simp-beaker-helpers 1.19.0 → 1.20.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.fips_fixtures +8 -0
- data/.fixtures.yml +1 -0
- data/.gitignore +1 -0
- data/.gitlab-ci.yml +334 -89
- data/.travis.yml +39 -33
- data/CHANGELOG.md +47 -0
- data/Gemfile +1 -1
- data/Rakefile +1 -1
- data/lib/simp/beaker_helpers.rb +119 -21
- data/lib/simp/beaker_helpers/constants.rb +6 -2
- data/lib/simp/beaker_helpers/version.rb +1 -1
- data/spec/acceptance/nodesets/default.yml +19 -9
- data/spec/acceptance/nodesets/ubuntu.yml +20 -0
- data/spec/acceptance/suites/default/check_puppet_version_spec.rb +2 -2
- data/spec/acceptance/suites/default/fixture_modules_spec.rb +22 -4
- data/spec/lib/simp/beaker_helpers_spec.rb +17 -34
- metadata +38 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7fc677903ad549041397ba842f11a2861c5e99b0b6c9717e0ac48e61485b6a7a
|
4
|
+
data.tar.gz: 824a685974d1bb8df8ba9335d1176c4ea281d77f79d7ecc76c3fd68b88a82a79
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 31f997ddbe976bdfbc8fd904a7f8db3a972c6cfb47b62db12483fef311d1eb550caa2fd643e6abaf6dadd92063c288edb9217b472564b3c74af170f828449680
|
7
|
+
data.tar.gz: 7e3a00581115a489502e13f542246aed81be117d104df938b4097e086300649a732c9d6e9094a3e6696cf35b24a30b63a10df9db71158d298a88919530a9bc8d
|
data/.fips_fixtures
ADDED
@@ -0,0 +1,8 @@
|
|
1
|
+
---
|
2
|
+
fixtures:
|
3
|
+
repositories:
|
4
|
+
fips: https://github.com/simp/pupmod-simp-fips
|
5
|
+
augeasproviders_core: https://github.com/simp/augeasproviders_core
|
6
|
+
augeasproviders_grub: https://github.com/simp/augeasproviders_grub
|
7
|
+
simplib: https://github.com/simp/pupmod-simp-simplib
|
8
|
+
stdlib: https://github.com/simp/puppetlabs-stdlib
|
data/.fixtures.yml
CHANGED
data/.gitignore
CHANGED
data/.gitlab-ci.yml
CHANGED
@@ -1,131 +1,376 @@
|
|
1
|
+
# ------------------------------------------------------------------------------
|
2
|
+
# NOTICE: **This file is maintained with puppetsync**
|
3
|
+
#
|
4
|
+
# This file is updated automatically as part of a puppet module baseline.
|
5
|
+
#
|
6
|
+
# The next baseline sync will overwrite any local changes to everything above
|
7
|
+
# the line "# Repo-specific content"
|
8
|
+
# ------------------------------------------------------------------------------
|
9
|
+
# The testing matrix considers ruby/puppet versions supported by SIMP and PE:
|
10
|
+
#
|
11
|
+
# https://puppet.com/docs/pe/2019.8/component_versions_in_recent_pe_releases.html
|
12
|
+
# https://puppet.com/misc/puppet-enterprise-lifecycle
|
13
|
+
# https://puppet.com/docs/pe/2018.1/overview/getting_support_for_pe.html
|
14
|
+
# ------------------------------------------------------------------------------
|
15
|
+
# Release Puppet Ruby EOL
|
16
|
+
# SIMP 6.4 5.5 2.4.10 TBD
|
17
|
+
# PE 2018.1 5.5 2.4.10 2021-01 (LTS overlap)
|
18
|
+
# PE 2019.8 6.18 2.5.7 2022-12 (LTS)
|
1
19
|
---
|
2
|
-
|
20
|
+
|
21
|
+
stages:
|
22
|
+
- 'validation'
|
23
|
+
- 'acceptance'
|
24
|
+
- 'compliance'
|
25
|
+
- 'deployment'
|
26
|
+
|
27
|
+
variables:
|
28
|
+
# PUPPET_VERSION is a canary variable!
|
29
|
+
#
|
30
|
+
# The value `UNDEFINED` will (intentionally) cause `bundler install|update` to
|
31
|
+
# fail. The intended value for PUPPET_VERSION is provided by the `pup_#` YAML
|
32
|
+
# anchors. If it is still `UNDEFINED`, all the other setting from the job's
|
33
|
+
# anchor are also missing.
|
34
|
+
PUPPET_VERSION: 'UNDEFINED' # <- Matrixed jobs MUST override this (or fail)
|
35
|
+
BUNDLER_VERSION: '1.17.1'
|
36
|
+
SIMP_MATRIX_LEVEL: '1'
|
37
|
+
SIMP_FORCE_RUN_MATRIX: 'no'
|
38
|
+
|
39
|
+
# Force dependencies into a path the gitlab-runner user can write to.
|
40
|
+
# (This avoids some failures on Runners with misconfigured ruby environments.)
|
41
|
+
GEM_HOME: .vendor/gem_install
|
42
|
+
BUNDLE_CACHE_PATH: .vendor/bundle
|
43
|
+
BUNDLE_PATH: .vendor/bundle
|
44
|
+
BUNDLE_BIN: .vendor/gem_install/bin
|
45
|
+
BUNDLE_NO_PRUNE: 'true'
|
46
|
+
|
47
|
+
|
48
|
+
# bundler dependencies + caching, optional RVM setup, with diagnostic output
|
49
|
+
# --------------------------------------------------------------------------
|
50
|
+
.setup_bundler_env: &setup_bundler_env
|
3
51
|
cache:
|
4
|
-
|
5
|
-
|
6
|
-
key: "${CI_PROJECT_NAMESPACE}__bundler"
|
52
|
+
# Cache bundler gems between pipelines for each Ruby version
|
53
|
+
key: "${CI_PROJECT_NAMESPACE}_ruby-${MATRIX_RUBY_VERSION}_bundler"
|
7
54
|
paths:
|
8
55
|
- '.vendor'
|
9
|
-
- 'vendor'
|
10
|
-
|
11
|
-
.setup_bundler_env: &setup_bundler_env
|
12
56
|
before_script:
|
13
|
-
- '
|
14
|
-
|
15
|
-
- '
|
16
|
-
- '
|
17
|
-
-
|
18
|
-
-
|
19
|
-
|
57
|
+
- 'ruby -e "puts %(\n\n), %q(=)*80, %(\nSIMP-relevant Environment Variables:\n\n#{e=ENV.keys.grep(/^PUPPET|^SIMP|^BEAKER|MATRIX/); pad=e.map{|x| x.size}.max+1; e.map{|v| %( * #{%(#{v}:).ljust(pad)} #{39.chr + ENV[v] + 39.chr}\n)}.join}\n), %q(=)*80, %(\n\n)"'
|
58
|
+
# Diagnostic ruby & gem information
|
59
|
+
- 'which ruby && ruby --version || :'
|
60
|
+
- "[[ $- == *i* ]] && echo 'Interactive shell session' || echo 'Non-interactive shell session'"
|
61
|
+
- "shopt -q login_shell && echo 'Login shell' || echo 'Not a login shell'"
|
62
|
+
- 'rvm ls || :'
|
63
|
+
|
64
|
+
# If RVM is available, make SURE it's using the right Ruby:
|
65
|
+
# * Source rvm (to run in non-login shells)
|
66
|
+
# * If any $MATRIX_RUBY_VERSION rubies are available, use the latest
|
67
|
+
# * Otherwise: install & use ${MATRIX_RUBY_VERSION}-head (e.g., latest)
|
68
|
+
# * ^^ This could be wonky and introduce variations across runners
|
69
|
+
# * ^^ maybe it should just fail if there is no $MATRIX_RUBY_VERSION installed?
|
70
|
+
- "command -v rvm && { if declare -p rvm_path &> /dev/null; then source \"${rvm_path}/scripts/rvm\"; else source \"$HOME/.rvm/scripts/rvm\" || source /etc/profile.d/rvm.sh; fi; }"
|
71
|
+
- "command -v rvm && { LATEST_RVM_RUBY_XY=\"$(rvm ls | grep \"$MATRIX_RUBY_VERSION\" | tail -1 | sed -e 's/^.*\\([0-9]\\+\\.[0-9]\\+\\.[0-9]\\+\\).*$/\\1/g')\"; if [ -z \"$LATEST_RVM_RUBY_XY\" ]; then LATEST_RVM_RUBY_XY=\"${MATRIX_RUBY_VERSION}-head\"; rvm install \"$LATEST_RVM_RUBY\" --no-docs; else echo \"Found RVM Ruby: '${LATEST_RVM_RUBY_XY}'\"; fi; rvm use \"$LATEST_RVM_RUBY_XY\" ; }"
|
72
|
+
- 'ruby --version || :'
|
73
|
+
- 'gem list sync || :'
|
74
|
+
|
75
|
+
# Bundle gems (preferring cached > local > downloaded resources)
|
76
|
+
# * Try to use cached and local resources before downloading dependencies
|
77
|
+
- 'declare GEM_BUNDLER_VER=(-v "~> ${BUNDLER_VERSION:-1.17.1}")'
|
78
|
+
- 'declare GEM_INSTALL_CMD=(gem install --no-document)'
|
79
|
+
- 'declare BUNDLER_INSTALL_CMD=(bundle install --no-binstubs --jobs $(nproc) "${FLAGS[@]}")'
|
80
|
+
- 'mkdir -p ${GEM_HOME} ${BUNDLER_BIN}'
|
81
|
+
- 'gem list -ie "${GEM_BUNDLER_VER[@]}" --silent bundler || "${GEM_INSTALL_CMD[@]}" --local "${GEM_BUNDLER_VER[@]}" bundler || "${GEM_INSTALL_CMD[@]}" "${GEM_BUNDLER_VER[@]}" bundler'
|
20
82
|
- 'rm -rf pkg/ || :'
|
21
|
-
- bundle check || rm -f Gemfile.lock && ("${
|
83
|
+
- 'bundle check || rm -f Gemfile.lock && ("${BUNDLER_INSTALL_CMD[@]}" --local || "${BUNDLER_INSTALL_CMD[@]}" || bundle pristine || "${BUNDLER_INSTALL_CMD[@]}") || { echo "PIPELINE: Bundler could not install everything (see log output above)" && exit 99 ; }'
|
84
|
+
|
85
|
+
# Diagnostic bundler, ruby, and gem checks:
|
86
|
+
- 'bundle exec rvm ls || :'
|
87
|
+
- 'bundle exec which ruby || :'
|
88
|
+
- 'bundle show sync || :'
|
89
|
+
- 'bundle exec gem list sync || :'
|
90
|
+
|
91
|
+
|
92
|
+
# Assign a matrix level when your test will run. Heavier jobs get higher numbers
|
93
|
+
# NOTE: To skip all jobs with a SIMP_MATRIX_LEVEL, set SIMP_MATRIX_LEVEL=0
|
94
|
+
# ------------------------------------------------------------------------------
|
95
|
+
|
96
|
+
.relevant_file_conditions_trigger_spec_tests: &relevant_file_conditions_trigger_spec_tests
|
97
|
+
changes:
|
98
|
+
- .gitlab-ci.yml
|
99
|
+
- .fixtures.yml
|
100
|
+
- .rspec
|
101
|
+
- metadata.json
|
102
|
+
- "spec/spec_helper.rb"
|
103
|
+
- "spec/{classes,unit,defines,type_aliases,types,hosts,lib}/**/*.rb"
|
104
|
+
- "{SIMP,data,manifests,files,types,lib}/**/*"
|
105
|
+
- "templates/**/*.{erb,epp}"
|
106
|
+
- "Gemfile"
|
107
|
+
exists:
|
108
|
+
- "spec/{classes,unit,defines,type_aliases,types,hosts,lib}/**/*_spec.rb"
|
109
|
+
|
110
|
+
.relevant_file_conditions_trigger_acceptance_tests: &relevant_file_conditions_trigger_acceptance_tests
|
111
|
+
changes:
|
112
|
+
- .gitlab-ci.yml
|
113
|
+
- .fixtures.yml
|
114
|
+
- "spec/spec_helper_acceptance.rb"
|
115
|
+
- "spec/acceptance/**/*"
|
116
|
+
- "{SIMP,data,manifests,files,types,lib}/**/*"
|
117
|
+
- "templates/**/*.{erb,epp}"
|
118
|
+
- "Gemfile"
|
119
|
+
exists:
|
120
|
+
- "spec/acceptance/**/*_spec.rb"
|
121
|
+
|
122
|
+
# For some reason, the rule regexes stopped matching line starts inside
|
123
|
+
# $CI_COMMIT_MESSAGE with carets /^/, so we're using /\n?/ as a workaround.
|
124
|
+
.skip_job_when_commit_message_says_to: &skip_job_when_commit_message_says_to
|
125
|
+
if: '$CI_COMMIT_MESSAGE =~ /\n?CI: (SKIP MATRIX|MATRIX LEVEL 0)/'
|
126
|
+
when: never
|
127
|
+
|
128
|
+
.force_run_job_when_commit_message_lvl_1_or_above: &force_run_job_when_commit_mssage_lvl_1_or_above
|
129
|
+
if: '$CI_COMMIT_MESSAGE =~ /\n?CI: MATRIX LEVEL [123]/'
|
130
|
+
when: on_success
|
131
|
+
|
132
|
+
.force_run_job_when_commit_message_lvl_2_or_above: &force_run_job_when_commit_mssage_lvl_2_or_above
|
133
|
+
if: '$CI_COMMIT_MESSAGE =~ /\n?CI: MATRIX LEVEL [23]/'
|
134
|
+
when: on_success
|
135
|
+
|
136
|
+
.force_run_job_when_commit_message_lvl_3_or_above: &force_run_job_when_commit_mssage_lvl_3_or_above
|
137
|
+
if: '$CI_COMMIT_MESSAGE =~ /\n?CI: MATRIX LEVEL [3]/'
|
138
|
+
when: on_success
|
139
|
+
|
140
|
+
# check for $CI_PIPELINE_SOURCE needed because this is combined w/when:changes
|
141
|
+
.run_job_when_level_1_or_above_w_changes: &run_job_when_level_1_or_above_w_changes
|
142
|
+
if: '$SIMP_MATRIX_LEVEL =~ /^[123]$/ && $CI_COMMIT_BRANCH && $CI_PIPELINE_SOURCE == "push"'
|
143
|
+
when: on_success
|
144
|
+
|
145
|
+
.run_job_when_level_2_or_above_w_changes: &run_job_when_level_2_or_above_w_changes
|
146
|
+
if: '$SIMP_MATRIX_LEVEL =~ /^[23]$/ && $CI_COMMIT_BRANCH && $CI_PIPELINE_SOURCE == "push"'
|
147
|
+
when: on_success
|
22
148
|
|
23
|
-
.
|
149
|
+
.run_job_when_level_3_or_above_w_changes: &run_job_when_level_3_or_above_w_changes
|
150
|
+
if: '$SIMP_MATRIX_LEVEL =~ /^[3]$/ && $CI_COMMIT_BRANCH && $CI_PIPELINE_SOURCE == "push"'
|
151
|
+
when: on_success
|
152
|
+
|
153
|
+
.force_run_job_when_var_and_lvl_1_or_above: &force_run_job_when_var_and_lvl_1_or_above
|
154
|
+
if: '$SIMP_FORCE_RUN_MATRIX == "yes" && $SIMP_MATRIX_LEVEL =~ /^[123]$/'
|
155
|
+
when: on_success
|
156
|
+
|
157
|
+
.force_run_job_when_var_and_lvl_2_or_above: &force_run_job_when_var_and_lvl_2_or_above
|
158
|
+
if: '$SIMP_FORCE_RUN_MATRIX == "yes" && $SIMP_MATRIX_LEVEL =~ /^[23]$/'
|
159
|
+
when: on_success
|
160
|
+
|
161
|
+
.force_run_job_when_var_and_lvl_3_or_above: &force_run_job_when_var_and_lvl_3_or_above
|
162
|
+
if: '$SIMP_FORCE_RUN_MATRIX == "yes" && $SIMP_MATRIX_LEVEL =~ /^[3]$/'
|
163
|
+
when: on_success
|
164
|
+
|
165
|
+
|
166
|
+
|
167
|
+
# SIMP_MATRIX_LEVEL=1: Intended to run every commit
|
168
|
+
.with_SIMP_ACCEPTANCE_MATRIX_LEVEL_1: &with_SIMP_ACCEPTANCE_MATRIX_LEVEL_1
|
169
|
+
rules:
|
170
|
+
- <<: *skip_job_when_commit_message_says_to
|
171
|
+
- <<: *force_run_job_when_var_and_lvl_1_or_above
|
172
|
+
- <<: *force_run_job_when_commit_mssage_lvl_1_or_above
|
173
|
+
- <<: *run_job_when_level_1_or_above_w_changes
|
174
|
+
<<: *relevant_file_conditions_trigger_acceptance_tests
|
175
|
+
- when: never
|
176
|
+
|
177
|
+
.with_SIMP_SPEC_MATRIX_LEVEL_1: &with_SIMP_SPEC_MATRIX_LEVEL_1
|
178
|
+
rules:
|
179
|
+
- <<: *skip_job_when_commit_message_says_to
|
180
|
+
- <<: *force_run_job_when_commit_mssage_lvl_1_or_above
|
181
|
+
- <<: *force_run_job_when_var_and_lvl_1_or_above
|
182
|
+
- <<: *run_job_when_level_1_or_above_w_changes
|
183
|
+
<<: *relevant_file_conditions_trigger_spec_tests
|
184
|
+
- when: never
|
185
|
+
|
186
|
+
# SIMP_MATRIX_LEVEL=2: Resource-heavy or redundant jobs
|
187
|
+
.with_SIMP_ACCEPTANCE_MATRIX_LEVEL_2: &with_SIMP_ACCEPTANCE_MATRIX_LEVEL_2
|
188
|
+
rules:
|
189
|
+
- <<: *skip_job_when_commit_message_says_to
|
190
|
+
- <<: *force_run_job_when_var_and_lvl_2_or_above
|
191
|
+
- <<: *force_run_job_when_commit_mssage_lvl_2_or_above
|
192
|
+
- <<: *run_job_when_level_2_or_above_w_changes
|
193
|
+
<<: *relevant_file_conditions_trigger_acceptance_tests
|
194
|
+
- when: never
|
195
|
+
|
196
|
+
.with_SIMP_SPEC_MATRIX_LEVEL_2: &with_SIMP_SPEC_MATRIX_LEVEL_2
|
197
|
+
rules:
|
198
|
+
- <<: *skip_job_when_commit_message_says_to
|
199
|
+
- <<: *force_run_job_when_commit_mssage_lvl_2_or_above
|
200
|
+
- <<: *force_run_job_when_var_and_lvl_2_or_above
|
201
|
+
- <<: *run_job_when_level_2_or_above_w_changes
|
202
|
+
<<: *relevant_file_conditions_trigger_spec_tests
|
203
|
+
- when: never
|
204
|
+
|
205
|
+
# SIMP_MATRIX_LEVEL=3: Reserved for FULL matrix testing
|
206
|
+
.with_SIMP_ACCEPTANCE_MATRIX_LEVEL_3: &with_SIMP_ACCEPTANCE_MATRIX_LEVEL_3
|
207
|
+
rules:
|
208
|
+
- <<: *skip_job_when_commit_message_says_to
|
209
|
+
- <<: *force_run_job_when_var_and_lvl_3_or_above
|
210
|
+
- <<: *force_run_job_when_commit_mssage_lvl_3_or_above
|
211
|
+
- <<: *run_job_when_level_3_or_above_w_changes
|
212
|
+
<<: *relevant_file_conditions_trigger_acceptance_tests
|
213
|
+
- when: never
|
214
|
+
|
215
|
+
|
216
|
+
# Puppet Versions
|
217
|
+
#-----------------------------------------------------------------------
|
218
|
+
|
219
|
+
.pup_5: &pup_5
|
220
|
+
image: 'ruby:2.4'
|
221
|
+
variables:
|
222
|
+
PUPPET_VERSION: '~> 5.0'
|
223
|
+
BEAKER_PUPPET_COLLECTION: 'puppet5'
|
224
|
+
MATRIX_RUBY_VERSION: '2.4'
|
225
|
+
|
226
|
+
.pup_6: &pup_6
|
227
|
+
image: 'ruby:2.5'
|
228
|
+
variables:
|
229
|
+
PUPPET_VERSION: '~> 6.0'
|
230
|
+
BEAKER_PUPPET_COLLECTION: 'puppet6'
|
231
|
+
MATRIX_RUBY_VERSION: '2.5'
|
232
|
+
|
233
|
+
.pup_6_18_0: &pup_6_18_0
|
234
|
+
image: 'ruby:2.5'
|
235
|
+
variables:
|
236
|
+
PUPPET_VERSION: '6.18.0'
|
237
|
+
BEAKER_PUPPET_COLLECTION: 'puppet6'
|
238
|
+
MATRIX_RUBY_VERSION: '2.5'
|
239
|
+
|
240
|
+
.pup_7: &pup_7
|
241
|
+
image: 'ruby:2.7'
|
242
|
+
variables:
|
243
|
+
PUPPET_VERSION: '~> 7.0'
|
244
|
+
BEAKER_PUPPET_COLLECTION: 'puppet7'
|
245
|
+
MATRIX_RUBY_VERSION: '2.7'
|
246
|
+
|
247
|
+
# Testing Environments
|
248
|
+
#-----------------------------------------------------------------------
|
249
|
+
|
250
|
+
.lint_tests: &lint_tests
|
251
|
+
stage: 'validation'
|
252
|
+
tags: ['docker']
|
253
|
+
<<: *setup_bundler_env
|
24
254
|
script:
|
25
|
-
- bundle exec rake
|
255
|
+
- 'bundle exec rake syntax'
|
256
|
+
- 'bundle exec rake lint'
|
257
|
+
- 'bundle exec rake metadata_lint'
|
26
258
|
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
259
|
+
.unit_tests: &unit_tests
|
260
|
+
stage: 'validation'
|
261
|
+
tags: ['docker']
|
262
|
+
<<: *setup_bundler_env
|
263
|
+
<<: *with_SIMP_SPEC_MATRIX_LEVEL_1
|
264
|
+
script:
|
265
|
+
- 'bundle exec rake spec'
|
33
266
|
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
2_4-unit:
|
39
|
-
stage: unit
|
40
|
-
tags:
|
41
|
-
- docker
|
42
|
-
image: ruby:2.4
|
43
|
-
<<: *cache_bundler
|
267
|
+
.acceptance_base: &acceptance_base
|
268
|
+
stage: 'acceptance'
|
269
|
+
tags: ['beaker']
|
44
270
|
<<: *setup_bundler_env
|
45
|
-
<<: *
|
271
|
+
<<: *with_SIMP_ACCEPTANCE_MATRIX_LEVEL_1
|
272
|
+
|
273
|
+
.compliance_base: &compliance_base
|
274
|
+
stage: 'compliance'
|
275
|
+
tags: ['beaker']
|
276
|
+
<<: *setup_bundler_env
|
277
|
+
<<: *with_SIMP_ACCEPTANCE_MATRIX_LEVEL_1
|
278
|
+
|
279
|
+
|
280
|
+
# Unit Tests
|
281
|
+
#-----------------------------------------------------------------------
|
282
|
+
|
283
|
+
pup5-unit:
|
284
|
+
<<: *pup_5
|
285
|
+
<<: *unit_tests
|
286
|
+
|
287
|
+
pup6-unit:
|
288
|
+
<<: *pup_6
|
289
|
+
<<: *unit_tests
|
290
|
+
|
291
|
+
pup7-unit:
|
292
|
+
<<: *pup_7
|
293
|
+
<<: *unit_tests
|
294
|
+
|
295
|
+
# ------------------------------------------------------------------------------
|
296
|
+
# NOTICE: **This file is maintained with puppetsync**
|
297
|
+
#
|
298
|
+
# Everything above the "Repo-specific content" comment will be overwritten by
|
299
|
+
# the next puppetsync.
|
300
|
+
# ------------------------------------------------------------------------------
|
301
|
+
|
302
|
+
# Repo-specific content
|
303
|
+
# ==============================================================================
|
304
|
+
|
305
|
+
#=======================================================================
|
306
|
+
# Packaging test
|
307
|
+
|
308
|
+
pup5-pkg:
|
309
|
+
<<: *pup_5
|
310
|
+
<<: *unit_tests
|
311
|
+
script:
|
312
|
+
'bundle exec rake pkg:gem'
|
46
313
|
|
314
|
+
pup6-pkg:
|
315
|
+
<<: *pup_6
|
316
|
+
<<: *unit_tests
|
317
|
+
script:
|
318
|
+
'bundle exec rake pkg:gem'
|
319
|
+
|
320
|
+
pup7-pkg:
|
321
|
+
<<: *pup_7
|
322
|
+
<<: *unit_tests
|
323
|
+
script:
|
324
|
+
'bundle exec rake pkg:gem'
|
47
325
|
|
48
326
|
#=======================================================================
|
49
327
|
# Acceptance tests
|
50
328
|
default:
|
51
|
-
|
52
|
-
|
53
|
-
- beaker
|
54
|
-
<<: *cache_bundler
|
55
|
-
<<: *setup_bundler_env
|
329
|
+
<<: *pup_6
|
330
|
+
<<: *acceptance_base
|
56
331
|
script:
|
57
|
-
- bundle exec rake spec_clean
|
58
332
|
- bundle exec rake beaker:suites[default]
|
59
333
|
|
60
334
|
default-fips:
|
61
|
-
|
62
|
-
|
63
|
-
- beaker
|
64
|
-
<<: *cache_bundler
|
65
|
-
<<: *setup_bundler_env
|
66
|
-
variables:
|
67
|
-
BEAKER_fips: 'yes'
|
335
|
+
<<: *pup_6
|
336
|
+
<<: *acceptance_base
|
68
337
|
script:
|
69
|
-
- bundle exec rake
|
70
|
-
- bundle exec rake beaker:suites[default]
|
338
|
+
- BEAKER_fips=yes bundle exec rake beaker:suites[default]
|
71
339
|
|
72
340
|
fips_from_fixtures:
|
73
|
-
|
74
|
-
|
75
|
-
- beaker
|
76
|
-
<<: *cache_bundler
|
77
|
-
<<: *setup_bundler_env
|
78
|
-
variables:
|
79
|
-
PUPPET_VERSION: '~> 5.3'
|
80
|
-
BEAKER_PUPPET_COLLECTION: 'puppet5'
|
341
|
+
<<: *pup_6
|
342
|
+
<<: *acceptance_base
|
81
343
|
script:
|
82
|
-
- bundle exec rake spec_clean
|
83
344
|
- bundle exec rake beaker:suites[fips_from_fixtures]
|
84
345
|
|
85
346
|
puppet5_collections:
|
86
|
-
|
87
|
-
|
88
|
-
- beaker
|
89
|
-
<<: *cache_bundler
|
90
|
-
<<: *setup_bundler_env
|
91
|
-
variables:
|
92
|
-
PUPPET_VERSION: '~> 5.3'
|
347
|
+
<<: *pup_5
|
348
|
+
<<: *acceptance_base
|
93
349
|
script:
|
94
|
-
- bundle exec rake spec_clean
|
95
350
|
- bundle exec rake beaker:suites[puppet_collections]
|
96
351
|
|
97
352
|
puppet6_collections:
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
353
|
+
<<: *pup_6
|
354
|
+
<<: *acceptance_base
|
355
|
+
script:
|
356
|
+
- bundle exec rake beaker:suites[puppet_collections]
|
357
|
+
|
358
|
+
puppet7_collections:
|
359
|
+
<<: *pup_7
|
360
|
+
<<: *acceptance_base
|
105
361
|
script:
|
106
|
-
- bundle exec rake spec_clean
|
107
362
|
- bundle exec rake beaker:suites[puppet_collections]
|
108
363
|
|
109
364
|
windows:
|
110
|
-
|
111
|
-
|
112
|
-
- beaker
|
113
|
-
<<: *cache_bundler
|
114
|
-
<<: *setup_bundler_env
|
365
|
+
<<: *pup_6
|
366
|
+
<<: *acceptance_base
|
115
367
|
script:
|
116
|
-
- bundle exec rake spec_clean
|
117
368
|
- bundle exec rake beaker:suites[windows]
|
118
369
|
|
119
370
|
snapshot:
|
120
|
-
|
371
|
+
<<: *pup_6
|
372
|
+
<<: *acceptance_base
|
121
373
|
# This is prone to breakage in the underlying system
|
122
374
|
allow_failure: true
|
123
|
-
tags:
|
124
|
-
- beaker
|
125
|
-
<<: *cache_bundler
|
126
|
-
<<: *setup_bundler_env
|
127
|
-
variables:
|
128
|
-
BEAKER_simp_snapshot: 'yes'
|
129
375
|
script:
|
130
|
-
- bundle exec rake
|
131
|
-
- bundle exec rake beaker:suites[snapshot]
|
376
|
+
- BEAKER_simp_snapshot=yes bundle exec rake beaker:suites[snapshot]
|
data/.travis.yml
CHANGED
@@ -1,36 +1,42 @@
|
|
1
1
|
---
|
2
|
-
language:
|
3
|
-
cache: bundler
|
4
|
-
sudo: false
|
5
|
-
before_install:
|
6
|
-
- rm Gemfile.lock || true
|
7
|
-
bundler_args: "--without development --path .vendor"
|
2
|
+
language: shell
|
8
3
|
notifications:
|
9
4
|
email: false
|
10
|
-
|
11
|
-
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
rvm: 2.4.
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
5
|
+
stages:
|
6
|
+
- name: deploy
|
7
|
+
if: 'tag IS present'
|
8
|
+
|
9
|
+
### Testing on Travis CI is indefinitely disabled
|
10
|
+
###
|
11
|
+
### See:
|
12
|
+
### * https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing
|
13
|
+
### * https://simp-project.atlassian.net/browse/SIMP-8703
|
14
|
+
jobs:
|
15
|
+
include:
|
16
|
+
- stage: deploy
|
17
|
+
script: skip
|
18
|
+
cache: bundler
|
19
|
+
before_install:
|
20
|
+
- rm Gemfile.lock || true
|
21
|
+
bundler_args: "--without development --path .vendor"
|
22
|
+
language: ruby
|
23
|
+
rvm: 2.4.5
|
24
|
+
before_deploy:
|
25
|
+
- bundle exec rake clobber
|
26
|
+
- "export GEM_VERSION=`ruby -r ./lib/simp/beaker_helpers/version.rb -e 'puts Simp::BeakerHelpers::VERSION'`"
|
27
|
+
- '[[ $TRAVIS_TAG =~ ^${GEM_VERSION}$ ]]'
|
28
|
+
deploy:
|
29
|
+
- provider: rubygems
|
30
|
+
gemspec: simp-beaker-helpers.gemspec
|
31
|
+
gem: simp-beaker-helpers
|
32
|
+
token:
|
33
|
+
secure: "AlnBx0dBSxn+S97n0h14ltKUOA+6v0bc7QZPIcwGJV9nnf1hKH3pf9La1TVknEx7XgpAcM9jusQJ7hBlqvSq8z8SFF0bZk1EgSRIKc1cuYPLiGyUM2O7+AFHyCy3iCnPvKeoQmE/BJb5O1dGnbmSbf4A0fqLxA7jiHG1j7z+cnmJB1i67wovDfl13TsOXyBfbespWBMMc0BKAw56FPs9XggAk2cNusS3hd5tqW1AZPT2/xwt+d8ngkmO96u8QcichYRFQ+w+XW4H0w935wNg/dWiskJlt7TIYVAh4Ko5s2DZKf52Tne8TugALSn0LhRatpp7sw1FTTpteCW8UqK8uwGC2hM4pZViAOv4P1YObz2IPOZPriBl+cCayJdMKnotkUJliAMnw5TLiSWKLou+S0Pdj2h3fJZWdOEwRPMzIVoJtsOHG3GdNcPL6f7iU0vP/wr6FeR3uWa+fA7NHRi2Du955O8JpogjdrW08ahcAEwhtI3A4mrA08wN09axsrwr093uDRm/5h4FHyAhExJ0YiA/6kcPpUvILcLStyHe0RQDICQMdsQo2DSbnL65w3QjFa2fML2Shf9cRwX06+ia2BxozWzFD/6p3RiRtPxphnbFiUdjYSGWcwCcUgbJx9SW04lSSxOhpyItuXgxZqiybkzstXd6riu5zwg1R8TWk34="
|
34
|
+
on:
|
35
|
+
tags: true
|
36
|
+
condition: "($SKIP_PUBLISH != true)"
|
37
|
+
- provider: releases
|
38
|
+
token:
|
39
|
+
secure: "I41p4aqjkrNDHJhZ5gWC4gzn7BVwEYRm5Q3PAxQRSIUDB/QTVgNqZx8YptkuIvSGpw8kIywyZg3NKdzGUO8aJJ0NlXapL7e9qQIigkYhdaCZjZFG5zIxdOFs4sVoz/6vnQT9JIcGWy7uS5xiNOulGvfEWU78+e+I9yPdT74RApve5VAVT/km5lV5ldRnwwehLnTx+volUlnOD8rwfizoVLqFTrfRfr4cVMF605UYyaiVxHF50hywFRZoAdVcMEhlLQnQXfz/ZsLMJLJm9eCpjQ989N0oX6theSLCcv7QtHcWMXydjWMcpuTfBZSFrwUVbC23uMOKTJVEWq5LMG3m2L6hP3//2gvUzGhOVLvoGuC+erboB7QoXdcoOgXY+dTZPMcPBxpArdDLWVQSLTvPs05QzpaUdRLVMC/kD1d1EudlEicgkNgNDBhBn3089nVmvKndbKLvj+23a5AQVVbs+8C0x+SJvTc9N2N+bmuH7jIJPrEvWK4xwcQa+g2M/EBv05jaEdSErlVa6B6UKCH0Lea9rpy1se9vn5OzpaaMCCJIpcpQqHDjo0PMAQXBSbqjKcBei6lR5fIFl5UO9gWP1v8PGPuCzGTBivQ92XlgV1TWXmdbJHwIuSbJx3Ali7Wp19RR4E4uHC+TPFssvgkh9ZLkORnWWS35wzzU1LkwWx0="
|
40
|
+
on:
|
41
|
+
tags: true
|
42
|
+
condition: "($SKIP_PUBLISH != true)"
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,50 @@
|
|
1
|
+
### 1.20.1 / 2021-01-08
|
2
|
+
* Fixed:
|
3
|
+
* Ensure that yum calls commands appropriately depending on whether or not
|
4
|
+
packages are already installed.
|
5
|
+
* Also change all HostKeyAlgorithms settings for SSH connections
|
6
|
+
|
7
|
+
### 1.20.0 / 2021-01-05
|
8
|
+
* Added:
|
9
|
+
* A `enable_epel_on` function that follows the instructions on the EPEL
|
10
|
+
website to properly enable EPEL on hosts. May be disabled using
|
11
|
+
`BEAKER_enable_epel=no`.
|
12
|
+
* An Ubuntu nodeset to make sure our default settings don't destroy other
|
13
|
+
Linux systems.
|
14
|
+
* Added has_crypto_policies method for determining if crypto policies are
|
15
|
+
present on the SUT
|
16
|
+
* Added munge_ssh_crypto_policies to allow vagrant to SSH back into systems
|
17
|
+
with restrictive crypto policies (usually FIPS)
|
18
|
+
* Fixed:
|
19
|
+
* Modify all crypto-policy backend files to support ssh-rsa keys
|
20
|
+
* Try harder when doing yum installations
|
21
|
+
|
22
|
+
### 1.19.4 / 2021-01-05
|
23
|
+
* Fixed:
|
24
|
+
* Only return a default empty string when `pfact_on` finds a `nil` value
|
25
|
+
* Added an acceptance test to validate this
|
26
|
+
* Ensure that we start with `facter -p` for `facter` < 4.0 and continue to
|
27
|
+
`puppet facts` otherwise
|
28
|
+
* Updated the Rakefile to skip symlinks in chmods which fixes the ability to
|
29
|
+
build gems
|
30
|
+
|
31
|
+
### 1.19.3 / 2021-01-01
|
32
|
+
* Fixed:
|
33
|
+
* Ensure that `pfact_on` can handle fact dot notation
|
34
|
+
* Changed:
|
35
|
+
* Silenced some of the noisy commands that didn't provide value-add output
|
36
|
+
|
37
|
+
### 1.19.2 / 2020-12-19
|
38
|
+
* Fixed:
|
39
|
+
* Fixed an issue with pfact_on
|
40
|
+
|
41
|
+
### 1.19.1 / 2020-12-02
|
42
|
+
* Fixed:
|
43
|
+
* Bumped the core puppet version to 6.X
|
44
|
+
* Fixed the file_content_on method
|
45
|
+
* Removed EL 6 support from the tests since the core repos are defunct
|
46
|
+
* Started removing some of the puppet 4 tests
|
47
|
+
|
1
48
|
### 1.19.0 / 2020-09-30
|
2
49
|
* Fixed:
|
3
50
|
* rsync handling has a better check to see if rsync actually works prior to
|
data/Gemfile
CHANGED
@@ -44,7 +44,7 @@ group :system_tests do
|
|
44
44
|
gem 'beaker-rspec'
|
45
45
|
gem 'beaker-windows'
|
46
46
|
gem 'net-ssh'
|
47
|
-
gem 'puppet', ENV.fetch('PUPPET_VERSION', '~>
|
47
|
+
gem 'puppet', ENV.fetch('PUPPET_VERSION', '~> 6.0')
|
48
48
|
gem 'puppetlabs_spec_helper'
|
49
49
|
gem 'rubocop'
|
50
50
|
gem 'rubocop-rspec'
|
data/Rakefile
CHANGED
@@ -30,7 +30,7 @@ task :chmod do
|
|
30
30
|
gemspec = File.expand_path( "#{@package}.gemspec", @rakefile_dir ).strip
|
31
31
|
spec = Gem::Specification::load( gemspec )
|
32
32
|
spec.files.each do |file|
|
33
|
-
FileUtils.chmod 'go=r', file
|
33
|
+
FileUtils.chmod 'go=r', file unless File.symlink?(file)
|
34
34
|
end
|
35
35
|
end
|
36
36
|
|
data/lib/simp/beaker_helpers.rb
CHANGED
@@ -66,6 +66,8 @@ module Simp::BeakerHelpers
|
|
66
66
|
|
67
67
|
if sut[:hypervisor] == 'docker'
|
68
68
|
exclude_list = []
|
69
|
+
opts[:silent] ||= true
|
70
|
+
|
69
71
|
if opts.has_key?(:ignore) && !opts[:ignore].empty?
|
70
72
|
opts[:ignore].each do |value|
|
71
73
|
exclude_list << "--exclude '#{value}'"
|
@@ -114,9 +116,34 @@ module Simp::BeakerHelpers
|
|
114
116
|
|
115
117
|
# use the `puppet fact` face to look up facts on an SUT
|
116
118
|
def pfact_on(sut, fact_name)
|
117
|
-
|
118
|
-
|
119
|
-
facts
|
119
|
+
require 'ostruct'
|
120
|
+
|
121
|
+
# If puppet is not installed, there are no puppet facts to fetch
|
122
|
+
if sut.which('puppet').empty?
|
123
|
+
fact_on(sut, fact_name, :silent => true)
|
124
|
+
else
|
125
|
+
facts_json = nil
|
126
|
+
begin
|
127
|
+
cmd_output = on(sut, 'facter -p --json', :silent => true)
|
128
|
+
|
129
|
+
# Facter 4+
|
130
|
+
raise('skip facter -p') if (cmd_output.stderr =~ /no longer supported/)
|
131
|
+
|
132
|
+
facts = JSON.parse(cmd_output.stdout, object_class: OpenStruct)
|
133
|
+
rescue StandardError
|
134
|
+
# If *anything* fails, we need to fall back to `puppet facts`
|
135
|
+
|
136
|
+
facts_json = on(sut, 'puppet facts find garbage_xxx', :silent => true).stdout
|
137
|
+
facts = JSON.parse(facts_json, object_class: OpenStruct).values
|
138
|
+
end
|
139
|
+
|
140
|
+
found_fact = facts.dig(*(fact_name.split('.')))
|
141
|
+
|
142
|
+
# Fall back to the behavior in fact_on
|
143
|
+
found_fact = '' if found_fact.nil?
|
144
|
+
|
145
|
+
return found_fact
|
146
|
+
end
|
120
147
|
end
|
121
148
|
|
122
149
|
# Returns the modulepath on the SUT, as an Array
|
@@ -294,6 +321,19 @@ module Simp::BeakerHelpers
|
|
294
321
|
pluginsync_on(suts) if opts[:pluginsync]
|
295
322
|
end
|
296
323
|
|
324
|
+
def has_crypto_policies(sut)
|
325
|
+
file_exists_on(sut, '/etc/crypto-policies/config')
|
326
|
+
end
|
327
|
+
|
328
|
+
def munge_ssh_crypto_policies(sut, key_types=['ssh-rsa'])
|
329
|
+
if has_crypto_policies(sut)
|
330
|
+
on(sut, "yum update -y crypto-policies", :accept_all_exit_codes => true)
|
331
|
+
|
332
|
+
# Since we may be doing this prior to having a box flip into FIPS mode, we
|
333
|
+
# need to find and modify *all* of the affected policies
|
334
|
+
on( sut, %{sed --follow-symlinks -i 's/\\(HostKeyAlgorithms\\|PubkeyAcceptedKeyTypes\\)\\(.\\)/\\1\\2#{key_types.join(',')},/g' $( grep -L ssh-rsa $( find /etc/crypto-policies /usr/share/crypto-policies -type f -a \\( -name '*.txt' -o -name '*.config' \\) -exec grep -l PubkeyAcceptedKeyTypes {} \\; ) ) })
|
335
|
+
end
|
336
|
+
end
|
297
337
|
|
298
338
|
# Configure and reboot SUTs into FIPS mode
|
299
339
|
def enable_fips_mode_on( suts = hosts )
|
@@ -347,17 +387,14 @@ module Simp::BeakerHelpers
|
|
347
387
|
on(sut, module_install_cmd)
|
348
388
|
end
|
349
389
|
|
350
|
-
# Enable FIPS and then reboot to finish.
|
351
|
-
on(sut, %(puppet apply --verbose #{fips_enable_modulepath} -e "class { 'fips': enabled => true }"))
|
352
|
-
|
353
390
|
# Work around Vagrant and cipher restrictions in EL8+
|
354
391
|
#
|
355
392
|
# Hopefully, Vagrant will update the used ciphers at some point but who
|
356
393
|
# knows when that will be
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
|
394
|
+
munge_ssh_crypto_policies(sut)
|
395
|
+
|
396
|
+
# Enable FIPS and then reboot to finish.
|
397
|
+
on(sut, %(puppet apply --verbose #{fips_enable_modulepath} -e "class { 'fips': enabled => true }"))
|
361
398
|
|
362
399
|
sut.reboot
|
363
400
|
end
|
@@ -450,6 +487,49 @@ module Simp::BeakerHelpers
|
|
450
487
|
repo_manifest = repo_manifest + %(\n#{repo_manifest_opts.join(",\n")}) + "\n}\n"
|
451
488
|
end
|
452
489
|
|
490
|
+
# Enable EPEL if appropriate to do so and the system is online
|
491
|
+
#
|
492
|
+
# Can be disabled by setting BEAKER_enable_epel=no
|
493
|
+
def enable_epel_on(sut)
|
494
|
+
if ONLINE && (ENV['BEAKER_stringify_facts'] != 'no')
|
495
|
+
os_info = fact_on(sut, 'os')
|
496
|
+
os_maj_rel = os_info['release']['major']
|
497
|
+
|
498
|
+
# This is based on the official EPEL docs https://fedoraproject.org/wiki/EPEL
|
499
|
+
if ['RedHat', 'CentOS'].include?(os_info['name'])
|
500
|
+
# EL7 returns 1 if install is called and there is nothing to do
|
501
|
+
yum_operation = 'install'
|
502
|
+
yum_operation = 'update' if sut.check_for_package('epel-release')
|
503
|
+
|
504
|
+
on(
|
505
|
+
sut,
|
506
|
+
%{yum #{yum_operation} -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-#{os_maj_rel}.noarch.rpm},
|
507
|
+
:max_retries => 3,
|
508
|
+
:retry_interval => 10
|
509
|
+
)
|
510
|
+
|
511
|
+
if os_info['name'] == 'RedHat'
|
512
|
+
if os_maj_rel == '7'
|
513
|
+
on sut, %{subscription-manager repos --enable "rhel-*-optional-rpms"}
|
514
|
+
on sut, %{subscription-manager repos --enable "rhel-*-extras-rpms"}
|
515
|
+
on sut, %{subscription-manager repos --enable "rhel-ha-for-rhel-*-server-rpms"}
|
516
|
+
end
|
517
|
+
|
518
|
+
if os_maj_rel == '8'
|
519
|
+
on sut, %{subscription-manager repos --enable "codeready-builder-for-rhel-8-#{os_info['architecture']}-rpms"}
|
520
|
+
end
|
521
|
+
end
|
522
|
+
|
523
|
+
if os_info['name'] == 'CentOS'
|
524
|
+
if os_maj_rel == '8'
|
525
|
+
# 8.0 fallback
|
526
|
+
on sut, %{dnf config-manager --set-enabled powertools || dnf config-manager --set-enabled PowerTools}
|
527
|
+
end
|
528
|
+
end
|
529
|
+
end
|
530
|
+
end
|
531
|
+
end
|
532
|
+
|
453
533
|
def linux_errata( sut )
|
454
534
|
# We need to be able to flip between server and client without issue
|
455
535
|
on sut, 'puppet resource group puppet gid=52'
|
@@ -535,6 +615,7 @@ module Simp::BeakerHelpers
|
|
535
615
|
end
|
536
616
|
|
537
617
|
enable_yum_repos_on(sut)
|
618
|
+
enable_epel_on(sut)
|
538
619
|
|
539
620
|
# net-tools required for netstat utility being used by be_listening
|
540
621
|
if fact_on(sut, 'operatingsystemmajrelease') == '7'
|
@@ -886,10 +967,10 @@ done
|
|
886
967
|
file_content = nil
|
887
968
|
|
888
969
|
if file_exists_on(sut, path)
|
889
|
-
Dir.
|
890
|
-
scp_from(
|
970
|
+
Dir.mktmpdir do |dir|
|
971
|
+
scp_from(sut, path, dir)
|
891
972
|
|
892
|
-
file_content = File.read(File.basename(path))
|
973
|
+
file_content = File.read(File.join(dir,File.basename(path)))
|
893
974
|
end
|
894
975
|
end
|
895
976
|
|
@@ -980,7 +1061,7 @@ done
|
|
980
1061
|
# @returns [String] Path to the Hieradata directory on the target system
|
981
1062
|
def hiera_datadir(sut)
|
982
1063
|
# This output lets us know where Hiera is configured to look on the system
|
983
|
-
puppet_lookup_info = on(sut, 'puppet lookup --explain test__simp__test').output.strip.lines
|
1064
|
+
puppet_lookup_info = on(sut, 'puppet lookup --explain test__simp__test', :silent => true).output.strip.lines
|
984
1065
|
|
985
1066
|
if sut.puppet_configprint['manifest'].nil? || sut.puppet_configprint['manifest'].empty?
|
986
1067
|
fail("No output returned from `puppet config print manifest` on #{sut}")
|
@@ -1218,13 +1299,27 @@ done
|
|
1218
1299
|
def install_simp_repos(sut, disable = [])
|
1219
1300
|
# NOTE: Do *NOT* use puppet in this method since it may not be available yet
|
1220
1301
|
|
1221
|
-
if
|
1222
|
-
|
1223
|
-
|
1302
|
+
# EL7 returns 1 if install is called and there is nothing to do
|
1303
|
+
yum_operation = 'install'
|
1304
|
+
yum_operation = 'update' if sut.check_for_package('yum-utils')
|
1224
1305
|
|
1225
|
-
|
1226
|
-
|
1227
|
-
|
1306
|
+
on(
|
1307
|
+
sut,
|
1308
|
+
"yum -y #{yum_operation} yum-utils",
|
1309
|
+
:max_retries => 3,
|
1310
|
+
:retry_interval => 10
|
1311
|
+
)
|
1312
|
+
|
1313
|
+
# EL7 returns 1 if install is called and there is nothing to do
|
1314
|
+
yum_operation = 'install'
|
1315
|
+
yum_operation = 'update' if sut.check_for_package('simp-release-community')
|
1316
|
+
|
1317
|
+
on(
|
1318
|
+
sut,
|
1319
|
+
%{yum -y #{yum_operation} "https://download.simp-project.com/simp-release-community.rpm"},
|
1320
|
+
:max_retries => 3,
|
1321
|
+
:retry_interval => 10
|
1322
|
+
)
|
1228
1323
|
|
1229
1324
|
to_disable = disable.dup
|
1230
1325
|
|
@@ -1244,7 +1339,10 @@ done
|
|
1244
1339
|
# NOTE: This --enablerepo enables the repos for listing and is inherited
|
1245
1340
|
# from YUM. This does not actually "enable" the repos, that would require
|
1246
1341
|
# the "--enable" option (from yum-config-manager) :-D.
|
1247
|
-
|
1342
|
+
#
|
1343
|
+
# Note: Certain versions of EL8 do not dump by default and EL7 does not
|
1344
|
+
# have the '--dump' option.
|
1345
|
+
available_repos = on(sut, %{yum-config-manager --enablerepo="*" || yum-config-manager --enablerepo="*" --dump}).stdout.lines.grep(/\A\[(.+)\]\Z/){|x| $1}
|
1248
1346
|
|
1249
1347
|
invalid_repos = (to_disable - available_repos)
|
1250
1348
|
|
@@ -5,7 +5,7 @@ module Simp::BeakerHelpers
|
|
5
5
|
#
|
6
6
|
# This is done so that we know if some new thing that we're using breaks the
|
7
7
|
# oldest system that we support
|
8
|
-
DEFAULT_PUPPET_AGENT_VERSION = '~>
|
8
|
+
DEFAULT_PUPPET_AGENT_VERSION = '~> 6.0'
|
9
9
|
|
10
10
|
SSG_REPO_URL = ENV['BEAKER_ssg_repo'] || 'https://github.com/ComplianceAsCode/content.git'
|
11
11
|
|
@@ -17,7 +17,11 @@ module Simp::BeakerHelpers
|
|
17
17
|
require 'open-uri'
|
18
18
|
|
19
19
|
begin
|
20
|
-
|
20
|
+
if URI.respond_to?(:open)
|
21
|
+
ONLINE = true if URI.open('http://google.com')
|
22
|
+
else
|
23
|
+
ONLINE = true if open('http://google.com')
|
24
|
+
end
|
21
25
|
rescue
|
22
26
|
ONLINE = false
|
23
27
|
end
|
@@ -6,28 +6,27 @@
|
|
6
6
|
end
|
7
7
|
-%>
|
8
8
|
HOSTS:
|
9
|
-
|
9
|
+
el7:
|
10
10
|
roles:
|
11
|
-
- server
|
12
|
-
- master
|
13
|
-
- default
|
14
11
|
- el7
|
12
|
+
- master
|
15
13
|
platform: el-7-x86_64
|
16
14
|
box: centos/7
|
17
15
|
hypervisor: <%= hypervisor %>
|
18
16
|
|
19
|
-
|
17
|
+
el8:
|
20
18
|
roles:
|
21
|
-
-
|
22
|
-
platform: el-
|
23
|
-
box: centos/
|
19
|
+
- el8
|
20
|
+
platform: el-8-x86_64
|
21
|
+
box: centos/8
|
24
22
|
hypervisor: <%= hypervisor %>
|
25
23
|
|
26
|
-
|
24
|
+
el8-0:
|
27
25
|
roles:
|
28
26
|
- el8
|
29
27
|
platform: el-8-x86_64
|
30
28
|
box: centos/8
|
29
|
+
box_version: "1905.1"
|
31
30
|
hypervisor: <%= hypervisor %>
|
32
31
|
|
33
32
|
CONFIG:
|
@@ -37,3 +36,14 @@ CONFIG:
|
|
37
36
|
<% if ENV['BEAKER_PUPPET_COLLECTION'] -%>
|
38
37
|
puppet_collection: <%= ENV['BEAKER_PUPPET_COLLECTION'] %>
|
39
38
|
<% end -%>
|
39
|
+
ssh:
|
40
|
+
keepalive: true
|
41
|
+
keepalive_interval: 10
|
42
|
+
host_key:
|
43
|
+
- <%= Net::SSH::Transport::Algorithms::ALGORITHMS[:host_key].join("\n#{' '*6}- ") %>
|
44
|
+
kex:
|
45
|
+
- <%= Net::SSH::Transport::Algorithms::ALGORITHMS[:kex].join("\n#{' '*6}- ") %>
|
46
|
+
encryption:
|
47
|
+
- <%= Net::SSH::Transport::Algorithms::ALGORITHMS[:encryption].join("\n#{' '*6}- ") %>
|
48
|
+
hmac:
|
49
|
+
- <%= Net::SSH::Transport::Algorithms::ALGORITHMS[:hmac].join("\n#{' '*6}- ") %>
|
@@ -0,0 +1,20 @@
|
|
1
|
+
<%
|
2
|
+
if ENV['BEAKER_HYPERVISOR']
|
3
|
+
hypervisor = ENV['BEAKER_HYPERVISOR']
|
4
|
+
else
|
5
|
+
hypervisor = 'vagrant'
|
6
|
+
end
|
7
|
+
-%>
|
8
|
+
HOSTS:
|
9
|
+
focal:
|
10
|
+
platform: ubuntu-20.04-x86_64
|
11
|
+
box: ubuntu/focal64
|
12
|
+
hypervisor: <%= hypervisor %>
|
13
|
+
|
14
|
+
CONFIG:
|
15
|
+
log_level: verbose
|
16
|
+
type: aio
|
17
|
+
vagrant_memsize: 256
|
18
|
+
<% if ENV['BEAKER_PUPPET_COLLECTION'] -%>
|
19
|
+
puppet_collection: <%= ENV['BEAKER_PUPPET_COLLECTION'] %>
|
20
|
+
<% end -%>
|
@@ -14,8 +14,8 @@ hosts.each do |host|
|
|
14
14
|
expect(client_puppet_version.split('.').first).to eq(puppet_collection_version)
|
15
15
|
end
|
16
16
|
else
|
17
|
-
it 'should
|
18
|
-
expect(client_puppet_version.split('.').first).to eq '
|
17
|
+
it 'should be running puppet 6' do
|
18
|
+
expect(client_puppet_version.split('.').first).to eq '6'
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
@@ -8,15 +8,33 @@ context 'after copy_fixture_modules_to( hosts )' do
|
|
8
8
|
|
9
9
|
describe "fact_on(master,'root_home')" do
|
10
10
|
it 'should not return value of `root_home`' do
|
11
|
-
|
12
|
-
expect( fact ).to eq ''
|
11
|
+
expect(fact_on(master, 'root_home')).to eq ''
|
13
12
|
end
|
14
13
|
end
|
15
14
|
|
16
15
|
describe "pfact_on(master,'root_home')" do
|
17
16
|
it 'should return value of `root_home`' do
|
18
|
-
|
19
|
-
|
17
|
+
expect(pfact_on(master, 'root_home')).to eq '/root'
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
describe "pfact_on(master,'os.release.major')" do
|
22
|
+
it 'should return the value of `os.release.major`' do
|
23
|
+
expect(pfact_on(master, 'os.release.major')).to match(/.+/)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
describe "pfact_on(master,'os.release.foo')" do
|
28
|
+
it 'should not return the value of `os.release.foo`' do
|
29
|
+
expect(pfact_on(master, 'os.release.foo')).to eq ''
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
describe "pfact_on(master,'fips_enabled')" do
|
34
|
+
expected = (ENV['BEAKER_fips'] == 'yes')
|
35
|
+
|
36
|
+
it 'should return false' do
|
37
|
+
expect(pfact_on(master, 'fips_enabled')).to eq expected
|
20
38
|
end
|
21
39
|
end
|
22
40
|
end
|
@@ -103,19 +103,22 @@ describe 'Simp::BeakerHelpers' do
|
|
103
103
|
end
|
104
104
|
|
105
105
|
it 'uses defaults when no environment variables are set' do
|
106
|
-
expect( @helper.get_puppet_install_info[:puppet_install_version] ).to match(/^5\./)
|
107
|
-
expect( @helper.get_puppet_install_info[:puppet_collection] ).to eq('puppet5')
|
108
|
-
expect( @helper.get_puppet_install_info[:puppet_install_type] ).to eq('agent')
|
109
|
-
end
|
110
106
|
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
107
|
+
# Prevent namespace pollution
|
108
|
+
pipe_out,pipe_in = IO.pipe
|
109
|
+
fork do
|
110
|
+
pipe_out.close
|
111
|
+
require 'puppet'
|
112
|
+
pipe_in.write(Puppet.version)
|
113
|
+
end
|
114
|
+
pipe_in.close
|
115
|
+
|
116
|
+
expected_version = pipe_out.gets
|
117
|
+
expected_major_version = expected_version.split('.').first
|
118
|
+
|
119
|
+
expect( @helper.get_puppet_install_info[:puppet_install_version] ).to match(expected_version)
|
120
|
+
expect( @helper.get_puppet_install_info[:puppet_collection] ).to eq("puppet#{expected_major_version}")
|
121
|
+
expect( @helper.get_puppet_install_info[:puppet_install_type] ).to eq('agent')
|
119
122
|
end
|
120
123
|
|
121
124
|
it 'extracts info from PUPPET_INSTALL_VERSION for Puppet 5' do
|
@@ -153,26 +156,6 @@ describe 'Simp::BeakerHelpers' do
|
|
153
156
|
expect( @helper.get_puppet_install_info ).to eq expected
|
154
157
|
end
|
155
158
|
|
156
|
-
it 'extracts info from BEAKER_PUPPET_AGENT_VERSION' do
|
157
|
-
ENV['BEAKER_PUPPET_AGENT_VERSION']= '4.10.5'
|
158
|
-
expected = {
|
159
|
-
:puppet_install_version => '1.10.5',
|
160
|
-
:puppet_collection => nil,
|
161
|
-
:puppet_install_type => 'agent'
|
162
|
-
}
|
163
|
-
expect( @helper.get_puppet_install_info ).to eq expected
|
164
|
-
end
|
165
|
-
|
166
|
-
it 'extracts info from PUPPET_VERSION' do
|
167
|
-
ENV['PUPPET_VERSION']= '4.10.5'
|
168
|
-
expected = {
|
169
|
-
:puppet_install_version => '1.10.5',
|
170
|
-
:puppet_collection => nil,
|
171
|
-
:puppet_install_type => 'agent'
|
172
|
-
}
|
173
|
-
expect( @helper.get_puppet_install_info ).to eq expected
|
174
|
-
end
|
175
|
-
|
176
159
|
it 'extracts info from BEAKER_PUPPET_COLLECTION' do
|
177
160
|
allow(@helper).to receive(:`).with('gem search -ra -e puppet').and_return(gem_search_results)
|
178
161
|
ENV['BEAKER_PUPPET_COLLECTION']= 'puppet5'
|
@@ -198,9 +181,9 @@ describe 'Simp::BeakerHelpers' do
|
|
198
181
|
it 'extracts info from PUPPET_INSTALL_TYPE' do
|
199
182
|
ENV['PUPPET_INSTALL_TYPE'] = 'pe'
|
200
183
|
|
201
|
-
expect( @helper.get_puppet_install_info[:puppet_collection] ).to eq('
|
184
|
+
expect( @helper.get_puppet_install_info[:puppet_collection] ).to eq('puppet6')
|
202
185
|
expect( @helper.get_puppet_install_info[:puppet_install_type] ).to eq('pe')
|
203
|
-
expect( @helper.get_puppet_install_info[:puppet_install_version] ).to match(/^
|
186
|
+
expect( @helper.get_puppet_install_info[:puppet_install_version] ).to match(/^6\./)
|
204
187
|
end
|
205
188
|
|
206
189
|
it 'fails when BEAKER_PUPPET_COLLECTION is invalid' do
|
metadata
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: simp-beaker-helpers
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.20.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Chris Tessmer
|
8
8
|
- Trevor Vaughan
|
9
|
-
autorequire:
|
9
|
+
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2021-01-10 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: beaker
|
@@ -161,6 +161,7 @@ executables: []
|
|
161
161
|
extensions: []
|
162
162
|
extra_rdoc_files: []
|
163
163
|
files:
|
164
|
+
- ".fips_fixtures"
|
164
165
|
- ".fixtures.yml"
|
165
166
|
- ".gitignore"
|
166
167
|
- ".gitlab-ci.yml"
|
@@ -187,6 +188,7 @@ files:
|
|
187
188
|
- lib/simp/rake/beaker.rb
|
188
189
|
- simp-beaker-helpers.gemspec
|
189
190
|
- spec/acceptance/nodesets/default.yml
|
191
|
+
- spec/acceptance/nodesets/ubuntu.yml
|
190
192
|
- spec/acceptance/suites/default/check_puppet_version_spec.rb
|
191
193
|
- spec/acceptance/suites/default/enable_fips_spec.rb
|
192
194
|
- spec/acceptance/suites/default/fixture_modules_spec.rb
|
@@ -219,7 +221,7 @@ licenses:
|
|
219
221
|
- Apache-2.0
|
220
222
|
metadata:
|
221
223
|
issue_tracker: https://simp-project.atlassian.net
|
222
|
-
post_install_message:
|
224
|
+
post_install_message:
|
223
225
|
rdoc_options: []
|
224
226
|
require_paths:
|
225
227
|
- lib
|
@@ -234,8 +236,37 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
234
236
|
- !ruby/object:Gem::Version
|
235
237
|
version: '0'
|
236
238
|
requirements: []
|
237
|
-
rubygems_version: 3.0.
|
238
|
-
signing_key:
|
239
|
+
rubygems_version: 3.0.9
|
240
|
+
signing_key:
|
239
241
|
specification_version: 4
|
240
242
|
summary: beaker helper methods for SIMP
|
241
|
-
test_files:
|
243
|
+
test_files:
|
244
|
+
- spec/acceptance/nodesets/default.yml
|
245
|
+
- spec/acceptance/nodesets/ubuntu.yml
|
246
|
+
- spec/acceptance/suites/default/check_puppet_version_spec.rb
|
247
|
+
- spec/acceptance/suites/default/enable_fips_spec.rb
|
248
|
+
- spec/acceptance/suites/default/fixture_modules_spec.rb
|
249
|
+
- spec/acceptance/suites/default/install_simp_deps_repo_spec.rb
|
250
|
+
- spec/acceptance/suites/default/nodesets
|
251
|
+
- spec/acceptance/suites/default/pki_tests_spec.rb
|
252
|
+
- spec/acceptance/suites/default/set_hieradata_on_spec.rb
|
253
|
+
- spec/acceptance/suites/default/write_hieradata_to_spec.rb
|
254
|
+
- spec/acceptance/suites/fips_from_fixtures/00_default_spec.rb
|
255
|
+
- spec/acceptance/suites/fips_from_fixtures/metadata.yml
|
256
|
+
- spec/acceptance/suites/fips_from_fixtures/nodesets
|
257
|
+
- spec/acceptance/suites/offline/00_default_spec.rb
|
258
|
+
- spec/acceptance/suites/offline/README
|
259
|
+
- spec/acceptance/suites/offline/nodesets/default.yml
|
260
|
+
- spec/acceptance/suites/puppet_collections/00_default_spec.rb
|
261
|
+
- spec/acceptance/suites/puppet_collections/metadata.yml
|
262
|
+
- spec/acceptance/suites/snapshot/00_snapshot_test_spec.rb
|
263
|
+
- spec/acceptance/suites/snapshot/10_general_usage_spec.rb
|
264
|
+
- spec/acceptance/suites/snapshot/nodesets
|
265
|
+
- spec/acceptance/suites/windows/00_default_spec.rb
|
266
|
+
- spec/acceptance/suites/windows/metadata.yml
|
267
|
+
- spec/acceptance/suites/windows/nodesets/default.yml
|
268
|
+
- spec/acceptance/suites/windows/nodesets/win2016.yml
|
269
|
+
- spec/acceptance/suites/windows/nodesets/win2019.yml
|
270
|
+
- spec/lib/simp/beaker_helpers_spec.rb
|
271
|
+
- spec/spec_helper.rb
|
272
|
+
- spec/spec_helper_acceptance.rb
|