diff --git a/CODEOWNERS b/CODEOWNERS index ef5bffa..91d6155 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -19,8 +19,11 @@ /docs/AUTHORS.rst @saltstack-formulas/ssf /docs/CHANGELOG.rst @saltstack-formulas/ssf /docs/TOFS_pattern.rst @saltstack-formulas/ssf +/*/_mapdata/ @saltstack-formulas/ssf /*/libsaltcli.jinja @saltstack-formulas/ssf /*/libtofs.jinja @saltstack-formulas/ssf +/test/integration/**/_mapdata_spec.rb @saltstack-formulas/ssf +/test/integration/**/libraries/system.rb @saltstack-formulas/ssf /test/integration/**/inspec.yml @saltstack-formulas/ssf /test/integration/**/README.md @saltstack-formulas/ssf /.gitignore @saltstack-formulas/ssf diff --git a/openssh/_mapdata/init.sls b/openssh/_mapdata/init.sls index 5e4fcf1..81f3ad5 100644 --- a/openssh/_mapdata/init.sls +++ b/openssh/_mapdata/init.sls @@ -5,9 +5,10 @@ {%- set tplroot = tpldir.split('/')[0] %} {%- from tplroot ~ "/map.jinja" import mapdata with context %} -{%- set output_file = '/tmp/salt_mapdata_dump.yaml' %} +{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %} -{%- do salt['log.debug']( mapdata | yaml(False) ) %} +{%- set output_dir = '/temp' if grains.os_family == 'Windows' else '/tmp' %} +{%- set output_file = output_dir ~ '/salt_mapdata_dump.yaml' %} {{ tplroot }}-mapdata-dump: file.managed: diff --git a/test/integration/default/controls/_mapdata_spec.rb b/test/integration/default/controls/_mapdata_spec.rb index 79c3ca8..2cced0a 100644 --- a/test/integration/default/controls/_mapdata_spec.rb +++ b/test/integration/default/controls/_mapdata_spec.rb @@ -1,13 +1,23 @@ # frozen_string_literal: true -mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml" -mapdata_dump = inspec.profile.file(mapdata_file) +require 'yaml' control '`map.jinja` YAML dump' do - title 'should contain the lines' + title 'should match the comparison file' - describe file('/tmp/salt_mapdata_dump.yaml') do - it { should exist } - its('content') { should eq mapdata_dump } + # Strip the `platform[:finger]` version number down to the "OS major release" + mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml" + + # Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files + mapdata_dump = YAML.safe_load(inspec.profile.file(mapdata_file)) + + # Derive the location of the dumped mapdata + output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp' + output_file = "#{output_dir}/salt_mapdata_dump.yaml" + + describe 'File content' do + it 'should match profile map data exactly' do + expect(yaml(output_file).params).to eq(mapdata_dump) + end end end diff --git a/test/integration/share/README.md b/test/integration/share/README.md index 7de80b2..5bc510c 100644 --- a/test/integration/share/README.md +++ b/test/integration/share/README.md @@ -11,9 +11,11 @@ Its goal is to share the libraries between all profiles. The `system` library provides easy access to system dependent information: - `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective - - `system.platform[:family]` provide a family name for Arch - - `system.platform[:name]` modify `amazon` to `amazonlinux` - - `system.platform[:release]` tweak Arch and Amazon Linux: + - `system.platform[:family]` provide a family name for Arch and Gentoo + - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows` + - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo and Windows: - `Arch` is always `base-latest` - `Amazon Linux` release `2018` is resolved as `1` + - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`) + - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example) diff --git a/test/integration/share/inspec.yml b/test/integration/share/inspec.yml index 96a5ab6..697417a 100644 --- a/test/integration/share/inspec.yml +++ b/test/integration/share/inspec.yml @@ -15,4 +15,7 @@ supports: - platform-name: suse - platform-name: freebsd - platform-name: amazon + - platform-name: oracle - platform-name: arch + - platform-name: gentoo + - platform: windows diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb index ebd32b3..ef23499 100644 --- a/test/integration/share/libraries/system.rb +++ b/test/integration/share/libraries/system.rb @@ -10,6 +10,7 @@ class SystemResource < Inspec.resource(1) attr_reader :platform def initialize + super @platform = build_platform end @@ -26,8 +27,8 @@ class SystemResource < Inspec.resource(1) def build_platform_family case inspec.platform[:name] - when 'arch' - 'arch' + when 'arch', 'gentoo' + inspec.platform[:name] else inspec.platform[:family] end @@ -35,13 +36,16 @@ class SystemResource < Inspec.resource(1) def build_platform_name case inspec.platform[:name] - when 'amazon' - 'amazonlinux' + when 'amazon', 'oracle' + "#{inspec.platform[:name]}linux" + when 'windows_8.1_pro', 'windows_server_2019_datacenter' + 'windows' else inspec.platform[:name] end end + # rubocop:disable Metrics/MethodLength def build_platform_release case inspec.platform[:name] when 'amazon' @@ -49,10 +53,26 @@ class SystemResource < Inspec.resource(1) inspec.platform[:release].gsub(/2018.*/, '1') when 'arch' 'base-latest' + when 'gentoo' + "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" + when 'windows_8.1_pro' + '8.1' + when 'windows_server_2019_datacenter' + '2019-server' else inspec.platform[:release] end end + # rubocop:enable Metrics/MethodLength + + def derive_gentoo_init_system + case inspec.command('systemctl').exist? + when true + 'sysd' + else + 'sysv' + end + end def build_platform_finger "#{build_platform_name}-#{build_finger_release}"