From 433a2c1597fca67762cc41617d1a4056b6b6adc3 Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Fri, 1 May 2020 07:36:27 +0100 Subject: [PATCH 1/4] ci(kitchen+travis): adjust matrix to add `3000.2` & remove `2018.3` * Semi-automated using https://github.com/myii/ssf-formula/pull/166 --- .travis.yml | 30 ++++++------ kitchen.yml | 128 ++++++++++++++++++++-------------------------------- 2 files changed, 65 insertions(+), 93 deletions(-) diff --git a/.travis.yml b/.travis.yml index 56fb832..43cfc7f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -58,27 +58,27 @@ jobs: ## Define the rest of the matrix based on Kitchen testing # Make sure the instances listed below match up with # the `platforms` defined in `kitchen.yml` - - env: INSTANCE=v3000-py3-debian-10-3000-1-py3 - - env: INSTANCE=v3000-py3-ubuntu-1804-3000-1-py3 - - env: INSTANCE=v3000-py3-centos-8-3000-1-py3 - - env: INSTANCE=v3000-py3-fedora-31-3000-1-py3 - # - env: INSTANCE=v3000-py3-opensuse-leap-151-3000-1-py3 - - env: INSTANCE=v3000-py3-amazonlinux-2-3000-1-py3 - # - env: INSTANCE=v3000-py2-arch-base-latest-3000-1-py2 + - env: INSTANCE=v3000-py3-debian-10-3000-2-py3 + # - env: INSTANCE=v3000-py3-debian-9-3000-2-py3 + # - env: INSTANCE=v3000-py3-ubuntu-1804-3000-2-py3 + - env: INSTANCE=v3000-py3-centos-8-3000-2-py3 + # - env: INSTANCE=v3000-py3-centos-7-3000-2-py3 + - env: INSTANCE=v3000-py3-fedora-31-3000-2-py3 + # - env: INSTANCE=v3000-py3-opensuse-leap-151-3000-2-py3 + - env: INSTANCE=v3000-py3-amazonlinux-2-3000-2-py3 + - env: INSTANCE=v3000-py2-ubuntu-1804-3000-2-py2 + # - env: INSTANCE=v3000-py2-ubuntu-1604-3000-2-py2 # - env: INSTANCE=v201902-py3-debian-10-2019-2-py3 - env: INSTANCE=v201902-py3-debian-9-2019-2-py3 # - env: INSTANCE=v201902-py3-ubuntu-1804-2019-2-py3 + - env: INSTANCE=v201902-py3-ubuntu-1604-2019-2-py3 # - env: INSTANCE=v201902-py3-centos-8-2019-2-py3 + - env: INSTANCE=v201902-py3-centos-7-2019-2-py3 + # - env: INSTANCE=v201902-py3-fedora-31-2019-2-py3 - env: INSTANCE=v201902-py3-opensuse-leap-151-2019-2-py3 # - env: INSTANCE=v201902-py3-amazonlinux-2-2019-2-py3 - - env: INSTANCE=v201902-py2-ubuntu-1804-2019-2-py2 - # - env: INSTANCE=v201902-py2-centos-7-2019-2-py2 - # - env: INSTANCE=v201902-py2-arch-base-latest-2019-2-py2 - # - env: INSTANCE=v201803-py2-debian-9-2018-3-py2 - - env: INSTANCE=v201803-py2-ubuntu-1604-2018-3-py2 - - env: INSTANCE=v201803-py2-centos-7-2018-3-py2 - # - env: INSTANCE=v201803-py2-amazonlinux-1-2018-3-py2 - # - env: INSTANCE=v201803-py2-arch-base-latest-2018-3-py2 + - env: INSTANCE=v201902-py2-centos-6-2019-2-py2 + # - env: INSTANCE=v201902-py2-amazonlinux-1-2019-2-py2 ## Define the release stage that runs `semantic-release` - stage: 'release' diff --git a/kitchen.yml b/kitchen.yml index 1e7335b..6855b9b 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -11,34 +11,42 @@ driver: # Make sure the platforms listed below match up with # the `env.matrix` instances defined in `.travis.yml` platforms: - ## SALT `3000.1` - - name: debian-10-3000-1-py3 + ## SALT `3000.2` + - name: debian-10-3000-2-py3 driver: - image: netmanagers/salt-3000.1-py3:debian-10 - - name: ubuntu-1804-3000-1-py3 + image: netmanagers/salt-3000.2-py3:debian-10 + - name: debian-9-3000-2-py3 driver: - image: netmanagers/salt-3000.1-py3:ubuntu-18.04 - - name: centos-8-3000-1-py3 + image: netmanagers/salt-3000.2-py3:debian-9 + - name: ubuntu-1804-3000-2-py3 driver: - image: netmanagers/salt-3000.1-py3:centos-8 - - name: fedora-31-3000-1-py3 + image: netmanagers/salt-3000.2-py3:ubuntu-18.04 + - name: centos-8-3000-2-py3 driver: - image: netmanagers/salt-3000.1-py3:fedora-31 - - name: opensuse-leap-151-3000-1-py3 + image: netmanagers/salt-3000.2-py3:centos-8 + - name: centos-7-3000-2-py3 driver: - image: netmanagers/salt-3000.1-py3:opensuse-leap-15.1 + image: netmanagers/salt-3000.2-py3:centos-7 + - name: fedora-31-3000-2-py3 + driver: + image: netmanagers/salt-3000.2-py3:fedora-31 + - name: opensuse-leap-151-3000-2-py3 + driver: + image: netmanagers/salt-3000.2-py3:opensuse-leap-15.1 run_command: /usr/lib/systemd/systemd # Workaround to avoid intermittent failures on `opensuse-leap-15.1`: # => SCP did not finish successfully (255): (Net::SCP::Error) transport: max_ssh_sessions: 1 - - name: amazonlinux-2-3000-1-py3 + - name: amazonlinux-2-3000-2-py3 driver: - image: netmanagers/salt-3000.1-py3:amazonlinux-2 - - name: arch-base-latest-3000-1-py2 + image: netmanagers/salt-3000.2-py3:amazonlinux-2 + - name: ubuntu-1804-3000-2-py2 driver: - image: netmanagers/salt-3000.1-py2:arch-base-latest - run_command: /usr/lib/systemd/systemd + image: netmanagers/salt-3000.2-py2:ubuntu-18.04 + - name: ubuntu-1604-3000-2-py2 + driver: + image: netmanagers/salt-3000.2-py2:ubuntu-16.04 ## SALT `2019.2` - name: debian-10-2019-2-py3 @@ -50,9 +58,15 @@ platforms: - name: ubuntu-1804-2019-2-py3 driver: image: netmanagers/salt-2019.2-py3:ubuntu-18.04 + - name: ubuntu-1604-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:ubuntu-16.04 - name: centos-8-2019-2-py3 driver: image: netmanagers/salt-2019.2-py3:centos-8 + - name: centos-7-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:centos-7 - name: fedora-31-2019-2-py3 driver: image: netmanagers/salt-2019.2-py3:fedora-31 @@ -67,35 +81,14 @@ platforms: - name: amazonlinux-2-2019-2-py3 driver: image: netmanagers/salt-2019.2-py3:amazonlinux-2 - - name: ubuntu-1804-2019-2-py2 + - name: centos-6-2019-2-py2 driver: - image: netmanagers/salt-2019.2-py2:ubuntu-18.04 - - name: centos-7-2019-2-py2 - driver: - image: netmanagers/salt-2019.2-py2:centos-7 - - name: arch-base-latest-2019-2-py2 - driver: - image: netmanagers/salt-2019.2-py2:arch-base-latest - run_command: /usr/lib/systemd/systemd - - ## SALT `2018.3` - - name: debian-9-2018-3-py2 - driver: - image: netmanagers/salt-2018.3-py2:debian-9 - - name: ubuntu-1604-2018-3-py2 - driver: - image: netmanagers/salt-2018.3-py2:ubuntu-16.04 - - name: centos-7-2018-3-py2 - driver: - image: netmanagers/salt-2018.3-py2:centos-7 - - name: amazonlinux-1-2018-3-py2 - driver: - image: netmanagers/salt-2018.3-py2:amazonlinux-1 + image: netmanagers/salt-2019.2-py2:centos-6 run_command: /sbin/init - - name: arch-base-latest-2018-3-py2 + - name: amazonlinux-1-2019-2-py2 driver: - image: netmanagers/salt-2018.3-py2:arch-base-latest - run_command: /usr/lib/systemd/systemd + image: netmanagers/salt-2019.2-py2:amazonlinux-1 + run_command: /sbin/init provisioner: name: salt_solo @@ -118,12 +111,14 @@ verifier: suites: - name: v3000-py3 includes: - - debian-10-3000-1-py3 - - ubuntu-1804-3000-1-py3 - - centos-8-3000-1-py3 - - fedora-31-3000-1-py3 - - opensuse-leap-151-3000-1-py3 - - amazonlinux-2-3000-1-py3 + - debian-10-3000-2-py3 + - debian-9-3000-2-py3 + - ubuntu-1804-3000-2-py3 + - centos-8-3000-2-py3 + - centos-7-3000-2-py3 + - fedora-31-3000-2-py3 + - opensuse-leap-151-3000-2-py3 + - amazonlinux-2-3000-2-py3 provisioner: state_top: base: @@ -145,7 +140,8 @@ suites: - path: test/integration/v3000-py3 - name: v3000-py2 includes: - - arch-base-latest-3000-1-py2 + - ubuntu-1804-3000-2-py2 + - ubuntu-1604-3000-2-py2 provisioner: state_top: base: @@ -170,7 +166,10 @@ suites: - debian-10-2019-2-py3 - debian-9-2019-2-py3 - ubuntu-1804-2019-2-py3 + - ubuntu-1604-2019-2-py3 - centos-8-2019-2-py3 + - centos-7-2019-2-py3 + - fedora-31-2019-2-py3 - opensuse-leap-151-2019-2-py3 - amazonlinux-2-2019-2-py3 provisioner: @@ -194,9 +193,8 @@ suites: - path: test/integration/v201902-py3 - name: v201902-py2 includes: - - ubuntu-1804-2019-2-py2 - - centos-7-2019-2-py2 - - arch-base-latest-2019-2-py2 + - centos-6-2019-2-py2 + - amazonlinux-1-2019-2-py2 provisioner: state_top: base: @@ -216,29 +214,3 @@ suites: verifier: inspec_tests: - path: test/integration/v201902-py2 - - name: v201803-py2 - includes: - - debian-9-2018-3-py2 - - ubuntu-1604-2018-3-py2 - - centos-7-2018-3-py2 - - amazonlinux-1-2018-3-py2 - - arch-base-latest-2018-3-py2 - provisioner: - state_top: - base: - '*': - - salt.pkgrepo - - salt.master - - salt.minion - pillars: - top.sls: - base: - '*': - - salt - - v201803-py2 - pillars_from_files: - salt.sls: test/salt/pillar/salt.sls - v201803-py2.sls: test/salt/pillar/v201803-py2.sls - verifier: - inspec_tests: - - path: test/integration/v201803-py2 From 7f19796517e920d0b1773b22724c68d5a8de681b Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Fri, 1 May 2020 02:57:19 +0100 Subject: [PATCH 2/4] test: remove deprecated Salt/Python versions --- test/integration/v201803-py2/README.md | 50 ------------------- .../v201803-py2/controls/pkgs_spec.rb | 23 --------- .../v201803-py2/controls/service_spec.rb | 16 ------ test/integration/v201803-py2/inspec.yml | 18 ------- test/salt/pillar/v201803-py2.sls | 5 -- 5 files changed, 112 deletions(-) delete mode 100644 test/integration/v201803-py2/README.md delete mode 100644 test/integration/v201803-py2/controls/pkgs_spec.rb delete mode 100644 test/integration/v201803-py2/controls/service_spec.rb delete mode 100644 test/integration/v201803-py2/inspec.yml delete mode 100644 test/salt/pillar/v201803-py2.sls diff --git a/test/integration/v201803-py2/README.md b/test/integration/v201803-py2/README.md deleted file mode 100644 index 8311cae..0000000 --- a/test/integration/v201803-py2/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# InSpec Profile: `v201803-py2` - -This shows the implementation of the `v201803-py2` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). - -## Verify a profile - -InSpec ships with built-in features to verify a profile structure. - -```bash -$ inspec check v201803-py2 -Summary -------- -Location: v201803-py2 -Profile: profile -Controls: 4 -Timestamp: 2019-06-24T23:09:01+00:00 -Valid: true - -Errors ------- - -Warnings --------- -``` - -## Execute a profile - -To run all **supported** controls on a local machine use `inspec exec /path/to/profile`. - -```bash -$ inspec exec v201803-py2 -.. - -Finished in 0.0025 seconds (files took 0.12449 seconds to load) -8 examples, 0 failures -``` - -## Execute a specific control from a profile - -To run one control from the profile use `inspec exec /path/to/profile --controls name`. - -```bash -$ inspec exec v201803-py2 --controls package -. - -Finished in 0.0025 seconds (files took 0.12449 seconds to load) -1 examples, 0 failures -``` - -See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb). diff --git a/test/integration/v201803-py2/controls/pkgs_spec.rb b/test/integration/v201803-py2/controls/pkgs_spec.rb deleted file mode 100644 index 72f3d74..0000000 --- a/test/integration/v201803-py2/controls/pkgs_spec.rb +++ /dev/null @@ -1,23 +0,0 @@ -# frozen_string_literal: true - -version = - case platform[:family] - when 'redhat' - '2018.3.5-1.el7' - when 'debian' - '2018.3.5+ds-1' - end - -control 'salt packages' do - title 'should be installed' - - %w[ - salt-master - salt-minion - ].each do |p| - describe package(p) do - it { should be_installed } - its('version') { should eq version } - end - end -end diff --git a/test/integration/v201803-py2/controls/service_spec.rb b/test/integration/v201803-py2/controls/service_spec.rb deleted file mode 100644 index 9d99883..0000000 --- a/test/integration/v201803-py2/controls/service_spec.rb +++ /dev/null @@ -1,16 +0,0 @@ -# frozen_string_literal: true - -control 'salt services' do - title 'should be running' - - %w[ - salt-master - salt-minion - ].each do |p| - describe service(p) do - it { should be_installed } - it { should be_enabled } - it { should be_running } - end - end -end diff --git a/test/integration/v201803-py2/inspec.yml b/test/integration/v201803-py2/inspec.yml deleted file mode 100644 index 253f5fa..0000000 --- a/test/integration/v201803-py2/inspec.yml +++ /dev/null @@ -1,18 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=yaml ---- -name: v201803-py2 -title: salt formula -maintainer: SaltStack Formulas -license: Apache-2.0 -summary: Verify that Salt `v201803-py2` is setup and configured -supports: - - platform-name: debian - - platform-name: ubuntu - - platform-name: centos - - platform-name: fedora - - platform-name: opensuse - - platform-name: suse - - platform-name: freebsd - - platform-name: amazon - - platform-name: arch diff --git a/test/salt/pillar/v201803-py2.sls b/test/salt/pillar/v201803-py2.sls deleted file mode 100644 index 523ab88..0000000 --- a/test/salt/pillar/v201803-py2.sls +++ /dev/null @@ -1,5 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=yaml ---- -salt: - release: '2018.3' From 965588b10808dea7dcf13fa651c95f61f2e4f83b Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Fri, 1 May 2020 03:16:09 +0100 Subject: [PATCH 3/4] test(pkgs_spec): update for CVE releases `3000.2` & `2019.2.4` * https://docs.saltstack.com/en/latest/topics/releases/3000.2.html * https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html --- .../v201902-py2/controls/pkgs_spec.rb | 18 ++++++++++++--- .../v201902-py3/controls/pkgs_spec.rb | 23 ++++++++++++------- .../v3000-py3/controls/pkgs_spec.rb | 23 ++++++++++++------- 3 files changed, 45 insertions(+), 19 deletions(-) diff --git a/test/integration/v201902-py2/controls/pkgs_spec.rb b/test/integration/v201902-py2/controls/pkgs_spec.rb index 4c83c47..99ce1d6 100644 --- a/test/integration/v201902-py2/controls/pkgs_spec.rb +++ b/test/integration/v201902-py2/controls/pkgs_spec.rb @@ -1,11 +1,23 @@ # frozen_string_literal: true +# Prepare platform "finger" +platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}" + version = case platform[:family] - when 'redhat' - '2019.2.3-1.el7' when 'debian' - '2019.2.3+ds-1' + '2019.2.4+ds-1' + when 'redhat' + case platform_finger + when 'centos-7' + '2019.2.4-1.el7' + when 'centos-6' + '2019.2.4-1.el6' + when 'amazon-2' + '2019.2.4-1.amzn2' + when 'amazon-2018' + '2019.2.4-1.amzn1' + end end control 'salt packages' do diff --git a/test/integration/v201902-py3/controls/pkgs_spec.rb b/test/integration/v201902-py3/controls/pkgs_spec.rb index d3cc963..79291a6 100644 --- a/test/integration/v201902-py3/controls/pkgs_spec.rb +++ b/test/integration/v201902-py3/controls/pkgs_spec.rb @@ -1,20 +1,27 @@ # frozen_string_literal: true +# Prepare platform "finger" +platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}" + version = case platform[:family] + when 'debian' + '2019.2.4+ds-1' when 'redhat' - case platform[:name] - when 'amazon' - '2019.2.3-1.amzn2' - when 'centos' - '2019.2.3-1.el8' + case platform_finger + when 'centos-8' + '2019.2.4-1.el8' + when 'centos-7' + '2019.2.4-1.el7' + when 'amazon-2' + '2019.2.4-1.amzn2' end when 'fedora' - '2019.2.1rc0-3.fc31' + # Issue in the upstream repo, should be `3000.2` + '3000.1-1.fc31' when 'suse' + # Issue in the upstream repo, should be `2019.2.4` '2019.2.0-lp151.28.1' - when 'debian' - '2019.2.3+ds-1' end control 'salt packages' do diff --git a/test/integration/v3000-py3/controls/pkgs_spec.rb b/test/integration/v3000-py3/controls/pkgs_spec.rb index 65d2dc0..9b03b7f 100644 --- a/test/integration/v3000-py3/controls/pkgs_spec.rb +++ b/test/integration/v3000-py3/controls/pkgs_spec.rb @@ -1,20 +1,27 @@ # frozen_string_literal: true +# Prepare platform "finger" +platform_finger = "#{platform[:name]}-#{platform[:release].split('.')[0]}" + version = case platform[:family] + when 'debian' + '3000.2+ds-1' when 'redhat' - case platform[:name] - when 'amazon' - '3000.1-1.amzn2' - when 'centos' - '3000.1-1.el8' + case platform_finger + when 'centos-8' + '3000.2-1.el8' + when 'centos-7' + '3000.2-1.el7' + when 'amazon-2' + '3000.2-1.amzn2' end when 'fedora' + # Issue in the upstream repo, should be `3000.2` '3000.1-1.fc31' when 'suse' - '3000-lp151.28.1' - when 'debian' - '3000.1+ds-1' + # Issue in the upstream repo, should be `3000.2` + '2019.2.0-lp151.28.1' end control 'salt packages' do From c228029879f36ee5aaa5f3cd3d3684ede29808bb Mon Sep 17 00:00:00 2001 From: Imran Iqbal Date: Fri, 1 May 2020 08:32:39 +0100 Subject: [PATCH 4/4] test: add tests for `v3000-py2` --- .../v3000-py2/controls/pkgs_spec.rb | 21 +++++++++++++++++++ .../v3000-py2/controls/service_spec.rb | 16 ++++++++++++++ test/salt/pillar/v3000-py2.sls | 5 +++++ 3 files changed, 42 insertions(+) create mode 100644 test/integration/v3000-py2/controls/pkgs_spec.rb create mode 100644 test/integration/v3000-py2/controls/service_spec.rb create mode 100644 test/salt/pillar/v3000-py2.sls diff --git a/test/integration/v3000-py2/controls/pkgs_spec.rb b/test/integration/v3000-py2/controls/pkgs_spec.rb new file mode 100644 index 0000000..df3ed64 --- /dev/null +++ b/test/integration/v3000-py2/controls/pkgs_spec.rb @@ -0,0 +1,21 @@ +# frozen_string_literal: true + +version = + case platform[:family] + when 'debian' + '3000.2+ds-1' + end + +control 'salt packages' do + title 'should be installed' + + %w[ + salt-master + salt-minion + ].each do |p| + describe package(p) do + it { should be_installed } + its('version') { should eq version } + end + end +end diff --git a/test/integration/v3000-py2/controls/service_spec.rb b/test/integration/v3000-py2/controls/service_spec.rb new file mode 100644 index 0000000..9d99883 --- /dev/null +++ b/test/integration/v3000-py2/controls/service_spec.rb @@ -0,0 +1,16 @@ +# frozen_string_literal: true + +control 'salt services' do + title 'should be running' + + %w[ + salt-master + salt-minion + ].each do |p| + describe service(p) do + it { should be_installed } + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/test/salt/pillar/v3000-py2.sls b/test/salt/pillar/v3000-py2.sls new file mode 100644 index 0000000..7d4f917 --- /dev/null +++ b/test/salt/pillar/v3000-py2.sls @@ -0,0 +1,5 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +salt: + release: '3000'