serverspec 0.0.19 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +2 -40
- data/lib/serverspec/commands/base.rb +11 -1
- data/lib/serverspec/matchers/have_iptables_rule.rb +12 -0
- data/lib/serverspec/matchers.rb +1 -0
- data/lib/serverspec/setup.rb +1 -1
- data/lib/serverspec/version.rb +1 -1
- data/serverspec.gemspec +3 -3
- data/spec/debian/commands_spec.rb +79 -0
- data/spec/debian/matchers_spec.rb +24 -0
- data/spec/gentoo/commands_spec.rb +79 -0
- data/spec/gentoo/matchers_spec.rb +22 -0
- data/spec/redhat/commands_spec.rb +72 -0
- data/spec/redhat/matchers_spec.rb +5 -0
- data/spec/solaris/commads_spec.rb +71 -0
- data/spec/solaris/matchers_spec.rb +19 -0
- data/spec/spec_helper.rb +6 -2
- data/spec/support/shared_matcher_examples.rb +31 -1
- metadata +13 -5
data/README.md
CHANGED
@@ -26,7 +26,7 @@ Or install it yourself as:
|
|
26
26
|
$ serverspec-init
|
27
27
|
Input target host name: www.example.jp
|
28
28
|
|
29
|
-
Select OS
|
29
|
+
Select OS type of target host:
|
30
30
|
|
31
31
|
1) Red Hat
|
32
32
|
2) Debian
|
@@ -158,45 +158,7 @@ describe '/etc/httpd/conf/httpd.conf', :os => :debian do
|
|
158
158
|
end
|
159
159
|
```
|
160
160
|
|
161
|
-
|
162
|
-
|
163
|
-
```ruby
|
164
|
-
require 'spec_helper'
|
165
|
-
|
166
|
-
describe 'www.example.jp', :os => :debian do
|
167
|
-
it do
|
168
|
-
'httpd'.should be_installed
|
169
|
-
end
|
170
|
-
|
171
|
-
it do
|
172
|
-
'httpd'.should be_enabled
|
173
|
-
end
|
174
|
-
|
175
|
-
it do
|
176
|
-
'httpd'.should be_running
|
177
|
-
end
|
178
|
-
|
179
|
-
it do
|
180
|
-
'port 80'.should be_listening
|
181
|
-
end
|
182
|
-
|
183
|
-
conf = '/etc/httpd/conf/httpd.conf'
|
184
|
-
|
185
|
-
it do
|
186
|
-
conf.should be_file
|
187
|
-
end
|
188
|
-
|
189
|
-
it do
|
190
|
-
conf.should contain "ServerName www.example.jp"
|
191
|
-
end
|
192
|
-
end
|
193
|
-
```
|
194
|
-
|
195
|
-
Or modify spec/spec_helper.rb generated by serverspec-init command like this
|
196
|
-
|
197
|
-
|
198
|
-
Choose any style you like.
|
199
|
-
|
161
|
+
See details on [serverspec.org](http://serverspec.org)
|
200
162
|
|
201
163
|
----
|
202
164
|
|
@@ -40,7 +40,7 @@ module Serverspec
|
|
40
40
|
end
|
41
41
|
|
42
42
|
def check_file_contain file, expected_pattern
|
43
|
-
"grep -q '#{expected_pattern}' #{file}
|
43
|
+
"grep -q '#{expected_pattern}' #{file}"
|
44
44
|
end
|
45
45
|
|
46
46
|
def check_mode file, mode
|
@@ -71,6 +71,16 @@ module Serverspec
|
|
71
71
|
def check_belonging_group user, group
|
72
72
|
"id #{user} | awk '{print $2}' | grep #{group}"
|
73
73
|
end
|
74
|
+
|
75
|
+
def check_iptables_rule rule, table=nil, chain=nil
|
76
|
+
cmd = "iptables"
|
77
|
+
cmd += " -t #{table}" if table
|
78
|
+
cmd += " -S"
|
79
|
+
cmd += " #{chain}" if chain
|
80
|
+
rule.gsub!(/\-/, '\\-')
|
81
|
+
cmd += " | grep '#{rule}'"
|
82
|
+
cmd
|
83
|
+
end
|
74
84
|
end
|
75
85
|
end
|
76
86
|
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
RSpec::Matchers.define :have_iptables_rule do |rule|
|
2
|
+
match do |iptables|
|
3
|
+
ret = ssh_exec(commands.check_iptables_rule(rule, @table, @chain))
|
4
|
+
ret[:exit_code] == 0
|
5
|
+
end
|
6
|
+
chain :with_table do |table|
|
7
|
+
@table = table
|
8
|
+
end
|
9
|
+
chain :with_chain do |chain|
|
10
|
+
@chain = chain
|
11
|
+
end
|
12
|
+
end
|
data/lib/serverspec/matchers.rb
CHANGED
data/lib/serverspec/setup.rb
CHANGED
data/lib/serverspec/version.rb
CHANGED
data/serverspec.gemspec
CHANGED
@@ -8,9 +8,9 @@ Gem::Specification.new do |spec|
|
|
8
8
|
spec.version = Serverspec::VERSION
|
9
9
|
spec.authors = ["Gosuke Miyashita"]
|
10
10
|
spec.email = ["gosukenator@gmail.com"]
|
11
|
-
spec.description = %q{RSpec tests for your provisioned
|
12
|
-
spec.summary = %q{RSpec tests for your provisioned
|
13
|
-
spec.homepage = "
|
11
|
+
spec.description = %q{RSpec tests for your servers provisioned by Puppet, Chef or anything else}
|
12
|
+
spec.summary = %q{RSpec tests for your servers provisioned by Puppet, Chef or anything else}
|
13
|
+
spec.homepage = "http://serverspec.org/"
|
14
14
|
spec.license = "MIT"
|
15
15
|
|
16
16
|
spec.files = `git ls-files`.split($/)
|
@@ -0,0 +1,79 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
include Serverspec::DebianHelper
|
4
|
+
|
5
|
+
describe commands.check_enabled('httpd') do
|
6
|
+
it { should eq 'ls /etc/rc3.d/ | grep httpd' }
|
7
|
+
end
|
8
|
+
|
9
|
+
describe commands.check_file('/etc/passwd') do
|
10
|
+
it { should eq 'test -f /etc/passwd' }
|
11
|
+
end
|
12
|
+
|
13
|
+
describe commands.check_directory('/var/log') do
|
14
|
+
it { should eq 'test -d /var/log' }
|
15
|
+
end
|
16
|
+
|
17
|
+
describe commands.check_user('root') do
|
18
|
+
it { should eq 'id root' }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe commands.check_group('wheel') do
|
22
|
+
it { should eq 'getent group | grep -wq wheel' }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe commands.check_installed('httpd') do
|
26
|
+
it { should eq 'dpkg -s httpd' }
|
27
|
+
end
|
28
|
+
|
29
|
+
describe commands.check_listening(80) do
|
30
|
+
it { should eq "netstat -tunl | grep ':80 '" }
|
31
|
+
end
|
32
|
+
|
33
|
+
describe commands.check_running('httpd') do
|
34
|
+
it { should eq 'service httpd status' }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe commands.check_process('httpd') do
|
38
|
+
it { should eq 'ps -e | grep -qw httpd' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe commands.check_file_contain('/etc/passwd', 'root') do
|
42
|
+
it { should eq "grep -q 'root' /etc/passwd" }
|
43
|
+
end
|
44
|
+
|
45
|
+
describe commands.check_mode('/etc/sudoers', 440) do
|
46
|
+
it { should eq 'stat -c %a /etc/sudoers | grep 440' }
|
47
|
+
end
|
48
|
+
|
49
|
+
describe commands.check_owner('/etc/passwd', 'root') do
|
50
|
+
it { should eq 'stat -c %U /etc/passwd | grep root' }
|
51
|
+
end
|
52
|
+
|
53
|
+
describe commands.check_grouped('/etc/passwd', 'wheel') do
|
54
|
+
it { should eq 'stat -c %G /etc/passwd | grep wheel' }
|
55
|
+
end
|
56
|
+
|
57
|
+
describe commands.check_cron_entry('root', '* * * * * /usr/local/bin/batch.sh') do
|
58
|
+
it { should eq 'crontab -u root -l | grep "\* \* \* \* \* /usr/local/bin/batch.sh"' }
|
59
|
+
end
|
60
|
+
|
61
|
+
describe commands.check_link('/etc/system-release', '/etc/redhat-release') do
|
62
|
+
it { should eq 'stat -c %N /etc/system-release | grep /etc/redhat-release' }
|
63
|
+
end
|
64
|
+
|
65
|
+
describe commands.check_installed_by_gem('jekyll') do
|
66
|
+
it { should eq 'gem list --local | grep jekyll' }
|
67
|
+
end
|
68
|
+
|
69
|
+
describe commands.check_belonging_group('root', 'wheel') do
|
70
|
+
it { should eq "id root | awk '{print $2}' | grep wheel" }
|
71
|
+
end
|
72
|
+
|
73
|
+
describe commands.check_iptables_rule('-P INPUT ACCEPT') do
|
74
|
+
it { should eq "iptables -S | grep '\\-P INPUT ACCEPT'" }
|
75
|
+
end
|
76
|
+
|
77
|
+
describe commands.check_iptables_rule('-P INPUT ACCEPT', 'mangle', 'INPUT') do
|
78
|
+
it { should eq "iptables -t mangle -S INPUT | grep '\\-P INPUT ACCEPT'" }
|
79
|
+
end
|
@@ -7,4 +7,28 @@ describe 'Serverspec matchers of Debian family', :os => :debian do
|
|
7
7
|
it_behaves_like 'support be_listening matcher', 22
|
8
8
|
it_behaves_like 'support be_file matcher', '/etc/ssh/sshd_config'
|
9
9
|
it_behaves_like 'support contain matcher', '/etc/ssh/sshd_config', 'See the sshd_config(5) manpage'
|
10
|
+
it_behaves_like 'support be_user matcher', 'root'
|
11
|
+
it_behaves_like 'support be_group matcher', 'wheel'
|
12
|
+
|
13
|
+
# Test for case of not registered in the service, but running as process.
|
14
|
+
it_behaves_like 'support be_running matcher', 'udevd'
|
15
|
+
|
16
|
+
it_behaves_like 'support be_mode matcher', '/etc/passwd', 644
|
17
|
+
|
18
|
+
it_behaves_like 'support be_owned_by matcher', '/etc/passwd', 'root'
|
19
|
+
it_behaves_like 'support be_grouped_into matcher', '/etc/passwd', 'root'
|
20
|
+
|
21
|
+
it_behaves_like 'support have_cron_entry matcher', 'cron', '* * * * * /usr/bin/foo'
|
22
|
+
it_behaves_like 'support have_cron_entry.with_user matcher', 'cron', '* * * * * /usr/bin/foo', 'root'
|
23
|
+
|
24
|
+
it_behaves_like 'support be_linked_to matcher', '/etc/pam.d/system-auth', '/etc/pam.d/system-auth-ac'
|
25
|
+
|
26
|
+
it_behaves_like 'support be_installed_by_gem matcher', 'jekyll'
|
27
|
+
it_behaves_like 'support be_installed_by_gem.with_version matcher', 'jekyll', '1.0.0'
|
28
|
+
|
29
|
+
it_behaves_like 'support belong_to_group matcher', 'root', 'root'
|
30
|
+
|
31
|
+
it_behaves_like 'support have_iptables_rule matcher', '-P INPUT ACCEPT'
|
32
|
+
it_behaves_like 'support have_iptables_rule.with_table.with_chain matcher', '-P INPUT ACCEPT', 'mangle', 'INPUT'
|
33
|
+
|
10
34
|
end
|
@@ -0,0 +1,79 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
include Serverspec::GentooHelper
|
4
|
+
|
5
|
+
describe commands.check_enabled('httpd') do
|
6
|
+
it { should eq "/sbin/rc-update show | grep '^\\s*httpd\\s*|\\s*\\(boot\\|default\\)'" }
|
7
|
+
end
|
8
|
+
|
9
|
+
describe commands.check_file('/etc/passwd') do
|
10
|
+
it { should eq 'test -f /etc/passwd' }
|
11
|
+
end
|
12
|
+
|
13
|
+
describe commands.check_directory('/var/log') do
|
14
|
+
it { should eq 'test -d /var/log' }
|
15
|
+
end
|
16
|
+
|
17
|
+
describe commands.check_user('root') do
|
18
|
+
it { should eq 'id root' }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe commands.check_group('wheel') do
|
22
|
+
it { should eq 'getent group | grep -wq wheel' }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe commands.check_installed('httpd') do
|
26
|
+
it { should eq '/usr/bin/eix httpd --installed' }
|
27
|
+
end
|
28
|
+
|
29
|
+
describe commands.check_listening(80) do
|
30
|
+
it { should eq "netstat -tunl | grep ':80 '" }
|
31
|
+
end
|
32
|
+
|
33
|
+
describe commands.check_running('httpd') do
|
34
|
+
it { should eq 'service httpd status' }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe commands.check_process('httpd') do
|
38
|
+
it { should eq 'ps -e | grep -qw httpd' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe commands.check_file_contain('/etc/passwd', 'root') do
|
42
|
+
it { should eq "grep -q 'root' /etc/passwd" }
|
43
|
+
end
|
44
|
+
|
45
|
+
describe commands.check_mode('/etc/sudoers', 440) do
|
46
|
+
it { should eq 'stat -c %a /etc/sudoers | grep 440' }
|
47
|
+
end
|
48
|
+
|
49
|
+
describe commands.check_owner('/etc/passwd', 'root') do
|
50
|
+
it { should eq 'stat -c %U /etc/passwd | grep root' }
|
51
|
+
end
|
52
|
+
|
53
|
+
describe commands.check_grouped('/etc/passwd', 'wheel') do
|
54
|
+
it { should eq 'stat -c %G /etc/passwd | grep wheel' }
|
55
|
+
end
|
56
|
+
|
57
|
+
describe commands.check_cron_entry('root', '* * * * * /usr/local/bin/batch.sh') do
|
58
|
+
it { should eq 'crontab -u root -l | grep "\* \* \* \* \* /usr/local/bin/batch.sh"' }
|
59
|
+
end
|
60
|
+
|
61
|
+
describe commands.check_link('/etc/system-release', '/etc/redhat-release') do
|
62
|
+
it { should eq 'stat -c %N /etc/system-release | grep /etc/redhat-release' }
|
63
|
+
end
|
64
|
+
|
65
|
+
describe commands.check_installed_by_gem('jekyll') do
|
66
|
+
it { should eq 'gem list --local | grep jekyll' }
|
67
|
+
end
|
68
|
+
|
69
|
+
describe commands.check_belonging_group('root', 'wheel') do
|
70
|
+
it { should eq "id root | awk '{print $2}' | grep wheel" }
|
71
|
+
end
|
72
|
+
|
73
|
+
describe commands.check_iptables_rule('-P INPUT ACCEPT') do
|
74
|
+
it { should eq "iptables -S | grep '\\-P INPUT ACCEPT'" }
|
75
|
+
end
|
76
|
+
|
77
|
+
describe commands.check_iptables_rule('-P INPUT ACCEPT', 'mangle', 'INPUT') do
|
78
|
+
it { should eq "iptables -t mangle -S INPUT | grep '\\-P INPUT ACCEPT'" }
|
79
|
+
end
|
@@ -10,4 +10,26 @@ describe 'Serverspec matchers of Gentoo family', :os => :gentoo do
|
|
10
10
|
it_behaves_like 'support contain matcher', '/etc/ssh/sshd_config', 'This is the sshd server system-wide configuration file'
|
11
11
|
it_behaves_like 'support be_user matcher', 'root'
|
12
12
|
it_behaves_like 'support be_group matcher', 'wheel'
|
13
|
+
|
14
|
+
# Test for case of not registered in the service, but running as process.
|
15
|
+
it_behaves_like 'support be_running matcher', 'udevd'
|
16
|
+
|
17
|
+
it_behaves_like 'support be_mode matcher', '/etc/passwd', 644
|
18
|
+
|
19
|
+
it_behaves_like 'support be_owned_by matcher', '/etc/passwd', 'root'
|
20
|
+
it_behaves_like 'support be_grouped_into matcher', '/etc/passwd', 'root'
|
21
|
+
|
22
|
+
it_behaves_like 'support have_cron_entry matcher', 'cron', '* * * * * /usr/bin/foo'
|
23
|
+
it_behaves_like 'support have_cron_entry.with_user matcher', 'cron', '* * * * * /usr/bin/foo', 'root'
|
24
|
+
|
25
|
+
it_behaves_like 'support be_linked_to matcher', '/etc/pam.d/system-auth', '/etc/pam.d/system-auth-ac'
|
26
|
+
|
27
|
+
it_behaves_like 'support be_installed_by_gem matcher', 'jekyll'
|
28
|
+
it_behaves_like 'support be_installed_by_gem.with_version matcher', 'jekyll', '1.0.0'
|
29
|
+
|
30
|
+
it_behaves_like 'support belong_to_group matcher', 'root', 'root'
|
31
|
+
|
32
|
+
it_behaves_like 'support have_iptables_rule matcher', '-P INPUT ACCEPT'
|
33
|
+
it_behaves_like 'support have_iptables_rule.with_table.with_chain matcher', '-P INPUT ACCEPT', 'mangle', 'INPUT'
|
34
|
+
|
13
35
|
end
|
@@ -5,3 +5,75 @@ include Serverspec::RedHatHelper
|
|
5
5
|
describe commands.check_enabled('httpd') do
|
6
6
|
it { should eq 'chkconfig --list httpd | grep 3:on' }
|
7
7
|
end
|
8
|
+
|
9
|
+
describe commands.check_file('/etc/passwd') do
|
10
|
+
it { should eq 'test -f /etc/passwd' }
|
11
|
+
end
|
12
|
+
|
13
|
+
describe commands.check_directory('/var/log') do
|
14
|
+
it { should eq 'test -d /var/log' }
|
15
|
+
end
|
16
|
+
|
17
|
+
describe commands.check_user('root') do
|
18
|
+
it { should eq 'id root' }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe commands.check_group('wheel') do
|
22
|
+
it { should eq 'getent group | grep -wq wheel' }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe commands.check_installed('httpd') do
|
26
|
+
it { should eq 'rpm -q httpd' }
|
27
|
+
end
|
28
|
+
|
29
|
+
describe commands.check_listening(80) do
|
30
|
+
it { should eq "netstat -tunl | grep ':80 '" }
|
31
|
+
end
|
32
|
+
|
33
|
+
describe commands.check_running('httpd') do
|
34
|
+
it { should eq 'service httpd status' }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe commands.check_process('httpd') do
|
38
|
+
it { should eq 'ps -e | grep -qw httpd' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe commands.check_file_contain('/etc/passwd', 'root') do
|
42
|
+
it { should eq "grep -q 'root' /etc/passwd" }
|
43
|
+
end
|
44
|
+
|
45
|
+
describe commands.check_mode('/etc/sudoers', 440) do
|
46
|
+
it { should eq 'stat -c %a /etc/sudoers | grep 440' }
|
47
|
+
end
|
48
|
+
|
49
|
+
describe commands.check_owner('/etc/passwd', 'root') do
|
50
|
+
it { should eq 'stat -c %U /etc/passwd | grep root' }
|
51
|
+
end
|
52
|
+
|
53
|
+
describe commands.check_grouped('/etc/passwd', 'wheel') do
|
54
|
+
it { should eq 'stat -c %G /etc/passwd | grep wheel' }
|
55
|
+
end
|
56
|
+
|
57
|
+
describe commands.check_cron_entry('root', '* * * * * /usr/local/bin/batch.sh') do
|
58
|
+
it { should eq 'crontab -u root -l | grep "\* \* \* \* \* /usr/local/bin/batch.sh"' }
|
59
|
+
end
|
60
|
+
|
61
|
+
describe commands.check_link('/etc/system-release', '/etc/redhat-release') do
|
62
|
+
it { should eq 'stat -c %N /etc/system-release | grep /etc/redhat-release' }
|
63
|
+
end
|
64
|
+
|
65
|
+
describe commands.check_installed_by_gem('jekyll') do
|
66
|
+
it { should eq 'gem list --local | grep jekyll' }
|
67
|
+
end
|
68
|
+
|
69
|
+
describe commands.check_belonging_group('root', 'wheel') do
|
70
|
+
it { should eq "id root | awk '{print $2}' | grep wheel" }
|
71
|
+
end
|
72
|
+
|
73
|
+
describe commands.check_iptables_rule('-P INPUT ACCEPT') do
|
74
|
+
it { should eq "iptables -S | grep '\\-P INPUT ACCEPT'" }
|
75
|
+
end
|
76
|
+
|
77
|
+
describe commands.check_iptables_rule('-P INPUT ACCEPT', 'mangle', 'INPUT') do
|
78
|
+
it { should eq "iptables -t mangle -S INPUT | grep '\\-P INPUT ACCEPT'" }
|
79
|
+
end
|
@@ -24,6 +24,11 @@ describe 'Serverspec matchers of Red Hat family', :os => :redhat do
|
|
24
24
|
|
25
25
|
it_behaves_like 'support be_linked_to matcher', '/etc/pam.d/system-auth', '/etc/pam.d/system-auth-ac'
|
26
26
|
|
27
|
+
it_behaves_like 'support be_installed_by_gem matcher', 'jekyll'
|
28
|
+
it_behaves_like 'support be_installed_by_gem.with_version matcher', 'jekyll', '1.0.0'
|
29
|
+
|
27
30
|
it_behaves_like 'support belong_to_group matcher', 'root', 'root'
|
28
31
|
|
32
|
+
it_behaves_like 'support have_iptables_rule matcher', '-P INPUT ACCEPT'
|
33
|
+
it_behaves_like 'support have_iptables_rule.with_table.with_chain matcher', '-P INPUT ACCEPT', 'mangle', 'INPUT'
|
29
34
|
end
|
@@ -0,0 +1,71 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
include Serverspec::SolarisHelper
|
4
|
+
|
5
|
+
describe commands.check_enabled('httpd') do
|
6
|
+
it { should eq "svcs -l httpd 2> /dev/null | grep 'enabled true'" }
|
7
|
+
end
|
8
|
+
|
9
|
+
describe commands.check_file('/etc/passwd') do
|
10
|
+
it { should eq 'test -f /etc/passwd' }
|
11
|
+
end
|
12
|
+
|
13
|
+
describe commands.check_directory('/var/log') do
|
14
|
+
it { should eq 'test -d /var/log' }
|
15
|
+
end
|
16
|
+
|
17
|
+
describe commands.check_user('root') do
|
18
|
+
it { should eq 'id root' }
|
19
|
+
end
|
20
|
+
|
21
|
+
describe commands.check_group('wheel') do
|
22
|
+
it { should eq 'getent group | grep -wq wheel' }
|
23
|
+
end
|
24
|
+
|
25
|
+
describe commands.check_installed('httpd') do
|
26
|
+
it { should eq 'pkg list -H httpd 2> /dev/null' }
|
27
|
+
end
|
28
|
+
|
29
|
+
describe commands.check_listening(80) do
|
30
|
+
it { should eq "netstat -an 2> /dev/null | egrep 'LISTEN|Idle' | grep '.80 '" }
|
31
|
+
end
|
32
|
+
|
33
|
+
describe commands.check_running('httpd') do
|
34
|
+
it { should eq "svcs -l httpd status 2> /dev/null |grep 'state online'" }
|
35
|
+
end
|
36
|
+
|
37
|
+
describe commands.check_process('httpd') do
|
38
|
+
it { should eq 'ps -e | grep -qw httpd' }
|
39
|
+
end
|
40
|
+
|
41
|
+
describe commands.check_file_contain('/etc/passwd', 'root') do
|
42
|
+
it { should eq "grep -q 'root' /etc/passwd" }
|
43
|
+
end
|
44
|
+
|
45
|
+
describe commands.check_mode('/etc/sudoers', 440) do
|
46
|
+
it { should eq 'stat -c %a /etc/sudoers | grep 440' }
|
47
|
+
end
|
48
|
+
|
49
|
+
describe commands.check_owner('/etc/passwd', 'root') do
|
50
|
+
it { should eq 'stat -c %U /etc/passwd | grep root' }
|
51
|
+
end
|
52
|
+
|
53
|
+
describe commands.check_grouped('/etc/passwd', 'wheel') do
|
54
|
+
it { should eq 'stat -c %G /etc/passwd | grep wheel' }
|
55
|
+
end
|
56
|
+
|
57
|
+
describe commands.check_cron_entry('root', '* * * * * /usr/local/bin/batch.sh') do
|
58
|
+
it { should eq "crontab -l root | grep '\\* \\* \\* \\* \\* /usr/local/bin/batch.sh'" }
|
59
|
+
end
|
60
|
+
|
61
|
+
describe commands.check_link('/etc/system-release', '/etc/redhat-release') do
|
62
|
+
it { should eq 'stat -c %N /etc/system-release | grep /etc/redhat-release' }
|
63
|
+
end
|
64
|
+
|
65
|
+
describe commands.check_installed_by_gem('jekyll') do
|
66
|
+
it { should eq 'gem list --local | grep jekyll' }
|
67
|
+
end
|
68
|
+
|
69
|
+
describe commands.check_belonging_group('root', 'wheel') do
|
70
|
+
it { should eq "id root | awk '{print $2}' | grep wheel" }
|
71
|
+
end
|
@@ -10,4 +10,23 @@ describe 'Serverspec matchers of Solaris family', :os => :solaris do
|
|
10
10
|
it_behaves_like 'support contain matcher', '/etc/ssh/sshd_config', 'Configuration file for sshd(1m) (see also sshd_config(4))'
|
11
11
|
it_behaves_like 'support be_user matcher', 'root'
|
12
12
|
it_behaves_like 'support be_group matcher', 'root'
|
13
|
+
|
14
|
+
# Test for case of not registered in the service, but running as process.
|
15
|
+
it_behaves_like 'support be_running matcher', 'udevd'
|
16
|
+
|
17
|
+
it_behaves_like 'support be_mode matcher', '/etc/passwd', 644
|
18
|
+
|
19
|
+
it_behaves_like 'support be_owned_by matcher', '/etc/passwd', 'root'
|
20
|
+
it_behaves_like 'support be_grouped_into matcher', '/etc/passwd', 'root'
|
21
|
+
|
22
|
+
it_behaves_like 'support have_cron_entry matcher', 'cron', '* * * * * /usr/bin/foo'
|
23
|
+
it_behaves_like 'support have_cron_entry.with_user matcher', 'cron', '* * * * * /usr/bin/foo', 'root'
|
24
|
+
|
25
|
+
it_behaves_like 'support be_linked_to matcher', '/etc/pam.d/system-auth', '/etc/pam.d/system-auth-ac'
|
26
|
+
|
27
|
+
it_behaves_like 'support be_installed_by_gem matcher', 'jekyll'
|
28
|
+
it_behaves_like 'support be_installed_by_gem.with_version matcher', 'jekyll', '1.0.0'
|
29
|
+
|
30
|
+
it_behaves_like 'support belong_to_group matcher', 'root', 'root'
|
31
|
+
|
13
32
|
end
|
data/spec/spec_helper.rb
CHANGED
@@ -9,10 +9,14 @@ module Serverspec
|
|
9
9
|
module SshHelper
|
10
10
|
def ssh_exec(cmd)
|
11
11
|
if cmd =~ /invalid/
|
12
|
-
{ :stdout =>
|
12
|
+
{ :stdout => '', :stderr => '', :exit_code => 1, :exit_signal => nil }
|
13
13
|
else
|
14
|
-
{ :stdout =>
|
14
|
+
{ :stdout => ::RSpec.configuration.stdout, :stderr => '', :exit_code => 0, :exit_signal => nil }
|
15
15
|
end
|
16
16
|
end
|
17
17
|
end
|
18
18
|
end
|
19
|
+
|
20
|
+
RSpec.configure do |c|
|
21
|
+
c.add_setting :stdout, :default => ''
|
22
|
+
end
|
@@ -161,7 +161,7 @@ shared_examples_for 'support have_cron_entry.with_user matcher' do |title, entry
|
|
161
161
|
it { should have_cron_entry(entry).with_user(user) }
|
162
162
|
end
|
163
163
|
|
164
|
-
describe
|
164
|
+
describe title do
|
165
165
|
it { should_not have_cron_entry('dummy entry').with_user('invaliduser') }
|
166
166
|
end
|
167
167
|
end
|
@@ -193,6 +193,12 @@ end
|
|
193
193
|
|
194
194
|
shared_examples_for 'support be_installed_by_gem.with_version matcher' do |name, version|
|
195
195
|
describe 'be_installed_by_gem.with_version' do
|
196
|
+
before :all do
|
197
|
+
RSpec.configure do |c|
|
198
|
+
c.stdout = "#{name} (#{version})"
|
199
|
+
end
|
200
|
+
end
|
201
|
+
|
196
202
|
describe name do
|
197
203
|
it { should be_installed_by_gem.with_version(version) }
|
198
204
|
end
|
@@ -214,3 +220,27 @@ shared_examples_for 'support belong_to_group matcher' do |user, group|
|
|
214
220
|
end
|
215
221
|
end
|
216
222
|
end
|
223
|
+
|
224
|
+
shared_examples_for 'support have_iptables_rule matcher' do |rule|
|
225
|
+
describe 'have_iptables_rule' do
|
226
|
+
describe 'iptables' do
|
227
|
+
it { should have_iptables_rule rule }
|
228
|
+
end
|
229
|
+
|
230
|
+
describe 'iptables' do
|
231
|
+
it { should_not have_iptables_rule 'invalid-rule' }
|
232
|
+
end
|
233
|
+
end
|
234
|
+
end
|
235
|
+
|
236
|
+
shared_examples_for 'support have_iptables_rule.with_table.with_chain matcher' do |rule, table, chain|
|
237
|
+
describe 'have_iptables_rule.with_table.with_chain' do
|
238
|
+
describe 'iptables' do
|
239
|
+
it { should have_iptables_rule(rule).with_table(table).with_chain(chain) }
|
240
|
+
end
|
241
|
+
|
242
|
+
describe 'iptables' do
|
243
|
+
it { should_not have_iptables_rule('invalid-rule').with_table(table).with_chain(chain) }
|
244
|
+
end
|
245
|
+
end
|
246
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: serverspec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-03-
|
12
|
+
date: 2013-03-31 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: net-ssh
|
@@ -75,7 +75,8 @@ dependencies:
|
|
75
75
|
- - ! '>='
|
76
76
|
- !ruby/object:Gem::Version
|
77
77
|
version: '0'
|
78
|
-
description: RSpec tests for your provisioned
|
78
|
+
description: RSpec tests for your servers provisioned by Puppet, Chef or anything
|
79
|
+
else
|
79
80
|
email:
|
80
81
|
- gosukenator@gmail.com
|
81
82
|
executables:
|
@@ -114,17 +115,21 @@ files:
|
|
114
115
|
- lib/serverspec/matchers/belong_to_group.rb
|
115
116
|
- lib/serverspec/matchers/contain.rb
|
116
117
|
- lib/serverspec/matchers/have_cron_entry.rb
|
118
|
+
- lib/serverspec/matchers/have_iptables_rule.rb
|
117
119
|
- lib/serverspec/setup.rb
|
118
120
|
- lib/serverspec/version.rb
|
119
121
|
- serverspec.gemspec
|
122
|
+
- spec/debian/commands_spec.rb
|
120
123
|
- spec/debian/matchers_spec.rb
|
124
|
+
- spec/gentoo/commands_spec.rb
|
121
125
|
- spec/gentoo/matchers_spec.rb
|
122
126
|
- spec/redhat/commands_spec.rb
|
123
127
|
- spec/redhat/matchers_spec.rb
|
128
|
+
- spec/solaris/commads_spec.rb
|
124
129
|
- spec/solaris/matchers_spec.rb
|
125
130
|
- spec/spec_helper.rb
|
126
131
|
- spec/support/shared_matcher_examples.rb
|
127
|
-
homepage:
|
132
|
+
homepage: http://serverspec.org/
|
128
133
|
licenses:
|
129
134
|
- MIT
|
130
135
|
post_install_message:
|
@@ -148,12 +153,15 @@ rubyforge_project:
|
|
148
153
|
rubygems_version: 1.8.25
|
149
154
|
signing_key:
|
150
155
|
specification_version: 3
|
151
|
-
summary: RSpec tests for your provisioned
|
156
|
+
summary: RSpec tests for your servers provisioned by Puppet, Chef or anything else
|
152
157
|
test_files:
|
158
|
+
- spec/debian/commands_spec.rb
|
153
159
|
- spec/debian/matchers_spec.rb
|
160
|
+
- spec/gentoo/commands_spec.rb
|
154
161
|
- spec/gentoo/matchers_spec.rb
|
155
162
|
- spec/redhat/commands_spec.rb
|
156
163
|
- spec/redhat/matchers_spec.rb
|
164
|
+
- spec/solaris/commads_spec.rb
|
157
165
|
- spec/solaris/matchers_spec.rb
|
158
166
|
- spec/spec_helper.rb
|
159
167
|
- spec/support/shared_matcher_examples.rb
|