The `config_get_lookup` and `config_get` sources lack flexibility.
It's not easy to query several pillars and/or grains keys with the
actual system. And the query method is forced to `config.get` without
being configurable by the user.
We define a mechanism to select `map.jinja` sources with similar
notation as the salt targeting system.
The `map.jinja` file uses several sources where to lookup parameter
values. The list of sources can be modified by two files:
1. a global salt://parameters/map_jinja.yaml
2. a per formula salt://{{ tplroot }}/parameters/map_jinja.yaml.
Each source definition has the form `<TYPE>:<OPTION>@<KEY>` where
`<TYPE>` can be one of:
- `Y` to load values from YAML files, this is the default when no type
is defined
- `C` to lookup values with `config.get`
- `G` to lookup values with `grains.get`
- `I` to lookup values with `pillar.get`
The YAML type option can define the query method to lookup the key
value to build the file name:
- `C` to query with `config.get`, this is the default when to query
method is defined
- `G` to query with `grains.get`
- `I` to query with `pillar.get`
The `C`, `G` or `I` types can define the `SUB` option to store values
in the sub key `mapdata.<key>` instead of directly in `mapdata`.
Finally, the `<KEY>` describe what to lookup to either build the YAML
filename or gather values using one of the query method.
BREAKING CHANGE: the configuration `map_jinja:sources` is only
configurable with `salt://parameters/map_jinja.yaml`
and `salt://{{ tplroot }}/parameters/map_jinja.yaml`
BREAKING CHANGE: the `map_jinja:config_get_roots` is replaced by
compound like `map_jinja:sources`
BREAKING CHANGE: the two `config_get_lookup` and `config_get` are
replaced by `C@<tplroot>:lookup` and `C@<tplroot>`
sources
The debug output of test jobs don't show the use of TOFS as it should
and the pillar.example show that `tofs` is under `mine_functions`
instead of `openssh`.
* pillar.example: move `tofs` under `openssh`.
* test/salt/pillar/default.sls: ditoo.
We avoid compatibility break with user pillars by looking up
configuration values using `config.get` in configurable roots.
We provide a new parameter `map_jinja:config_get_roots` in the formula
`parameters/defaults.yaml`to retrives values not only from
`tplroot=openssh` but from `sshd_config` and `ssh_config` too.
We need to update the `_mapdata` reference files to include the new
`map_jinja:config_get_roots`.
We store validated `map.jinja` dump under the profile `files`
directory to access them with `inspec.profile.file('filename')` to
validate the content of the generated mapdata file.
The YAML files contain a value specific to each minion, its hostname,
so we use string format to expand `%{hostname}`.
The `default` inspec profile need to depends on `share` to access the
`system` and `salt_minion` libraries.
The `system.hostname` return the result of either `hostname -s` or
`hostnamectl --static` depending of the availability of each command.
The `system.platform` return a hash with tweaked `inspec.platform`
values:
- `system.platform[:family]` provides a family name for Arch
- `system.platform[:name]` modify `amazon` to `amazonlinux`
- `system.platform[:release]` tweak for Arch and Amazon Linux:
- `Arch` is always `base-later`
- `Amazon Linux` release `2018` became `1`
- `system.platform[:finger]` is just the concatenation of the name and
the first release number (except for Ubuntu which gives `20.04` for
example)
* Close#165
* Move existing `.kitchen.yml` => `kitchen.vagrant.yml`
* Semi-automated using https://github.com/myii/ssf-formula/pull/30
* Fix errors shown below:
```bash
openssh-formula$ yamllint -s .
./pillar.example
49:3 error duplication of key "AllowUsers" in mapping (key-duplicates)
57:3 error duplication of key "DenyUsers" in mapping (key-duplicates)
63:3 error duplication of key "AllowGroups" in mapping (key-duplicates)
70:3 error duplication of key "DenyGroups" in mapping (key-duplicates)
79:24 warning truthy value should be one of [false, true] (truthy)
80:29 warning truthy value should be one of [false, true] (truthy)
118:4 warning missing starting space in comment (comments)
119:4 warning missing starting space in comment (comments)
119:89 error line too long (122 > 88 characters) (line-length)
120:4 warning missing starting space in comment (comments)
120:89 error line too long (144 > 88 characters) (line-length)
147:30 warning truthy value should be one of [false, true] (truthy)
148:21 warning truthy value should be one of [false, true] (truthy)
149:19 warning truthy value should be one of [false, true] (truthy)
150:32 warning truthy value should be one of [false, true] (truthy)
151:26 warning truthy value should be one of [false, true] (truthy)
152:31 warning truthy value should be one of [false, true] (truthy)
153:32 warning truthy value should be one of [false, true] (truthy)
154:29 warning truthy value should be one of [false, true] (truthy)
155:34 warning truthy value should be one of [false, true] (truthy)
175:8 warning missing starting space in comment (comments)
175:89 error line too long (152 > 88 characters) (line-length)
176:8 warning missing starting space in comment (comments)
176:89 error line too long (126 > 88 characters) (line-length)
177:8 warning missing starting space in comment (comments)
177:89 error line too long (148 > 88 characters) (line-length)
213:18 warning truthy value should be one of [false, true] (truthy)
219:18 warning truthy value should be one of [false, true] (truthy)
225:18 warning truthy value should be one of [false, true] (truthy)
241:22 warning truthy value should be one of [false, true] (truthy)
243:22 warning truthy value should be one of [false, true] (truthy)
244:20 warning truthy value should be one of [false, true] (truthy)
245:21 warning truthy value should be one of [false, true] (truthy)
254:24 warning truthy value should be one of [false, true] (truthy)
255:22 warning truthy value should be one of [false, true] (truthy)
256:23 warning truthy value should be one of [false, true] (truthy)
265:22 warning truthy value should be one of [false, true] (truthy)
268:21 warning truthy value should be one of [false, true] (truthy)
269:20 warning truthy value should be one of [false, true] (truthy)
270:21 warning truthy value should be one of [false, true] (truthy)
279:26 warning truthy value should be one of [false, true] (truthy)
280:24 warning truthy value should be one of [false, true] (truthy)
281:25 warning truthy value should be one of [false, true] (truthy)
307:16 warning truthy value should be one of [false, true] (truthy)
308:6 warning missing starting space in comment (comments)
314:6 warning missing starting space in comment (comments)
316:24 warning truthy value should be one of [false, true] (truthy)
339:89 error line too long (546 > 88 characters) (line-length)
340:89 error line too long (546 > 88 characters) (line-length)
341:89 error line too long (546 > 88 characters) (line-length)
342:89 error line too long (546 > 88 characters) (line-length)
344:4 warning missing starting space in comment (comments)
345:4 warning missing starting space in comment (comments)
357:19 warning truthy value should be one of [false, true] (truthy)
./openssh/osfamilymap.yaml
1:1 warning missing document start "---" (document-start)
./openssh/osfingermap.yaml
1:1 warning missing document start "---" (document-start)
./openssh/osmap.yaml
1:1 warning missing document start "---" (document-start)
./openssh/defaults.yaml
1:1 warning missing document start "---" (document-start)
3:18 warning truthy value should be one of [false, true] (truthy)
6:34 warning too few spaces before comment (comments)
10:25 warning truthy value should be one of [false, true] (truthy)
12:32 warning too few spaces before comment (comments)
16:24 warning truthy value should be one of [false, true] (truthy)
18:24 warning too few spaces before comment (comments)
20:42 warning too few spaces before comment (comments)
27:6 warning missing starting space in comment (comments)
```
