simp-beaker-helpers 1.20.1 → 1.23.0

data/.github/workflows/tag_deploy_rubygem.yml

@@ -0,0 +1,192 @@
+# Build & Deploy RubyGem & GitHub release when a SemVer tag is pushed
+#
+# This workflow's jobs are only triggered in repos under the `simp` organization
+# ------------------------------------------------------------------------------
+#
+#             NOTICE: **This file is maintained with puppetsync**
+#
+# This file is updated automatically as part of a standardized asset baseline.
+#
+# The next baseline sync will overwrite any local changes to this file!
+#
+# ==============================================================================
+#
+# This pipeline uses the following GitHub Action Secrets:
+#
+#   GitHub Secret variable    Type      Notes
+#   ------------------------  --------  ----------------------------------------
+#   RUBYGEMS_API_KEY          Required
+#
+# ------------------------------------------------------------------------------
+#
+# NOTES:
+#
+# * The CHANGLOG text is altered to remove RPM-style date headers, which don't
+#   render well as markdown on the GitHub release pages
+#
+# * By default, the gem is built and released using the standard rake tasks
+#   from "bundler/gem_tasks".  To override these, create a JSON file at
+#   `.github/workflows.local.json`, using the following format:
+#
+#         {
+#           "gem_build_command": "bundle exec rake build",
+#           "gem_release_command": "bundle exec rake build release:rubygem_push",
+#           "gem_pkg_dir": "pkg"
+#         }
+#
+#   All keys are optional.
+#
+---
+name: 'Tag: Release to GitHub & rubygems.org'
+
+on:
+  push:
+    tags:
+      - '[0-9]+\.[0-9]+\.[0-9]+'
+
+env:
+  PUPPET_VERSION: '~> 6'
+  LOCAL_WORKFLOW_CONFIG_FILE: .github/workflows.local.json
+
+jobs:
+  releng-checks:
+    name: "RELENG checks"
+    if: github.repository_owner == 'simp'
+    runs-on: ubuntu-18.04
+    outputs:
+      build_command: ${{ steps.commands.outputs.build_command }}
+      release_command: ${{ steps.commands.outputs.release_command }}
+      pkg_dir: ${{ steps.commands.outputs.pkg_dir }}
+    steps:
+      - name: "Assert '${{ github.ref }}' is a tag"
+        run: '[[ "$GITHUB_REF" =~ ^refs/tags/ ]] || { echo "::error ::GITHUB_REF is not a tag: ${GITHUB_REF}"; exit 1 ; }'
+      - uses: actions/checkout@v2
+        with:
+          ref: ${{ github.ref }}
+          clean: true
+      - name: Determing build and release commands
+        id: commands
+        run: |
+          # By default, these are the standard tasks from "bundler/gem_tasks"
+          # To override them in the LOCAL_WORKFLOW_CONFIG_FILE
+          GEM_BUILD_COMMAND='bundle exec rake build'
+          GEM_RELEASE_COMMAND='bundle exec rake build release:rubygem_push'
+          GEM_PKG_DIR='pkg'
+          if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \
+              grep -w '"gem_pkg_dir"' &> /dev/null; then
+            GEM_PKG_DIR="$(jq -r .gem_pkg_dir "$LOCAL_WORKFLOW_CONFIG_FILE" )"
+          fi
+          if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \
+              grep -w '"gem_build_command"' &> /dev/null; then
+            GEM_BUILD_COMMAND="$(jq -r .gem_build_command "$LOCAL_WORKFLOW_CONFIG_FILE" )"
+          fi
+          if jq -r '. | keys' "$LOCAL_WORKFLOW_CONFIG_FILE" 2>/dev/null | \
+              grep -w '"gem_release_command"' &> /dev/null; then
+            GEM_RELEASE_COMMAND="$(jq -r .gem_release_command "$LOCAL_WORKFLOW_CONFIG_FILE" )"
+          fi
+          echo "::set-output name=build_command::${GEM_BUILD_COMMAND}"
+          echo "::set-output name=pkg_dir::${GEM_PKG_DIR}"
+          echo "::set-output name=release_command::${GEM_RELEASE_COMMAND}"
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.5
+          bundler-cache: true
+      - name: Test build the package
+        env:
+          GEM_BUILD_COMMAND: ${{ steps.commands.outputs.build_command }}
+        run: "$GEM_BUILD_COMMAND"
+      - name: "Assert '${{ github.ref }}' matches the package version"
+        run: |
+          tag="${GITHUB_REF/refs\/tags\//}"
+          [ -d  "${{ steps.commands.outputs.pkg_dir }}" ] || \
+             { echo "::error ::No directory found at ${{ steps.commands.outputs.pkg_dir }}/" ; exit 3 ; }
+          ls -1 "${{ steps.commands.outputs.pkg_dir }}"/*.gem || \
+             {  echo "::error ::No gem file found at ${{ steps.commands.outputs.pkg_dir }}/*.gem" ; exit 2 ; }
+          [ -f "${{ steps.commands.outputs.pkg_dir }}"/*-${tag}.gem ] || \
+             { echo "::error ::tag '${tag}' does not match package $(ls -1 ${{ steps.commands.outputs.pkg_dir }}/*.gem)"; exit 1 ; }
+
+  create-github-release:
+    name: Deploy GitHub Release
+    needs: [ releng-checks ]
+    if: github.repository_owner == 'simp'
+    runs-on: ubuntu-18.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.ref }}
+          clean: true
+          fetch-depth: 0
+      - name: Get tag & annotation info (${{github.ref}})
+        id: tag-check
+        run: |
+          tag="${GITHUB_REF/refs\/tags\//}"
+          annotation="$(git for-each-ref "$GITHUB_REF" --format='%(contents)' --count=1)"
+          annotation_title="$(echo "$annotation" | head -1)"
+
+          echo "::set-output name=tag::${tag}"
+          echo "::set-output name=annotation_title::${annotation_title}"
+
+          # Prepare annotation body as a file for the next step
+          #
+          # * The GitHub Release render the text in this file as markdown
+          # * The file is needed because :set-output only supports single lines
+          # * The `perl -pe` removes RPM-style date headers from the CHANGELOG,
+          #   because they don't render well as markdown on the Release page
+          #
+          echo "$annotation" |  tail -n +2 | \
+            perl -pe 'BEGIN{undef $/;} s/\n\* (Mon|Tue|Wed|Thu|Fri|Sat|Sun) .*?\n//smg;' > /tmp/annotation.body
+
+      - name: Create Release
+        uses: actions/create-release@v1
+        id: create_release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ steps.tag-check.outputs.annotation_title }}
+          body_path: /tmp/annotation.body
+          draft: false
+          prerelease: false
+
+  deploy-rubygem:
+    name: Deploy RubyGem Release
+    needs: [ releng-checks ]
+    if: github.repository_owner == 'simp'
+    runs-on: ubuntu-18.04
+    env:
+      RUBYGEMS_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }}
+      BUILD_COMMAND: ${{ needs.releng-checks.outputs.build_command }}
+      RELEASE_COMMAND: ${{ needs.releng-checks.outputs.release_command }}
+      PKG_DIR: ${{ needs.releng-checks.outputs.pkg_dir }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.ref }}
+          clean: true
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.5
+          bundler-cache: true
+      - name: Build RubyGem
+        run: |
+          echo "Setting up file permissions..."
+          chmod -R go=u-w .
+
+          echo "Running '$BUILD_COMMAND'..."
+          $BUILD_COMMAND
+
+      - name: Release RubyGem
+        run: |
+          echo "Setting up gem credentials..."
+          mkdir -p ~/.gem
+
+          cat << EOF > ~/.gem/credentials
+          ---
+          :rubygems_api_key: ${RUBYGEMS_API_KEY}
+          EOF
+          chmod 0600 ~/.gem/credentials
+
+          echo "Running '$RELEASE_COMMAND'..."
+          $RELEASE_COMMAND

data/.gitlab-ci.yml

@@ -1,11 +1,4 @@
 # ------------------------------------------------------------------------------
-#             NOTICE: **This file is maintained with puppetsync**
-#
-# This file is updated automatically as part of a puppet module baseline.
-#
-# The next baseline sync will overwrite any local changes to everything above
-# the line "# Repo-specific content"
-# ------------------------------------------------------------------------------
 # The testing matrix considers ruby/puppet versions supported by SIMP and PE:
 #
 # https://puppet.com/docs/pe/2019.8/component_versions_in_recent_pe_releases.html
@@ -216,28 +209,28 @@ variables:
 # Puppet Versions
 #-----------------------------------------------------------------------
 
-.pup_5: &pup_5
+.pup_5_x: &pup_5_x
   image: 'ruby:2.4'
   variables:
     PUPPET_VERSION: '~> 5.0'
     BEAKER_PUPPET_COLLECTION: 'puppet5'
     MATRIX_RUBY_VERSION: '2.4'
 
-.pup_6: &pup_6
+.pup_6_x: &pup_6_x
   image: 'ruby:2.5'
   variables:
     PUPPET_VERSION: '~> 6.0'
     BEAKER_PUPPET_COLLECTION: 'puppet6'
     MATRIX_RUBY_VERSION: '2.5'
 
-.pup_6_18_0: &pup_6_18_0
+.pup_6_pe: &pup_6_pe
   image: 'ruby:2.5'
   variables:
     PUPPET_VERSION: '6.18.0'
     BEAKER_PUPPET_COLLECTION: 'puppet6'
     MATRIX_RUBY_VERSION: '2.5'
 
-.pup_7: &pup_7
+.pup_7_x: &pup_7_x
   image: 'ruby:2.7'
   variables:
     PUPPET_VERSION: '~> 7.0'
@@ -280,24 +273,18 @@ variables:
 # Unit Tests
 #-----------------------------------------------------------------------
 
-pup5-unit:
-  <<: *pup_5
+pup5.x-unit:
+  <<: *pup_5_x
   <<: *unit_tests
 
-pup6-unit:
-  <<: *pup_6
+pup6.x-unit:
+  <<: *pup_6_x
   <<: *unit_tests
 
-pup7-unit:
-  <<: *pup_7
+pup7.x-unit:
+  <<: *pup_7_x
   <<: *unit_tests
 
-# ------------------------------------------------------------------------------
-#             NOTICE: **This file is maintained with puppetsync**
-#
-# Everything above the "Repo-specific content" comment will be overwritten by
-# the next puppetsync.
-# ------------------------------------------------------------------------------
 
 # Repo-specific content
 # ==============================================================================
@@ -305,20 +292,20 @@ pup7-unit:
 #=======================================================================
 # Packaging test
 
-pup5-pkg:
-  <<: *pup_5
+pup5.x-pkg:
+  <<: *pup_5_x
   <<: *unit_tests
   script:
     'bundle exec rake pkg:gem'
 
-pup6-pkg:
-  <<: *pup_6
+pup6.x-pkg:
+  <<: *pup_6_x
   <<: *unit_tests
   script:
     'bundle exec rake pkg:gem'
 
-pup7-pkg:
-  <<: *pup_7
+pup7.x-pkg:
+  <<: *pup_7_x
   <<: *unit_tests
   script:
     'bundle exec rake pkg:gem'
@@ -326,49 +313,49 @@ pup7-pkg:
 #=======================================================================
 # Acceptance tests
 default:
-  <<: *pup_6
+  <<: *pup_6_x
   <<: *acceptance_base
   script:
     - bundle exec rake beaker:suites[default]
 
 default-fips:
-  <<: *pup_6
+  <<: *pup_6_x
   <<: *acceptance_base
   script:
     - BEAKER_fips=yes bundle exec rake beaker:suites[default]
 
 fips_from_fixtures:
-  <<: *pup_6
+  <<: *pup_6_x
   <<: *acceptance_base
   script:
     - bundle exec rake beaker:suites[fips_from_fixtures]
 
 puppet5_collections:
-  <<: *pup_5
+  <<: *pup_5_x
   <<: *acceptance_base
   script:
     - bundle exec rake beaker:suites[puppet_collections]
 
 puppet6_collections:
-  <<: *pup_6
+  <<: *pup_6_x
   <<: *acceptance_base
   script:
     - bundle exec rake beaker:suites[puppet_collections]
 
 puppet7_collections:
-  <<: *pup_7
+  <<: *pup_7_x
   <<: *acceptance_base
   script:
     - bundle exec rake beaker:suites[puppet_collections]
 
 windows:
-  <<: *pup_6
+  <<: *pup_6_x
   <<: *acceptance_base
   script:
     - bundle exec rake beaker:suites[windows]
 
 snapshot:
-  <<: *pup_6
+  <<: *pup_6_x
   <<: *acceptance_base
   # This is prone to breakage in the underlying system
   allow_failure: true

data/CHANGELOG.md

@@ -1,3 +1,59 @@
+### 1.23.0 / 2021-03-16
+* Added:
+  * For `podman` support:
+    * Bumped the required beaker-docker to between 0.8.3 and 2.0.0
+    * Added a dependency on docker-api between 2.1.0 and 3.0.0
+  * Make SSG failures have verbose output to make remediation easier
+* Fixed:
+  * Ensure that containers use the correct method for copying files
+
+### 1.22.1 / 2021-03-01
+* Fixed: enable_epel_on() now installs the correct EPEL repository
+  package on OracleLinux
+
+### 1.22.0 / 2021-01-27
+* Fixed:
+  * Ensure that the simp-crypto_policy module is installed when flipping to FIPS
+    mode
+  * Only attempt to install the simp repos once in case they are broken for some
+    reason
+* Added:
+  * Documentation for all of the beaker environment variables
+  * set_simp_repo_release() for setting the release and release_type of the
+    public SIMP yum repos
+  * set_yum_opts_on() method for setting bulk yum config options
+  * set_yum_opt_on() method for setting singular yum config options
+  * install_package_unless_present_on() method
+  * Allow users to set repos to disable using an environment variable
+  * A total run time summary for beaker suites
+
+### 1.21.4 / 2021-01-21
+* Fixed:
+  * Reverted the use of OpenStruct due to issues with seralization
+  * Hash objects have a 'dig' method as of Ruby 2.3 so pinned this gem to a
+    minimum version of Ruby 2.3
+
+### 1.21.3 / 2021-01-20
+* Fixed:
+  * Allow all methods that can safely take SUT arrays to do so
+  * Ensure that pfact_on returns a Hash if appropriate
+  * Fix container support in copy_to
+* Added:
+  * Explicitly support podman local and remote in copy_to
+
+### 1.21.2 / 2021-01-15
+* Fixed version mismatch.  1.21.1 was tagged with an incorrect version
+  in version.rb.
+
+### 1.21.1 / 2021-01-13
+* Added:
+  * update_package_from_centos_stream method
+  * install_latest_package_on method
+* Fixed:
+  * Removed some of the extraneous calls to facter
+  * Automatically pull the CentOS 8 kernel to the latest version in
+    CentOS-Stream to work around issues on FIPS systems
+
 ### 1.20.1 / 2021-01-08
 * Fixed:
   * Ensure that yum calls commands appropriately depending on whether or not

data/Gemfile

@@ -13,7 +13,7 @@ gem 'bundler'
 gem 'rake'
 
 group :system_tests do
-  beaker_gem_options = ENV.fetch('BEAKER_GEM_OPTIONS', ['>= 4.17.0', '< 5.0.0'])
+  beaker_gem_options = ENV.fetch('BEAKER_GEM_OPTIONS', ['>= 4.28.1', '< 5.0.0'])
 
   if "#{beaker_gem_options}".include?(':')
     # Just pass in BEAKER_GEM_OPTIONS as a string that would represent the usual

data/README.md

@@ -13,6 +13,8 @@ Methods to assist beaker acceptance tests for SIMP.
   * [`rake beaker:suites`](#rake-beakersuites)
   * [Suite Execution](#suite-execution)
     * [Environment Variables](#environment-variables)
+      * [Beaker Management](#beaker-management)
+      * [Beaker Helpers Adjustments](#beaker-helpers-adjustments)
     * [Global Suite Configuration](#global-suite-configuration)
       * [Supported Config:](#supported-config)
     * [Individual Suite Configuration](#individual-suite-configuration)
@@ -112,12 +114,68 @@ sensitive).
 
 #### Environment Variables
 
-* BEAKER_suite_runall
+##### Beaker Management
+
+* BEAKER_suite_runall [yes|no]
   * Run all Suites
 
-* BEAKER_suite_basedir
+* BEAKER_suite_basedir [String]
   * The base directory where suites will be defined
-  * Default: spec/acceptance
+  * Default: `spec/acceptance`
+
+##### Beaker Helpers Adjustments
+
+* BEAKER_SIMP_parallel [yes|no]
+  * `yes` => Run simp-beaker-helpers methods on SUTs in parallel if possible
+  * `no` => Do not run methods in parallel
+
+* BEAKER_docker_cmd [String]
+  * The specific command to use for performing `docker` operations
+
+* BEAKER_helpers_verbose [yes|no]
+  * `yes` => Enable verbose output
+  * `no` => Do not enable verbose output
+
+* BEAKER_copy_fixtures [yes|no]
+  * `yes` => Enable copying fixtures to the SUT
+  * `no` => Disable copying fixtures to the SUT
+
+* BEAKER_use_fixtures_dir_for_modules [yes|no]
+  * `yes` => Pull fixtures directly from `spec/fixtures/modules`
+  * `no` => Ignore `spec/fixtures/modules` content
+
+* BEAKER_stringify_facts [yes|no]
+  * `yes` => Enable fact stringification
+
+* BEAKER_fips_module_version [String]
+  * The specific version of the FIPS module to install from the puppet forge
+
+* BEAKER_RHSM_USER [String]
+  * The username for using with RHSM
+
+* BEAKER_RHSM_PASS [String]
+  * The password for using with RHSM
+
+* BEAKER_fips [yes|no]
+  * `yes` => Enable FIPS on the SUT
+  * `no` => Do not manage FIPS on the SUT (will not disable if enabled)
+
+* BEAKER_no_fix_interfaces [Boolean]
+  * If present, will not try to fix the interfaces on the SUT
+
+* BEAKER_SIMP_install_repos [yes|no]
+  * `yes` => Install the SIMP YUM repositories
+  * `no` => No not install the SIMP YUM repositories
+
+* BEAKER_SIMP_disable_repos [String]
+  * Comma delimited list of YUM repositories to disable on the SUT
+
+* BEAKER_SIMP_repo_release [String]
+  * The release of SIMP to target in the YUM repos (usually a number)
+
+* BEAKER_SIMP_repo_release_type [String]
+  * The release type of SIMP to target in the YUM repos
+    * Something like `stable`, `rolling`, or `unstable`
 
 #### Global Suite Configuration
 
@@ -406,7 +464,7 @@ might try to install packages before subscription manager is configured.
 The version of InSpec to use when running inspec tests. Currently hard-coded to
 `4.16.14` due to a bug introduced in `4.16.15`.
 
-Let to 'latest' to use the latest available in the upstream repos.
+Set to 'latest' to use the latest available in the upstream repos.
 
 ## Examples
 
@@ -510,7 +568,7 @@ underlying OS configuration.
 
 `Simp::BeakerHelpers::Snapshot.save(sut, '<name of snapshot>')` will save a
 snapshot with the given name. If the snapshot already exists, it will be
-forceably overwritten.
+forcibly overwritten.
 
 
 ##### Base Snapshots