitchen-inspec'
3337
gem 'kitchen-sharedtests', '~> 0.2.0'
3438
gem 'concurrent-ruby', '~> 0.9'
35-
end
36-
37-
group :openstack do
38-
gem 'kitchen-openstack'
39+
gem 'kitchen-dokken'
3940
end
4041

4142
group :tools do
42-
gem 'github_changelog_generator', '~> 1'
43+
gem 'github_changelog_generator', '~> 1.12.0'
4344
end

Rakefile

Lines changed: 10 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -9,16 +9,11 @@ require 'rubocop/rake_task'
99

1010
# Rubocop before rspec so we don't lint vendored cookbooks
1111
desc 'Run all tests except Kitchen (default task)'
12-
task integration: %w(rubocop foodcritic spec)
13-
task default: [:integration]
14-
15-
# Lint the cookbook
16-
desc 'Run linters'
17-
task lint: [:rubocop, :foodcritic]
12+
task default: [:lint, :spec]
1813

1914
# Lint the cookbook
2015
desc 'Run all linters: rubocop and foodcritic'
21-
task run_all_linters: [:rubocop, :foodcritic]
16+
task lint: [:rubocop, :foodcritic]
2217

2318
# Run the whole shebang
2419
desc 'Run all tests'
@@ -51,17 +46,6 @@ task :rubocop do
5146
RuboCop::RakeTask.new
5247
end
5348

54-
begin
55-
require 'kitchen/rake_tasks'
56-
Kitchen::RakeTasks.new
57-
58-
desc 'Alias for kitchen:all'
59-
task acceptance: 'kitchen:all'
60-
61-
rescue LoadError
62-
puts '>>>>> Kitchen gem not loaded, omitting tasks' unless ENV['CI']
63-
end
64-
6549
# Automatically generate a changelog for this project. Only loaded if
6650
# the necessary gem is installed.
6751
begin
@@ -70,3 +54,11 @@ begin
7054
rescue LoadError
7155
puts '>>>>> GitHub Changelog Generator not loaded, omitting tasks'
7256
end
57+
58+
namespace :test do
59+
task :integration do
60+
concurrency = ENV['CONCURRENCY'] || 1
61+
os = ENV['OS'] || ''
62+
sh('sh', '-c', "bundle exec kitchen test -c #{concurrency} #{os}")
63+
end
64+
end

gemfile.chef-11

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,14 @@
22

33
source 'https://rubygems.org'
44

5-
gem 'berkshelf', '~> 4.0'
65
gem 'chef', '~> 11.18'
76

7+
# pin dependency for Ruby 1.9.3 since bundler is not
8+
# detecting that net-ssh 3 does not work with 1.9.3
9+
if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new('1.9.3')
10+
gem 'net-ssh', '~> 2.9'
11+
end
12+
813
group :test do
914
gem 'rake'
1015
gem 'chefspec', '~> 4.1.1'
@@ -25,9 +30,7 @@ end
2530
group :integration do
2631
gem 'test-kitchen', '~> 1.0'
2732
gem 'kitchen-vagrant'
33+
gem 'kitchen-inspec'
34+
gem 'kitchen-dokken'
2835
gem 'kitchen-sharedtests', '~> 0.2.0'
2936
end
30-
31-
group :openstack do
32-
gem 'kitchen-openstack'
33-
end

spec/recipes/server_spec.rb

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -366,12 +366,12 @@
366366
cached(:chef_run) do
367367
ChefSpec::ServerRunner.new do |_node, server|
368368
server.create_data_bag(
369-
'users',
370-
'user1' => { id: 'user1', ssh_rootkey: 'key-user1' },
371-
'user2' => { id: 'user2', ssh_rootkey: 'key-user2' },
372-
'user3' => { id: 'user3', ssh_rootkeys: %w(key1-user3 key2-user3) },
373-
'user4' => { id: 'user4', ssh_rootkeys: %w(key1-user4) }
374-
)
369+
'users',
370+
'user1' => { id: 'user1', ssh_rootkey: 'key-user1' },
371+
'user2' => { id: 'user2', ssh_rootkey: 'key-user2' },
372+
'user3' => { id: 'user3', ssh_rootkeys: %w(key1-user3 key2-user3) },
373+
'user4' => { id: 'user4', ssh_rootkeys: %w(key1-user4) }
374+
)
375375
end.converge(described_recipe)
376376
end
377377

0 commit comments

Comments
 (0)