serverspec 0.6.21 → 0.6.22

Sign up to get free protection for your applications and to get access to all the features.
Files changed (37) hide show
  1. data/Rakefile +1 -1
  2. data/lib/serverspec.rb +2 -0
  3. data/lib/serverspec/backend/exec.rb +2 -0
  4. data/lib/serverspec/commands/base.rb +5 -0
  5. data/lib/serverspec/commands/smartos.rb +8 -0
  6. data/lib/serverspec/commands/solaris.rb +7 -2
  7. data/lib/serverspec/commands/solaris11.rb +7 -0
  8. data/lib/serverspec/helper.rb +1 -0
  9. data/lib/serverspec/helper/solaris11.rb +9 -0
  10. data/lib/serverspec/matchers.rb +3 -0
  11. data/lib/serverspec/matchers/be_listening.rb +9 -0
  12. data/lib/serverspec/type/port.rb +11 -2
  13. data/lib/serverspec/version.rb +1 -1
  14. data/spec/darwin/port_spec.rb +18 -0
  15. data/spec/debian/port_spec.rb +18 -0
  16. data/spec/gentoo/port_spec.rb +18 -0
  17. data/spec/redhat/port_spec.rb +18 -0
  18. data/spec/solaris/commands_spec.rb +17 -2
  19. data/spec/solaris/port_spec.rb +18 -0
  20. data/spec/solaris10/commands_spec.rb +2 -2
  21. data/spec/solaris11/command_spec.rb +48 -0
  22. data/spec/solaris11/commands_spec.rb +82 -0
  23. data/spec/solaris11/cron_spec.rb +21 -0
  24. data/spec/solaris11/default_gateway_spec.rb +16 -0
  25. data/spec/solaris11/file_spec.rb +381 -0
  26. data/spec/solaris11/group_spec.rb +8 -0
  27. data/spec/solaris11/host_spec.rb +58 -0
  28. data/spec/solaris11/ipfilter_spec.rb +7 -0
  29. data/spec/solaris11/ipnat_spec.rb +7 -0
  30. data/spec/solaris11/package_spec.rb +76 -0
  31. data/spec/solaris11/port_spec.rb +12 -0
  32. data/spec/solaris11/routing_table_spec.rb +120 -0
  33. data/spec/solaris11/service_spec.rb +13 -0
  34. data/spec/solaris11/svcprop_spec.rb +8 -0
  35. data/spec/solaris11/user_spec.rb +12 -0
  36. data/spec/solaris11/zfs_spec.rb +9 -0
  37. metadata +37 -2
data/Rakefile CHANGED
@@ -4,7 +4,7 @@ require 'rspec/core/rake_task'
4
4
  task :spec => 'spec:all'
5
5
 
6
6
  namespace :spec do
7
- oses = %w( darwin debian gentoo redhat solaris solaris10 smartos )
7
+ oses = %w( darwin debian gentoo redhat solaris solaris10 solaris11 smartos )
8
8
 
9
9
  task :all => [ oses.map {|os| "spec:#{os}" }, :helpers, :exec, :ssh ].flatten
10
10
 
data/lib/serverspec.rb CHANGED
@@ -13,6 +13,7 @@ require 'serverspec/commands/debian'
13
13
  require 'serverspec/commands/gentoo'
14
14
  require 'serverspec/commands/solaris'
15
15
  require 'serverspec/commands/solaris10'
16
+ require 'serverspec/commands/solaris11'
16
17
  require 'serverspec/commands/smartos'
17
18
  require 'serverspec/commands/darwin'
18
19
  require 'serverspec/configuration'
@@ -35,6 +36,7 @@ RSpec.configure do |c|
35
36
  c.include(Serverspec::Helper::Gentoo, :os => :gentoo)
36
37
  c.include(Serverspec::Helper::Solaris, :os => :solaris)
37
38
  c.include(Serverspec::Helper::Solaris10, :os => :solaris10)
39
+ c.include(Serverspec::Helper::Solaris11, :os => :solaris11)
38
40
  c.include(Serverspec::Helper::SmartOS, :os => :smartos)
39
41
  c.include(Serverspec::Helper::Darwin, :os => :darwin)
40
42
  c.add_setting :os, :default => nil
@@ -200,6 +200,8 @@ module Serverspec
200
200
  elsif (os = run_command('uname -sr')[:stdout]) && os =~ /SunOS/i
201
201
  if os =~ /5.10/
202
202
  'Solaris10'
203
+ elsif run_command('grep -q "Oracle Solaris 11" /etc/release')[:exit_status] == 0
204
+ 'Solaris11'
203
205
  elsif run_command('grep -q SmartOS /etc/release')[:exit_status] == 0
204
206
  'SmartOS'
205
207
  else
@@ -77,6 +77,11 @@ module Serverspec
77
77
  "netstat -tunl | grep -- #{escape(regexp)}"
78
78
  end
79
79
 
80
+ def check_listening_with_protocol(port, protocol)
81
+ regexp = "^#{protocol} .*:#{port} "
82
+ "netstat -tunl | grep -- #{escape(regexp)}"
83
+ end
84
+
80
85
  def check_running(service)
81
86
  "service #{escape(service)} status"
82
87
  end
@@ -8,6 +8,14 @@ module Serverspec
8
8
  end
9
9
  cmd
10
10
  end
11
+
12
+ def check_enabled(service, level=3)
13
+ "svcs -l #{escape(service)} 2> /dev/null | grep -wx '^enabled.*true$'"
14
+ end
15
+
16
+ def check_running(service)
17
+ "svcs -l #{escape(service)} status 2> /dev/null |grep -wx '^state.*online$'"
18
+ end
11
19
  end
12
20
  end
13
21
  end
@@ -2,7 +2,7 @@ module Serverspec
2
2
  module Commands
3
3
  class Solaris < Base
4
4
  def check_enabled(service, level=3)
5
- "svcs -l #{escape(service)} 2> /dev/null | grep -wx '^enabled.*true$'"
5
+ "svcs -l #{escape(service)} 2> /dev/null | egrep '^enabled *true$'"
6
6
  end
7
7
 
8
8
  def check_installed(package, version=nil)
@@ -18,8 +18,13 @@ module Serverspec
18
18
  "netstat -an 2> /dev/null | egrep 'LISTEN|Idle' | grep -- #{escape(regexp)}"
19
19
  end
20
20
 
21
+ def check_listening_with_protocol(port, protocol)
22
+ regexp = ".*\.#{port} "
23
+ "netstat -an -P #{escape(protocol)} 2> /dev/null | egrep 'LISTEN|Idle' | grep -- #{escape(regexp)}"
24
+ end
25
+
21
26
  def check_running(service)
22
- "svcs -l #{escape(service)} status 2> /dev/null |grep -wx '^state.*online$'"
27
+ "svcs -l #{escape(service)} status 2> /dev/null | egrep '^state *online$'"
23
28
  end
24
29
 
25
30
  def check_cron_entry(user, entry)
@@ -0,0 +1,7 @@
1
+ module Serverspec
2
+ module Commands
3
+ class Solaris11 < Solaris
4
+ # Please implement Solaris 11 specific commands
5
+ end
6
+ end
7
+ end
@@ -11,6 +11,7 @@ require 'serverspec/helper/debian'
11
11
  require 'serverspec/helper/gentoo'
12
12
  require 'serverspec/helper/solaris'
13
13
  require 'serverspec/helper/solaris10'
14
+ require 'serverspec/helper/solaris11'
14
15
  require 'serverspec/helper/smartos'
15
16
  require 'serverspec/helper/darwin'
16
17
  require 'serverspec/helper/detect_os'
@@ -0,0 +1,9 @@
1
+ module Serverspec
2
+ module Helper
3
+ module Solaris11
4
+ def commands
5
+ Serverspec::Commands::Solaris11.new
6
+ end
7
+ end
8
+ end
9
+ end
@@ -6,6 +6,9 @@ require 'serverspec/matchers/be_writable'
6
6
  require 'serverspec/matchers/be_executable'
7
7
  require 'serverspec/matchers/match_md5checksum'
8
8
 
9
+ # port
10
+ require 'serverspec/matchers/be_listening'
11
+
9
12
  # host
10
13
  require 'serverspec/matchers/be_resolvable'
11
14
  require 'serverspec/matchers/be_reachable'
@@ -0,0 +1,9 @@
1
+ RSpec::Matchers.define :be_listening do
2
+ match do |port|
3
+ port.listening?(@with)
4
+ end
5
+
6
+ chain :with do |with|
7
+ @with = with
8
+ end
9
+ end
@@ -1,8 +1,17 @@
1
1
  module Serverspec
2
2
  module Type
3
3
  class Port < Base
4
- def listening?
5
- backend.check_listening(@name)
4
+ def listening?(protocol)
5
+ if protocol
6
+ protocol = protocol.to_s.downcase
7
+ unless ["udp", "tcp"].include?(protocol)
8
+ raise ArgumentError.new("`be_listening` matcher doesn't support #{protocol}")
9
+ end
10
+
11
+ backend.check_listening_with_protocol(@name, protocol)
12
+ else
13
+ backend.check_listening(@name)
14
+ end
6
15
  end
7
16
  end
8
17
  end
@@ -1,3 +1,3 @@
1
1
  module Serverspec
2
- VERSION = "0.6.21"
2
+ VERSION = "0.6.22"
3
3
  end
@@ -10,3 +10,21 @@ end
10
10
  describe port('invalid') do
11
11
  it { should_not be_listening }
12
12
  end
13
+
14
+ describe port(80) do
15
+ it { should be_listening.with("tcp") }
16
+ its(:command) { should eq 'netstat -tunl | grep -- \\^tcp\\ .\\*:80\\ ' }
17
+ end
18
+
19
+ describe port(123) do
20
+ it { should be_listening.with("udp") }
21
+ its(:command) { should eq 'netstat -tunl | grep -- \\^udp\\ .\\*:123\\ ' }
22
+ end
23
+
24
+ describe port(80) do
25
+ it {
26
+ expect {
27
+ should be_listening.with('not implemented')
28
+ }.to raise_error(ArgumentError, %r/\A`be_listening` matcher doesn\'t support/)
29
+ }
30
+ end
@@ -10,3 +10,21 @@ end
10
10
  describe port('invalid') do
11
11
  it { should_not be_listening }
12
12
  end
13
+
14
+ describe port(80) do
15
+ it { should be_listening.with("tcp") }
16
+ its(:command) { should eq 'netstat -tunl | grep -- \\^tcp\\ .\\*:80\\ ' }
17
+ end
18
+
19
+ describe port(123) do
20
+ it { should be_listening.with("udp") }
21
+ its(:command) { should eq 'netstat -tunl | grep -- \\^udp\\ .\\*:123\\ ' }
22
+ end
23
+
24
+ describe port(80) do
25
+ it {
26
+ expect {
27
+ should be_listening.with('not implemented')
28
+ }.to raise_error(ArgumentError, %r/\A`be_listening` matcher doesn\'t support/)
29
+ }
30
+ end
@@ -10,3 +10,21 @@ end
10
10
  describe port('invalid') do
11
11
  it { should_not be_listening }
12
12
  end
13
+
14
+ describe port(80) do
15
+ it { should be_listening.with("tcp") }
16
+ its(:command) { should eq 'netstat -tunl | grep -- \\^tcp\\ .\\*:80\\ ' }
17
+ end
18
+
19
+ describe port(123) do
20
+ it { should be_listening.with("udp") }
21
+ its(:command) { should eq 'netstat -tunl | grep -- \\^udp\\ .\\*:123\\ ' }
22
+ end
23
+
24
+ describe port(80) do
25
+ it {
26
+ expect {
27
+ should be_listening.with('not implemented')
28
+ }.to raise_error(ArgumentError, %r/\A`be_listening` matcher doesn\'t support/)
29
+ }
30
+ end
@@ -10,3 +10,21 @@ end
10
10
  describe port('invalid') do
11
11
  it { should_not be_listening }
12
12
  end
13
+
14
+ describe port(80) do
15
+ it { should be_listening.with("tcp") }
16
+ its(:command) { should eq 'netstat -tunl | grep -- \\^tcp\\ .\\*:80\\ ' }
17
+ end
18
+
19
+ describe port(123) do
20
+ it { should be_listening.with("udp") }
21
+ its(:command) { should eq 'netstat -tunl | grep -- \\^udp\\ .\\*:123\\ ' }
22
+ end
23
+
24
+ describe port(80) do
25
+ it {
26
+ expect {
27
+ should be_listening.with('not implemented')
28
+ }.to raise_error(ArgumentError, %r/\A`be_listening` matcher doesn\'t support/)
29
+ }
30
+ end
@@ -21,12 +21,27 @@ end
21
21
 
22
22
  describe 'check_enabled' do
23
23
  subject { commands.check_enabled('httpd') }
24
- it { should eq "svcs -l httpd 2> /dev/null | grep -wx '^enabled.*true$'" }
24
+ it { should eq "svcs -l httpd 2> /dev/null | egrep '^enabled *true$'" }
25
25
  end
26
26
 
27
27
  describe 'check_running' do
28
28
  subject { commands.check_running('httpd') }
29
- it { should eq "svcs -l httpd status 2> /dev/null |grep -wx '^state.*online$'" }
29
+ it { should eq "svcs -l httpd status 2> /dev/null | egrep '^state *online$'" }
30
+ end
31
+
32
+ describe 'check_listening' do
33
+ subject { commands.check_listening(80) }
34
+ it { should eq %q!netstat -an 2> /dev/null | egrep 'LISTEN|Idle' | grep -- .80\\ ! }
35
+ end
36
+
37
+ describe 'check_listening_with_tcp' do
38
+ subject { commands.check_listening_with_protocol(80, "tcp") }
39
+ it { should eq %q!netstat -an -P tcp 2> /dev/null | egrep 'LISTEN|Idle' | grep -- .\\*.80\\ ! }
40
+ end
41
+
42
+ describe 'check_listening_with_udp' do
43
+ subject { commands.check_listening_with_protocol(123, "udp") }
44
+ it { should eq %q!netstat -an -P udp 2> /dev/null | egrep 'LISTEN|Idle' | grep -- .\\*.123\\ ! }
30
45
  end
31
46
 
32
47
  describe 'check_belonging_group' do
@@ -10,3 +10,21 @@ end
10
10
  describe port('invalid') do
11
11
  it { should_not be_listening }
12
12
  end
13
+
14
+ describe port(80) do
15
+ it { should be_listening.with("tcp") }
16
+ its(:command) { should eq %q!netstat -an -P tcp 2> /dev/null | egrep 'LISTEN|Idle' | grep -- .\\*.80\\ ! }
17
+ end
18
+
19
+ describe port(123) do
20
+ it { should be_listening.with("udp") }
21
+ its(:command) { should eq %q!netstat -an -P udp 2> /dev/null | egrep 'LISTEN|Idle' | grep -- .\\*.123\\ ! }
22
+ end
23
+
24
+ describe port(80) do
25
+ it {
26
+ expect {
27
+ should be_listening.with('not implemented')
28
+ }.to raise_error(ArgumentError, %r/\A`be_listening` matcher doesn\'t support/)
29
+ }
30
+ end
@@ -20,12 +20,12 @@ end
20
20
 
21
21
  describe 'check_enabled' do
22
22
  subject { commands.check_enabled('httpd') }
23
- it { should eq "svcs -l httpd 2> /dev/null | grep -wx '^enabled.*true$'" }
23
+ it { should eq "svcs -l httpd 2> /dev/null | egrep '^enabled *true$'" }
24
24
  end
25
25
 
26
26
  describe 'check_running' do
27
27
  subject { commands.check_running('httpd') }
28
- it { should eq "svcs -l httpd status 2> /dev/null |grep -wx '^state.*online$'" }
28
+ it { should eq "svcs -l httpd status 2> /dev/null | egrep '^state *online$'" }
29
29
  end
30
30
 
31
31
  describe 'check_belonging_group' do
@@ -0,0 +1,48 @@
1
+ require 'spec_helper'
2
+
3
+ include Serverspec::Helper::Solaris11
4
+
5
+ describe command('cat /etc/resolv.conf') do
6
+ let(:stdout) { "nameserver 127.0.0.1\r\n" }
7
+ it { should return_stdout("nameserver 127.0.0.1") }
8
+ its(:command) { should eq 'cat /etc/resolv.conf' }
9
+ end
10
+
11
+ describe 'complete matching of stdout' do
12
+ context command('cat /etc/resolv.conf') do
13
+ let(:stdout) { "foocontent-should-be-includedbar\r\n" }
14
+ it { should_not return_stdout('content-should-be-included') }
15
+ end
16
+ end
17
+
18
+ describe 'regexp matching of stdout' do
19
+ context command('cat /etc/resolv.conf') do
20
+ let(:stdout) { "nameserver 127.0.0.1\r\n" }
21
+ it { should return_stdout(/127\.0\.0\.1/) }
22
+ end
23
+ end
24
+
25
+ describe command('cat /etc/resolv.conf') do
26
+ let(:stdout) { "No such file or directory\r\n" }
27
+ it { should return_stderr("No such file or directory") }
28
+ its(:command) { should eq 'cat /etc/resolv.conf' }
29
+ end
30
+
31
+ describe 'complete matching of stderr' do
32
+ context command('cat /etc/resolv.conf') do
33
+ let(:stdout) { "No such file or directory\r\n" }
34
+ it { should_not return_stdout('file') }
35
+ end
36
+ end
37
+
38
+ describe 'regexp matching of stderr' do
39
+ context command('cat /etc/resolv.conf') do
40
+ let(:stdout) { "No such file or directory\r\n" }
41
+ it { should return_stderr(/file/) }
42
+ end
43
+ end
44
+
45
+ describe command('cat /etc/resolv.conf') do
46
+ it { should return_exit_status 0 }
47
+ its(:command) { should eq 'cat /etc/resolv.conf' }
48
+ end
@@ -0,0 +1,82 @@
1
+ require 'spec_helper'
2
+
3
+ include Serverspec::Helper::Solaris11
4
+
5
+ describe 'Serverspec commands of Solaris11 family' do
6
+
7
+ it_behaves_like 'support command check_user', 'root'
8
+ it_behaves_like 'support command check_user', 'wheel'
9
+
10
+ it_behaves_like 'support command check_running_under_supervisor', 'httpd'
11
+ it_behaves_like 'support command check_monitored_by_monit', 'unicorn'
12
+ it_behaves_like 'support command check_process', 'httpd'
13
+
14
+ it_behaves_like 'support command check_uid', 'root', 0
15
+
16
+ it_behaves_like 'support command check_login_shell', 'root', '/bin/bash'
17
+ it_behaves_like 'support command check_home_directory', 'root', '/root'
18
+
19
+ it_behaves_like 'support command check_authorized_key'
20
+ end
21
+
22
+ describe 'check_enabled' do
23
+ subject { commands.check_enabled('httpd') }
24
+ it { should eq "svcs -l httpd 2> /dev/null | egrep '^enabled *true$'" }
25
+ end
26
+
27
+ describe 'check_running' do
28
+ subject { commands.check_running('httpd') }
29
+ it { should eq "svcs -l httpd status 2> /dev/null | egrep '^state *online$'" }
30
+ end
31
+
32
+ describe 'check_belonging_group' do
33
+ subject { commands.check_belonging_group('root', 'wheel') }
34
+ it { should eq "id -Gn root | grep -- wheel" }
35
+ end
36
+
37
+ describe 'check_gid' do
38
+ subject { commands.check_gid('root', 0) }
39
+ it { should eq "getent group | grep -- \\^root: | cut -f 3 -d ':' | grep -w -- 0" }
40
+ end
41
+
42
+ describe 'check_zfs' do
43
+ context 'check without properties' do
44
+ subject { commands.check_zfs('rpool') }
45
+ it { should eq "zfs list -H rpool" }
46
+ end
47
+
48
+ context 'check with a property' do
49
+ subject { commands.check_zfs('rpool', { 'mountpoint' => '/rpool' }) }
50
+ it { should eq "zfs list -H -o mountpoint rpool | grep -- \\^/rpool\\$" }
51
+ end
52
+
53
+ context 'check with multiple properties' do
54
+ subject { commands.check_zfs('rpool', { 'mountpoint' => '/rpool', 'compression' => 'off' }) }
55
+ it { should eq "zfs list -H -o compression rpool | grep -- \\^off\\$ && zfs list -H -o mountpoint rpool | grep -- \\^/rpool\\$" }
56
+ end
57
+ end
58
+
59
+ describe 'check_ip_filter_rule' do
60
+ subject { commands.check_ipfilter_rule('pass in quick on lo0 all') }
61
+ it { should eq "ipfstat -io 2> /dev/null | grep -- pass\\ in\\ quick\\ on\\ lo0\\ all" }
62
+ end
63
+
64
+ describe 'check_ipnat_rule' do
65
+ subject { commands.check_ipnat_rule('map net1 192.168.0.0/24 -> 0.0.0.0/32') }
66
+ it { should eq "ipnat -l 2> /dev/null | grep -- \\^map\\ net1\\ 192.168.0.0/24\\ -\\>\\ 0.0.0.0/32\\$" }
67
+ end
68
+
69
+ describe 'check_svcprop' do
70
+ subject { commands.check_svcprop('svc:/network/http:apache22', 'httpd/enable_64bit','false') }
71
+ it { should eq "svcprop -p httpd/enable_64bit svc:/network/http:apache22 | grep -- \\^false\\$" }
72
+ end
73
+
74
+ describe 'check_svcprops' do
75
+ subject {
76
+ commands.check_svcprops('svc:/network/http:apache22', {
77
+ 'httpd/enable_64bit' => 'false',
78
+ 'httpd/server_type' => 'worker',
79
+ })
80
+ }
81
+ it { should eq "svcprop -p httpd/enable_64bit svc:/network/http:apache22 | grep -- \\^false\\$ && svcprop -p httpd/server_type svc:/network/http:apache22 | grep -- \\^worker\\$" }
82
+ end