serverspec-extra-types 0.4.6 → 0.4.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +0 -0
- data/.gitlab-ci.yml +0 -0
- data/.rspec +0 -0
- data/.rubocop.yml +0 -0
- data/.simplecov +0 -0
- data/.travis.yml +0 -0
- data/CODE_OF_CONDUCT.md +0 -0
- data/Gemfile +0 -0
- data/LICENSE.txt +0 -0
- data/README.md +70 -1
- data/Rakefile +0 -0
- data/lib/serverspec-extra-types.rb +0 -0
- data/lib/serverspec_extra_types.rb +0 -0
- data/lib/serverspec_extra_types/helpers/properties.rb +0 -0
- data/lib/serverspec_extra_types/matchers.rb +5 -1
- data/lib/serverspec_extra_types/matchers/apply_to.rb +0 -0
- data/lib/serverspec_extra_types/matchers/be_a_manager_node.rb +0 -0
- data/lib/serverspec_extra_types/matchers/be_a_worker_node.rb +0 -0
- data/lib/serverspec_extra_types/matchers/be_active.rb +0 -0
- data/lib/serverspec_extra_types/matchers/configure_queue.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_account.rb +68 -0
- data/lib/serverspec_extra_types/matchers/have_auth.rb +55 -0
- data/lib/serverspec_extra_types/matchers/have_count.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_domain_name.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_engine_version.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_environment_variable.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_ha_mode.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_ha_nodes.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_ha_sync_mode.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_host.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_hostname.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_image.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_image_sha.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_label.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_mount.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_network.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_password.rb +68 -0
- data/lib/serverspec_extra_types/matchers/have_placement_constraint.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_replica_count.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_restart_limit.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_restart_policy.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_session.rb +63 -0
- data/lib/serverspec_extra_types/matchers/have_user.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_version.rb +0 -0
- data/lib/serverspec_extra_types/matchers/have_vhost.rb +0 -0
- data/lib/serverspec_extra_types/matchers/http_1xx.rb +0 -0
- data/lib/serverspec_extra_types/matchers/http_2xx.rb +0 -0
- data/lib/serverspec_extra_types/matchers/http_3xx.rb +0 -0
- data/lib/serverspec_extra_types/matchers/http_4xx.rb +0 -0
- data/lib/serverspec_extra_types/matchers/http_5xx.rb +0 -0
- data/lib/serverspec_extra_types/matchers/include_regex.rb +0 -0
- data/lib/serverspec_extra_types/matchers/map_port.rb +0 -0
- data/lib/serverspec_extra_types/matchers/mirror_all.rb +0 -0
- data/lib/serverspec_extra_types/matchers/publish_all_ports.rb +0 -0
- data/lib/serverspec_extra_types/matchers/read_from_queue.rb +0 -0
- data/lib/serverspec_extra_types/matchers/url_matchers.rb +0 -0
- data/lib/serverspec_extra_types/matchers/write_to_queue.rb +0 -0
- data/lib/serverspec_extra_types/types.rb +1 -1
- data/lib/serverspec_extra_types/types/api_base.rb +2 -1
- data/lib/serverspec_extra_types/types/consul_base.rb +0 -0
- data/lib/serverspec_extra_types/types/consul_node.rb +0 -0
- data/lib/serverspec_extra_types/types/consul_node_list.rb +0 -0
- data/lib/serverspec_extra_types/types/consul_service.rb +0 -0
- data/lib/serverspec_extra_types/types/consul_service_list.rb +0 -0
- data/lib/serverspec_extra_types/types/curl.rb +0 -0
- data/lib/serverspec_extra_types/types/docker_config.rb +0 -0
- data/lib/serverspec_extra_types/types/docker_container.rb +0 -0
- data/lib/serverspec_extra_types/types/docker_network.rb +0 -0
- data/lib/serverspec_extra_types/types/docker_node.rb +0 -0
- data/lib/serverspec_extra_types/types/docker_secret.rb +0 -0
- data/lib/serverspec_extra_types/types/docker_service.rb +0 -0
- data/lib/serverspec_extra_types/types/rabbitmq_base.rb +0 -0
- data/lib/serverspec_extra_types/types/rabbitmq_node_list.rb +0 -0
- data/lib/serverspec_extra_types/types/rabbitmq_user_permission.rb +0 -0
- data/lib/serverspec_extra_types/types/rabbitmq_vhost_list.rb +0 -0
- data/lib/serverspec_extra_types/types/rabbitmq_vhost_policy.rb +0 -0
- data/lib/serverspec_extra_types/types/unix_pam.rb +165 -0
- data/lib/serverspec_extra_types/version.rb +1 -1
- data/properties.yml +5 -0
- data/serverspec-extra-types.gemspec +0 -0
- metadata +8 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 92b03be089f3c675024cfbf0f04fa03e305c89564ed9c852f521bae52e8b528f
|
4
|
+
data.tar.gz: ce70ffde396e4687d8985710ec339309564889d6b442dfcd528afd2f614d0dd1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c6a77ba14443b476225d9a1dc7506947c3f9fd4897e29de7a80f161262d198dfb500d59a00c1fd3a50aec51a11065a9bc7bf8fe9c4cf6e7f0bf8244fbda4d60
|
7
|
+
data.tar.gz: 14c40a38e6b0b641c05f5b6ff99d995d596e806af15378b4bc1db0d6351db717d59e4d6e5bf62823aa598422dae5f679f26500562f93191993de0dc3b0251a55
|
data/.gitignore
CHANGED
File without changes
|
data/.gitlab-ci.yml
CHANGED
File without changes
|
data/.rspec
CHANGED
File without changes
|
data/.rubocop.yml
CHANGED
File without changes
|
data/.simplecov
CHANGED
File without changes
|
data/.travis.yml
CHANGED
File without changes
|
data/CODE_OF_CONDUCT.md
CHANGED
File without changes
|
data/Gemfile
CHANGED
File without changes
|
data/LICENSE.txt
CHANGED
File without changes
|
data/README.md
CHANGED
@@ -983,7 +983,6 @@ describe nfs_export('/var/nfsroot') do
|
|
983
983
|
end
|
984
984
|
```
|
985
985
|
|
986
|
-
|
987
986
|
### rabbitmq_node_list <a name="rabbitmq_node_list" ></a>
|
988
987
|
<sub><sup>Please note: This type requires curl to be installed on the target host</sup></sub>
|
989
988
|
#### have_count
|
@@ -1149,6 +1148,76 @@ describe sudo_user('someuser') do
|
|
1149
1148
|
end
|
1150
1149
|
```
|
1151
1150
|
|
1151
|
+
### unix_pam(pamfile, dir='/etc/pam.d' ) <a name="unix_pam" ></a>
|
1152
|
+
Provides a type and matchers for checking UNIX plugable authenticaton modules (PAM)
|
1153
|
+
#### exist
|
1154
|
+
Checks that the pamfile exists in the given directory (default = /etc/pam.d)
|
1155
|
+
```ruby
|
1156
|
+
describe unix_pam('su') do
|
1157
|
+
it { should exist }
|
1158
|
+
end
|
1159
|
+
```
|
1160
|
+
|
1161
|
+
#### have_authentication(module)/have_auth(module)
|
1162
|
+
Checks that the pamfile has a 'auth' configuration item using the given module
|
1163
|
+
```ruby
|
1164
|
+
describe unix_pam('su') do
|
1165
|
+
it { should have_auth 'pam_rootok.so'}
|
1166
|
+
end
|
1167
|
+
```
|
1168
|
+
This match also support the following matcher chains:
|
1169
|
+
```ruby
|
1170
|
+
describe unix_pam('su') do
|
1171
|
+
## Control Flag Chain matchers
|
1172
|
+
# Check if module is a required module
|
1173
|
+
it { should have_auth('pam_rootok.so').required }
|
1174
|
+
# Check if module is a requisite module
|
1175
|
+
it { should have_auth('pam_rootok.so').requisite }
|
1176
|
+
# Check if module is a sufficient module
|
1177
|
+
it { should have_auth('pam_rootok.so').sufficient }
|
1178
|
+
# Check if module is a optional module
|
1179
|
+
it { should have_auth('pam_rootok.so').optional }
|
1180
|
+
#Check for a particular control flag (with_control and with_flag are provided as aliases)
|
1181
|
+
it { should have_auth('pam_unix.so').with_control_flag('[success=1 default=ignore]') }
|
1182
|
+
|
1183
|
+
## Argument chain matchers
|
1184
|
+
#Single arg
|
1185
|
+
it { should have_auth('pam_unix.so').with_arg('nullok_secure') }
|
1186
|
+
it { should have_auth('pam_unix.so').with_argument('nullok_secure') }
|
1187
|
+
#Multiple args
|
1188
|
+
it { should have_auth('pam_wheel.so').with_args(['deny', 'group=nosu']) }
|
1189
|
+
it { should have_auth('pam_wheel.so').with_arguments(['deny', 'group=nosu']) }
|
1190
|
+
end
|
1191
|
+
```
|
1192
|
+
|
1193
|
+
#### have_session(module)
|
1194
|
+
Checks that the pamfile has a 'session' configuration item using the given module
|
1195
|
+
```ruby
|
1196
|
+
describe unix_pam('su') do
|
1197
|
+
it { should have_session 'pam_env.so'}
|
1198
|
+
end
|
1199
|
+
```
|
1200
|
+
This matcher supports all the chains of the have_auth matcher (see above)
|
1201
|
+
|
1202
|
+
#### have_account(module)
|
1203
|
+
Checks that the pamfile has a 'account' configuration item using the given module
|
1204
|
+
```ruby
|
1205
|
+
describe unix_pam('common-account') do
|
1206
|
+
it { should have_account 'pam_deny.so'}
|
1207
|
+
end
|
1208
|
+
```
|
1209
|
+
This matcher supports all the chains of the have_auth matcher (see above)
|
1210
|
+
|
1211
|
+
#### have_password(module)
|
1212
|
+
Checks that the pamfile has a 'account' configuration item using the given module
|
1213
|
+
```ruby
|
1214
|
+
describe unix_pam('common-password') do
|
1215
|
+
it { should have_password 'pam_deny.so'}
|
1216
|
+
end
|
1217
|
+
```
|
1218
|
+
This matcher supports all the chains of the have_auth matcher (see above)
|
1219
|
+
|
1220
|
+
|
1152
1221
|
|
1153
1222
|
## Development
|
1154
1223
|
|
data/Rakefile
CHANGED
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -43,4 +43,8 @@ require 'serverspec_extra_types/matchers/allowed_to_run_command'
|
|
43
43
|
require 'serverspec_extra_types/matchers/allowed_to_run_anything'
|
44
44
|
|
45
45
|
|
46
|
-
require 'serverspec_extra_types/matchers/have_version'
|
46
|
+
require 'serverspec_extra_types/matchers/have_version'
|
47
|
+
require 'serverspec_extra_types/matchers/have_auth'
|
48
|
+
require 'serverspec_extra_types/matchers/have_session'
|
49
|
+
require 'serverspec_extra_types/matchers/have_password'
|
50
|
+
require 'serverspec_extra_types/matchers/have_account'
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,68 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
|
3
|
+
RSpec::Matchers.define :have_account do |auth|
|
4
|
+
match do |actual|
|
5
|
+
if actual.is_a? Serverspec::Type::UnixPam
|
6
|
+
actual.has_account? auth, @flag, @args
|
7
|
+
else
|
8
|
+
actual.has_account? auth
|
9
|
+
end
|
10
|
+
end
|
11
|
+
description do |actual|
|
12
|
+
|
13
|
+
msg = "have account '#{auth}'"
|
14
|
+
msg << %( with control flag '#{@flag}') if @flag
|
15
|
+
msg << %( with argument '#{@args}') if @args && !@args.is_a?(Array)
|
16
|
+
msg << %( with arguments '#{@args}') if @args && @args.is_a?(Array)
|
17
|
+
msg
|
18
|
+
end
|
19
|
+
failure_message do |actual|
|
20
|
+
"expected accounts to include #{auth} was #{actual.sessions}"
|
21
|
+
end
|
22
|
+
|
23
|
+
chain :with_control do |flag|
|
24
|
+
@flag = flag
|
25
|
+
end
|
26
|
+
|
27
|
+
chain :with_flag do |flag|
|
28
|
+
@flag = flag
|
29
|
+
end
|
30
|
+
|
31
|
+
chain :with_control_flag do |flag|
|
32
|
+
@flag = flag
|
33
|
+
end
|
34
|
+
|
35
|
+
chain :required do
|
36
|
+
@flag = 'required'
|
37
|
+
end
|
38
|
+
|
39
|
+
chain :requisite do
|
40
|
+
@flag = 'requisite'
|
41
|
+
end
|
42
|
+
|
43
|
+
chain :sufficient do
|
44
|
+
@flag = 'sufficient'
|
45
|
+
end
|
46
|
+
|
47
|
+
chain :optional do
|
48
|
+
@flag = 'optional'
|
49
|
+
end
|
50
|
+
|
51
|
+
chain :with_arg do |arg|
|
52
|
+
@args = arg
|
53
|
+
end
|
54
|
+
|
55
|
+
chain :with_argument do |arg|
|
56
|
+
@args = arg
|
57
|
+
end
|
58
|
+
|
59
|
+
chain :with_args do |arg|
|
60
|
+
@args = arg
|
61
|
+
end
|
62
|
+
|
63
|
+
chain :with_arguments do |arg|
|
64
|
+
@args = arg
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
|
@@ -0,0 +1,55 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
|
3
|
+
RSpec::Matchers.define :have_auth do |auth|
|
4
|
+
match do |actual|
|
5
|
+
actual.has_auth? auth, @flag
|
6
|
+
end
|
7
|
+
description do
|
8
|
+
msg = "have authentication '#{auth}'"
|
9
|
+
msg << %( with control flag '#{@flag}') if @flag
|
10
|
+
msg << %( with argument '#{@args}') if @args && !@args.is_a?(Array)
|
11
|
+
msg << %( with arguments '#{@args}') if @args && @args.is_a?(Array)
|
12
|
+
msg
|
13
|
+
end
|
14
|
+
failure_message do |actual|
|
15
|
+
"expected auths to include #{auth} was #{actual.auths}"
|
16
|
+
end
|
17
|
+
|
18
|
+
chain :with_control do |flag|
|
19
|
+
@flag = flag
|
20
|
+
end
|
21
|
+
|
22
|
+
chain :with_flag do |flag|
|
23
|
+
@flag = flag
|
24
|
+
end
|
25
|
+
|
26
|
+
chain :with_control_flag do |flag|
|
27
|
+
@flag = flag
|
28
|
+
end
|
29
|
+
|
30
|
+
chain :required do
|
31
|
+
@flag = 'required'
|
32
|
+
end
|
33
|
+
|
34
|
+
chain :requisite do
|
35
|
+
@flag = 'requisite'
|
36
|
+
end
|
37
|
+
|
38
|
+
chain :sufficient do
|
39
|
+
@flag = 'sufficient'
|
40
|
+
end
|
41
|
+
|
42
|
+
chain :optional do
|
43
|
+
@flag = 'optional'
|
44
|
+
end
|
45
|
+
|
46
|
+
chain :with_arg do |arg|
|
47
|
+
@args = arg
|
48
|
+
end
|
49
|
+
|
50
|
+
chain :with_argument do |arg|
|
51
|
+
@args = arg
|
52
|
+
end
|
53
|
+
end
|
54
|
+
|
55
|
+
RSpec::Matchers.alias_matcher :have_authentication, :have_auth
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,68 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
|
3
|
+
RSpec::Matchers.define :have_password do |auth|
|
4
|
+
match do |actual|
|
5
|
+
if actual.is_a? Serverspec::Type::UnixPam
|
6
|
+
actual.has_password? auth, @flag, @args
|
7
|
+
else
|
8
|
+
actual.has_password? auth
|
9
|
+
end
|
10
|
+
end
|
11
|
+
description do |actual|
|
12
|
+
|
13
|
+
msg = "have password '#{auth}'"
|
14
|
+
msg << %( with control flag '#{@flag}') if @flag
|
15
|
+
msg << %( with argument '#{@args}') if @args && !@args.is_a?(Array)
|
16
|
+
msg << %( with arguments '#{@args}') if @args && @args.is_a?(Array)
|
17
|
+
msg
|
18
|
+
end
|
19
|
+
failure_message do |actual|
|
20
|
+
"expected passwords to include #{auth} was #{actual.sessions}"
|
21
|
+
end
|
22
|
+
|
23
|
+
chain :with_control do |flag|
|
24
|
+
@flag = flag
|
25
|
+
end
|
26
|
+
|
27
|
+
chain :with_flag do |flag|
|
28
|
+
@flag = flag
|
29
|
+
end
|
30
|
+
|
31
|
+
chain :with_control_flag do |flag|
|
32
|
+
@flag = flag
|
33
|
+
end
|
34
|
+
|
35
|
+
chain :required do
|
36
|
+
@flag = 'required'
|
37
|
+
end
|
38
|
+
|
39
|
+
chain :requisite do
|
40
|
+
@flag = 'requisite'
|
41
|
+
end
|
42
|
+
|
43
|
+
chain :sufficient do
|
44
|
+
@flag = 'sufficient'
|
45
|
+
end
|
46
|
+
|
47
|
+
chain :optional do
|
48
|
+
@flag = 'optional'
|
49
|
+
end
|
50
|
+
|
51
|
+
chain :with_arg do |arg|
|
52
|
+
@args = arg
|
53
|
+
end
|
54
|
+
|
55
|
+
chain :with_argument do |arg|
|
56
|
+
@args = arg
|
57
|
+
end
|
58
|
+
|
59
|
+
chain :with_args do |arg|
|
60
|
+
@args = arg
|
61
|
+
end
|
62
|
+
|
63
|
+
chain :with_arguments do |arg|
|
64
|
+
@args = arg
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,63 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
|
3
|
+
RSpec::Matchers.define :have_session do |auth|
|
4
|
+
match do |actual|
|
5
|
+
actual.has_session? auth, @flag, @args
|
6
|
+
end
|
7
|
+
description do
|
8
|
+
msg = "have session '#{auth}'"
|
9
|
+
msg << %( with control flag '#{@flag}') if @flag
|
10
|
+
msg << %( with argument '#{@args}') if @args && !@args.is_a?(Array)
|
11
|
+
msg << %( with arguments '#{@args}') if @args && @args.is_a?(Array)
|
12
|
+
msg
|
13
|
+
end
|
14
|
+
failure_message do |actual|
|
15
|
+
"expected sessions to include #{auth} was #{actual.sessions}"
|
16
|
+
end
|
17
|
+
|
18
|
+
chain :with_control do |flag|
|
19
|
+
@flag = flag
|
20
|
+
end
|
21
|
+
|
22
|
+
chain :with_flag do |flag|
|
23
|
+
@flag = flag
|
24
|
+
end
|
25
|
+
|
26
|
+
chain :with_control_flag do |flag|
|
27
|
+
@flag = flag
|
28
|
+
end
|
29
|
+
|
30
|
+
chain :required do
|
31
|
+
@flag = 'required'
|
32
|
+
end
|
33
|
+
|
34
|
+
chain :requisite do
|
35
|
+
@flag = 'requisite'
|
36
|
+
end
|
37
|
+
|
38
|
+
chain :sufficient do
|
39
|
+
@flag = 'sufficient'
|
40
|
+
end
|
41
|
+
|
42
|
+
chain :optional do
|
43
|
+
@flag = 'optional'
|
44
|
+
end
|
45
|
+
|
46
|
+
chain :with_arg do |arg|
|
47
|
+
@args = arg
|
48
|
+
end
|
49
|
+
|
50
|
+
chain :with_argument do |arg|
|
51
|
+
@args = arg
|
52
|
+
end
|
53
|
+
|
54
|
+
chain :with_args do |arg|
|
55
|
+
@args = arg
|
56
|
+
end
|
57
|
+
|
58
|
+
chain :with_arguments do |arg|
|
59
|
+
@args = arg
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -9,7 +9,7 @@ module Serverspec
|
|
9
9
|
types = %w[docker_service docker_node rabbitmq_vhost_policy rabbitmq_node_list rabbitmq_vhost_list
|
10
10
|
rabbitmq_user_permission consul_service consul_service_list consul_node consul_node_list
|
11
11
|
curl nfs_export jenkins_credential jenkins_job jenkins_plugin sudo_user docker_network
|
12
|
-
docker_config docker_secret]
|
12
|
+
docker_config docker_secret unix_pam]
|
13
13
|
|
14
14
|
types.each do |type|
|
15
15
|
require "serverspec_extra_types/types/#{type}"
|
@@ -11,6 +11,7 @@ module Serverspec::Type
|
|
11
11
|
super(name, options)
|
12
12
|
@insecure = options[:insecure]
|
13
13
|
@redirects = options[:follow_redirects]
|
14
|
+
@host = options[:host]
|
14
15
|
end
|
15
16
|
|
16
17
|
def [](key)
|
@@ -37,7 +38,7 @@ module Serverspec::Type
|
|
37
38
|
end
|
38
39
|
|
39
40
|
def curl_command
|
40
|
-
"curl #{extra_args} -s #{url} #{@insecure ? '-k' : ''} #{@redirects ? '-L' : ''}"
|
41
|
+
"curl #{extra_args} #{@host ? '--header "Host: '+@host+'"' : '' } -s #{url} #{@insecure ? '-k' : ''} #{@redirects ? '-L' : ''}"
|
41
42
|
end
|
42
43
|
|
43
44
|
# rubocop:disable Naming/AccessorMethodName
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,165 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
|
3
|
+
require 'serverspec'
|
4
|
+
require 'serverspec/type/base'
|
5
|
+
require 'serverspec_extra_types/helpers/properties'
|
6
|
+
|
7
|
+
module Serverspec::Type
|
8
|
+
class UnixPam < Base
|
9
|
+
def initialize(name = nil, dir = '/etc/pam.d', options = {})
|
10
|
+
super(name, options)
|
11
|
+
@name = name
|
12
|
+
@dir = dir
|
13
|
+
end
|
14
|
+
|
15
|
+
def exists?
|
16
|
+
get_inspection.success?
|
17
|
+
end
|
18
|
+
|
19
|
+
def auths
|
20
|
+
inspection['auth']
|
21
|
+
end
|
22
|
+
|
23
|
+
def auth(auth)
|
24
|
+
auths[auth]
|
25
|
+
end
|
26
|
+
|
27
|
+
def sessions
|
28
|
+
inspection['session']
|
29
|
+
end
|
30
|
+
|
31
|
+
def session(ses)
|
32
|
+
sessions[ses]
|
33
|
+
end
|
34
|
+
|
35
|
+
def accounts
|
36
|
+
inspection['account']
|
37
|
+
end
|
38
|
+
|
39
|
+
def account(acc)
|
40
|
+
accounts[acc]
|
41
|
+
end
|
42
|
+
|
43
|
+
def passwords
|
44
|
+
inspection['password']
|
45
|
+
end
|
46
|
+
|
47
|
+
def password(passwd)
|
48
|
+
passwords[passwd]
|
49
|
+
end
|
50
|
+
|
51
|
+
def includes
|
52
|
+
inspection['include']
|
53
|
+
end
|
54
|
+
|
55
|
+
def include(inc)
|
56
|
+
includes.include? inc
|
57
|
+
end
|
58
|
+
|
59
|
+
def include?(inc)
|
60
|
+
!self.include(inc).nil?
|
61
|
+
end
|
62
|
+
|
63
|
+
def has_include?(inc)
|
64
|
+
include? inc
|
65
|
+
end
|
66
|
+
|
67
|
+
def has_account?(account, control = nil, args = nil)
|
68
|
+
acc = self.account(account)
|
69
|
+
check(acc, control, args)
|
70
|
+
end
|
71
|
+
|
72
|
+
def has_auth?(auth, control = nil, args = nil)
|
73
|
+
ath = self.auth(auth)
|
74
|
+
check(ath, control, args)
|
75
|
+
end
|
76
|
+
|
77
|
+
def has_session?(session, control = nil, args = nil)
|
78
|
+
ses = self.session(session)
|
79
|
+
check(ses, control, args)
|
80
|
+
end
|
81
|
+
|
82
|
+
def has_password?(password, control = nil, args = nil)
|
83
|
+
psw = self.password(password)
|
84
|
+
check(psw, control, args)
|
85
|
+
end
|
86
|
+
|
87
|
+
|
88
|
+
|
89
|
+
def host(host_id)
|
90
|
+
hosts[host_id]
|
91
|
+
end
|
92
|
+
|
93
|
+
def inspection
|
94
|
+
unless @inspection
|
95
|
+
config = {}
|
96
|
+
get_inspection.stdout.each_line do |line|
|
97
|
+
if line.start_with?(/[a-z]/)
|
98
|
+
parts = %r{^([a-z]+)(?:\s+)([a-z]+|\[[a-z0-9= _]*\])(?:\s+)([a-z_\.]+)(?:\s?)(.*)}.match line
|
99
|
+
next unless parts
|
100
|
+
config[parts[1]] = {} unless config[parts[1]]
|
101
|
+
if config.dig(parts[1],parts[3])
|
102
|
+
data = {'flag' => parts[2] }
|
103
|
+
data['args'] = parts[4].split unless [nil, '' ].include?(parts[4])
|
104
|
+
config[parts[1]][parts[3]] << data
|
105
|
+
else
|
106
|
+
config[parts[1]][parts[3]] = []
|
107
|
+
data = {'flag' => parts[2] }
|
108
|
+
data['args'] = parts[4].split unless [nil, '' ].include?(parts[4])
|
109
|
+
config[parts[1]][parts[3]] << data
|
110
|
+
end
|
111
|
+
elsif line.start_with? '@inc'
|
112
|
+
parts = %r{^@[a-z]+(?:\s+)([a-z\-]+|\[[a-z0-9_=\-]*\])}.match line
|
113
|
+
next unless parts
|
114
|
+
config['include'] = [] unless config['include']
|
115
|
+
config['include'] << parts[1]
|
116
|
+
end
|
117
|
+
end
|
118
|
+
@inspection = config
|
119
|
+
end
|
120
|
+
@inspection
|
121
|
+
end
|
122
|
+
|
123
|
+
# rubocop:disable Naming/AccessorMethodName
|
124
|
+
def get_inspection
|
125
|
+
command = "cat #{@dir}/#{@name}"
|
126
|
+
@get_inspection ||= @runner.run_command(command)
|
127
|
+
end
|
128
|
+
# rubocop:enable Naming/AccessorMethodName
|
129
|
+
|
130
|
+
private
|
131
|
+
|
132
|
+
def check(mod, control = nil, args = nil )
|
133
|
+
if args && control
|
134
|
+
check_args(args, mod) && check_flags(control, mod)
|
135
|
+
elsif args
|
136
|
+
check_args(args, mod)
|
137
|
+
elsif control
|
138
|
+
check_flags(control, mod)
|
139
|
+
else
|
140
|
+
!mod.nil?
|
141
|
+
end
|
142
|
+
end
|
143
|
+
|
144
|
+
def check_flags(control, mod)
|
145
|
+
mod.find {|a| a['flag'] == control}
|
146
|
+
end
|
147
|
+
|
148
|
+
def check_args(args, mod)
|
149
|
+
if args.is_a? Array
|
150
|
+
mod.find {|a| (a['args'] - args).empty?}
|
151
|
+
else
|
152
|
+
mod.find {|a| a['args'].include? args}
|
153
|
+
end
|
154
|
+
end
|
155
|
+
|
156
|
+
def check_options(host_id, opts)
|
157
|
+
options = opts.include?(',') ? opts.spilt(',') : opts
|
158
|
+
if options.is_a? Array
|
159
|
+
host(host_id).split(',').include?(options)
|
160
|
+
else
|
161
|
+
host(host_id).include?(options)
|
162
|
+
end
|
163
|
+
end
|
164
|
+
end
|
165
|
+
end
|
data/properties.yml
CHANGED
@@ -68,6 +68,11 @@ targets:
|
|
68
68
|
docker_build_dir: spec/resources/dockerfiles/nfs
|
69
69
|
spec_type: nfs_export
|
70
70
|
|
71
|
+
pam:
|
72
|
+
backend: docker
|
73
|
+
docker_build_dir: spec/resources/dockerfiles/nfs
|
74
|
+
spec_type: pam
|
75
|
+
|
71
76
|
jenkins_plugin:
|
72
77
|
backend: exec
|
73
78
|
spec_type: jenkins_plugin
|
File without changes
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: serverspec-extra-types
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Wardrobe
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-03-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -198,6 +198,8 @@ files:
|
|
198
198
|
- lib/serverspec_extra_types/matchers/be_a_worker_node.rb
|
199
199
|
- lib/serverspec_extra_types/matchers/be_active.rb
|
200
200
|
- lib/serverspec_extra_types/matchers/configure_queue.rb
|
201
|
+
- lib/serverspec_extra_types/matchers/have_account.rb
|
202
|
+
- lib/serverspec_extra_types/matchers/have_auth.rb
|
201
203
|
- lib/serverspec_extra_types/matchers/have_count.rb
|
202
204
|
- lib/serverspec_extra_types/matchers/have_domain_name.rb
|
203
205
|
- lib/serverspec_extra_types/matchers/have_engine_version.rb
|
@@ -212,10 +214,12 @@ files:
|
|
212
214
|
- lib/serverspec_extra_types/matchers/have_label.rb
|
213
215
|
- lib/serverspec_extra_types/matchers/have_mount.rb
|
214
216
|
- lib/serverspec_extra_types/matchers/have_network.rb
|
217
|
+
- lib/serverspec_extra_types/matchers/have_password.rb
|
215
218
|
- lib/serverspec_extra_types/matchers/have_placement_constraint.rb
|
216
219
|
- lib/serverspec_extra_types/matchers/have_replica_count.rb
|
217
220
|
- lib/serverspec_extra_types/matchers/have_restart_limit.rb
|
218
221
|
- lib/serverspec_extra_types/matchers/have_restart_policy.rb
|
222
|
+
- lib/serverspec_extra_types/matchers/have_session.rb
|
219
223
|
- lib/serverspec_extra_types/matchers/have_user.rb
|
220
224
|
- lib/serverspec_extra_types/matchers/have_version.rb
|
221
225
|
- lib/serverspec_extra_types/matchers/have_vhost.rb
|
@@ -256,6 +260,7 @@ files:
|
|
256
260
|
- lib/serverspec_extra_types/types/rabbitmq_vhost_list.rb
|
257
261
|
- lib/serverspec_extra_types/types/rabbitmq_vhost_policy.rb
|
258
262
|
- lib/serverspec_extra_types/types/sudo_user.rb
|
263
|
+
- lib/serverspec_extra_types/types/unix_pam.rb
|
259
264
|
- lib/serverspec_extra_types/version.rb
|
260
265
|
- properties.yml
|
261
266
|
- serverspec-extra-types.gemspec
|
@@ -279,7 +284,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
279
284
|
version: '0'
|
280
285
|
requirements: []
|
281
286
|
rubyforge_project:
|
282
|
-
rubygems_version: 2.7.
|
287
|
+
rubygems_version: 2.7.3
|
283
288
|
signing_key:
|
284
289
|
specification_version: 4
|
285
290
|
summary: Additional Types and Matchers for Serverspec
|