puppet-check 1.4.1 → 1.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -14
- data/README.md +30 -15
- data/bin/puppet-check +0 -1
- data/lib/puppet-check.rb +12 -2
- data/lib/puppet-check/cli.rb +13 -6
- data/lib/puppet-check/data_parser.rb +51 -5
- data/lib/puppet-check/puppet_parser.rb +8 -1
- data/lib/puppet-check/regression_check.rb +5 -1
- data/lib/puppet-check/rspec_puppet_support.rb +9 -5
- data/lib/puppet-check/ruby_parser.rb +12 -5
- data/lib/puppet-check/tasks.rb +25 -2
- data/spec/fixtures/hieradata/good.eyaml +7 -0
- data/spec/fixtures/hieradata/style.eyaml +16 -0
- data/spec/fixtures/hieradata/syntax.eyaml +8 -0
- data/spec/fixtures/keys/private_key.pkcs7.pem +27 -0
- data/spec/fixtures/keys/public_key.pkcs7.pem +18 -0
- data/spec/puppet-check/cli_spec.rb +8 -0
- data/spec/puppet-check/data_parser_spec.rb +32 -0
- data/spec/puppet-check/puppet_parser_spec.rb +10 -3
- data/spec/puppet-check/rspec_puppet_support_spec.rb +8 -9
- data/spec/puppet-check/ruby_parser_spec.rb +1 -1
- data/spec/puppet-check/tasks_spec.rb +6 -4
- data/spec/puppet-check_spec.rb +7 -3
- data/spec/system/system_spec.rb +2 -2
- metadata +21 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3cd7dc1dabc1251536858b7dbf35964aa48b3039
|
4
|
+
data.tar.gz: 024abf09283611e0738d06f1d1cecd92701d5048
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d6e5c7dbcb317f589a11a751c5a2d5267252a2d82e609da29fb16cff3f79372dcfe2b98d32cb6d20a49ab18631d0e6157755f9d42aa6cccfc66a899a55c7d87c
|
7
|
+
data.tar.gz: 86efe8bfbafdbd84f82c5bc50b42646aea30016a0700aa321f1eede6356a39038bb02e08dbd25994c3ea03d02440a23ad59dff8cc237e81042c0986246db709b
|
data/CHANGELOG.md
CHANGED
@@ -1,17 +1,12 @@
|
|
1
|
-
### 1.5.0
|
2
|
-
-
|
3
|
-
-
|
4
|
-
-
|
5
|
-
-
|
6
|
-
-
|
7
|
-
-
|
8
|
-
-
|
9
|
-
-
|
10
|
-
- multiple node testing with octocatalog-diff (minor)
|
11
|
-
- split syntax and style checks to separate methods for style (patch)
|
12
|
-
- missing puppet binary error changed
|
13
|
-
- puppet 5
|
14
|
-
- try closing the template to deal with the erb binding issue
|
1
|
+
### 1.5.0
|
2
|
+
- Maximum Puppet version increased from 5 to 6.
|
3
|
+
- Added capability to check EYAML (experimental).
|
4
|
+
- Test Kitchen frontend interface.
|
5
|
+
- Updated Puppet error output for Puppet 5 differences.
|
6
|
+
- Slight optimization for smaller test sets.
|
7
|
+
- Suppress constant redefinition warnings from Octocatalog-diff's Puppet code reuse.
|
8
|
+
- Changed FileName cop to reflect change in RuboCop >= 0.5.
|
9
|
+
- Entire module is now symlinked into `spec/fixtures/modules` during rspec-puppet testing (formerly specific components).
|
15
10
|
|
16
11
|
### 1.4.1
|
17
12
|
- Support for using SVN to download external module dependencies for RSpec Puppet.
|
data/README.md
CHANGED
@@ -15,6 +15,10 @@
|
|
15
15
|
## Description
|
16
16
|
Puppet Check is a gem that provides a comprehensive, streamlined, and efficient analysis of the syntax, style, and validity of your entire Puppet code and data.
|
17
17
|
|
18
|
+
**IMPORTANT**: The current support for encrypted yaml validation is experimental. The code is blocked in the current release (the files will continue to be treated as unrecognized) and will be unblocked when the feature is finished in a future version.
|
19
|
+
|
20
|
+
Also, when most Ruby gems (both third party and standard) dropped support for 1.9.3, it became difficult for users to use Puppet Check with 1.9.3, and support for it was eventually dropped. This is now occurring again for 2.0.0 as few gems are supporting it anymore, and support for 2.0.0 will be discontinued in Puppet Check 1.6.0.
|
21
|
+
|
18
22
|
### Former Method for Code and Data Checks
|
19
23
|
![Old](https://raw.githubusercontent.com/mschuchard/puppet-check/master/images/puppetcheck_old.png)
|
20
24
|
|
@@ -129,16 +133,18 @@ The following files have unrecognized formats and therefore were not processed:
|
|
129
133
|
- Puppetlabs Spec Helper requires an additional config file for RSpec Puppet support.
|
130
134
|
- Puppetlabs Spec Helper does not update external module dependencies in a stateful/persistent workspace and fails gracefully instead.
|
131
135
|
- Puppetlabs Spec Helper requires extra configuration items to setup self-module RSpec testing.
|
132
|
-
- Puppetlabs Spec Helper does not frontend to Octocatalog Diff.
|
136
|
+
- Puppetlabs Spec Helper does not frontend to Octocatalog Diff or Test-Kitchen.
|
133
137
|
|
134
138
|
It is worth nothing that there is no current development objective for Puppet Check to achieve the same advanced level of robustness for spec testing that Puppetlabs Spec Helper enables. If you are performing standard spec testing on your Puppet code and data, then Puppet Check's spec testing is a fantastic lighter and faster alternative to Puppetlabs Spec Helper. If you require advanced and intricate capabilities in your spec testing (e.g. direct interfacing to the `Puppet::Parser::Scope` API), then you will likely prefer Puppetlabs Spec Helper's spec testing in conjunction with Puppet Check's file validation.
|
135
139
|
|
136
140
|
## Usage
|
137
141
|
Puppet Check requires `ruby >= 2.0.0`, `puppet >= 3.4`, and `puppet-lint >= 1.1.0`. `Octocatalog-diff >= 1.0.0` if you are performing smoke/regression checks. All other dependencies should be fine with various versions. Puppet Check can be used with a CLI, Rake tasks, or API, from your system, rbenv, rvm, Docker, or Vagrant. Please note all interfaces (API by default, but can be modified) will ignore any directories named `fixtures` or specified paths with that directory during file checks and spec tests.
|
138
142
|
|
139
|
-
#### Ruby 2.0 and Reek
|
143
|
+
#### Ruby 2.0 and Reek/Rubocop
|
140
144
|
Reek dropped support for Ruby 2.0 when it went to 4.0. Since dependencies by Ruby version are allowed in Gemfiles but not gemspecs, this means that PuppetCheck installed with `bundler` will automatically pick up the correct version of Reek for your Ruby version and install it. If you are installing PuppetCheck via `gem`, then you can install reek normally with `gem` with Ruby >= 2.1, but you will need to specify `gem install reek -v 3.11` if you are using Ruby 2.0.
|
141
145
|
|
146
|
+
Similarly, RuboCop has dropped support for Ruby 2.0 at 0.51.0. Since this is a recent change, the expectation will be to automatically manage this dependency outside of Puppet Check. Only new installations on 2.0 will be affected by this.
|
147
|
+
|
142
148
|
### CLI
|
143
149
|
```
|
144
150
|
usage: puppet-check [options] paths
|
@@ -148,13 +154,15 @@ usage: puppet-check [options] paths
|
|
148
154
|
-s, --style Enable style checks
|
149
155
|
--smoke Enable smoke testing
|
150
156
|
-r, --regression Enable regression testing (in progress, do not use)
|
157
|
+
--public cert.pem Public key for EYAML checks
|
158
|
+
--private cert.pem Private key for EYAML checks
|
151
159
|
-o, --output format Format for results output (default is text): text, json, or yaml
|
152
|
-
--octoconfig config_file Octocatalog-diff configuration file to use
|
160
|
+
--octoconfig config_file Octocatalog-diff configuration file to use
|
153
161
|
-n node1.example.com,node2.example.com,
|
154
|
-
--octonodes Octocatalog-diff nodes to test catalog on
|
162
|
+
--octonodes Octocatalog-diff nodes to test catalog on
|
155
163
|
--puppet-lint arg_one,arg_two
|
156
164
|
Arguments for PuppetLint ignored checks
|
157
|
-
-c, --config file Load PuppetLint options from file
|
165
|
+
-c, --config file Load PuppetLint options from file
|
158
166
|
--rubocop arg_one,arg_two Arguments for Rubocop disabled cops
|
159
167
|
```
|
160
168
|
|
@@ -173,17 +181,21 @@ rake puppetcheck # Execute all Puppet-Check checks
|
|
173
181
|
rake puppetcheck:file # Execute Puppet-Check file checks
|
174
182
|
rake puppetcheck:spec # Execute RSpec and RSpec-Puppet tests
|
175
183
|
rake puppetcheck:beaker # Execute Beaker acceptance tests
|
184
|
+
rake puppetcheck:kitchen:* # Execute Test Kitchen acceptance tests
|
176
185
|
```
|
177
186
|
|
178
187
|
#### puppetcheck:file
|
179
188
|
You can add style, smoke, and regression checks to and select the future parser for the `rake puppetcheck:file`, or change the output format, by adding the following after the require:
|
180
189
|
|
181
190
|
```ruby
|
191
|
+
# example of modifying Puppet Check behavior
|
182
192
|
PuppetCheck.settings[:style_check] = true
|
183
193
|
PuppetCheck.settings[:fail_on_warnings] = true
|
184
194
|
PuppetCheck.settings[:future_parser] = true
|
185
195
|
PuppetCheck.settings[:smoke_check] = true
|
186
196
|
PuppetCheck.settings[:regression_check] = true # in progress, do not use
|
197
|
+
PuppetCheck.settings[:public] = 'public.pem'
|
198
|
+
PuppetCheck.settings[:private] = 'private.pem'
|
187
199
|
PuppetCheck.settings[:output_format] = 'yaml'
|
188
200
|
PuppetCheck.settings[:octoconfig] = '.octocatalog-diff.cfg.rb'
|
189
201
|
PuppetCheck.settings[:octonodes] = %w(localhost.localdomain)
|
@@ -193,7 +205,7 @@ PuppetCheck.settings[:rubocop_args] = ['--except', 'rubocop-arg-one,rubocop-arg-
|
|
193
205
|
|
194
206
|
Please note that `rspec` does not support yaml output and therefore would still use the default 'progress' formatter even if `yaml` is specified as the format option to Puppet Check.
|
195
207
|
|
196
|
-
The style checks from within `rake puppetcheck:file` are directly interfaced to `puppet-lint`, `rubocop`, and `reek`. This means that all arguments and options should be specified from within your `.puppet-lint.rc`, `.rubocop.yml`, and `*.reek`.
|
208
|
+
The style checks from within `rake puppetcheck:file` are directly interfaced to `puppet-lint`, `rubocop`, and `reek`. This means that all arguments and options should be specified from within your `.puppet-lint.rc`, `.rubocop.yml`, and `*.reek`. However, you can alternatively utilize the hashes listed above.
|
197
209
|
|
198
210
|
#### puppetcheck:spec
|
199
211
|
The spec tests will be executed against everything that matches the pattern `**/{classes, defines, facter, functions, hosts, puppet, unit, types}/**/*_spec.rb`. Any of these directories inside of a `fixtures` directory will be ignored. This means everything in the current path that appears to be a Puppet module spec test for your module (not dependencies) will be regarded as such and executed during this rake task.
|
@@ -245,7 +257,7 @@ Example:
|
|
245
257
|
]
|
246
258
|
```
|
247
259
|
|
248
|
-
Note that `args` will be ignored during `git pull`,
|
260
|
+
Note that `args` will be ignored during `git pull`, `svn update`, and `hg pull/hg update` when the modules are updated instead of freshly cloned.
|
249
261
|
|
250
262
|
#### puppetcheck:beaker
|
251
263
|
The spec tests will be executed against everything that matches the pattern `**/acceptance`. Any of these directories inside of a `fixtures` directory will be ignored. This means everything in the current path that appears to be a Puppet module acceptance test for your module (not dependencies) will be regarded as such and executed during this rake task.
|
@@ -265,6 +277,8 @@ PuppetCheck.settings[:fail_on_warnings] = true # default false
|
|
265
277
|
PuppetCheck.settings[:style_check] = true # default false
|
266
278
|
PuppetCheck.settings[:smoke_check] = true # default false
|
267
279
|
PuppetCheck.settings[:regression_check] = true # in progress, do not use; default false
|
280
|
+
PuppetCheck.settings[:public] = 'public.pem' # default nil
|
281
|
+
PuppetCheck.settings[:private] = 'private.pem' # default nil
|
268
282
|
PuppetCheck.settings[:output_format] = 'yaml' # also 'json'; default 'text'
|
269
283
|
PuppetCheck.settings[:octoconfig] = '$HOME/octocatalog-diff.cfg.rb' # default '.octocatalog-diff.cfg.rb'
|
270
284
|
PuppetCheck.settings[:octonodes] = %w(server.example.com) # default: %w(localhost.localdomain)
|
@@ -295,7 +309,7 @@ RUN gem install --no-document puppet-check reek rspec-puppet rake
|
|
295
309
|
ENV LANG en_US.UTF-8
|
296
310
|
# create the directory for your module, directory environment, etc. and change directory into it
|
297
311
|
WORKDIR /module_name_or_directory_environment_name
|
298
|
-
# copy the module, directory environment, etc. contents into the
|
312
|
+
# copy the module, directory environment, etc. contents into the corresponding directory inside the container
|
299
313
|
COPY / .
|
300
314
|
# execute your tests; in this example we are executing the full suite of tests
|
301
315
|
ENTRYPOINT ["rake", "puppetcheck"]
|
@@ -335,13 +349,14 @@ To overcome the lack of convenient portability, you could try spinning up the Va
|
|
335
349
|
- 2: PuppetCheck exited with one or more errors in your code and data. Alternatively, PuppetCheck exited with one or more warnings in your code and data and you specified to fail on warnings.
|
336
350
|
|
337
351
|
### Optional dependencies
|
338
|
-
- **rake
|
339
|
-
- **rspec
|
340
|
-
- **rspec-puppet
|
341
|
-
- **octocatalog-diff
|
342
|
-
- **beaker
|
343
|
-
- **
|
344
|
-
- **
|
352
|
+
- **rake** (gem): install this if you want to use Puppet Check with `rake` tasks in addition to the CLI.
|
353
|
+
- **rspec** (gem): install this if you want to use Puppet Check to execute the spec tests for your Ruby files during `rake`.
|
354
|
+
- **rspec-puppet** (gem): install this if you want to use Puppet Check to execute the spec tests for your Puppet files during `rake`.
|
355
|
+
- **octocatalog-diff** (gem): install this if you want to use Puppet Check to execute smoke or regression tests for your Puppet catalog.
|
356
|
+
- **beaker** (gem): install this if you want to use Puppet Check to execute the Beaker acceptance tests during `rake`.
|
357
|
+
- **test-kitchen** (gem): install this if you want to use Puppet Check to execute the Test Kitchen acceptance tests during `rake`.
|
358
|
+
- **git** (pkg): install this if you want to use Puppet Check to download external module dependencies with `git` commands during RSpec Puppet testing.
|
359
|
+
- **mercurial** (pkg): install this if you want to use Puppet Check to download external module dependencies with `hg` commands during RSpec Puppet testing.
|
345
360
|
|
346
361
|
## Contributing
|
347
362
|
Code should pass all spec tests. New features should involve new spec tests. Adherence to Rubocop and Reek is expected where not overly onerous or where the check is of dubious cost/benefit.
|
data/bin/puppet-check
CHANGED
data/lib/puppet-check.rb
CHANGED
@@ -15,6 +15,10 @@ class PuppetCheck
|
|
15
15
|
@settings[:smoke_check] = false
|
16
16
|
@settings[:regression_check] = false
|
17
17
|
|
18
|
+
# initialize ssl keys for eyaml checks
|
19
|
+
@settings[:public] = nil
|
20
|
+
@settings[:private] = nil
|
21
|
+
|
18
22
|
# initialize output format option
|
19
23
|
@settings[:output_format] = 'text'
|
20
24
|
|
@@ -43,15 +47,18 @@ class PuppetCheck
|
|
43
47
|
files = self.class.parse_paths(paths)
|
44
48
|
|
45
49
|
# parse the files
|
46
|
-
execute_parsers(files, self.class.settings[:future_parser], self.class.settings[:style_check], self.class.settings[:puppetlint_args], self.class.settings[:rubocop_args])
|
50
|
+
execute_parsers(files, self.class.settings[:future_parser], self.class.settings[:style_check], self.class.settings[:public], self.class.settings[:private], self.class.settings[:puppetlint_args], self.class.settings[:rubocop_args])
|
47
51
|
|
48
52
|
# output the diagnostic results
|
49
53
|
PuppetCheck.settings[:output_format] == 'text' ? OutputResults.text : OutputResults.markup
|
50
54
|
|
55
|
+
# progress to regression checks if no errors in file checks
|
51
56
|
if self.class.settings[:error_files].empty? && (!self.class.settings[:fail_on_warning] || self.class.settings[:warning_files].empty?)
|
52
57
|
begin
|
53
58
|
require_relative 'puppet-check/regression_check'
|
59
|
+
# if octocatalog-diff is not installed then return immediately
|
54
60
|
rescue LoadError
|
61
|
+
return 0
|
55
62
|
end
|
56
63
|
|
57
64
|
# perform smoke checks if there were no errors and the user desires
|
@@ -104,7 +111,7 @@ class PuppetCheck
|
|
104
111
|
end
|
105
112
|
|
106
113
|
# categorize and pass the files out to the parsers to determine their status
|
107
|
-
def execute_parsers(files, future, style, pl_args, rc_args)
|
114
|
+
def execute_parsers(files, future, style, public, private, pl_args, rc_args)
|
108
115
|
manifests, files = files.partition { |file| File.extname(file) == '.pp' }
|
109
116
|
PuppetParser.manifest(manifests, future, style, pl_args)
|
110
117
|
templates, files = files.partition { |file| File.extname(file) == '.epp' }
|
@@ -117,6 +124,9 @@ class PuppetCheck
|
|
117
124
|
DataParser.yaml(yamls)
|
118
125
|
jsons, files = files.partition { |file| File.extname(file) == '.json' }
|
119
126
|
DataParser.json(jsons)
|
127
|
+
# block this for now
|
128
|
+
# eyamls, files = files.partition { |file| File.extname(file) =~ /\.eya?ml$/ }
|
129
|
+
# DataParser.eyaml(eyamls, public, private)
|
120
130
|
librarians, files = files.partition { |file| File.basename(file) =~ /(?:Puppet|Module|Rake|Gem)file$/ }
|
121
131
|
RubyParser.librarian(librarians, style, rc_args)
|
122
132
|
files.each { |file| self.class.settings[:ignored_files].push(file.to_s) }
|
data/lib/puppet-check/cli.rb
CHANGED
@@ -15,13 +15,16 @@ class PuppetCheck::CLI
|
|
15
15
|
|
16
16
|
# parse the user arguments
|
17
17
|
def self.parse(args)
|
18
|
+
# show help message if no args specified
|
19
|
+
args = %w[-h] if args.empty?
|
20
|
+
|
18
21
|
opt_parser = OptionParser.new do |opts|
|
19
22
|
# usage
|
20
23
|
opts.banner = 'usage: puppet-check [options] paths'
|
21
24
|
|
22
25
|
# base options
|
23
26
|
opts.on('--version', 'Display the current version.') do
|
24
|
-
puts 'puppet-check 1.
|
27
|
+
puts 'puppet-check 1.5.0'
|
25
28
|
exit 0
|
26
29
|
end
|
27
30
|
|
@@ -32,19 +35,23 @@ class PuppetCheck::CLI
|
|
32
35
|
opts.on('--smoke', 'Enable smoke testing') { PuppetCheck.settings[:smoke_check] = true }
|
33
36
|
opts.on('-r', '--regression', 'Enable regression testing (in progress, do not use)') { PuppetCheck.settings[:regression_check] = true }
|
34
37
|
|
38
|
+
# ssl key options for eyaml checks
|
39
|
+
opts.on('--public cert.pem', String, 'Public key for EYAML checks') { |arg| PuppetCheck.settings[:public] = arg }
|
40
|
+
opts.on('--private cert.pem', String, 'Private key for EYAML checks') { |arg| PuppetCheck.settings[:private] = arg }
|
41
|
+
|
35
42
|
# formatting options
|
36
43
|
opts.on('-o', '--output format', String, 'Format for results output (default is text): text, json, or yaml') { |arg| PuppetCheck.settings[:output_format] = arg }
|
37
44
|
|
38
45
|
# octocatalog-diff options
|
39
|
-
opts.on('--octoconfig config_file', String, 'Octocatalog-diff configuration file to use
|
40
|
-
opts.on('-n', '--octonodes node1.example.com,node2.example.com', Array, 'Octocatalog-diff nodes to test catalog on
|
46
|
+
opts.on('--octoconfig config_file', String, 'Octocatalog-diff configuration file to use') { |arg| PuppetCheck.settings[:octoconfig] = arg }
|
47
|
+
opts.on('-n', '--octonodes node1.example.com,node2.example.com', Array, 'Octocatalog-diff nodes to test catalog on') { |arg| PuppetCheck.settings[:octonodes] = arg }
|
41
48
|
|
42
49
|
# arguments to style checkers
|
43
50
|
opts.on('--puppet-lint arg_one,arg_two', Array, 'Arguments for PuppetLint ignored checks') do |puppetlint_args|
|
44
|
-
PuppetCheck.settings[:puppetlint_args]
|
51
|
+
PuppetCheck.settings[:puppetlint_args].concat(puppetlint_args.map { |arg| "--#{arg}" })
|
45
52
|
end
|
46
|
-
opts.on('-c', '--config file', String, 'Load PuppetLint options from file
|
47
|
-
PuppetCheck.settings[:puppetlint_args]
|
53
|
+
opts.on('-c', '--config file', String, 'Load PuppetLint options from file') do |file|
|
54
|
+
PuppetCheck.settings[:puppetlint_args].concat(File.read(file).split("\n"))
|
48
55
|
end
|
49
56
|
opts.on('--rubocop arg_one,arg_two', String, 'Arguments for Rubocop disabled cops') { |arg| PuppetCheck.settings[:rubocop_args] = ['--except', arg] }
|
50
57
|
end
|
@@ -4,6 +4,8 @@ require_relative '../puppet-check'
|
|
4
4
|
class DataParser
|
5
5
|
# checks yaml (.yaml/.yml)
|
6
6
|
def self.yaml(files)
|
7
|
+
return if files.empty?
|
8
|
+
|
7
9
|
require 'yaml'
|
8
10
|
|
9
11
|
files.each do |file|
|
@@ -16,10 +18,48 @@ class DataParser
|
|
16
18
|
warnings = []
|
17
19
|
|
18
20
|
# perform some rudimentary hiera checks if data exists and is hieradata
|
19
|
-
warnings = hiera(parsed) unless (parsed.class.to_s == 'NilClass') || (File.basename(file) == 'hiera.yaml')
|
21
|
+
warnings = hiera(parsed, file) unless (parsed.class.to_s == 'NilClass') || (File.basename(file) == 'hiera.yaml')
|
22
|
+
|
23
|
+
next PuppetCheck.settings[:warning_files].push("#{file}:\n#{warnings.join("\n")}") unless warnings.empty?
|
24
|
+
PuppetCheck.settings[:clean_files].push(file.to_s)
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
# checks eyaml (.eyaml/.eyml)
|
30
|
+
def self.eyaml(files, public, private)
|
31
|
+
return if files.empty?
|
32
|
+
|
33
|
+
require 'openssl'
|
34
|
+
|
35
|
+
# keys specified?
|
36
|
+
return warn 'Public X509 and/or Private RSA PKCS7 certs were not specified. EYAML checks will not be executed.' if public.nil? || private.nil?
|
37
|
+
|
38
|
+
# keys exist?
|
39
|
+
return warn 'Specified Public X509 and/or Private RSA PKCS7 certs do not exist. EYAML checks will not be executed.' unless File.file?(public) && File.file?(private)
|
40
|
+
|
41
|
+
# setup decryption
|
42
|
+
rsa = OpenSSL::PKey::RSA.new(File.read(private))
|
43
|
+
x509 = OpenSSL::X509::Certificate.new(File.read(public))
|
44
|
+
|
45
|
+
files.each do |file|
|
46
|
+
# grab all encoded portions of the eyaml
|
47
|
+
|
48
|
+
# decrypt the encoded portions
|
49
|
+
decrypted = OpenSSL::PKCS7.new(File.read(file)).decrypt(rsa, x509)
|
20
50
|
|
21
|
-
|
22
|
-
|
51
|
+
# insert decrypted portions back into eyaml (pass into loader below)
|
52
|
+
|
53
|
+
# check yaml syntax
|
54
|
+
begin
|
55
|
+
parsed = YAML.safe_load(decrypted)
|
56
|
+
rescue StandardError => err
|
57
|
+
PuppetCheck.settings[:error_files].push("#{file}:\n#{err.to_s.gsub("(#{file}): ", '')}")
|
58
|
+
else
|
59
|
+
warnings = []
|
60
|
+
|
61
|
+
# perform some rudimentary hiera checks if data exists and is hieradata
|
62
|
+
warnings = hiera(parsed, file) unless (parsed.class.to_s == 'NilClass') || (File.basename(file) == 'hiera.yaml')
|
23
63
|
|
24
64
|
next PuppetCheck.settings[:warning_files].push("#{file}:\n#{warnings.join("\n")}") unless warnings.empty?
|
25
65
|
PuppetCheck.settings[:clean_files].push(file.to_s)
|
@@ -29,6 +69,8 @@ class DataParser
|
|
29
69
|
|
30
70
|
# checks json (.json)
|
31
71
|
def self.json(files)
|
72
|
+
return if files.empty?
|
73
|
+
|
32
74
|
require 'json'
|
33
75
|
|
34
76
|
files.each do |file|
|
@@ -126,7 +168,7 @@ class DataParser
|
|
126
168
|
# assume this is hieradata
|
127
169
|
else
|
128
170
|
# perform some rudimentary hiera checks if data exists
|
129
|
-
warnings = hiera(parsed) unless parsed.class.to_s == 'NilClass'
|
171
|
+
warnings = hiera(parsed, file) unless parsed.class.to_s == 'NilClass'
|
130
172
|
end
|
131
173
|
next PuppetCheck.settings[:warning_files].push("#{file}:\n#{warnings.join("\n")}") unless warnings.empty?
|
132
174
|
PuppetCheck.settings[:clean_files].push(file.to_s)
|
@@ -135,7 +177,8 @@ class DataParser
|
|
135
177
|
end
|
136
178
|
|
137
179
|
# checks hieradata
|
138
|
-
def self.hiera(data)
|
180
|
+
def self.hiera(data, file)
|
181
|
+
private_class_method :method
|
139
182
|
warnings = []
|
140
183
|
|
141
184
|
data.each do |key, value|
|
@@ -145,6 +188,9 @@ class DataParser
|
|
145
188
|
end
|
146
189
|
end
|
147
190
|
|
191
|
+
# check that '---' does not show up more than once in the hieradata
|
192
|
+
warnings.push('The string --- appears more than once in this data and Hiera will fail to parse it correctly.') if File.read(file).scan(/---/).count >= 2
|
193
|
+
|
148
194
|
warnings
|
149
195
|
end
|
150
196
|
end
|
@@ -5,6 +5,8 @@ require_relative '../puppet-check'
|
|
5
5
|
class PuppetParser
|
6
6
|
# checks puppet (.pp)
|
7
7
|
def self.manifest(files, future, style, pl_args)
|
8
|
+
return if files.empty?
|
9
|
+
|
8
10
|
require 'puppet/face'
|
9
11
|
|
10
12
|
# prepare the Puppet settings for the error checking
|
@@ -21,6 +23,9 @@ class PuppetParser
|
|
21
23
|
Puppet::Face[:parser, :current].validate(file)
|
22
24
|
# this is the actual error that we need to rescue Puppet::Face from
|
23
25
|
rescue SystemExit
|
26
|
+
# puppet 5 can only do one error per line and outputs fake dir env info
|
27
|
+
next PuppetCheck.settings[:error_files].push("#{file}:\n#{errors.map(&:to_s).join("\n").gsub("#{File.absolute_path(file)}:", '').gsub(/Could not parse.*: /, '')}") if Puppet::PUPPETVERSION.to_i == 5
|
28
|
+
# puppet < 5 parser output style
|
24
29
|
next PuppetCheck.settings[:error_files].push("#{file}:\n#{errors.map(&:to_s).join("\n").gsub("#{File.absolute_path(file)}:", '')}")
|
25
30
|
end
|
26
31
|
|
@@ -47,7 +52,7 @@ class PuppetParser
|
|
47
52
|
|
48
53
|
# collect the warnings
|
49
54
|
if puppet_lint.warnings?
|
50
|
-
puppet_lint.problems.each { |values| warnings
|
55
|
+
puppet_lint.problems.each { |values| warnings << "\n#{values[:line]}:#{values[:column]}: #{values[:message]}" }
|
51
56
|
end
|
52
57
|
end
|
53
58
|
next PuppetCheck.settings[:warning_files].push(warnings) unless warnings == "#{file}:"
|
@@ -57,6 +62,8 @@ class PuppetParser
|
|
57
62
|
|
58
63
|
# checks puppet template (.epp)
|
59
64
|
def self.template(files)
|
65
|
+
return if files.empty?
|
66
|
+
|
60
67
|
require 'puppet/pops'
|
61
68
|
|
62
69
|
files.each do |file|
|
@@ -1,10 +1,13 @@
|
|
1
|
+
# temporarily supress warning messages for octocatalog-diff redefining puppet constants and then reactivate
|
2
|
+
$VERBOSE = nil
|
1
3
|
require 'octocatalog-diff'
|
4
|
+
$VERBOSE = false
|
2
5
|
|
3
6
|
# executes smoke and regression tests on catalogs
|
4
7
|
class RegressionCheck
|
5
8
|
# smoke testing
|
6
9
|
def self.smoke(interface_nodes, octoconfig)
|
7
|
-
options =
|
10
|
+
options = config(octoconfig)
|
8
11
|
nodes = options.key?(:node) ? [options[:node]] : interface_nodes
|
9
12
|
nodes.each do |node|
|
10
13
|
options[:node] = node
|
@@ -20,6 +23,7 @@ class RegressionCheck
|
|
20
23
|
|
21
24
|
# config file loading
|
22
25
|
def self.config(octoconfig)
|
26
|
+
private_class_method :method
|
23
27
|
OctocatalogDiff::API::V1.config(filename: octoconfig)
|
24
28
|
end
|
25
29
|
end
|
@@ -30,18 +30,17 @@ class RSpecPuppetSupport
|
|
30
30
|
|
31
31
|
# setup the files, directories, and symlinks for rspec-puppet testing
|
32
32
|
def self.file_setup(module_name)
|
33
|
+
private_class_method :method
|
33
34
|
# create all the necessary fixture dirs that are missing
|
34
|
-
['spec/fixtures', 'spec/fixtures/manifests', 'spec/fixtures/modules'
|
35
|
+
['spec/fixtures', 'spec/fixtures/manifests', 'spec/fixtures/modules'].each do |dir|
|
35
36
|
Dir.mkdir(dir) unless File.directory?(dir)
|
36
37
|
end
|
37
38
|
|
38
39
|
# create empty site.pp if missing
|
39
40
|
File.write('spec/fixtures/manifests/site.pp', '') unless File.file?('spec/fixtures/manifests/site.pp')
|
40
41
|
|
41
|
-
# symlink
|
42
|
-
|
43
|
-
File.symlink("../../../../#{file}", "spec/fixtures/modules/#{module_name}/#{file}") if File.exist?(file) && !File.exist?("spec/fixtures/modules/#{module_name}/#{file}")
|
44
|
-
end
|
42
|
+
# symlink the module into spec/fixtures/modules
|
43
|
+
File.symlink("../../../#{module_name}", "spec/fixtures/modules/#{module_name}") unless File.exist?("spec/fixtures/modules/#{module_name}")
|
45
44
|
|
46
45
|
# create spec_helper if missing
|
47
46
|
return if File.file?('spec/spec_helper.rb')
|
@@ -50,6 +49,7 @@ class RSpecPuppetSupport
|
|
50
49
|
|
51
50
|
# setup the module dependencies for rspec-puppet testing
|
52
51
|
def self.dependency_setup
|
52
|
+
private_class_method :method
|
53
53
|
require 'json'
|
54
54
|
|
55
55
|
# parse the metadata.json (assumes DataParser.json has already given it a pass)
|
@@ -75,6 +75,7 @@ class RSpecPuppetSupport
|
|
75
75
|
|
76
76
|
# download external module dependency with git
|
77
77
|
def self.git(git_url, args = '')
|
78
|
+
private_class_method :method
|
78
79
|
# establish path to clone module to
|
79
80
|
path = "spec/fixtures/modules/#{File.basename(git_url, '.git')}"
|
80
81
|
# is the module present and already cloned with git? do a pull; otherwise, do a clone
|
@@ -83,6 +84,7 @@ class RSpecPuppetSupport
|
|
83
84
|
|
84
85
|
# download external module dependency with forge
|
85
86
|
def self.forge(forge_name, args = '')
|
87
|
+
private_class_method :method
|
86
88
|
# is the module present? do an upgrade; otherwise, do an install
|
87
89
|
subcommand = File.directory?("spec/fixtures/modules/#{forge_name}") ? 'upgrade' : 'install'
|
88
90
|
system("puppet module #{subcommand} --modulepath spec/fixtures/modules/ #{args} #{forge_name}")
|
@@ -90,6 +92,7 @@ class RSpecPuppetSupport
|
|
90
92
|
|
91
93
|
# download external module dependency with svn
|
92
94
|
def self.svn(svn_url, args = '')
|
95
|
+
private_class_method :method
|
93
96
|
# establish path to checkout module to
|
94
97
|
path = "spec/fixtures/modules/#{File.basename(svn_url)}"
|
95
98
|
# is the module present and already checked out with svn? do an update; otherwise, do a checkout
|
@@ -98,6 +101,7 @@ class RSpecPuppetSupport
|
|
98
101
|
|
99
102
|
# download external module dependency with hg
|
100
103
|
def self.hg(hg_url, args = '')
|
104
|
+
private_class_method :method
|
101
105
|
# establish path to clone module to
|
102
106
|
path = "spec/fixtures/modules/#{File.basename(hg_url)}"
|
103
107
|
# is the module present and already cloned with hg? do a pull and update; otherwise do a clone
|
@@ -25,7 +25,7 @@ class RubyParser
|
|
25
25
|
require 'reek'
|
26
26
|
require 'reek/cli/application'
|
27
27
|
reek_warnings = Utils.capture_stdout { Reek::CLI::Application.new([file]).execute }
|
28
|
-
warnings
|
28
|
+
warnings << reek_warnings.split("\n")[1..-1].map(&:strip).join("\n") unless reek_warnings == ''
|
29
29
|
|
30
30
|
# return warnings
|
31
31
|
next PuppetCheck.settings[:warning_files].push("#{file}:\n#{warnings.strip}") unless warnings == ''
|
@@ -37,6 +37,8 @@ class RubyParser
|
|
37
37
|
|
38
38
|
# checks ruby template (.erb)
|
39
39
|
def self.template(files)
|
40
|
+
return if files.empty?
|
41
|
+
|
40
42
|
require 'erb'
|
41
43
|
|
42
44
|
files.each do |file|
|
@@ -59,6 +61,13 @@ class RubyParser
|
|
59
61
|
|
60
62
|
# checks librarian puppet (Puppetfile/Modulefile) and misc ruby (Rakefile/Gemfile)
|
61
63
|
def self.librarian(files, style, rc_args)
|
64
|
+
# efficient var assignment prior to iterator
|
65
|
+
if style
|
66
|
+
require 'rubocop'
|
67
|
+
# cop named differently depending upon version
|
68
|
+
filename_cop = RuboCop::Version::STRING.to_f >= 0.5 ? 'Naming/FileName' : 'Style/FileName'
|
69
|
+
end
|
70
|
+
|
62
71
|
files.each do |file|
|
63
72
|
# check librarian puppet syntax
|
64
73
|
begin
|
@@ -69,11 +78,9 @@ class RubyParser
|
|
69
78
|
# check librarian puppet style
|
70
79
|
else
|
71
80
|
if style
|
72
|
-
require 'rubocop'
|
73
|
-
|
74
81
|
# check Rubocop
|
75
|
-
# RuboCop is grumpy about non-snake_case filenames so disable the
|
76
|
-
rc_args.include?('--except') ? rc_args[rc_args.index('--except') + 1] = "#{rc_args[rc_args.index('--except') + 1]}
|
82
|
+
# RuboCop is grumpy about non-snake_case filenames so disable the FileName check
|
83
|
+
rc_args.include?('--except') ? rc_args[rc_args.index('--except') + 1] = "#{rc_args[rc_args.index('--except') + 1]},#{filename_cop}" : rc_args.concat(['--except', filename_cop])
|
77
84
|
warnings = Utils.capture_stdout { RuboCop::CLI.new.run(rc_args + ['--format', 'emacs', file]) }
|
78
85
|
|
79
86
|
# collect style warnings
|
data/lib/puppet-check/tasks.rb
CHANGED
@@ -9,7 +9,7 @@ require_relative '../puppet-check'
|
|
9
9
|
class PuppetCheck::Tasks < ::Rake::TaskLib
|
10
10
|
def initialize
|
11
11
|
desc 'Execute all Puppet-Check checks'
|
12
|
-
task puppetcheck: %w[puppetcheck:file puppetcheck:spec puppetcheck:beaker]
|
12
|
+
task puppetcheck: %w[puppetcheck:file puppetcheck:spec puppetcheck:beaker puppetcheck:kitchen]
|
13
13
|
|
14
14
|
namespace :puppetcheck do
|
15
15
|
desc 'Execute Puppet-Check file checks'
|
@@ -17,6 +17,7 @@ class PuppetCheck::Tasks < ::Rake::TaskLib
|
|
17
17
|
PuppetCheck.new.run(Dir.glob('*'))
|
18
18
|
end
|
19
19
|
|
20
|
+
# rspec, rspec-puppet, and beaker tasks
|
20
21
|
begin
|
21
22
|
require 'rspec/core/rake_task'
|
22
23
|
require_relative 'rspec_puppet_support'
|
@@ -38,7 +39,29 @@ class PuppetCheck::Tasks < ::Rake::TaskLib
|
|
38
39
|
task.rspec_opts = '-f json' if PuppetCheck.settings[:output_format] == 'json'
|
39
40
|
end
|
40
41
|
rescue LoadError
|
41
|
-
|
42
|
+
desc 'RSpec is not installed.'
|
43
|
+
task :spec do
|
44
|
+
puts 'RSpec is not installed. The RSpec/RSpecPuppet tasks will not be available.'
|
45
|
+
end
|
46
|
+
desc 'RSpec is not installed.'
|
47
|
+
task :beaker do
|
48
|
+
puts 'RSpec is not installed. The Beaker tasks will not be available.'
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
# test kitchen tasks
|
53
|
+
begin
|
54
|
+
require 'kitchen/rake_tasks'
|
55
|
+
|
56
|
+
desc 'Execute Test Kitchen acceptance tests'
|
57
|
+
task :kitchen do
|
58
|
+
Rake::Task['kitchen:all'].invoke
|
59
|
+
end
|
60
|
+
rescue LoadError
|
61
|
+
desc 'Test Kitchen is not installed.'
|
62
|
+
task :kitchen do
|
63
|
+
puts 'Test Kitchen is not installed. The Kitchen tasks will not be available.'
|
64
|
+
end
|
42
65
|
end
|
43
66
|
end
|
44
67
|
end
|
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
i:
|
3
|
+
- am
|
4
|
+
- a
|
5
|
+
|
6
|
+
good:
|
7
|
+
eyaml: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAE55MeA/kW1uoyJV8WJPU+2q3DklRBKcRBhJtofuDwkKO7SQ+T30A/vDAP+A2IRFXDC0xOCM1iwQvbVIUht9Godb6qeT+8wLHmMuekN7jZpjYnAZHECy8QcWxlLaGP6LSJrvq5VN//4djiwdne5064tmTpXxwVffL+z7QyKI24t7YO3zjR40L2tm4mduyRnK2KuLpfI9hGAWwKWFAQ8GywEtZaFmN+7M7BYvCnR6WclZSkokVraAJk1v31blTCs/2E2NrTFbjDvAlJIYLdU8Q1rcifW06r8Rx5I0Ufzbd+vcCGyKjCWJ1Rzjgs29UaF2hogJbEsFS/BUx8AEbffL4DjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBuhvUa47kIQ2/nHGwfju9ogBAusaL97ZJBWahoLgSEY+gT]
|
@@ -0,0 +1,16 @@
|
|
1
|
+
---
|
2
|
+
i: 'am'
|
3
|
+
|
4
|
+
:a:
|
5
|
+
good:
|
6
|
+
- eyaml
|
7
|
+
- ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAE55MeA/kW1uoyJV8WJPU+2q3DklRBKcRBhJtofuDwkKO7SQ+T30A/vDAP+A2IRFXDC0xOCM1iwQvbVIUht9Godb6qeT+8wLHmMuekN7jZpjYnAZHECy8QcWxlLaGP6LSJrvq5VN//4djiwdne5064tmTpXxwVffL+z7QyKI24t7YO3zjR40L2tm4mduyRnK2KuLpfI9hGAWwKWFAQ8GywEtZaFmN+7M7BYvCnR6WclZSkokVraAJk1v31blTCs/2E2NrTFbjDvAlJIYLdU8Q1rcifW06r8Rx5I0Ufzbd+vcCGyKjCWJ1Rzjgs29UaF2hogJbEsFS/BUx8AEbffL4DjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBuhvUa47kIQ2/nHGwfju9ogBAusaL97ZJBWahoLgSEY+gT]
|
8
|
+
|
9
|
+
but: 'i am missing a'
|
10
|
+
|
11
|
+
value:
|
12
|
+
|
13
|
+
and:
|
14
|
+
also: 'a'
|
15
|
+
subvalue:
|
16
|
+
---
|
@@ -0,0 +1,8 @@
|
|
1
|
+
---
|
2
|
+
i: - am :an:
|
3
|
+
- :eyaml:
|
4
|
+
- file:
|
5
|
+
|
6
|
+
with:
|
7
|
+
: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAPW3B3OFO48lQZcrcFPj1oGl1Qx9It8JN6neAfxPIV5lWx5o//gBVpy0tcc0rq83A1UxYJ9wdamgqUoSCd9oYBXMjjbkd4OCe6z3XCDBGnAkYy0jvwg6/1SUgmMgo5MC1GEg/ADe9LfxxbRosV8MUAozoevvWoWQyZ6Sr4s0PDjhvIf8F4P2uUmIw0lsUyfgl8H1qTWy+RQFkjZ9ArURMuzNs0ru5HvzHtQt8o/PzW31RqEGm4k/4B0DNhWmd5jvjr+VCuCn8gn7ypj6HbfTRA/mMenm/p2dU9yJA7oROsV55kMTHD7Uav4CMTMLXmfF5oiO9mRw91KkmNjB7FGlxJDA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBzcD656/BIbPWtkc1i0t2KgBAD+oVqa/H8lMynix7pN4eL]
|
8
|
+
:syntax: -
|
@@ -0,0 +1,27 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIEogIBAAKCAQEArcVImrrizOvxggoj9pQsJ78zweoxp0EbTSQXJVLQ+fBWxNDm
|
3
|
+
LYGeRpxeBu2laHG/rVtuokiVdVjRfGIxhMW5n+WE0+tg7xQD8M9gtoIzZcCfPO68
|
4
|
+
TLb/SF7pSL7kZJqlV62VsdyzAYSmQTYeAqIVg/1y9AH4Bm8UPOpHOpCX2BODa18S
|
5
|
+
cBKTkCdXbRPIdsvJ1xNAag0yD4erEtz1/In9AKzL1urxFILoSU4w3IBQigMLT6r9
|
6
|
+
eo5xd91PIXZwSMO3ypN9ZQCVkDBoyO6g5HaqPHeSP6ZMWzKBCGdi2T613mZgK3u8
|
7
|
+
AaHtHcTdryDFLsYpgwcBFFsiwf2b2GT2TNPrrQIDAQABAoIBAC5xiBIy2ONEPGwx
|
8
|
+
IaOJvrNw2vh9C4BUWmOnvbfwBoKGxeocmyiWeCMPL+JSKd9cZ4qB4XPmSmvurS69
|
9
|
+
X9bIsfAWfAXX5zR++P6nroWZDvunG+hBNnqafmhtVZRn0MtCueZRMq0y+3Tway8K
|
10
|
+
s8KoZ2+7kbm9vPibP6F4TElO1Aaf303gmnXFENzZasaHP6qxdFCqAdFw4/AXpXE4
|
11
|
+
wSWprUPwJRqF0MlWK4IuANblIQ3q1SL6rq4TSylp/OvdYP0Ps85sVyNGIjVwXA5u
|
12
|
+
SRdVyhog3kbzpHj7hpv7Kl2gHKV50pbp90aOpRNqiGqP9WzSIOTjb5G855QqYNk/
|
13
|
+
uPL6tlECgYEA5wZWeeB0aIichWCzNrKO0SEJMY7JtPnjtwWL/GYGHUiTDijNR3j5
|
14
|
+
njS+58DwVW0adZKpkNvqZ9QJQnw4Fg0iwb16o2FfiZ3whV9XBJbgYyglue/U3WWq
|
15
|
+
E20/sPZdkFBGKkhmgCcuGvVRGyzKZCQ3xFU8O51Ha3qK6NYr2jsYlQcCgYEAwI5s
|
16
|
+
2fGp4Vc/4RLWOA8rJ8ywKt4HuLNBxnCb8hHTg2LJG7RjEM2nCJlcUnLB2UctaDqy
|
17
|
+
8hMf1vGubMlWt9n9MxyWSSdjdzppQbo75HqAVXZBtC+FCJXGKzOnR9OkuTQ8RU9Y
|
18
|
+
I7OMQ07d3mECXvvUo9z+j5sGBFCZCOSiMKqcoKsCgYAqIOa+HOc9dMQOMn8b113h
|
19
|
+
1wNlLSOtQ/B5nKJVaYlt56EhcOFWSkJCzl2Nx4pMGbQ8gn03dFL/khQKMrrLkqOm
|
20
|
+
7tWhW41ffBSzTZqBtL3Adz7B9HE92l80YbS+oX6YZXsWFNPURNDMi7W5neZecphU
|
21
|
+
zjJIsLqoZ9VS9lNS3XnzGwKBgHnutoccPNLxCQZhgz1kfZNqTnQWvRT8jj42uMmE
|
22
|
+
+EdOmsLsa38MeyU61/dtq8sHA33pDb+01Iir6iQBKuSpKWjgRVp1ksrBNj3kzGBW
|
23
|
+
IkX76IdNQBS7ow1gXCFjp/+PUEsjf1C8Nam5m01iaLn1BiXtn1UYearpzr6O6RWg
|
24
|
+
NCaZAoGAIPGk+dcgKFf5lVWj0XkZfzVbj/OgwVBsUxP/jQ/monB7iHjwoYPK4A4y
|
25
|
+
sBy4FHFBfQKKMrn52uQFcrXq6/EK+pASswkrxsIUrASsPaTNOq+SngT+NWqHC5Fj
|
26
|
+
7vaA1e59QlSQWSAf6IZbsr2qu/NKPN6JkA1SLbtF8gF3T7QphKo=
|
27
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIC2TCCAcGgAwIBAgIBATANBgkqhkiG9w0BAQUFADAAMCAXDTE3MDgyOTIzMzYz
|
3
|
+
OFoYDzIwNjcwODE3MjMzNjM4WjAAMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
|
4
|
+
CgKCAQEArcVImrrizOvxggoj9pQsJ78zweoxp0EbTSQXJVLQ+fBWxNDmLYGeRpxe
|
5
|
+
Bu2laHG/rVtuokiVdVjRfGIxhMW5n+WE0+tg7xQD8M9gtoIzZcCfPO68TLb/SF7p
|
6
|
+
SL7kZJqlV62VsdyzAYSmQTYeAqIVg/1y9AH4Bm8UPOpHOpCX2BODa18ScBKTkCdX
|
7
|
+
bRPIdsvJ1xNAag0yD4erEtz1/In9AKzL1urxFILoSU4w3IBQigMLT6r9eo5xd91P
|
8
|
+
IXZwSMO3ypN9ZQCVkDBoyO6g5HaqPHeSP6ZMWzKBCGdi2T613mZgK3u8AaHtHcTd
|
9
|
+
ryDFLsYpgwcBFFsiwf2b2GT2TNPrrQIDAQABo1wwWjAPBgNVHRMBAf8EBTADAQH/
|
10
|
+
MB0GA1UdDgQWBBSNRJcp7zds5OoHwILPQ54USW6UdjAoBgNVHSMEITAfgBSNRJcp
|
11
|
+
7zds5OoHwILPQ54USW6UdqEEpAIwAIIBATANBgkqhkiG9w0BAQUFAAOCAQEAK0Hu
|
12
|
+
Q9oB1+w4OnilleLyARiCz64RDdbAPCmQtg18L7LG4Y19qmlThF7o+3sPzy4XHsGN
|
13
|
+
R96II4LWwzvYnoWbb9YDspdoR3S9NeR5nEQ0cHhCvCjJabciJb0Ua5s7B6n/OZI2
|
14
|
+
yLiksSDVjqLz3MxRSDGm4BU/6THJtktmxHqFkZpIyi+Ph/zlifB3tkB+EUqZ4x3T
|
15
|
+
zzKi+zVDI2fZHZbpwrXbCShagvTc466hEji3JZAXjr3G2KJBsCvbMVuYtAWX4XQE
|
16
|
+
+/F8BoNpZkIOd1xgRcDR07bLjM7AfTjxec88fUebd2FYYX498AqC6VuzCeFk56nS
|
17
|
+
7p9qXtWyXoV/G9Xdeg==
|
18
|
+
-----END CERTIFICATE-----
|
@@ -27,6 +27,14 @@ describe PuppetCheck::CLI do
|
|
27
27
|
expect(PuppetCheck.settings[:regression_check]).to eql(true)
|
28
28
|
end
|
29
29
|
|
30
|
+
it 'correctly parser EYAML options' do
|
31
|
+
PuppetCheck.settings[:public] = nil
|
32
|
+
PuppetCheck.settings[:private] = nil
|
33
|
+
PuppetCheck::CLI.parse(%w[--public pub.pem --private priv.pem])
|
34
|
+
expect(PuppetCheck.settings[:public]).to eql('pub.pem')
|
35
|
+
expect(PuppetCheck.settings[:private]).to eql('priv.pem')
|
36
|
+
end
|
37
|
+
|
30
38
|
it 'correctly parses a formatting option' do
|
31
39
|
PuppetCheck.settings[:output_format] = ''
|
32
40
|
PuppetCheck::CLI.parse(%w[-o text])
|
@@ -29,6 +29,38 @@ describe DataParser do
|
|
29
29
|
end
|
30
30
|
end
|
31
31
|
|
32
|
+
if RUBY_VERSION.to_f >= 2.3
|
33
|
+
context '.eyaml' do
|
34
|
+
it 'returns a warning if a public key was not specified' do
|
35
|
+
expect { DataParser.eyaml('foo.eyaml', nil, 'private.pem') }.to output("Public X509 and/or Private RSA PKCS7 certs were not specified. EYAML checks will not be executed.\n").to_stderr
|
36
|
+
end
|
37
|
+
it 'returns a warning if a private key was not specified' do
|
38
|
+
expect { DataParser.eyaml('foo.eyaml', 'public.pem', nil) }.to output("Public X509 and/or Private RSA PKCS7 certs were not specified. EYAML checks will not be executed.\n").to_stderr
|
39
|
+
end
|
40
|
+
it 'returns a warning if the public key or private key are not existing files' do
|
41
|
+
expect { DataParser.eyaml('foo.eyaml', 'public.pem', 'private.pem') }.to output("Specified Public X509 and/or Private RSA PKCS7 certs do not exist. EYAML checks will not be executed.\n").to_stderr
|
42
|
+
end
|
43
|
+
it 'puts a bad syntax eyaml file in the error files array' do
|
44
|
+
DataParser.eyaml([fixtures_dir + 'hieradata/syntax.eyaml'], fixtures_dir + 'keys/public_key.pkcs7.pem', fixtures_dir + 'keys/private_key.pkcs7.pem')
|
45
|
+
expect(PuppetCheck.settings[:error_files][0]).to match(%r{^#{fixtures_dir}hieradata/syntax.eyaml:\nblock sequence entries are not allowed})
|
46
|
+
expect(PuppetCheck.settings[:warning_files]).to eql([])
|
47
|
+
expect(PuppetCheck.settings[:clean_files]).to eql([])
|
48
|
+
end
|
49
|
+
it 'puts a good eyaml file with potential hiera issues in the warning files array' do
|
50
|
+
DataParser.eyaml([fixtures_dir + 'hieradata/style.eyaml'], fixtures_dir + 'keys/public_key.pkcs7.pem', fixtures_dir + 'keys/private_key.pkcs7.pem')
|
51
|
+
expect(PuppetCheck.settings[:error_files]).to eql([])
|
52
|
+
expect(PuppetCheck.settings[:warning_files][0]).to match(%r{^#{fixtures_dir}hieradata/style.eyaml:\nValue\(s\) missing in key.*\nValue\(s\) missing in key.*\nThe string --- appears more than once in this data and Hiera will fail to parse it correctly})
|
53
|
+
expect(PuppetCheck.settings[:clean_files]).to eql([])
|
54
|
+
end
|
55
|
+
it 'puts a good eyaml file in the clean files array' do
|
56
|
+
DataParser.eyaml([fixtures_dir + 'hieradata/good.eyaml'], fixtures_dir + 'keys/public_key.pkcs7.pem', fixtures_dir + 'keys/private_key.pkcs7.pem')
|
57
|
+
expect(PuppetCheck.settings[:error_files]).to eql([])
|
58
|
+
expect(PuppetCheck.settings[:warning_files]).to eql([])
|
59
|
+
expect(PuppetCheck.settings[:clean_files]).to eql(["#{fixtures_dir}hieradata/good.eyaml"])
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
32
64
|
context '.json' do
|
33
65
|
it 'puts a bad syntax json file in the error files array' do
|
34
66
|
DataParser.json([fixtures_dir + 'hieradata/syntax.json'])
|
@@ -12,10 +12,17 @@ describe PuppetParser do
|
|
12
12
|
it 'puts a bad syntax Puppet manifest in the error files array' do
|
13
13
|
PuppetParser.manifest([fixtures_dir + 'manifests/syntax.pp'], false, false, [])
|
14
14
|
# stupid Puppet deprecation warning
|
15
|
-
if RUBY_VERSION.to_f < 2.1
|
15
|
+
if RUBY_VERSION.to_f < 2.1 && Puppet::PUPPETVERSION.to_i < 5
|
16
16
|
expect(PuppetCheck.settings[:error_files][0]).to match(%r{^#{fixtures_dir}manifests/syntax.pp:\nSupport for ruby version.*\n.*\nThis Variable has no effect.*\nIllegal variable name})
|
17
|
-
|
18
|
-
|
17
|
+
# stupid Puppet deprecation warning and Puppet 5 is no longer able to do multiple errors per line
|
18
|
+
elsif RUBY_VERSION.to_f < 2.1 && Puppet::PUPPETVERSION.to_i == 5
|
19
|
+
expect(PuppetCheck.settings[:error_files][0]).to match(%r{^#{fixtures_dir}manifests/syntax.pp:\nSupport for ruby version.*\n.*\nThis Variable has no effect.*})
|
20
|
+
# ideal error-checking situation
|
21
|
+
elsif RUBY_VERSION.to_f >= 2.1 && Puppet::PUPPETVERSION.to_i < 5
|
22
|
+
expect(PuppetCheck.settings[:error_files][0]).to match(%r{^#{fixtures_dir}manifests/syntax.pp:\nSupport for ruby version.*\n.*\nThis Variable has no effect.*\nIllegal variable name})
|
23
|
+
# Puppet 5 is no longer able to do multiple errors per line
|
24
|
+
else # ruby >= 2.1 and puppet == 5
|
25
|
+
expect(PuppetCheck.settings[:error_files][0]).to match(%r{^#{fixtures_dir}manifests/syntax.pp:\nThis Variable has no effect})
|
19
26
|
end
|
20
27
|
expect(PuppetCheck.settings[:warning_files]).to eql([])
|
21
28
|
expect(PuppetCheck.settings[:clean_files]).to eql([])
|
@@ -3,6 +3,12 @@ require_relative '../../lib/puppet-check/rspec_puppet_support'
|
|
3
3
|
require 'fileutils'
|
4
4
|
|
5
5
|
describe RSpecPuppetSupport do
|
6
|
+
after(:all) do
|
7
|
+
# cleanup rspec_puppet_setup
|
8
|
+
File.delete('spec/spec_helper.rb')
|
9
|
+
%w[manifests modules].each { |dir| FileUtils.rm_r('spec/fixtures/' + dir) }
|
10
|
+
end
|
11
|
+
|
6
12
|
context '.run' do
|
7
13
|
let(:rspec_puppet_setup) { RSpecPuppetSupport.run }
|
8
14
|
before(:each) { Dir.chdir(fixtures_dir) }
|
@@ -12,21 +18,14 @@ describe RSpecPuppetSupport do
|
|
12
18
|
|
13
19
|
# .file_setup
|
14
20
|
expect(File.directory?('spec/fixtures/manifests')).to be true
|
15
|
-
expect(File.directory?('spec/fixtures/modules
|
21
|
+
expect(File.directory?('spec/fixtures/modules')).to be true
|
16
22
|
expect(File.file?('spec/fixtures/manifests/site.pp')).to be true
|
17
|
-
expect(File.symlink?('spec/fixtures/modules/fixtures
|
18
|
-
expect(File.symlink?('spec/fixtures/modules/fixtures/manifests')).to be true
|
19
|
-
expect(File.symlink?('spec/fixtures/modules/fixtures/lib')).to be true
|
20
|
-
expect(File.symlink?('spec/fixtures/modules/fixtures/templates')).to be true
|
23
|
+
expect(File.symlink?('spec/fixtures/modules/fixtures')).to be true
|
21
24
|
expect(File.file?('spec/spec_helper.rb')).to be true
|
22
25
|
|
23
26
|
# .dependency_setup
|
24
27
|
expect(File.directory?('spec/fixtures/modules/puppetlabs-lvm')).to be true
|
25
28
|
expect(File.directory?('spec/fixtures/modules/stdlib')).to be true
|
26
|
-
|
27
|
-
# cleanup rspec_puppet_setup
|
28
|
-
%w[spec/spec_helper.rb].each { |file| File.delete(file) }
|
29
|
-
%w[manifests modules].each { |dir| FileUtils.rm_r('spec/fixtures/' + dir) }
|
30
29
|
end
|
31
30
|
end
|
32
31
|
end
|
@@ -76,7 +76,7 @@ describe RubyParser do
|
|
76
76
|
expect(PuppetCheck.settings[:clean_files]).to eql([])
|
77
77
|
end
|
78
78
|
it 'puts a bad style librarian Puppet file in the clean files array when rubocop_args ignores its warnings' do
|
79
|
-
RubyParser.librarian([fixtures_dir + 'librarian_style/Puppetfile'], true, ['--except', '
|
79
|
+
RubyParser.librarian([fixtures_dir + 'librarian_style/Puppetfile'], true, ['--except', 'Layout/AlignParameters,Style/HashSyntax'])
|
80
80
|
expect(PuppetCheck.settings[:error_files]).to eql([])
|
81
81
|
expect(PuppetCheck.settings[:warning_files]).to eql([])
|
82
82
|
expect(PuppetCheck.settings[:clean_files]).to eql(["#{fixtures_dir}librarian_style/Puppetfile"])
|
@@ -3,6 +3,12 @@ require_relative '../spec_helper.rb'
|
|
3
3
|
require_relative '../../lib/puppet-check/tasks'
|
4
4
|
|
5
5
|
describe PuppetCheck::Tasks do
|
6
|
+
after(:all) do
|
7
|
+
# cleanup rspec_puppet_setup
|
8
|
+
%w[spec/spec_helper.rb].each { |file| File.delete(file) }
|
9
|
+
%w[manifests modules].each { |dir| FileUtils.rm_r('spec/fixtures/' + dir) }
|
10
|
+
end
|
11
|
+
|
6
12
|
context 'puppetcheck:spec' do
|
7
13
|
let(:spec_tasks) { Rake::Task['puppetcheck:spec'.to_sym].invoke }
|
8
14
|
|
@@ -13,10 +19,6 @@ describe PuppetCheck::Tasks do
|
|
13
19
|
expect { spec_tasks }.to output(%r{spec/facter/facter_spec.rb}).to_stdout
|
14
20
|
# if this is first then the stdout is not captured for testing
|
15
21
|
expect { spec_tasks }.not_to raise_exception
|
16
|
-
|
17
|
-
# cleanup rspec_puppet_setup
|
18
|
-
%w[spec/spec_helper.rb].each { |file| File.delete(file) }
|
19
|
-
%w[manifests modules].each { |dir| FileUtils.rm_r('spec/fixtures/' + dir) }
|
20
22
|
end
|
21
23
|
end
|
22
24
|
|
data/spec/puppet-check_spec.rb
CHANGED
@@ -14,6 +14,10 @@ describe PuppetCheck do
|
|
14
14
|
expect(PuppetCheck.settings[:smoke_check]).to eql(true)
|
15
15
|
PuppetCheck.settings[:regression_check] = true
|
16
16
|
expect(PuppetCheck.settings[:regression_check]).to eql(true)
|
17
|
+
PuppetCheck.settings[:public] = 'public.pem'
|
18
|
+
expect(PuppetCheck.settings[:public]).to eql('public.pem')
|
19
|
+
PuppetCheck.settings[:private] = 'private.pem'
|
20
|
+
expect(PuppetCheck.settings[:private]).to eql('private.pem')
|
17
21
|
PuppetCheck.settings[:output_format] = 'text'
|
18
22
|
expect(PuppetCheck.settings[:output_format]).to eql('text')
|
19
23
|
PuppetCheck.settings[:octoconfig] = '.octocatalog-diff.cfg.rb'
|
@@ -46,17 +50,17 @@ describe PuppetCheck do
|
|
46
50
|
|
47
51
|
it 'correctly parses one directory and returns all of its files' do
|
48
52
|
dir.each { |file| expect(File.file?(file)).to be true }
|
49
|
-
expect(dir.length).to eql(
|
53
|
+
expect(dir.length).to eql(34)
|
50
54
|
end
|
51
55
|
|
52
56
|
it 'correctly parses multiple directories and returns all of their files' do
|
53
57
|
multi_dir.each { |file| expect(File.file?(file)).to be true }
|
54
|
-
expect(multi_dir.length).to eql(
|
58
|
+
expect(multi_dir.length).to eql(16)
|
55
59
|
end
|
56
60
|
|
57
61
|
it 'correctly parses three directories (one repeated) and three files (one repeated from directories and another repeated from files) and returns the unique files' do
|
58
62
|
repeats.each { |file| expect(File.file?(file)).to be true }
|
59
|
-
expect(repeats.length).to eql(
|
63
|
+
expect(repeats.length).to eql(13)
|
60
64
|
end
|
61
65
|
end
|
62
66
|
|
data/spec/system/system_spec.rb
CHANGED
@@ -26,7 +26,7 @@ describe PuppetCheck do
|
|
26
26
|
expect(PuppetCheck.settings[:warning_files].length).to eql(9)
|
27
27
|
expect(PuppetCheck.settings[:clean_files].length).to eql(11)
|
28
28
|
end
|
29
|
-
expect(PuppetCheck.settings[:ignored_files].length).to eql(
|
29
|
+
expect(PuppetCheck.settings[:ignored_files].length).to eql(6)
|
30
30
|
|
31
31
|
expect(cli).to eql(2)
|
32
32
|
end
|
@@ -57,7 +57,7 @@ describe PuppetCheck do
|
|
57
57
|
expect(PuppetCheck.settings[:error_files].length).to eql(8)
|
58
58
|
expect(PuppetCheck.settings[:warning_files].length).to eql(9)
|
59
59
|
expect(PuppetCheck.settings[:clean_files].length).to eql(11)
|
60
|
-
expect(PuppetCheck.settings[:ignored_files].length).to eql(
|
60
|
+
expect(PuppetCheck.settings[:ignored_files].length).to eql(6)
|
61
61
|
end
|
62
62
|
end
|
63
63
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: puppet-check
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Schuchard
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-11-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: puppet
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3.4'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: '
|
22
|
+
version: '6'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3.4'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: '
|
32
|
+
version: '6'
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: rubocop
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -79,19 +79,19 @@ dependencies:
|
|
79
79
|
- !ruby/object:Gem::Version
|
80
80
|
version: '1.0'
|
81
81
|
- !ruby/object:Gem::Dependency
|
82
|
-
name:
|
82
|
+
name: octocatalog-diff
|
83
83
|
requirement: !ruby/object:Gem::Requirement
|
84
84
|
requirements:
|
85
85
|
- - "~>"
|
86
86
|
- !ruby/object:Gem::Version
|
87
|
-
version: '
|
87
|
+
version: '1.0'
|
88
88
|
type: :development
|
89
89
|
prerelease: false
|
90
90
|
version_requirements: !ruby/object:Gem::Requirement
|
91
91
|
requirements:
|
92
92
|
- - "~>"
|
93
93
|
- !ruby/object:Gem::Version
|
94
|
-
version: '
|
94
|
+
version: '1.0'
|
95
95
|
- !ruby/object:Gem::Dependency
|
96
96
|
name: rake
|
97
97
|
requirement: !ruby/object:Gem::Requirement
|
@@ -113,19 +113,19 @@ dependencies:
|
|
113
113
|
- !ruby/object:Gem::Version
|
114
114
|
version: '13'
|
115
115
|
- !ruby/object:Gem::Dependency
|
116
|
-
name:
|
116
|
+
name: rspec
|
117
117
|
requirement: !ruby/object:Gem::Requirement
|
118
118
|
requirements:
|
119
119
|
- - "~>"
|
120
120
|
- !ruby/object:Gem::Version
|
121
|
-
version: '
|
121
|
+
version: '3.0'
|
122
122
|
type: :development
|
123
123
|
prerelease: false
|
124
124
|
version_requirements: !ruby/object:Gem::Requirement
|
125
125
|
requirements:
|
126
126
|
- - "~>"
|
127
127
|
- !ruby/object:Gem::Version
|
128
|
-
version: '
|
128
|
+
version: '3.0'
|
129
129
|
description: Puppet Check is a gem that provides a comprehensive, streamlined, and
|
130
130
|
efficient analysis of the syntax, style, and validity of your entire Puppet code
|
131
131
|
and data.
|
@@ -150,11 +150,16 @@ files:
|
|
150
150
|
- lib/puppet-check/tasks.rb
|
151
151
|
- lib/puppet-check/utils.rb
|
152
152
|
- spec/fixtures/foobarbaz
|
153
|
+
- spec/fixtures/hieradata/good.eyaml
|
153
154
|
- spec/fixtures/hieradata/good.json
|
154
155
|
- spec/fixtures/hieradata/good.yaml
|
156
|
+
- spec/fixtures/hieradata/style.eyaml
|
155
157
|
- spec/fixtures/hieradata/style.yaml
|
158
|
+
- spec/fixtures/hieradata/syntax.eyaml
|
156
159
|
- spec/fixtures/hieradata/syntax.json
|
157
160
|
- spec/fixtures/hieradata/syntax.yaml
|
161
|
+
- spec/fixtures/keys/private_key.pkcs7.pem
|
162
|
+
- spec/fixtures/keys/public_key.pkcs7.pem
|
158
163
|
- spec/fixtures/lib/good.rb
|
159
164
|
- spec/fixtures/lib/rubocop_style.rb
|
160
165
|
- spec/fixtures/lib/style.rb
|
@@ -215,18 +220,23 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
215
220
|
version: '0'
|
216
221
|
requirements: []
|
217
222
|
rubyforge_project:
|
218
|
-
rubygems_version: 2.5.
|
223
|
+
rubygems_version: 2.5.2
|
219
224
|
signing_key:
|
220
225
|
specification_version: 4
|
221
226
|
summary: A streamlined comprehensive set of checks for your entire Puppet code and
|
222
227
|
data
|
223
228
|
test_files:
|
224
229
|
- spec/fixtures/foobarbaz
|
230
|
+
- spec/fixtures/hieradata/good.eyaml
|
225
231
|
- spec/fixtures/hieradata/good.json
|
226
232
|
- spec/fixtures/hieradata/good.yaml
|
233
|
+
- spec/fixtures/hieradata/style.eyaml
|
227
234
|
- spec/fixtures/hieradata/style.yaml
|
235
|
+
- spec/fixtures/hieradata/syntax.eyaml
|
228
236
|
- spec/fixtures/hieradata/syntax.json
|
229
237
|
- spec/fixtures/hieradata/syntax.yaml
|
238
|
+
- spec/fixtures/keys/private_key.pkcs7.pem
|
239
|
+
- spec/fixtures/keys/public_key.pkcs7.pem
|
230
240
|
- spec/fixtures/lib/good.rb
|
231
241
|
- spec/fixtures/lib/rubocop_style.rb
|
232
242
|
- spec/fixtures/lib/style.rb
|