diff --git a/.gitignore b/.gitignore index 36be861..bb422f7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,104 @@ -.vagrant/ -.idea/ -top.sls +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a packager +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +.hypothesis/ +.kitchen +.kitchen.local.yml +kitchen.local.yml + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule + +# SageMath parsed files +*.sage.py + +# dotenv .env + +# virtualenv +.venv +venv/ +ENV/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ diff --git a/.kitchen.yml b/.kitchen.yml deleted file mode 100644 index 8ce430b..0000000 --- a/.kitchen.yml +++ /dev/null @@ -1,76 +0,0 @@ ---- -driver: - name: docker - -driver_config: - use_sudo: false - privileged: true - provision_command: mkdir -p /run/sshd - run_command: /lib/systemd/systemd - -platforms: - - name: debian-9 - driver_config: - provision_command: - - apt-get install udev net-tools -y - - name: ubuntu-18.04 - driver_config: - provision_command: - - apt-get install udev net-tools -y - - name: centos-7 - driver_config: - provision_command: - - yum install udev net-tools -y - -provisioner: - name: salt_solo - log_level: info - require_chef: false - salt_version: latest - formula: salt - salt_copy_filter: - - .kitchen - - .git - pillars: - top.sls: - base: - '*': - - salt - salt.sls: - salt: - master: - fileserver_backend: - - rootfs - file_roots: - base: - - /srv/salt - pillar_roots: - base: - - /srv/pillar - minion: - master: localhost - fileserver_backend: - - rootfs - file_roots: - base: - - /srv/salt - pillar_roots: - base: - - /srv/pillar - -verifier: - name: inspec - sudo: true - reporter: - - cli - inspec_tests: - - path: test/integration/default - -suites: - - name: salt - provisioner: - state_top: - base: - '*': - - salt.master - - salt.minion diff --git a/.travis.yml b/.travis.yml index 233fe5c..8d362fe 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,10 +10,20 @@ before_install: env: matrix: - - INSTANCE: salt-debian-9 - - INSTANCE: salt-ubuntu-1804 - - INSTANCE: salt-centos-7 + - INSTANCE: v2019-2-py3-debian-9 + - INSTANCE: v2019-2-py3-ubuntu-1804 + - INSTANCE: v2019-2-py3-centos-7 + - INSTANCE: v2019-2-py2-fedora-29 + + - INSTANCE: v2018-3-py2-debian-8 + - INSTANCE: v2018-3-py2-ubuntu-1604 + - INSTANCE: v2018-3-py2-bootstrap-centos-6 + - INSTANCE: v2018-3-py2-forced-version-fedora-28 + - INSTANCE: v2018-3-py2-opensuse-423 + + - INSTANCE: v2017-7-py2-debian-8 + - INSTANCE: v2017-7-py2-ubuntu-1604 + - INSTANCE: v2017-7-py2-bootstrap-centos-6 script: - bundle exec kitchen verify ${INSTANCE} - diff --git a/Gemfile b/Gemfile index d177b65..3b36de3 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,6 @@ source "https://rubygems.org" -gem "test-kitchen", '>=1.23.2' -gem "kitchen-docker" -gem "kitchen-salt", ">=0.2.5" -gem "kitchen-inspec" +gem 'kitchen-docker', '>= 2.9' +gem 'kitchen-salt', '>= 0.6.0' +gem 'kitchen-inspec', '>= 1.1' diff --git a/kitchen.yml b/kitchen.yml new file mode 100644 index 0000000..61afc15 --- /dev/null +++ b/kitchen.yml @@ -0,0 +1,214 @@ +--- +driver: + name: docker + use_sudo: false + privileged: true + provision_command: mkdir -p /run/sshd + run_command: /lib/systemd/systemd + +platforms: + # Latest distros + - name: debian-9 + - name: ubuntu-18.04 + - name: centos-7 + - name: fedora-29 + - name: opensuse-42.3 + driver: + run_command: /usr/lib/systemd/systemd + provision_command: + - systemctl enable sshd.service + + # Previous distros + - name: debian-8 + - name: ubuntu-16.04 + - name: fedora-28 + # centos-6 guest fails on Debian hosts due to vsyscall issues, see + # https://hub.docker.com/_/centos, "A note about vsyscall" + - name: centos-6 + driver: + run_command: /sbin/init + +provisioner: + name: salt_solo + salt_bootstrap_options: -X -d git %s + log_level: info + require_chef: false + formula: salt + salt_copy_filter: + - .kitchen + - .git + state_top: + base: + '*': + - salt.pkgrepo + - salt.master + - salt.minion + pillars: + top.sls: + base: + '*': + - salt + salt.sls: + salt: + master: + fileserver_backend: + - rootfs + file_roots: + base: + - /srv/salt + pillar_roots: + base: + - /srv/pillar + minion: + master: localhost + fileserver_backend: + - rootfs + file_roots: + base: + - /srv/salt + pillar_roots: + base: + - /srv/pillar + +verifier: + name: inspec + sudo: true + reporter: + - cli + +suites: + # Latest distros, latest salt, python3 + # These distros have py3 packages available in salt's repo + - name: v2019-2-py3 + includes: + - debian-9 + - ubuntu-18.04 + - centos-7 + provisioner: + # If we don't force bootstrapping with python3, centos bootstraps using python2 + # and then, when switching the repo to python3 and tries to install + # the packages, complains with + # Downloading packages: + # https://repo.saltstack.com/py3/re.........rpm: [Errno -1] Package does not + # match intended download. Suggestion: run yum --enablerepo=saltstack clean metadata + salt_bootstrap_options: -X -x python3 -d git %s + salt_version: '2019.2' + pillars: + salt.sls: + salt: + release: '2019.2' + py_ver: 'py3' + + verifier: + inspec_tests: + - path: test/integration/2019-2 + + # Latest distros, latest salt, python2 + # Fedora ships updated py2 versions in their own repos + - name: v2019-2-py2 + includes: + - fedora-29 + provisioner: + salt_version: '2019.2' + pillars: + salt.sls: + salt: + release: '2019.2' + py_ver: 'py2' + + verifier: + inspec_tests: + - path: test/integration/2019-2 + + # Previous distros, previous salt, python2 + - name: v2018-3-py2 + includes: + - debian-8 + - ubuntu-16.04 + - opensuse-42.3 + provisioner: + # We require an old version of salt in the provisioner or, + # the salt formula fails to downgrade to the desired version to test + salt_version: '2018.3' + pillars: + salt.sls: + salt: + release: '2018.3' + py_ver: 'py2' + verifier: + inspec_tests: + - path: test/integration/2018-3 + + # centos-6 ships with python2.6, so it requires extra bootstrapping parameters + # to install python2.7 + - name: v2018-3-py2-bootstrap + includes: + - centos-6 + provisioner: + salt_bootstrap_options: -X -d stable %s + salt_version: '2018.3' + pillars: + salt.sls: + salt: + release: '2018.3' + py_ver: 'py2' + verifier: + inspec_tests: + - path: test/integration/2018-3 + + # To tests fedora 28 & salt v2018.2, we need to force the package version + # otherwise the image, which includes the 'updates' repo, will install 2019.2 + - name: v2018-3-py2-forced-version + includes: + - fedora-28 + provisioner: + # We require an old version of salt in the provisioner or, + # the salt formula fails to downgrade to the desired version to test + salt_version: '2018.3' + pillars: + salt.sls: + salt: + release: '2018.3' + py_ver: 'py2' + version: '2018.3.0-1.fc28' + + verifier: + inspec_tests: + - path: test/integration/2018-3 + + # Previous distros, oldest salt, python2 + - name: v2017-7-py2 + includes: + - debian-8 + - ubuntu-16.04 + provisioner: + # We require an old version of salt in the provisioner or, + # the salt formula fails to downgrade to the desired version to test + salt_version: '2017.7' + pillars: + salt.sls: + salt: + release: '2017.7' + py_ver: 'py2' + verifier: + inspec_tests: + - path: test/integration/2017-7 + + # centos-6 ships with python2.6, so it requires extra bootstrapping parameters + # to install python2.7 + - name: v2017-7-py2-bootstrap + includes: + - centos-6 + provisioner: + # As centos-6 ships with python2.6, we use the bootstrapper to install python2.7 + salt_bootstrap_options: -X -d stable %s + salt_version: '2017.7' + pillars: + salt.sls: + salt: + release: '2017.7' + py_ver: 'py2' + verifier: + inspec_tests: + - path: test/integration/2017-7 + diff --git a/salt/master.sls b/salt/master.sls index 844e52c..d20c0b8 100644 --- a/salt/master.sls +++ b/salt/master.sls @@ -7,6 +7,10 @@ salt-master: {%- if salt_settings.version is defined %} - version: {{ salt_settings.version }} {%- endif %} + - require_in: + - service: salt-master + - watch_in: + - service: salt-master {% endif %} file.recurse: - name: {{ salt_settings.config_path }}/master.d @@ -18,9 +22,6 @@ salt-master: - enable: True - name: {{ salt_settings.master_service }} - watch: -{% if salt_settings.install_packages %} - - pkg: salt-master -{% endif %} - file: salt-master - file: remove-old-master-conf-file diff --git a/salt/minion.sls b/salt/minion.sls index 0de243a..6022fe9 100644 --- a/salt/minion.sls +++ b/salt/minion.sls @@ -31,12 +31,16 @@ salt-minion: {# use force == True as workaround #} - force: True - version_check: /opt/salt/bin/salt-minion --version=.*{{ salt_settings.version }}.* + - require_in: + - service: salt-minion {%- else %} pkg.installed: - name: {{ salt_settings.salt_minion }} {%- if salt_settings.version is defined %} - version: {{ salt_settings.version }} {%- endif %} + - require_in: + - service: salt-minion {%- endif %} {% endif %} file.recurse: diff --git a/salt/osfamilymap.yaml b/salt/osfamilymap.yaml index 7852dee..14fb850 100644 --- a/salt/osfamilymap.yaml +++ b/salt/osfamilymap.yaml @@ -46,6 +46,8 @@ RedHat: gitfs_provider: pygit2 Suse: + pkgrepo: 'http://repo.saltstack.com/opensuse/openSUSE_Leap_{{ osrelease }}/' + key_url: 'http://repo.saltstack.com/opensuse/openSUSE_Leap_{{ osrelease }}/repodata/repomd.xml.key' pygit2: python-pygit2 pyinotify: python-pyinotify gitfs: diff --git a/salt/pkgrepo/redhat/init.sls b/salt/pkgrepo/redhat/init.sls index 81397f7..6a81dd8 100644 --- a/salt/pkgrepo/redhat/init.sls +++ b/salt/pkgrepo/redhat/init.sls @@ -1,9 +1,12 @@ {% from "salt/map.jinja" import salt_settings with context %} +{%- if grains['os']|lower not in ('amazon', 'fedora') %} saltstack-pkgrepo: pkgrepo.managed: + - name: saltstack - humanname: SaltStack repo for RHEL/CentOS $releasever - baseurl: {{ salt_settings.pkgrepo }} - enabled: 1 - gpgcheck: 1 - gpgkey: {{ salt_settings.key_url }} +{% endif %} diff --git a/salt/pkgrepo/suse/absent.sls b/salt/pkgrepo/suse/absent.sls new file mode 100644 index 0000000..9945714 --- /dev/null +++ b/salt/pkgrepo/suse/absent.sls @@ -0,0 +1,3 @@ +drop-saltstack-pkgrepo: + pkgrepo.absent: + - name: saltstack-pkgrepo diff --git a/salt/pkgrepo/suse/init.sls b/salt/pkgrepo/suse/init.sls new file mode 100644 index 0000000..2d699e8 --- /dev/null +++ b/salt/pkgrepo/suse/init.sls @@ -0,0 +1,10 @@ +{% from "salt/map.jinja" import salt_settings with context %} + +saltstack-pkgrepo: + pkgrepo.managed: + - name: systemsmanagement_saltstack_products + - humanname: SaltStack repo for Opensuse 42.3 + - baseurl: {{ salt_settings.pkgrepo }} + - enabled: 1 + - gpgcheck: 1 + - gpgkey: {{ salt_settings.key_url }} diff --git a/salt/syndic.sls b/salt/syndic.sls index 379da52..64a86b0 100644 --- a/salt/syndic.sls +++ b/salt/syndic.sls @@ -10,6 +10,10 @@ salt-syndic: {%- if salt_settings.version is defined %} - version: {{ salt_settings.version }} {%- endif %} + - require_in: + - service: salt-syndic + - watch_in: + - service: salt-syndic {% endif %} service.running: - enable: True diff --git a/test/integration/2017-7/pkgs_spec.rb b/test/integration/2017-7/pkgs_spec.rb new file mode 100644 index 0000000..c1c6227 --- /dev/null +++ b/test/integration/2017-7/pkgs_spec.rb @@ -0,0 +1,20 @@ +case os[:name] +when 'centos' + version = '2017.7.8-1.el6' +when 'debian', 'ubuntu' + version = '2017.7.8+ds-1' +end + +control 'salt packages' do + title 'should be installed' + + %w( + salt-master + salt-minion + ).each do |p| + describe package(p) do + it { should be_installed } + its('version') { should eq version } + end + end +end diff --git a/test/integration/2017-7/service_spec.rb b/test/integration/2017-7/service_spec.rb new file mode 100644 index 0000000..d0255e6 --- /dev/null +++ b/test/integration/2017-7/service_spec.rb @@ -0,0 +1,13 @@ +control 'salt services' do + title 'should be running' + + %w( + salt-master + salt-minion + ).each do |p| + describe service(p) do + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/test/integration/2018-3/pkgs_spec.rb b/test/integration/2018-3/pkgs_spec.rb new file mode 100644 index 0000000..ca97720 --- /dev/null +++ b/test/integration/2018-3/pkgs_spec.rb @@ -0,0 +1,24 @@ +case os[:name] +when 'centos' + version = '2018.3.4-1.el6' +when 'debian', 'ubuntu' + version = '2018.3.4+ds-1' +when 'opensuse' + version = '2018.3.0-42.1' +when 'fedora' + version = '2018.3.0-1.fc28' +end + +control 'salt packages' do + title 'should be installed' + + %w( + salt-master + salt-minion + ).each do |p| + describe package(p) do + it { should be_installed } + its('version') { should eq version } + end + end +end diff --git a/test/integration/2018-3/service_spec.rb b/test/integration/2018-3/service_spec.rb new file mode 100644 index 0000000..d0255e6 --- /dev/null +++ b/test/integration/2018-3/service_spec.rb @@ -0,0 +1,13 @@ +control 'salt services' do + title 'should be running' + + %w( + salt-master + salt-minion + ).each do |p| + describe service(p) do + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/test/integration/2019-2/pkgs_spec.rb b/test/integration/2019-2/pkgs_spec.rb new file mode 100644 index 0000000..0bc25ef --- /dev/null +++ b/test/integration/2019-2/pkgs_spec.rb @@ -0,0 +1,22 @@ +case os[:name] +when 'centos' + version = '2019.2.0-1.el7' +when 'fedora' + version = '2019.2.0-1.fc29' +when 'debian', 'ubuntu' + version = '2019.2.0+ds-1' +end + +control 'salt packages' do + title 'should be installed' + + %w( + salt-master + salt-minion + ).each do |p| + describe package(p) do + it { should be_installed } + its('version') { should eq version } + end + end +end diff --git a/test/integration/2019-2/service_spec.rb b/test/integration/2019-2/service_spec.rb new file mode 100644 index 0000000..d0255e6 --- /dev/null +++ b/test/integration/2019-2/service_spec.rb @@ -0,0 +1,13 @@ +control 'salt services' do + title 'should be running' + + %w( + salt-master + salt-minion + ).each do |p| + describe service(p) do + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/test/integration/default/pkgs_spec.rb b/test/integration/default/pkgs_spec.rb deleted file mode 100644 index c5e67db..0000000 --- a/test/integration/default/pkgs_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -control 'salt packages' do - title 'should be installed' - - describe package('salt-master') do - it { should be_installed } - end - - describe package('salt-minion') do - it { should be_installed } - end -end diff --git a/test/integration/default/service_spec.rb b/test/integration/default/service_spec.rb deleted file mode 100644 index 1446b04..0000000 --- a/test/integration/default/service_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -control 'salt services' do - title 'should be running' - - describe service('salt-master') do - it { should be_enabled } - it { should be_running } - end - - describe service('salt-minion') do - it { should be_enabled } - it { should be_running } - end - -end