diff --git a/.github/workflows/kitchen.vagrant.yml b/.github/workflows/kitchen.vagrant.yml index 99a948b..ee67a32 100644 --- a/.github/workflows/kitchen.vagrant.yml +++ b/.github/workflows/kitchen.vagrant.yml @@ -16,10 +16,10 @@ jobs: instance: - default-freebsd-130-master-py3 # - freebsd-130-master-py3 - - default-freebsd-122-master-py3 - # - freebsd-122-master-py3 - # - default-freebsd-130-3003-1-py3 - # - default-freebsd-122-3003-1-py3 + - default-freebsd-123-master-py3 + # - freebsd-123-master-py3 + # - default-freebsd-130-3004-0-py3 + # - default-freebsd-123-3004-0-py3 steps: - name: 'Check out code' uses: 'actions/checkout@v2' diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 64322aa..a12f349 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -130,12 +130,13 @@ rubocop: ## Define the rest of the matrix based on Kitchen testing # Make sure the instances listed below match up with # the `platforms` defined in `kitchen.yml` +# yamllint disable rule:line-length # default-debian-11-tiamat-py3: {extends: '.test_instance'} # default-debian-10-tiamat-py3: {extends: '.test_instance'} # default-debian-9-tiamat-py3: {extends: '.test_instance'} # default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'} # default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'} -# default-centos-8-tiamat-py3: {extends: '.test_instance'} +# default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'} # default-centos-7-tiamat-py3: {extends: '.test_instance'} # default-amazonlinux-2-tiamat-py3: {extends: '.test_instance'} # default-oraclelinux-8-tiamat-py3: {extends: '.test_instance'} @@ -157,22 +158,18 @@ ubuntu-2004-master-py3: {extends: '.test_instance'} # default-ubuntu-1804-master-py3: {extends: '.test_instance'} # passenger-ubuntu-1804-master-py3: {extends: '.test_instance'} ubuntu-1804-master-py3: {extends: '.test_instance'} -# default-centos-8-master-py3: {extends: '.test_instance'} -# passenger-centos-8-master-py3: {extends: '.test_instance'} -centos-8-master-py3: {extends: '.test_instance'} +# default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'} +# passenger-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'} +centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'} # default-centos-7-master-py3: {extends: '.test_instance'} # passenger-centos-7-master-py3: {extends: '.test_instance'} centos-7-master-py3: {extends: '.test_instance'} default-fedora-34-master-py3: {extends: '.test_instance'} # fedora-34-master-py3: {extends: '.test_instance'} -default-fedora-33-master-py3: {extends: '.test_instance'} -# fedora-33-master-py3: {extends: '.test_instance'} default-opensuse-leap-153-master-py3: {extends: '.test_instance'} # opensuse-leap-153-master-py3: {extends: '.test_instance'} -default-opensuse-leap-152-master-py3: {extends: '.test_instance'} -# opensuse-leap-152-master-py3: {extends: '.test_instance'} -default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance'} -# opensuse-tmbl-latest-master-py3: {extends: '.test_instance'} +default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'} +# opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'} default-amazonlinux-2-master-py3: {extends: '.test_instance'} # amazonlinux-2-master-py3: {extends: '.test_instance'} # default-oraclelinux-8-master-py3: {extends: '.test_instance'} @@ -192,60 +189,55 @@ almalinux-8-master-py3: {extends: '.test_instance'} # default-rockylinux-8-master-py3: {extends: '.test_instance'} # passenger-rockylinux-8-master-py3: {extends: '.test_instance'} rockylinux-8-master-py3: {extends: '.test_instance'} -# default-debian-11-3003-3-py3: {extends: '.test_instance'} +# default-debian-11-3004-0-py3: {extends: '.test_instance'} +# default-debian-10-3004-0-py3: {extends: '.test_instance'} +# default-debian-9-3004-0-py3: {extends: '.test_instance'} +# default-ubuntu-2004-3004-0-py3: {extends: '.test_instance'} +# default-ubuntu-1804-3004-0-py3: {extends: '.test_instance'} +# default-centos-stream8-3004-0-py3: {extends: '.test_instance_failure_permitted'} +# default-centos-7-3004-0-py3: {extends: '.test_instance'} +# default-fedora-34-3004-0-py3: {extends: '.test_instance'} +# default-opensuse-leap-153-3004-0-py3: {extends: '.test_instance'} +# default-opensuse-tmbl-latest-3004-0-py3: {extends: '.test_instance_failure_permitted'} +# default-amazonlinux-2-3004-0-py3: {extends: '.test_instance'} +# default-oraclelinux-8-3004-0-py3: {extends: '.test_instance'} +# default-oraclelinux-7-3004-0-py3: {extends: '.test_instance'} +# default-arch-base-latest-3004-0-py3: {extends: '.test_instance'} +# default-gentoo-stage3-latest-3004-0-py3: {extends: '.test_instance'} +# default-gentoo-stage3-systemd-3004-0-py3: {extends: '.test_instance'} +# default-almalinux-8-3004-0-py3: {extends: '.test_instance'} +# default-rockylinux-8-3004-0-py3: {extends: '.test_instance'} # default-debian-10-3003-3-py3: {extends: '.test_instance'} # default-debian-9-3003-3-py3: {extends: '.test_instance'} # default-ubuntu-2004-3003-3-py3: {extends: '.test_instance'} # default-ubuntu-1804-3003-3-py3: {extends: '.test_instance'} -# default-centos-8-3003-3-py3: {extends: '.test_instance'} +# default-centos-stream8-3003-3-py3: {extends: '.test_instance_failure_permitted'} # default-centos-7-3003-3-py3: {extends: '.test_instance'} +# default-fedora-35-3003-3-py3: {extends: '.test_instance_failure_permitted'} # default-fedora-34-3003-3-py3: {extends: '.test_instance'} -# default-fedora-33-3003-3-py3: {extends: '.test_instance'} # default-opensuse-leap-153-3003-3-py3: {extends: '.test_instance'} -# default-opensuse-leap-152-3003-3-py3: {extends: '.test_instance'} -# default-opensuse-tmbl-latest-3003-3-py3: {extends: '.test_instance'} +# default-opensuse-tmbl-latest-3003-3-py3: {extends: '.test_instance_failure_permitted'} # default-amazonlinux-2-3003-3-py3: {extends: '.test_instance'} # default-oraclelinux-8-3003-3-py3: {extends: '.test_instance'} # default-oraclelinux-7-3003-3-py3: {extends: '.test_instance'} -# default-arch-base-latest-3003-3-py3: {extends: '.test_instance'} # default-gentoo-stage3-latest-3003-3-py3: {extends: '.test_instance'} # default-gentoo-stage3-systemd-3003-3-py3: {extends: '.test_instance'} # default-almalinux-8-3003-3-py3: {extends: '.test_instance'} -# default-debian-11-3002-7-py3: {extends: '.test_instance'} # default-debian-10-3002-7-py3: {extends: '.test_instance'} # default-debian-9-3002-7-py3: {extends: '.test_instance'} # default-ubuntu-2004-3002-7-py3: {extends: '.test_instance'} # default-ubuntu-1804-3002-7-py3: {extends: '.test_instance'} -# default-centos-8-3002-7-py3: {extends: '.test_instance'} # default-centos-7-3002-7-py3: {extends: '.test_instance'} +# default-fedora-35-3002-7-py3: {extends: '.test_instance_failure_permitted'} # default-fedora-34-3002-7-py3: {extends: '.test_instance'} -# default-fedora-33-3002-7-py3: {extends: '.test_instance'} # default-opensuse-leap-153-3002-7-py3: {extends: '.test_instance'} -# default-opensuse-leap-152-3002-7-py3: {extends: '.test_instance'} -# default-opensuse-tmbl-latest-3002-7-py3: {extends: '.test_instance'} +# default-opensuse-tmbl-latest-3002-7-py3: {extends: '.test_instance_failure_permitted'} # default-amazonlinux-2-3002-7-py3: {extends: '.test_instance'} # default-oraclelinux-8-3002-7-py3: {extends: '.test_instance'} # default-oraclelinux-7-3002-7-py3: {extends: '.test_instance'} -# default-arch-base-latest-3002-7-py3: {extends: '.test_instance'} # default-gentoo-stage3-latest-3002-7-py3: {extends: '.test_instance'} # default-gentoo-stage3-systemd-3002-7-py3: {extends: '.test_instance'} -# default-debian-10-3001-8-py3: {extends: '.test_instance'} -# default-debian-9-3001-8-py3: {extends: '.test_instance'} -# default-ubuntu-2004-3001-8-py3: {extends: '.test_instance'} -# default-ubuntu-1804-3001-8-py3: {extends: '.test_instance'} -# default-centos-8-3001-8-py3: {extends: '.test_instance'} -# default-centos-7-3001-8-py3: {extends: '.test_instance'} -# default-fedora-34-3001-8-py3: {extends: '.test_instance'} -# default-fedora-33-3001-8-py3: {extends: '.test_instance'} -# default-opensuse-leap-153-3001-8-py3: {extends: '.test_instance'} -# default-opensuse-leap-152-3001-8-py3: {extends: '.test_instance'} -# default-opensuse-tmbl-latest-3001-8-py3: {extends: '.test_instance'} -# default-amazonlinux-2-3001-8-py3: {extends: '.test_instance'} -# default-oraclelinux-8-3001-8-py3: {extends: '.test_instance'} -# default-oraclelinux-7-3001-8-py3: {extends: '.test_instance'} -# default-arch-base-latest-3001-8-py3: {extends: '.test_instance'} -# default-gentoo-stage3-latest-3001-8-py3: {extends: '.test_instance'} -# default-gentoo-stage3-systemd-3001-8-py3: {extends: '.test_instance'} +# yamllint enable rule:line-length ############################################################################### # `release` stage: `semantic-release` diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 41b5f35..2cb381e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -18,7 +18,7 @@ repos: additional_dependencies: ['@commitlint/config-conventional@8.3.4'] always_run: true - repo: https://github.com/rubocop-hq/rubocop - rev: v1.9.1 + rev: v1.25.1 hooks: - id: rubocop name: Check Ruby files with rubocop @@ -26,14 +26,14 @@ repos: always_run: true pass_filenames: false - repo: https://github.com/shellcheck-py/shellcheck-py - rev: v0.7.1.1 + rev: v0.8.0.4 hooks: - id: shellcheck name: Check shell scripts with shellcheck files: ^.*\.(sh|bash|ksh)$ types: [] - repo: https://github.com/adrienverge/yamllint - rev: v1.23.0 + rev: v1.26.3 hooks: - id: yamllint name: Check YAML syntax with yamllint @@ -41,7 +41,7 @@ repos: always_run: true pass_filenames: false - repo: https://github.com/warpnet/salt-lint - rev: v0.3.0 + rev: v0.8.0 hooks: - id: salt-lint name: Check Salt files using salt-lint diff --git a/.rubocop.yml b/.rubocop.yml index 2cceb73..bf4d107 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -16,4 +16,8 @@ Security/YAMLLoad: Exclude: - test/integration/**/_mapdata.rb +# General settings across all cops in this formula +AllCops: + NewCops: enable + # Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config` diff --git a/.travis.yml b/.travis.yml index 5883022..2d4f83f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -88,7 +88,7 @@ jobs: # - env: INSTANCE=default-debian-9-tiamat-py3 # - env: INSTANCE=default-ubuntu-2004-tiamat-py3 # - env: INSTANCE=default-ubuntu-1804-tiamat-py3 - # - env: INSTANCE=default-centos-8-tiamat-py3 + # - env: INSTANCE=default-centos-stream8-tiamat-py3 # - env: INSTANCE=default-centos-7-tiamat-py3 # - env: INSTANCE=default-amazonlinux-2-tiamat-py3 # - env: INSTANCE=default-oraclelinux-8-tiamat-py3 @@ -110,20 +110,16 @@ jobs: # - env: INSTANCE=default-ubuntu-1804-master-py3 # - env: INSTANCE=passenger-ubuntu-1804-master-py3 - env: INSTANCE=ubuntu-1804-master-py3 - # - env: INSTANCE=default-centos-8-master-py3 - # - env: INSTANCE=passenger-centos-8-master-py3 - - env: INSTANCE=centos-8-master-py3 + # - env: INSTANCE=default-centos-stream8-master-py3 + # - env: INSTANCE=passenger-centos-stream8-master-py3 + - env: INSTANCE=centos-stream8-master-py3 # - env: INSTANCE=default-centos-7-master-py3 # - env: INSTANCE=passenger-centos-7-master-py3 - env: INSTANCE=centos-7-master-py3 - env: INSTANCE=default-fedora-34-master-py3 # - env: INSTANCE=fedora-34-master-py3 - - env: INSTANCE=default-fedora-33-master-py3 - # - env: INSTANCE=fedora-33-master-py3 - env: INSTANCE=default-opensuse-leap-153-master-py3 # - env: INSTANCE=opensuse-leap-153-master-py3 - - env: INSTANCE=default-opensuse-leap-152-master-py3 - # - env: INSTANCE=opensuse-leap-152-master-py3 - env: INSTANCE=default-opensuse-tmbl-latest-master-py3 # - env: INSTANCE=opensuse-tmbl-latest-master-py3 - env: INSTANCE=default-amazonlinux-2-master-py3 @@ -145,60 +141,54 @@ jobs: # - env: INSTANCE=default-rockylinux-8-master-py3 # - env: INSTANCE=passenger-rockylinux-8-master-py3 - env: INSTANCE=rockylinux-8-master-py3 - # - env: INSTANCE=default-debian-11-3003-3-py3 + # - env: INSTANCE=default-debian-11-3004-0-py3 + # - env: INSTANCE=default-debian-10-3004-0-py3 + # - env: INSTANCE=default-debian-9-3004-0-py3 + # - env: INSTANCE=default-ubuntu-2004-3004-0-py3 + # - env: INSTANCE=default-ubuntu-1804-3004-0-py3 + # - env: INSTANCE=default-centos-stream8-3004-0-py3 + # - env: INSTANCE=default-centos-7-3004-0-py3 + # - env: INSTANCE=default-fedora-34-3004-0-py3 + # - env: INSTANCE=default-opensuse-leap-153-3004-0-py3 + # - env: INSTANCE=default-opensuse-tmbl-latest-3004-0-py3 + # - env: INSTANCE=default-amazonlinux-2-3004-0-py3 + # - env: INSTANCE=default-oraclelinux-8-3004-0-py3 + # - env: INSTANCE=default-oraclelinux-7-3004-0-py3 + # - env: INSTANCE=default-arch-base-latest-3004-0-py3 + # - env: INSTANCE=default-gentoo-stage3-latest-3004-0-py3 + # - env: INSTANCE=default-gentoo-stage3-systemd-3004-0-py3 + # - env: INSTANCE=default-almalinux-8-3004-0-py3 + # - env: INSTANCE=default-rockylinux-8-3004-0-py3 # - env: INSTANCE=default-debian-10-3003-3-py3 # - env: INSTANCE=default-debian-9-3003-3-py3 # - env: INSTANCE=default-ubuntu-2004-3003-3-py3 # - env: INSTANCE=default-ubuntu-1804-3003-3-py3 - # - env: INSTANCE=default-centos-8-3003-3-py3 + # - env: INSTANCE=default-centos-stream8-3003-3-py3 # - env: INSTANCE=default-centos-7-3003-3-py3 + # - env: INSTANCE=default-fedora-35-3003-3-py3 # - env: INSTANCE=default-fedora-34-3003-3-py3 - # - env: INSTANCE=default-fedora-33-3003-3-py3 # - env: INSTANCE=default-opensuse-leap-153-3003-3-py3 - # - env: INSTANCE=default-opensuse-leap-152-3003-3-py3 # - env: INSTANCE=default-opensuse-tmbl-latest-3003-3-py3 # - env: INSTANCE=default-amazonlinux-2-3003-3-py3 # - env: INSTANCE=default-oraclelinux-8-3003-3-py3 # - env: INSTANCE=default-oraclelinux-7-3003-3-py3 - # - env: INSTANCE=default-arch-base-latest-3003-3-py3 # - env: INSTANCE=default-gentoo-stage3-latest-3003-3-py3 # - env: INSTANCE=default-gentoo-stage3-systemd-3003-3-py3 # - env: INSTANCE=default-almalinux-8-3003-3-py3 - # - env: INSTANCE=default-debian-11-3002-7-py3 # - env: INSTANCE=default-debian-10-3002-7-py3 # - env: INSTANCE=default-debian-9-3002-7-py3 # - env: INSTANCE=default-ubuntu-2004-3002-7-py3 # - env: INSTANCE=default-ubuntu-1804-3002-7-py3 - # - env: INSTANCE=default-centos-8-3002-7-py3 # - env: INSTANCE=default-centos-7-3002-7-py3 + # - env: INSTANCE=default-fedora-35-3002-7-py3 # - env: INSTANCE=default-fedora-34-3002-7-py3 - # - env: INSTANCE=default-fedora-33-3002-7-py3 # - env: INSTANCE=default-opensuse-leap-153-3002-7-py3 - # - env: INSTANCE=default-opensuse-leap-152-3002-7-py3 # - env: INSTANCE=default-opensuse-tmbl-latest-3002-7-py3 # - env: INSTANCE=default-amazonlinux-2-3002-7-py3 # - env: INSTANCE=default-oraclelinux-8-3002-7-py3 # - env: INSTANCE=default-oraclelinux-7-3002-7-py3 - # - env: INSTANCE=default-arch-base-latest-3002-7-py3 # - env: INSTANCE=default-gentoo-stage3-latest-3002-7-py3 # - env: INSTANCE=default-gentoo-stage3-systemd-3002-7-py3 - # - env: INSTANCE=default-debian-10-3001-8-py3 - # - env: INSTANCE=default-debian-9-3001-8-py3 - # - env: INSTANCE=default-ubuntu-2004-3001-8-py3 - # - env: INSTANCE=default-ubuntu-1804-3001-8-py3 - # - env: INSTANCE=default-centos-8-3001-8-py3 - # - env: INSTANCE=default-centos-7-3001-8-py3 - # - env: INSTANCE=default-fedora-34-3001-8-py3 - # - env: INSTANCE=default-fedora-33-3001-8-py3 - # - env: INSTANCE=default-opensuse-leap-153-3001-8-py3 - # - env: INSTANCE=default-opensuse-leap-152-3001-8-py3 - # - env: INSTANCE=default-opensuse-tmbl-latest-3001-8-py3 - # - env: INSTANCE=default-amazonlinux-2-3001-8-py3 - # - env: INSTANCE=default-oraclelinux-8-3001-8-py3 - # - env: INSTANCE=default-oraclelinux-7-3001-8-py3 - # - env: INSTANCE=default-arch-base-latest-3001-8-py3 - # - env: INSTANCE=default-gentoo-stage3-latest-3001-8-py3 - # - env: INSTANCE=default-gentoo-stage3-systemd-3001-8-py3 ## Define the release stage that runs `semantic-release` - stage: 'release' diff --git a/AUTHORS.md b/AUTHORS.md index b9e6fb2..7b56f65 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -4,12 +4,12 @@ This list is sorted by the number of commits per contributor in _descending_ ord Avatar|Contributor|Contributions :-:|---|:-: -@myii|[@myii](https://github.com/myii)|107 +@myii|[@myii](https://github.com/myii)|155 @aboe76|[@aboe76](https://github.com/aboe76)|46 +@javierbertoli|[@javierbertoli](https://github.com/javierbertoli)|29 @gravyboat|[@gravyboat](https://github.com/gravyboat)|27 @nmadhok|[@nmadhok](https://github.com/nmadhok)|24 -@javierbertoli|[@javierbertoli](https://github.com/javierbertoli)|21 -@noelmcloughlin|[@noelmcloughlin](https://github.com/noelmcloughlin)|18 +@noelmcloughlin|[@noelmcloughlin](https://github.com/noelmcloughlin)|19 @whiteinge|[@whiteinge](https://github.com/whiteinge)|17 @ross-p|[@ross-p](https://github.com/ross-p)|13 @daks|[@daks](https://github.com/daks)|11 @@ -74,7 +74,7 @@ Avatar|Contributor|Contributions @scub|[@scub](https://github.com/scub)|1 @thatch45|[@thatch45](https://github.com/thatch45)|1 @blarghmatey|[@blarghmatey](https://github.com/blarghmatey)|1 -@babilen5|[@babilen5](https://github.com/babilen5)|1 +@babilen|[@babilen](https://github.com/babilen)|1 @abednarik|[@abednarik](https://github.com/abednarik)|1 @francesco-a|[@francesco-a](https://github.com/francesco-a)|1 @oboyle|[@oboyle](https://github.com/oboyle)|1 @@ -82,4 +82,4 @@ Avatar|Contributor|Contributions --- -Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2021-06-15. +Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2022-03-02. diff --git a/CHANGELOG.md b/CHANGELOG.md index 8d9a66a..e3c2c5c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,78 @@ # Changelog +## [2.8.1](https://github.com/saltstack-formulas/nginx-formula/compare/v2.8.0...v2.8.1) (2022-03-02) + + +### Bug Fixes + +* **debian:** avoid adding repositories entries multiple times ([d1d3e55](https://github.com/saltstack-formulas/nginx-formula/commit/d1d3e552adf3bc17265ffcc1c27920d4b9a09c6d)), closes [/github.com/saltstack/salt/issues/59785#issuecomment-826590482](https://github.com//github.com/saltstack/salt/issues/59785/issues/issuecomment-826590482) + + +### Continuous Integration + +* update linters to latest versions [skip ci] ([512fe00](https://github.com/saltstack-formulas/nginx-formula/commit/512fe00a069f2fcabed119c36f9444c2a65e179c)) + + +### Tests + +* **repository:** use `system.platform[:codename]` [skip ci] ([0e51694](https://github.com/saltstack-formulas/nginx-formula/commit/0e51694c2a59b975be0fe4972c525b73f556a6db)) +* **system:** add `build_platform_codename` [skip ci] ([5f1a289](https://github.com/saltstack-formulas/nginx-formula/commit/5f1a289f11cdcbb2dac6021109cfc390068134d4)) + +# [2.8.0](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.5...v2.8.0) (2022-02-03) + + +### Code Refactoring + +* **pkgs:** readbility ([b76e8cc](https://github.com/saltstack-formulas/nginx-formula/commit/b76e8cc6640943d97bc778948555ae3f45a71552)) + + +### Continuous Integration + +* **kitchen+gitlab:** update for new pre-salted images [skip ci] ([7fcb960](https://github.com/saltstack-formulas/nginx-formula/commit/7fcb9608cd838469e7c1faf2126ea8d5673d0481)) + + +### Features + +* **debian:** use keyrings instead of key_ids ([037c13a](https://github.com/saltstack-formulas/nginx-formula/commit/037c13a674d9e2850a808bcb0fe8600e4ec8b177)) + + +### Reverts + +* **pkg:** use grains.osfinger in a format suitable for all platforms ([8fee9f0](https://github.com/saltstack-formulas/nginx-formula/commit/8fee9f05bd86c549a050a5b4c555fa0d532493d3)) + + +### Styles + +* **map.jinja:** remove empty line ([ae52641](https://github.com/saltstack-formulas/nginx-formula/commit/ae52641cfc87ad576f22f0675eff436ebccf3d34)) + + +### Tests + +* **repository:** favor `platform` over `os` ([c16ecf8](https://github.com/saltstack-formulas/nginx-formula/commit/c16ecf82f52b0236a8b54b5ad984c08902b79534)) + +## [2.7.5](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.4...v2.7.5) (2022-02-02) + + +### Bug Fixes + +* **snippets:** make sure they're deployed before being used ([9dfc1c1](https://github.com/saltstack-formulas/nginx-formula/commit/9dfc1c1b2f4a0cd17221b303c95af1d7a9aba781)) + + +### Continuous Integration + +* **3003.1:** update inc. AlmaLinux, Rocky & `rst-lint` [skip ci] ([6a42a9b](https://github.com/saltstack-formulas/nginx-formula/commit/6a42a9bdf84e764cb4b3313ad2b6d95688517dec)) +* **freebsd:** update with latest pre-salted Vagrant boxes [skip ci] ([860fabe](https://github.com/saltstack-formulas/nginx-formula/commit/860fabe327cfa9512152b0f278897311f35449bf)) +* **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] ([1557473](https://github.com/saltstack-formulas/nginx-formula/commit/155747346c5b0fe7e1af5214734581e992832b45)) +* **gemfile+lock:** use `ssf` customised `inspec` repo [skip ci] ([a11da83](https://github.com/saltstack-formulas/nginx-formula/commit/a11da83d03fad1c50a93ba06c1c5af21f1c79e7a)) +* **gitlab-ci:** enable instance after upstream issue resolved [skip ci] ([79499e8](https://github.com/saltstack-formulas/nginx-formula/commit/79499e841be74162dd5ec869de267366b6048af1)) +* **kitchen:** move `provisioner` block & update `run_command` [skip ci] ([6b65017](https://github.com/saltstack-formulas/nginx-formula/commit/6b650177aaa9800151f2e7f628551856f0c28c54)) +* **kitchen+ci:** update with `3004` pre-salted images/boxes [skip ci] ([30f87cc](https://github.com/saltstack-formulas/nginx-formula/commit/30f87cc84b2991c7f0ed1f0066f9241a3754e8df)) +* **kitchen+ci:** update with latest `3003.2` pre-salted images [skip ci] ([70a1f31](https://github.com/saltstack-formulas/nginx-formula/commit/70a1f3135ccfde09f6016a46eee3fc55b2ca9840)) +* **kitchen+ci:** update with latest CVE pre-salted images [skip ci] ([e041418](https://github.com/saltstack-formulas/nginx-formula/commit/e0414181a724076176cb37f6402f013f4e498109)) +* **vagrant:** replace FreeBSD 12.2 with 12.3 [skip ci] ([7deb74f](https://github.com/saltstack-formulas/nginx-formula/commit/7deb74fdbccad7e8590b9ddf7d0630e9a2ba56e1)) +* add Debian 11 Bullseye & update `yamllint` configuration [skip ci] ([fa8a5db](https://github.com/saltstack-formulas/nginx-formula/commit/fa8a5db5079b1e41eeac5d4ee25c06d976a24f3e)) +* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] ([d15f3de](https://github.com/saltstack-formulas/nginx-formula/commit/d15f3decb3fb1d8d1d04934c8d909913380d53f1)) + ## [2.7.4](https://github.com/saltstack-formulas/nginx-formula/compare/v2.7.3...v2.7.4) (2021-06-15) diff --git a/CODEOWNERS b/CODEOWNERS index 2dd5bf8..a307644 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -22,6 +22,7 @@ /test/integration/**/libraries/system.rb @saltstack-formulas/ssf /test/integration/**/inspec.yml @saltstack-formulas/ssf /test/integration/**/README.md @saltstack-formulas/ssf +/test/salt/pillar/top.sls @saltstack-formulas/ssf /.gitignore @saltstack-formulas/ssf /.cirrus.yml @saltstack-formulas/ssf /.gitlab-ci.yml @saltstack-formulas/ssf diff --git a/FORMULA b/FORMULA index 636b36f..f10cee2 100644 --- a/FORMULA +++ b/FORMULA @@ -1,7 +1,7 @@ name: nginx os: Debian, Ubuntu, RedHat, Fedora, CentOS, Suse, openSUSE os_family: Debian, RedHat, Suse -version: 2.7.4 +version: 2.8.1 release: 1 minimum_version: 2017.3 summary: nginx formula diff --git a/Gemfile b/Gemfile index 9e812aa..8020f66 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ # frozen_string_literal: true -source 'https://rubygems.org' +source ENV['PROXY_RUBYGEMSORG'] || 'https://rubygems.org' # Install the `inspec` gem using `git` because versions after `4.22.22` # suppress diff output; this version fixes this for our uses. @@ -16,7 +16,7 @@ gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure # rubocop:enable Layout/LineLength gem 'kitchen-inspec', '>= 2.5.0' -gem 'kitchen-salt', '>= 0.6.3' +gem 'kitchen-salt', '>= 0.7.2' group :vagrant do gem 'kitchen-vagrant' diff --git a/Gemfile.lock b/Gemfile.lock index 94478e8..155593d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,17 +1,20 @@ GIT remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec - revision: 223002687f2cfa303b13457825665de6c5514c52 + revision: 2c075651c0de1eac9e6bdbf820c03529ad2f59e1 branch: ssf specs: - inspec (4.46.13) + inspec (5.7.6) + cookstyle faraday_middleware (>= 0.12.2, < 1.1) - inspec-core (= 4.46.13) + inspec-core (= 5.7.6) mongo (= 2.13.2) + progress_bar (~> 1.3.3) + rake train (~> 3.0) train-aws (~> 0.2) train-habitat (~> 0.1) train-winrm (~> 0.2) - inspec-core (4.46.13) + inspec-core (5.7.6) addressable (~> 2.4) chef-telemetry (~> 1.0, >= 1.0.8) faraday (>= 0.9.0, < 1.5) @@ -24,7 +27,7 @@ GIT parallel (~> 1.9) parslet (>= 1.5, < 2.0) pry (~> 0.13) - rspec (>= 3.9, < 3.11) + rspec (>= 3.9, <= 3.11) rspec-its (~> 1.2) rubyzip (>= 1.2.2, < 3.0) semverse (~> 3.0) @@ -37,42 +40,42 @@ GIT GIT remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker - revision: 428c89fc250b3790abad5ecb0afe0c3d4956084c + revision: 4e03ca42d98624323c1c2d91ceb39c09a29bbfc8 branch: ssf specs: - kitchen-docker (2.11.0) + kitchen-docker (2.12.0) test-kitchen (>= 1.0.0) GEM remote: https://rubygems.org/ specs: - activesupport (6.1.4.1) + activesupport (7.0.2.3) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - zeitwerk (~> 2.3) addressable (2.8.0) public_suffix (>= 2.0.2, < 5.0) + ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.510.0) - aws-sdk-alexaforbusiness (1.50.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-partitions (1.566.0) + aws-sdk-alexaforbusiness (1.56.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-amplify (1.32.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-apigateway (1.67.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-apigateway (1.75.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-apigatewayv2 (1.36.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-apigatewayv2 (1.42.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-applicationautoscaling (1.51.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-athena (1.41.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-athena (1.52.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-autoscaling (1.63.0) aws-sdk-core (~> 3, >= 3.112.0) @@ -80,41 +83,41 @@ GEM aws-sdk-batch (1.47.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-budgets (1.41.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-budgets (1.49.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudformation (1.58.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudformation (1.68.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudfront (1.56.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudfront (1.63.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudhsm (1.33.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudhsm (1.39.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudhsmv2 (1.36.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudhsmv2 (1.42.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudtrail (1.38.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudtrail (1.48.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatch (1.55.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudwatch (1.62.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-cloudwatchevents (1.46.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchlogs (1.45.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-cloudwatchlogs (1.52.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-codecommit (1.45.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-codecommit (1.51.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-codedeploy (1.43.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-codedeploy (1.49.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-codepipeline (1.47.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-codepipeline (1.53.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-cognitoidentity (1.31.0) aws-sdk-core (~> 3, >= 3.112.0) @@ -122,91 +125,94 @@ GEM aws-sdk-cognitoidentityprovider (1.53.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-configservice (1.66.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-configservice (1.74.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.121.1) + aws-sdk-core (3.129.1) aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.239.0) + aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) jmespath (~> 1.0) - aws-sdk-costandusagereportservice (1.34.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-costandusagereportservice (1.40.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-databasemigrationservice (1.53.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-dynamodb (1.63.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-dynamodb (1.74.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ec2 (1.266.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-ec2 (1.302.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ecr (1.47.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-ecr (1.55.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ecrpublic (1.6.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-ecrpublic (1.12.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ecs (1.85.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-ecs (1.97.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-efs (1.45.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-efs (1.53.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-eks (1.63.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-eks (1.74.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticache (1.62.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-elasticache (1.74.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticbeanstalk (1.45.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-elasticbeanstalk (1.51.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancing (1.34.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-elasticloadbalancing (1.40.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancingv2 (1.68.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-elasticloadbalancingv2 (1.77.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticsearchservice (1.56.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-elasticsearchservice (1.65.0) + aws-sdk-core (~> 3, >= 3.127.0) + aws-sigv4 (~> 1.1) + aws-sdk-emr (1.53.0) + aws-sdk-core (~> 3, >= 3.121.2) aws-sigv4 (~> 1.1) aws-sdk-eventbridge (1.24.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-firehose (1.41.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-firehose (1.48.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-glue (1.88.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-guardduty (1.48.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-guardduty (1.56.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.61.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-iam (1.68.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-kafka (1.41.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-kafka (1.49.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-kinesis (1.35.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-kinesis (1.41.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.49.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-kms (1.55.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-lambda (1.69.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-lambda (1.80.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-mq (1.40.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-networkfirewall (1.8.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-networkfirewall (1.15.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-networkmanager (1.14.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-networkmanager (1.22.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-organizations (1.59.0) aws-sdk-core (~> 3, >= 3.112.0) @@ -214,30 +220,33 @@ GEM aws-sdk-ram (1.26.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-rds (1.127.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-rds (1.141.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-redshift (1.69.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-redshift (1.79.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-route53 (1.55.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-route53 (1.62.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-route53domains (1.33.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-route53domains (1.40.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-route53resolver (1.30.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-route53resolver (1.37.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.103.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-s3 (1.113.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) + aws-sdk-s3control (1.43.0) + aws-sdk-core (~> 3, >= 3.122.0) + aws-sigv4 (~> 1.1) aws-sdk-secretsmanager (1.46.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-securityhub (1.52.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-securityhub (1.62.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-servicecatalog (1.60.0) aws-sdk-core (~> 3, >= 3.112.0) @@ -245,8 +254,8 @@ GEM aws-sdk-ses (1.41.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-shield (1.41.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-shield (1.48.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-signer (1.32.0) aws-sdk-core (~> 3, >= 3.120.0) @@ -254,24 +263,30 @@ GEM aws-sdk-simpledb (1.29.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv2 (~> 1.0) - aws-sdk-sms (1.32.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-sms (1.39.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-sns (1.45.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-sns (1.53.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-sqs (1.44.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-sqs (1.51.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ssm (1.119.0) - aws-sdk-core (~> 3, >= 3.120.0) + aws-sdk-ssm (1.132.0) + aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-states (1.39.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) + aws-sdk-synthetics (1.19.0) + aws-sdk-core (~> 3, >= 3.121.2) + aws-sigv4 (~> 1.1) aws-sdk-transfer (1.34.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) + aws-sdk-waf (1.43.0) + aws-sdk-core (~> 3, >= 3.122.0) + aws-sigv4 (~> 1.1) aws-sigv2 (1.1.0) aws-sigv4 (1.4.0) aws-eventstream (~> 1, >= 1.0.2) @@ -286,11 +301,11 @@ GEM azure_mgmt_storage (0.23.0) ms_rest_azure (~> 0.12.0) bcrypt_pbkdf (1.1.0) - bson (4.12.1) + bson (4.14.1) builder (3.2.4) - chef-config (17.6.18) + chef-config (17.9.52) addressable - chef-utils (= 17.6.18) + chef-utils (= 17.9.52) fuzzyurl mixlib-config (>= 2.2.12, < 4.0) mixlib-shellout (>= 2.0, < 4.0) @@ -298,20 +313,22 @@ GEM chef-telemetry (1.1.1) chef-config concurrent-ruby (~> 1.0) - chef-utils (17.6.18) + chef-utils (17.9.52) concurrent-ruby coderay (1.1.3) concurrent-ruby (1.1.9) + cookstyle (7.32.1) + rubocop (= 1.25.1) declarative (0.0.20) - diff-lcs (1.4.4) + diff-lcs (1.5.0) docker-api (2.2.0) excon (>= 0.47.0) multi_json domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - ed25519 (1.2.4) + ed25519 (1.3.0) erubi (1.10.0) - excon (0.86.0) + excon (0.91.0) faraday (1.4.3) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) @@ -330,7 +347,7 @@ GEM faraday-net_http_persistent (1.2.0) faraday_middleware (1.0.0) faraday (~> 1.0) - ffi (1.15.4) + ffi (1.15.5) fuzzyurl (0.9.0) google-api-client (0.52.0) addressable (~> 2.5, >= 2.5.1) @@ -353,23 +370,24 @@ GEM gyoku (1.3.1) builder (>= 2.1.2) hashie (4.1.0) + highline (2.0.3) http-cookie (1.0.4) domain_name (~> 0.5) httpclient (2.8.3) - i18n (1.8.10) + i18n (1.10.0) concurrent-ruby (~> 1.0) inifile (3.0.0) - jmespath (1.4.0) - json (2.5.1) + jmespath (1.6.1) + json (2.6.1) jwt (2.3.0) - kitchen-inspec (2.5.0) + kitchen-inspec (2.5.2) hashie (>= 3.4, <= 5.0) - inspec (>= 2.2.64, < 5.0) + inspec (>= 2.2.64, < 6.0) test-kitchen (>= 2.7, < 4) - kitchen-salt (0.6.3) + kitchen-salt (0.7.2) hashie (>= 3.5) test-kitchen (>= 1.4) - kitchen-vagrant (1.10.0) + kitchen-vagrant (1.11.0) test-kitchen (>= 1.4, < 4) license-acceptance (2.1.13) pastel (~> 0.7) @@ -382,8 +400,8 @@ GEM multi_json (~> 1.14) memoist (0.16.2) method_source (1.0.0) - mini_mime (1.1.1) - minitest (5.14.4) + mini_mime (1.1.2) + minitest (5.15.0) mixlib-config (3.0.9) tomlrb mixlib-install (3.12.16) @@ -413,44 +431,65 @@ GEM net-ssh-gateway (2.0.0) net-ssh (>= 4.0.0) nori (2.6.0) - os (1.1.1) + options (2.3.2) + os (1.1.4) parallel (1.21.0) + parser (3.1.1.0) + ast (~> 2.4.1) parslet (1.8.2) pastel (0.8.0) tty-color (~> 0.5) + progress_bar (1.3.3) + highline (>= 1.6, < 3) + options (~> 2.3.0) pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) public_suffix (4.0.6) + rainbow (3.1.1) + rake (13.0.6) + regexp_parser (2.2.1) representable (3.1.1) declarative (< 0.1.0) trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) retriable (3.1.2) rexml (3.2.5) - rspec (3.10.0) - rspec-core (~> 3.10.0) - rspec-expectations (~> 3.10.0) - rspec-mocks (~> 3.10.0) - rspec-core (3.10.1) - rspec-support (~> 3.10.0) - rspec-expectations (3.10.1) + rspec (3.11.0) + rspec-core (~> 3.11.0) + rspec-expectations (~> 3.11.0) + rspec-mocks (~> 3.11.0) + rspec-core (3.11.0) + rspec-support (~> 3.11.0) + rspec-expectations (3.11.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.10.0) + rspec-support (~> 3.11.0) rspec-its (1.3.0) rspec-core (>= 3.0.0) rspec-expectations (>= 3.0.0) - rspec-mocks (3.10.2) + rspec-mocks (3.11.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.10.0) - rspec-support (3.10.2) + rspec-support (~> 3.11.0) + rspec-support (3.11.0) + rubocop (1.25.1) + parallel (~> 1.10) + parser (>= 3.1.0.0) + rainbow (>= 2.2.2, < 4.0) + regexp_parser (>= 1.8, < 3.0) + rexml + rubocop-ast (>= 1.15.1, < 2.0) + ruby-progressbar (~> 1.7) + unicode-display_width (>= 1.4.0, < 3.0) + rubocop-ast (1.16.0) + parser (>= 3.1.1.0) + ruby-progressbar (1.11.0) ruby2_keywords (0.0.5) rubyntlm (0.6.3) rubyzip (2.3.2) semverse (3.0.0) - signet (0.16.0) + signet (0.16.1) addressable (~> 2.8) - faraday (>= 0.17.3, < 2.0) + faraday (>= 0.17.5, < 3.0) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) sslshake (1.3.1) @@ -459,7 +498,7 @@ GEM unicode-display_width (>= 1.5, < 3.0) unicode_utils (~> 1.4) strings-ansi (0.2.0) - test-kitchen (3.1.0) + test-kitchen (3.2.2) bcrypt_pbkdf (~> 1.0) chef-utils (>= 16.4.35) ed25519 (~> 1.2) @@ -473,11 +512,11 @@ GEM winrm (~> 2.0) winrm-elevated (~> 1.0) winrm-fs (~> 1.1) - thor (1.1.0) + thor (1.2.1) timeliness (0.3.10) tomlrb (1.3.0) - trailblazer-option (0.1.1) - train (3.8.1) + trailblazer-option (0.1.2) + train (3.8.9) activesupport (>= 6.0.3.1) azure_graph_rbac (~> 0.16) azure_mgmt_key_vault (~> 0.17) @@ -488,9 +527,9 @@ GEM google-api-client (>= 0.23.9, <= 0.52.0) googleauth (>= 0.6.6, <= 0.14.0) inifile (~> 3.0) - train-core (= 3.8.1) + train-core (= 3.8.9) train-winrm (~> 0.2) - train-aws (0.2.20) + train-aws (0.2.24) aws-sdk-alexaforbusiness (~> 1.0) aws-sdk-amplify (~> 1.32.0) aws-sdk-apigateway (~> 1.0) @@ -529,6 +568,7 @@ GEM aws-sdk-elasticloadbalancing (~> 1.8) aws-sdk-elasticloadbalancingv2 (~> 1.0) aws-sdk-elasticsearchservice (~> 1.0) + aws-sdk-emr (~> 1.53.0) aws-sdk-eventbridge (~> 1.24.0) aws-sdk-firehose (~> 1.0) aws-sdk-glue (>= 1.71, < 1.89) @@ -549,6 +589,7 @@ GEM aws-sdk-route53domains (~> 1.0) aws-sdk-route53resolver (~> 1.0) aws-sdk-s3 (~> 1.30) + aws-sdk-s3control (~> 1.43.0) aws-sdk-secretsmanager (>= 1.42, < 1.47) aws-sdk-securityhub (~> 1.0) aws-sdk-servicecatalog (>= 1.48, < 1.61) @@ -561,8 +602,10 @@ GEM aws-sdk-sqs (~> 1.10) aws-sdk-ssm (~> 1.0) aws-sdk-states (>= 1.35, < 1.40) + aws-sdk-synthetics (~> 1.19.0) aws-sdk-transfer (>= 1.26, < 1.35) - train-core (3.8.1) + aws-sdk-waf (~> 1.43.0) + train-core (3.8.9) addressable (~> 2.5) ffi (!= 1.13.0) json (>= 1.8, < 3.0) @@ -570,7 +613,7 @@ GEM net-scp (>= 1.2, < 4.0) net-ssh (>= 2.9, < 7.0) train-habitat (0.2.22) - train-winrm (0.2.12) + train-winrm (0.2.13) winrm (>= 2.3.6, < 3.0) winrm-elevated (~> 1.2.2) winrm-fs (~> 1.0) @@ -619,7 +662,6 @@ GEM rubyzip (~> 2.0) winrm (~> 2.0) wisper (2.0.1) - zeitwerk (2.4.2) PLATFORMS ruby @@ -628,7 +670,7 @@ DEPENDENCIES inspec! kitchen-docker! kitchen-inspec (>= 2.5.0) - kitchen-salt (>= 0.6.3) + kitchen-salt (>= 0.7.2) kitchen-vagrant BUNDLED WITH diff --git a/docs/AUTHORS.rst b/docs/AUTHORS.rst index a8e625c..230b1f2 100644 --- a/docs/AUTHORS.rst +++ b/docs/AUTHORS.rst @@ -15,22 +15,22 @@ This list is sorted by the number of commits per contributor in *descending* ord - Contributions * - :raw-html-m2r:`@myii` - `@myii `_ - - 107 + - 155 * - :raw-html-m2r:`@aboe76` - `@aboe76 `_ - 46 + * - :raw-html-m2r:`@javierbertoli` + - `@javierbertoli `_ + - 29 * - :raw-html-m2r:`@gravyboat` - `@gravyboat `_ - 27 * - :raw-html-m2r:`@nmadhok` - `@nmadhok `_ - 24 - * - :raw-html-m2r:`@javierbertoli` - - `@javierbertoli `_ - - 21 * - :raw-html-m2r:`@noelmcloughlin` - `@noelmcloughlin `_ - - 18 + - 19 * - :raw-html-m2r:`@whiteinge` - `@whiteinge `_ - 17 @@ -223,8 +223,8 @@ This list is sorted by the number of commits per contributor in *descending* ord * - :raw-html-m2r:`@blarghmatey` - `@blarghmatey `_ - 1 - * - :raw-html-m2r:`@babilen5` - - `@babilen5 `_ + * - :raw-html-m2r:`@babilen` + - `@babilen `_ - 1 * - :raw-html-m2r:`@abednarik` - `@abednarik `_ @@ -242,4 +242,4 @@ This list is sorted by the number of commits per contributor in *descending* ord ---- -Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2021-06-15. +Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2022-03-02. diff --git a/docs/CHANGELOG.rst b/docs/CHANGELOG.rst index f25d2de..be410c0 100644 --- a/docs/CHANGELOG.rst +++ b/docs/CHANGELOG.rst @@ -2,6 +2,93 @@ Changelog ========= +`2.8.1 `_ (2022-03-02) +------------------------------------------------------------------------------------------------------- + +Bug Fixes +^^^^^^^^^ + + +* **debian:** avoid adding repositories entries multiple times (\ `d1d3e55 `_\ ), closes `/github.com/saltstack/salt/issues/59785#issuecomment-826590482 `_ + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* update linters to latest versions [skip ci] (\ `512fe00 `_\ ) + +Tests +^^^^^ + + +* **repository:** use ``system.platform[:codename]`` [skip ci] (\ `0e51694 `_\ ) +* **system:** add ``build_platform_codename`` [skip ci] (\ `5f1a289 `_\ ) + +`2.8.0 `_ (2022-02-03) +------------------------------------------------------------------------------------------------------- + +Code Refactoring +^^^^^^^^^^^^^^^^ + + +* **pkgs:** readbility (\ `b76e8cc `_\ ) + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* **kitchen+gitlab:** update for new pre-salted images [skip ci] (\ `7fcb960 `_\ ) + +Features +^^^^^^^^ + + +* **debian:** use keyrings instead of key_ids (\ `037c13a `_\ ) + +Reverts +^^^^^^^ + + +* **pkg:** use grains.osfinger in a format suitable for all platforms (\ `8fee9f0 `_\ ) + +Styles +^^^^^^ + + +* **map.jinja:** remove empty line (\ `ae52641 `_\ ) + +Tests +^^^^^ + + +* **repository:** favor ``platform`` over ``os`` (\ `c16ecf8 `_\ ) + +`2.7.5 `_ (2022-02-02) +------------------------------------------------------------------------------------------------------- + +Bug Fixes +^^^^^^^^^ + + +* **snippets:** make sure they're deployed before being used (\ `9dfc1c1 `_\ ) + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* **3003.1:** update inc. AlmaLinux, Rocky & ``rst-lint`` [skip ci] (\ `6a42a9b `_\ ) +* **freebsd:** update with latest pre-salted Vagrant boxes [skip ci] (\ `860fabe `_\ ) +* **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] (\ `1557473 `_\ ) +* **gemfile+lock:** use ``ssf`` customised ``inspec`` repo [skip ci] (\ `a11da83 `_\ ) +* **gitlab-ci:** enable instance after upstream issue resolved [skip ci] (\ `79499e8 `_\ ) +* **kitchen:** move ``provisioner`` block & update ``run_command`` [skip ci] (\ `6b65017 `_\ ) +* **kitchen+ci:** update with ``3004`` pre-salted images/boxes [skip ci] (\ `30f87cc `_\ ) +* **kitchen+ci:** update with latest ``3003.2`` pre-salted images [skip ci] (\ `70a1f31 `_\ ) +* **kitchen+ci:** update with latest CVE pre-salted images [skip ci] (\ `e041418 `_\ ) +* **vagrant:** replace FreeBSD 12.2 with 12.3 [skip ci] (\ `7deb74f `_\ ) +* add Debian 11 Bullseye & update ``yamllint`` configuration [skip ci] (\ `fa8a5db `_\ ) +* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] (\ `d15f3de `_\ ) + `2.7.4 `_ (2021-06-15) ------------------------------------------------------------------------------------------------------- diff --git a/docs/README.apt.keyrings.rst b/docs/README.apt.keyrings.rst new file mode 100644 index 0000000..7319c96 --- /dev/null +++ b/docs/README.apt.keyrings.rst @@ -0,0 +1,34 @@ +.. _readme_apt_keyrings: + +apt repositories' keyrings +========================== + +Debian family of OSes deprecated the use of `apt-key` to manage repositories' keys +in favor of using `keyring files` which contain a binary OpenPGP format of the key +(also known as "GPG key public ring") + +As nginx and passenger don't provide such key files, we created them following the +official recomendations in their sites and install the resulting files. + +Nginx +----- + +See https://nginx.org/en/linux_packages.html#Debian for details + +.. code-block:: bash + + $ curl -s https://nginx.org/keys/nginx_signing.key | \ + gpg --dearmor --output nginx-archive-keyring.gpg + +Phusion-passenger +----------------- + +See https://www.phusionpassenger.com/docs/tutorials/deploy_to_production/installations/oss/ownserver/ruby/nginx/ +for more details. + +.. code-block:: bash + + $ gpg --keyserver keyserver.ubuntu.com \ + --output - \ + --recv-keys 561F9B9CAC40B2F7 | \ + gpg --export --output phusionpassenger-archive-keyring.gpg diff --git a/kitchen.vagrant.yml b/kitchen.vagrant.yml index eff870a..f9661b3 100644 --- a/kitchen.vagrant.yml +++ b/kitchen.vagrant.yml @@ -21,14 +21,12 @@ platforms: - name: freebsd-130-master-py3 driver: box: myii/freebsd-13.0-master-py3 - synced_folders: [] # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255208 - - name: freebsd-122-master-py3 + - name: freebsd-123-master-py3 driver: - box: myii/freebsd-12.2-master-py3 - - name: freebsd-130-3003-1-py3 + box: myii/freebsd-12.3-master-py3 + - name: freebsd-130-3004-0-py3 driver: - box: myii/freebsd-13.0-3003.1-py3 - synced_folders: [] # https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255208 - - name: freebsd-122-3003-1-py3 + box: myii/freebsd-13.0-3004.0-py3 + - name: freebsd-123-3004-0-py3 driver: - box: myii/freebsd-12.2-3003.1-py3 + box: myii/freebsd-12.3-3004.0-py3 diff --git a/kitchen.yml b/kitchen.yml index 039f66f..0114877 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -40,9 +40,9 @@ platforms: driver: image: saltimages/salt-tiamat-py3:ubuntu-18.04 run_command: /lib/systemd/systemd - - name: centos-8-tiamat-py3 + - name: centos-stream8-tiamat-py3 driver: - image: saltimages/salt-tiamat-py3:centos-8 + image: saltimages/salt-tiamat-py3:centos-stream8 - name: centos-7-tiamat-py3 driver: image: saltimages/salt-tiamat-py3:centos-7 @@ -83,18 +83,15 @@ platforms: driver: image: saltimages/salt-master-py3:ubuntu-18.04 run_command: /lib/systemd/systemd - - name: centos-8-master-py3 + - name: centos-stream8-master-py3 driver: - image: saltimages/salt-master-py3:centos-8 + image: saltimages/salt-master-py3:centos-stream8 - name: centos-7-master-py3 driver: image: saltimages/salt-master-py3:centos-7 - name: fedora-34-master-py3 driver: image: saltimages/salt-master-py3:fedora-34 - - name: fedora-33-master-py3 - driver: - image: saltimages/salt-master-py3:fedora-33 - name: opensuse-leap-153-master-py3 driver: image: saltimages/salt-master-py3:opensuse-leap-15.3 @@ -102,13 +99,6 @@ platforms: # => SCP did not finish successfully (255): (Net::SCP::Error) transport: max_ssh_sessions: 1 - - name: opensuse-leap-152-master-py3 - driver: - image: saltimages/salt-master-py3:opensuse-leap-15.2 - # Workaround to avoid intermittent failures on `opensuse-leap-15.2`: - # => SCP did not finish successfully (255): (Net::SCP::Error) - transport: - max_ssh_sessions: 1 - name: opensuse-tmbl-latest-master-py3 driver: image: saltimages/salt-master-py3:opensuse-tumbleweed-latest @@ -142,11 +132,77 @@ platforms: driver: image: saltimages/salt-master-py3:rockylinux-8 - ## SALT `3003.3` - - name: debian-11-3003-3-py3 + ## SALT `3004.0` + - name: debian-11-3004-0-py3 driver: - image: saltimages/salt-3003.3-py3:debian-11 + image: saltimages/salt-3004.0-py3:debian-11 run_command: /lib/systemd/systemd + - name: debian-10-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:debian-10 + run_command: /lib/systemd/systemd + - name: debian-9-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:debian-9 + run_command: /lib/systemd/systemd + - name: ubuntu-2004-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:ubuntu-20.04 + run_command: /lib/systemd/systemd + - name: ubuntu-1804-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:ubuntu-18.04 + run_command: /lib/systemd/systemd + - name: centos-stream8-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:centos-stream8 + - name: centos-7-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:centos-7 + - name: fedora-34-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:fedora-34 + - name: opensuse-leap-153-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:opensuse-leap-15.3 + # Workaround to avoid intermittent failures on `opensuse-leap-15.3`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-tmbl-latest-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:opensuse-tumbleweed-latest + # Workaround to avoid intermittent failures on `opensuse-tumbleweed`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: amazonlinux-2-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:amazonlinux-2 + - name: oraclelinux-8-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:oraclelinux-8 + - name: oraclelinux-7-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:oraclelinux-7 + - name: arch-base-latest-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:arch-base-latest + - name: gentoo-stage3-latest-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:gentoo-stage3-latest + run_command: /sbin/init + - name: gentoo-stage3-systemd-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:gentoo-stage3-systemd + - name: almalinux-8-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:almalinux-8 + - name: rockylinux-8-3004-0-py3 + driver: + image: saltimages/salt-3004.0-py3:rockylinux-8 + + ## SALT `3003.3` - name: debian-10-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:debian-10 @@ -163,18 +219,18 @@ platforms: driver: image: saltimages/salt-3003.3-py3:ubuntu-18.04 run_command: /lib/systemd/systemd - - name: centos-8-3003-3-py3 + - name: centos-stream8-3003-3-py3 driver: - image: saltimages/salt-3003.3-py3:centos-8 + image: saltimages/salt-3003.3-py3:centos-stream8 - name: centos-7-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:centos-7 + - name: fedora-35-3003-3-py3 + driver: + image: saltimages/salt-3003.3-py3:fedora-35 - name: fedora-34-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:fedora-34 - - name: fedora-33-3003-3-py3 - driver: - image: saltimages/salt-3003.3-py3:fedora-33 - name: opensuse-leap-153-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:opensuse-leap-15.3 @@ -182,13 +238,6 @@ platforms: # => SCP did not finish successfully (255): (Net::SCP::Error) transport: max_ssh_sessions: 1 - - name: opensuse-leap-152-3003-3-py3 - driver: - image: saltimages/salt-3003.3-py3:opensuse-leap-15.2 - # Workaround to avoid intermittent failures on `opensuse-leap-15.2`: - # => SCP did not finish successfully (255): (Net::SCP::Error) - transport: - max_ssh_sessions: 1 - name: opensuse-tmbl-latest-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:opensuse-tumbleweed-latest @@ -205,9 +254,6 @@ platforms: - name: oraclelinux-7-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:oraclelinux-7 - - name: arch-base-latest-3003-3-py3 - driver: - image: saltimages/salt-3003.3-py3:arch-base-latest - name: gentoo-stage3-latest-3003-3-py3 driver: image: saltimages/salt-3003.3-py3:gentoo-stage3-latest @@ -220,10 +266,6 @@ platforms: image: saltimages/salt-3003.3-py3:almalinux-8 ## SALT `3002.7` - - name: debian-11-3002-7-py3 - driver: - image: saltimages/salt-3002.7-py3:debian-11 - run_command: /lib/systemd/systemd - name: debian-10-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:debian-10 @@ -240,18 +282,15 @@ platforms: driver: image: saltimages/salt-3002.7-py3:ubuntu-18.04 run_command: /lib/systemd/systemd - - name: centos-8-3002-7-py3 - driver: - image: saltimages/salt-3002.7-py3:centos-8 - name: centos-7-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:centos-7 + - name: fedora-35-3002-7-py3 + driver: + image: saltimages/salt-3002.7-py3:fedora-35 - name: fedora-34-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:fedora-34 - - name: fedora-33-3002-7-py3 - driver: - image: saltimages/salt-3002.7-py3:fedora-33 - name: opensuse-leap-153-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:opensuse-leap-15.3 @@ -259,13 +298,6 @@ platforms: # => SCP did not finish successfully (255): (Net::SCP::Error) transport: max_ssh_sessions: 1 - - name: opensuse-leap-152-3002-7-py3 - driver: - image: saltimages/salt-3002.7-py3:opensuse-leap-15.2 - # Workaround to avoid intermittent failures on `opensuse-leap-15.2`: - # => SCP did not finish successfully (255): (Net::SCP::Error) - transport: - max_ssh_sessions: 1 - name: opensuse-tmbl-latest-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:opensuse-tumbleweed-latest @@ -282,9 +314,6 @@ platforms: - name: oraclelinux-7-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:oraclelinux-7 - - name: arch-base-latest-3002-7-py3 - driver: - image: saltimages/salt-3002.7-py3:arch-base-latest - name: gentoo-stage3-latest-3002-7-py3 driver: image: saltimages/salt-3002.7-py3:gentoo-stage3-latest @@ -293,76 +322,6 @@ platforms: driver: image: saltimages/salt-3002.7-py3:gentoo-stage3-systemd - ## SALT `3001.8` - - name: debian-10-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:debian-10 - run_command: /lib/systemd/systemd - - name: debian-9-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:debian-9 - run_command: /lib/systemd/systemd - - name: ubuntu-2004-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:ubuntu-20.04 - run_command: /lib/systemd/systemd - - name: ubuntu-1804-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:ubuntu-18.04 - run_command: /lib/systemd/systemd - - name: centos-8-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:centos-8 - - name: centos-7-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:centos-7 - - name: fedora-34-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:fedora-34 - - name: fedora-33-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:fedora-33 - - name: opensuse-leap-153-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:opensuse-leap-15.3 - # Workaround to avoid intermittent failures on `opensuse-leap-15.3`: - # => SCP did not finish successfully (255): (Net::SCP::Error) - transport: - max_ssh_sessions: 1 - - name: opensuse-leap-152-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:opensuse-leap-15.2 - # Workaround to avoid intermittent failures on `opensuse-leap-15.2`: - # => SCP did not finish successfully (255): (Net::SCP::Error) - transport: - max_ssh_sessions: 1 - - name: opensuse-tmbl-latest-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:opensuse-tumbleweed-latest - # Workaround to avoid intermittent failures on `opensuse-tumbleweed`: - # => SCP did not finish successfully (255): (Net::SCP::Error) - transport: - max_ssh_sessions: 1 - - name: amazonlinux-2-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:amazonlinux-2 - - name: oraclelinux-8-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:oraclelinux-8 - - name: oraclelinux-7-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:oraclelinux-7 - - name: arch-base-latest-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:arch-base-latest - - name: gentoo-stage3-latest-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:gentoo-stage3-latest - run_command: /sbin/init - - name: gentoo-stage3-systemd-3001-8-py3 - driver: - image: saltimages/salt-3001.8-py3:gentoo-stage3-systemd - verifier: # https://www.inspec.io/ name: inspec @@ -400,7 +359,7 @@ suites: - debian-9-tiamat-py3 - ubuntu-2004-tiamat-py3 - ubuntu-1804-tiamat-py3 - - centos-8-tiamat-py3 + - centos-stream8-tiamat-py3 - centos-7-tiamat-py3 - oraclelinux-8-tiamat-py3 - almalinux-8-tiamat-py3 @@ -410,35 +369,35 @@ suites: - debian-9-master-py3 - ubuntu-2004-master-py3 - ubuntu-1804-master-py3 - - centos-8-master-py3 + - centos-stream8-master-py3 - centos-7-master-py3 - oraclelinux-8-master-py3 - almalinux-8-master-py3 - rockylinux-8-master-py3 - - debian-11-3003-3-py3 + - debian-11-3004-0-py3 + - debian-10-3004-0-py3 + - debian-9-3004-0-py3 + - ubuntu-2004-3004-0-py3 + - ubuntu-1804-3004-0-py3 + - centos-stream8-3004-0-py3 + - centos-7-3004-0-py3 + - oraclelinux-8-3004-0-py3 + - almalinux-8-3004-0-py3 + - rockylinux-8-3004-0-py3 - debian-10-3003-3-py3 - debian-9-3003-3-py3 - ubuntu-2004-3003-3-py3 - ubuntu-1804-3003-3-py3 - - centos-8-3003-3-py3 + - centos-stream8-3003-3-py3 - centos-7-3003-3-py3 - oraclelinux-8-3003-3-py3 - almalinux-8-3003-3-py3 - - debian-11-3002-7-py3 - debian-10-3002-7-py3 - debian-9-3002-7-py3 - ubuntu-2004-3002-7-py3 - ubuntu-1804-3002-7-py3 - - centos-8-3002-7-py3 - centos-7-3002-7-py3 - oraclelinux-8-3002-7-py3 - - debian-10-3001-8-py3 - - debian-9-3001-8-py3 - - ubuntu-2004-3001-8-py3 - - ubuntu-1804-3001-8-py3 - - centos-8-3001-8-py3 - - centos-7-3001-8-py3 - - oraclelinux-8-3001-8-py3 provisioner: state_top: base: diff --git a/nginx/files/default/nginx-archive-keyring.gpg b/nginx/files/default/nginx-archive-keyring.gpg new file mode 100644 index 0000000..82b5bff Binary files /dev/null and b/nginx/files/default/nginx-archive-keyring.gpg differ diff --git a/nginx/files/default/phusionpassenger-archive-keyring.gpg b/nginx/files/default/phusionpassenger-archive-keyring.gpg new file mode 100644 index 0000000..ee1337f Binary files /dev/null and b/nginx/files/default/phusionpassenger-archive-keyring.gpg differ diff --git a/nginx/map.jinja b/nginx/map.jinja index 2927150..824c5a7 100644 --- a/nginx/map.jinja +++ b/nginx/map.jinja @@ -20,6 +20,8 @@ 'server_use_symlink': True, 'pid_file': '/run/nginx.pid', 'openssl_package': 'openssl', + 'package_repo_keyring': '/usr/share/keyrings/nginx-archive-keyring.gpg', + 'passenger_package_repo_keyring': '/usr/share/keyrings/phusionpassenger-archive-keyring.gpg', }, 'CentOS': { 'package': 'nginx', @@ -128,7 +130,9 @@ 'opts': {}, }, 'package': { - 'opts': {}, + 'opts': { + 'refresh': True, + }, }, 'service': { 'enable': True, diff --git a/nginx/passenger.sls b/nginx/passenger.sls index ca4156b..c22f6a9 100644 --- a/nginx/passenger.sls +++ b/nginx/passenger.sls @@ -23,6 +23,7 @@ include: passenger_install: pkg.installed: + {{ sls_block(nginx.package.opts) }} - name: {{ nginx.lookup.passenger_package }} - require: - pkg: nginx_install diff --git a/nginx/pkg.sls b/nginx/pkg.sls index a136e18..b2742f6 100644 --- a/nginx/pkg.sls +++ b/nginx/pkg.sls @@ -2,7 +2,11 @@ # # Manages installation of nginx from pkg. -{% from 'nginx/map.jinja' import nginx, sls_block with context %} +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import nginx, sls_block with context %} +{%- from tplroot ~ "/libtofs.jinja" import files_switch with context %} + {%- if nginx.install_from_repo %} {% set from_official = true %} {% set from_ppa = false %} @@ -21,6 +25,8 @@ {% set from_phusionpassenger = false %} {%- endif %} +{%- set resource_repo_managed = 'file' if grains.os_family == 'Debian' else 'pkgrepo' %} + nginx_install: pkg.installed: {{ sls_block(nginx.package.opts) }} @@ -33,19 +39,31 @@ nginx_install: - name: {{ nginx.lookup.package }} {% endif %} -{% if salt['grains.get']('os_family') == 'Debian' %} +{% if grains.os_family == 'Debian' %} + {%- if from_official %} +nginx_official_repo_keyring: + file.managed: + - name: {{ nginx.lookup.package_repo_keyring }} + - source: {{ files_switch(['nginx-archive-keyring.gpg'], + lookup='nginx_official_repo_keyring' + ) + }} + - require_in: + - {{ resource_repo_managed }}: nginx_official_repo + {%- endif %} + nginx_official_repo: - pkgrepo: + file: {%- if from_official %} - managed {%- else %} - absent {%- endif %} - - humanname: nginx apt repo - - name: deb http://nginx.org/packages/{{ grains['os'].lower() }}/ {{ grains['oscodename'] }} nginx - - file: /etc/apt/sources.list.d/nginx-official-{{ grains['oscodename'] }}.list - - keyid: ABF5BD827BD9BF62 - - keyserver: keyserver.ubuntu.com + - name: /etc/apt/sources.list.d/nginx-official-{{ grains.oscodename }}.list + - contents: > + deb [signed-by={{ nginx.lookup.package_repo_keyring }}] + http://nginx.org/packages/{{ grains.os | lower }}/ {{ grains.oscodename }} nginx + - require_in: - pkg: nginx_install - watch_in: @@ -60,10 +78,10 @@ nginx_ppa_repo: {%- else %} - absent {%- endif %} - {% if salt['grains.get']('os') == 'Ubuntu' %} + {% if grains.os == 'Ubuntu' %} - ppa: nginx/{{ nginx.ppa_version }} {% else %} - - name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains['oscodename'] }} main + - name: deb http://ppa.launchpad.net/nginx/{{ nginx.ppa_version }}/ubuntu {{ grains.oscodename }} main - keyid: C300EE8C - keyserver: keyserver.ubuntu.com {% endif %} @@ -73,25 +91,49 @@ nginx_ppa_repo: - pkg: nginx_install {%- endif %} + {%- if from_phusionpassenger %} +nginx_phusionpassenger_repo_keyring: + file.managed: + - name: /usr/share/keyrings/phusionpassenger-archive-keyring.gpg + - source: {{ files_switch(['phusionpassenger-archive-keyring.gpg'], + lookup='nginx_phusionpassenger_repo_keyring' + ) + }} + - require_in: + - {{ resource_repo_managed }}: nginx_phusionpassenger_repo + +# Remove the old repo file +nginx_phusionpassenger_repo_remove: + pkgrepo.absent: + - name: deb http://nginx.org/packages/{{ grains.os |lower }}/ {{ grains.oscodename }} nginx + - keyid: 561F9B9CAC40B2F7 + - require_in: + - {{ resource_repo_managed }}: nginx_phusionpassenger_repo + file.absent: + - name: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains.oscodename }}.list + - require_in: + - {{ resource_repo_managed }}: nginx_phusionpassenger_repo + {%- endif %} + nginx_phusionpassenger_repo: - pkgrepo: + file: {%- if from_phusionpassenger %} - managed {%- else %} - absent {%- endif %} - - humanname: nginx phusionpassenger repo - - name: deb https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains['oscodename'] }} main - - file: /etc/apt/sources.list.d/nginx-phusionpassenger-{{ grains['oscodename'] }}.list - - keyid: 561F9B9CAC40B2F7 - - keyserver: keyserver.ubuntu.com + - name: /etc/apt/sources.list.d/phusionpassenger-official-{{ grains.oscodename }}.list + - contents: > + deb [signed-by={{ nginx.lookup.passenger_package_repo_keyring }}] + https://oss-binaries.phusionpassenger.com/apt/passenger {{ grains.oscodename }} main + - require_in: - pkg: nginx_install - watch_in: - pkg: nginx_install {% endif %} -{% if salt['grains.get']('os_family') == 'Suse' or salt['grains.get']('os') == 'SUSE' %} +{% if grains.os_family == 'Suse' or grains.os == 'SUSE' %} nginx_zypp_repo: pkgrepo: {%- if from_official %} @@ -112,8 +154,8 @@ nginx_zypp_repo: - pkg: nginx_install {% endif %} -{% if salt['grains.get']('os_family') == 'RedHat' %} -{% if salt['grains.get']('osfinger', '') in ['Amazon Linux-2'] %} +{% if grains.os_family == 'RedHat' %} + {% if grains.get('osfinger', '') == 'Amazon Linux-2' %} nginx_epel_repo: pkgrepo.managed: - name: epel @@ -138,7 +180,7 @@ nginx_yum_repo: {%- endif %} - name: nginx - humanname: nginx repo - {%- if salt['grains.get']('os') == 'CentOS' %} + {%- if grains.os == 'CentOS' %} - baseurl: 'http://nginx.org/packages/centos/$releasever/$basearch/' {%- else %} - baseurl: 'http://nginx.org/packages/rhel/{{ nginx.lookup.rh_os_releasever }}/$basearch/' diff --git a/nginx/snippets.sls b/nginx/snippets.sls index f19905b..3bd7834 100644 --- a/nginx/snippets.sls +++ b/nginx/snippets.sls @@ -32,5 +32,7 @@ nginx_snippet_{{ snippet }}: - file: nginx_snippets_dir - require_in: - file: nginx_config + - sls: nginx.servers + - sls: nginx.servers_config - service: nginx_service {% endfor %} diff --git a/pre-commit_semantic-release.sh b/pre-commit_semantic-release.sh index 458b7b6..80f46e2 100755 --- a/pre-commit_semantic-release.sh +++ b/pre-commit_semantic-release.sh @@ -7,16 +7,16 @@ sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA ############################################################################### -# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst` +# (B) Use `m2r2` to convert automatically produced `.md` docs to `.rst` ############################################################################### -# Install `m2r` -pip3 install m2r +# Install `m2r2` +pip3 install m2r2 # Copy and then convert the `.md` docs cp ./*.md docs/ cd docs/ || exit -m2r --overwrite ./*.md +m2r2 --overwrite ./*.md # Change excess `H1` headings to `H2` in converted `CHANGELOG.rst` sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst diff --git a/test/integration/passenger/controls/repository.rb b/test/integration/passenger/controls/repository.rb new file mode 100644 index 0000000..4b92764 --- /dev/null +++ b/test/integration/passenger/controls/repository.rb @@ -0,0 +1,37 @@ +# frozen_string_literal: true + +case platform.family +when 'redhat' + repo_file = '/etc/yum.repos.d/passenger.repo' + repo_url = 'https://oss-binaries.phusionpassenger.com/yum/passenger/el/$releasever/$basearch' +when 'debian' + codename = system.platform[:codename] + repo_keyring = '/usr/share/keyrings/phusionpassenger-archive-keyring.gpg' + repo_file = "/etc/apt/sources.list.d/phusionpassenger-official-#{codename}.list" + # rubocop:disable Layout/LineLength + repo_url = "deb [signed-by=#{repo_keyring}] https://oss-binaries.phusionpassenger.com/apt/passenger #{codename} main" + # rubocop:enable Layout/LineLength +end + +control 'Phusion-passenger repository keyring' do + title 'should be installed' + + only_if('Requirement for Debian family') do + os.debian? + end + + describe file(repo_keyring) do + it { should exist } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('mode') { should cmp '0644' } + end +end + +control 'Phusion-passenger repository' do + impact 1 + title 'should be configured' + describe file(repo_file) do + its('content') { should include repo_url } + end +end diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb index af65449..64fe7ea 100644 --- a/test/integration/share/libraries/system.rb +++ b/test/integration/share/libraries/system.rb @@ -4,6 +4,7 @@ # Author: Daniel Dehennin # Copyright (C) 2020 Daniel Dehennin +# rubocop:disable Metrics/ClassLength class SystemResource < Inspec.resource(1) name 'system' @@ -21,7 +22,8 @@ class SystemResource < Inspec.resource(1) family: build_platform_family, name: build_platform_name, release: build_platform_release, - finger: build_platform_finger + finger: build_platform_finger, + codename: build_platform_codename } end @@ -61,6 +63,8 @@ class SystemResource < Inspec.resource(1) # rubocop:enable Style/NumericLiterals,Layout/LineLength when 'windows_8.1_pro' '8.1' + when 'windows_server_2022_datacenter' + '2022-server' when 'windows_server_2019_datacenter' '2019-server' when 'windows_server_2016_datacenter' @@ -87,4 +91,44 @@ class SystemResource < Inspec.resource(1) build_platform_release.split('.')[0] end end + + # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity + def build_platform_codename + case build_platform_finger + when 'ubuntu-20.04' + 'focal' + when 'ubuntu-18.04' + 'bionic' + when 'debian-11' + 'bullseye' + when 'debian-10' + 'buster' + when 'debian-9' + 'stretch' + when 'almalinux-8' + "AlmaLinux #{build_platform_release} (Arctic Sphynx)" + when 'amazonlinux-2' + 'Amazon Linux 2' + when 'arch-base-latest' + 'Arch Linux' + when 'centos-7' + 'CentOS Linux 7 (Core)' + when 'centos-8' + 'CentOS Stream 8' + when 'opensuse-tumbleweed' + 'openSUSE Tumbleweed' + when 'opensuse-15' + "openSUSE Leap #{build_platform_release}" + when 'oraclelinux-8', 'oraclelinux-7' + "Oracle Linux Server #{build_platform_release}" + when 'gentoo-2-sysd', 'gentoo-2-sysv' + 'Gentoo/Linux' + when 'rockylinux-8' + "Rocky Linux #{build_platform_release} (Green Obsidian)" + else + '' + end + end + # rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity end +# rubocop:enable Metrics/ClassLength