RubyGems - simp-rake-helpers - Versions diffs - 5.11.5 → 5.11.6 - Mend

simp-rake-helpers 5.11.5 → 5.11.6

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3 -0
data/Gemfile +4 -0
data/lib/simp/local_gpg_signing_key.rb +99 -45
data/lib/simp/rake.rb +13 -6
data/lib/simp/rake/build/pkg.rb +53 -11
data/lib/simp/rake/helpers/version.rb +1 -1
data/spec/acceptance/nodesets/default.yml +21 -109
data/spec/spec_helper_acceptance.rb +16 -3
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9b882eab26bdb4e92d2cddac0a080fabc1fb517f4741c61c960553201c71f649
-  data.tar.gz: edb33965a9af173e8e0dd9a65eb016689754b560b1c5d4c986ccb084df1c8627
+  metadata.gz: cd1fc58d4764acdc2a2160e63a50a2a16015c1dd2a41f7b530baad394d6a397e
+  data.tar.gz: 6f322c3850b40ff56c8aa49a86146a176311e999495ada8cc8270ecf806f2d81
 SHA512:
-  metadata.gz: 7aead3d0b88b982510a872293c77a81d848189b4e4b96ec16fe3d698d7870fa86136a244f98700d1afb2340d7084a8226c7953804eae6eccfcfe4c13d85d8d91
-  data.tar.gz: 319182e049295afa57e8da953980bb33b08c8b1987a7362b4d42a5d10a35c53fe0d969bc548d49719fff7ccb3635845a908e71544116a3fd840305b586f2a353
+  metadata.gz: d58adb8bae7eba07b696cbfd3add6ce335672a7ddc6d9063f6057ca3da8f23e5492d6cecb805afe13104f377fac3c16cc38a8925791eef9c3f2543017c609bcf
+  data.tar.gz: baaf3228b15df258dcdd6030f7fa95d995ac4a08cf735218cbc941543eef389c881f9f31bed619d605b230da154fee39353eabcebb9165cbb70f3b44b88e595a

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,6 @@
+### 5.11.6 / 2021-02-03
+* Fix GPG handling for GPG 2.1+
 ### 5.11.5 / 2020-12-02
 * Add support for Puppet 7
 * Work around issues with querying RPM spec file changelogs using RPM version 4.15.0+

data/Gemfile CHANGED Viewed

@@ -13,6 +13,10 @@ gem 'simp-build-helpers'
 gem 'simp-beaker-helpers'
 gem 'beaker-puppet_install_helper'
 gem 'rake', '>= 12.3.3'
+# You'll need the following if using podman until they are released upstream
+#gem 'beaker-docker', :git => 'https://github.com/trevor-vaughan/beaker-docker', :branch => 'support_rootless_podman'
+#gem 'docker-api', :git => 'https://github.com/trevor-vaughan/docker-api', :branch => 'podman-compat'
+gem 'beaker-docker'
 if puppetversion
   gem 'puppet', puppetversion

data/lib/simp/local_gpg_signing_key.rb CHANGED Viewed

@@ -78,6 +78,22 @@ module Simp
       @gpg_agent_script   = 'run_gpg_agent'
     end
+    # Return the version of GPG instealled on the system
+    #
+    # @return [Gem::Version]
+    def gpg_version
+      return @gpg_version if @gpg_version
+      which('gpg', true)
+      @gpg_version = %x{gpg --version}.lines.first.split(/\s+/).last
+      unless @gpg_version.nil? || @gpg_version.empty?
+        @gpg_version = Gem::Version.new(@gpg_version)
+      end
+      @gpg_version
+    end
     # Returns a gpg-agent's env string, if it can be detected from the
     #   gpg-agent-info file
     #
@@ -99,6 +115,8 @@ module Simp
     def dev_key_days_left
       ensure_gpg_directory
       days_left   = 0
+      which('gpg', true)
       current_key = %x(GPG_AGENT_INFO='' gpg --homedir=#{@dir} --list-keys #{@key_email} 2>/dev/null)
       unless current_key.empty?
         lasts_until = current_key.lines.first.strip.split("\s").last.delete(']')
@@ -138,33 +156,54 @@ module Simp
         write_gpg_agent_startup_script
         begin
-          # Start the GPG agent.
-          gpg_agent_output = %x(./#{@gpg_agent_script}).strip
-          # Provide a local socket (needed by the `gpg` command when
-          local_socket     = File.join(Dir.pwd, 'S.gpg-agent')
-          # This condition was handled differently in previous logic.
-          #
-          #   a.) As the surrounding logic works now, it will _always_ be a new
-          #       agent by this point, because the directory is cleaned out
-          #   b.) The agent's information will be read from the env-file it
-          #        writes at startup
-          #   c.) The old command `gpg-agent --homedir=#{Dir.pwd} /get serverpid`
-          #       did not work on EL6 or EL7.
-          #
-          warn(empty_gpg_agent_message) if gpg_agent_output.empty?
-          agent_info = gpg_agent_info
-          # The socket is useful to get back info on the command line.
-          unless File.exist?(File.join(Dir.pwd, File.basename(agent_info[:socket])))
-            ln_s(agent_info[:socket], local_socket, :verbose => @verbose)
+          if gpg_version < Gem::Version.new('2.1')
+            # Start the GPG agent.
+            gpg_agent_output = %x(./#{@gpg_agent_script}).strip
+            # Provide a local socket (needed by the `gpg` command when
+            local_socket = File.join(Dir.pwd, 'S.gpg-agent')
+            # This condition was handled differently in previous logic.
+            #
+            #   a.) As the surrounding logic works now, it will _always_ be a new
+            #       agent by this point, because the directory is cleaned out
+            #   b.) The agent's information will be read from the env-file it
+            #        writes at startup
+            #   c.) The old command `gpg-agent --homedir=#{Dir.pwd} /get serverpid`
+            #       did not work on EL6 or EL7.
+            #
+            warn(empty_gpg_agent_message) if gpg_agent_output.empty?
+            agent_info = gpg_agent_info
+            # The socket is useful to get back info on the command line.
+            unless File.exist?(File.join(Dir.pwd, File.basename(agent_info[:socket])))
+              ln_s(agent_info[:socket], local_socket, :verbose => @verbose)
+            end
+            generate_key(agent_info[:info])
+          else
+            which('gpg', true)
+            which('gpg-agent', true)
+            which('gpg-connect-agent', true)
+            # Start the GPG agent
+            %x{gpg-agent --homedir=#{Dir.pwd} >&/dev/null || gpg-agent --homedir=#{Dir.pwd} --daemon >&/dev/null}
+            agent_info = {}
+            # Provide a local socket (needed by the `gpg` command when
+            agent_info[:socket] = %x{echo 'GETINFO socket_name' | gpg-connect-agent --homedir=#{Dir.pwd}}.lines.first[1..-1].strip
+            # Get the pid
+            agent_info[:pid] = %x{echo 'GETINFO pid' | gpg-connect-agent --homedir=#{Dir.pwd}}.lines.first[1..-1].strip.to_i
+            generate_key(%{#{agent_info[:socket]}:#{agent_info[:pid]}:1})
           end
-          generate_key(agent_info[:info])
         ensure
           kill_agent(agent_info[:pid])
         end
         agent_info
       end
     end
@@ -209,11 +248,18 @@ module Simp
     # @param gpg_agent_info_str [String] value to set the GPG_AGENT_INFO
     #   environment variable to use in order to use the correct `gpg-agent`.
     def generate_key(gpg_agent_info_str)
+      which('gpg', true)
       puts "Generating new GPG key#{@verbose ? " under '#{@dir}'" : ''}..."
       gpg_cmd = %(GPG_AGENT_INFO=#{gpg_agent_info_str} gpg --homedir="#{@dir}")
       pipe    = @verbose ? '| tee' : '>'
       sh %(#{gpg_cmd} --batch --gen-key #{GPG_GENKEY_PARAMS_FILENAME})
       sh %(#{gpg_cmd} --armor --export #{@key_email} #{pipe} "#{@key_file}")
+      if File.stat(@key_file).size == 0
+        fail "Error: Something went wrong generating #{@key_file}"
+      end
     end
     # Return a data structure from a gpg-agent env-file formatted string.
@@ -232,38 +278,46 @@ module Simp
     def write_genkey_parameter_file
       now               = Time.now.to_i.to_s
       expire_date       = Date.today + 14
-      passphrase        = SecureRandom.base64(500)
-      genkey_parameters = <<-GENKEY_PARAMETERS.gsub(%r{^ {8}}, '')
-        %echo Generating Development GPG Key
-        %echo
-        %echo This key will expire on #{expire_date}
-        %echo
-        Key-Type: RSA
-        Key-Length: 4096
-        Key-Usage: sign
-        Name-Real: SIMP Development
-        Name-Comment: Development key #{now}
-        Name-Email: #{@key_email}
-        Expire-Date: 2w
-        Passphrase: #{passphrase}
-        %pubring pubring.gpg
-        %secring secring.gpg
-        # The following creates the key, so we can print "Done!" afterwards
-        %commit
-        %echo New GPG Development Key Created
-      GENKEY_PARAMETERS
-      File.open(GPG_GENKEY_PARAMS_FILENAME, 'w') { |fh| fh.puts(genkey_parameters) }
+      passphrase        = SecureRandom.base64(100)
+      genkey_parameters = [
+        '%echo Generating Development GPG Key',
+        '%echo',
+        "%echo This key will expire on #{expire_date}",
+        '%echo',
+        'Key-Type: RSA',
+        'Key-Length: 4096',
+        'Key-Usage: sign',
+        'Name-Real: SIMP Development',
+        "Name-Comment: Development key #{now}",
+        "Name-Email: #{@key_email}",
+        'Expire-Date: 2w',
+        "Passphrase: #{passphrase}",
+      ]
+      if gpg_version < Gem::Version.new('2.1')
+        genkey_parameters << '%pubring pubring.gpg'
+        genkey_parameters << '%secring secring.gpg'
+      end
+      genkey_parameters << '# The following creates the key, so we can print "Done!" afterwards'
+      genkey_parameters << '%commit'
+      genkey_parameters << '%echo New GPG Development Key Created'
+      File.open(GPG_GENKEY_PARAMS_FILENAME, 'w') { |fh| fh.puts(genkey_parameters.join("\n")) }
     end
     # Write a local gpg-agent daemon script file
     def write_gpg_agent_startup_script
+      which('gpg-agent', true)
+      pinentry_cmd = which('pinentry-curses', true)
       gpg_agent_script = <<-AGENT_SCRIPT.gsub(%r{^ {20}}, '')
         #!/bin/sh
         gpg-agent --homedir=#{Dir.pwd} --daemon \
           --no-use-standard-socket --sh --batch \
           --write-env-file "#{@gpg_agent_env_file}" \
-          --pinentry-program /usr/bin/pinentry-curses < /dev/null &
+          --pinentry-program #{pinentry_cmd} < /dev/null &
       AGENT_SCRIPT
       File.open(@gpg_agent_script, 'w') { |fh| fh.puts(gpg_agent_script) }

data/lib/simp/rake.rb CHANGED Viewed

@@ -96,14 +96,21 @@ module Simp::Rake
     exec pager rescue exec "/bin/sh", "-c", pager
   end
-  # Originally snarfed from
-  # http://stackoverflow.com/questions/2108727/which-in-ruby-checking-if-program-exists-in-path-from-ruby
-  def which(cmd)
-    command = Facter::Core::Execution.which(cmd)
+  def which(cmd, fail=false)
+    @which_cache ||= {}
-    warn "Warning: Command #{cmd} not found on the system." unless command
+    if @which_cache.has_key?(cmd)
+      command = @which_cache[cmd]
+    else
+      command = Facter::Core::Execution.which(cmd)
+      @which_cache[cmd] = command
+    end
+    msg = "Warning: Command #{cmd} not found on the system."
+    fail ? raise(msg) : warn(msg) unless command
-    return command
+    command
   end
   def help

data/lib/simp/rake/build/pkg.rb CHANGED Viewed

@@ -69,7 +69,6 @@ module Simp::Rake::Build
               :in_processes => get_cpu_limit,
               :progress => t.name
             ) do |dir|
-              next unless File.directory?(dir)
               Dir.chdir(dir) do
                 begin
                   rake_flags = Rake.application.options.trace ? '--trace' : ''
@@ -99,7 +98,6 @@ module Simp::Rake::Build
               :in_processes => get_cpu_limit,
               :progress => t.name
             ) do |dir|
-              next unless File.directory?(dir)
               Dir.chdir(dir) do
                 rake_flags = Rake.application.options.trace ? '--trace' : ''
                 sh %{rake clobber #{rake_flags}}
@@ -667,9 +665,9 @@ protect=1
         #   can be pulled out into a library that is easily unit-testable
         def require_rebuild?(dir, yum_helper, opts={ :unique_namespace => generate_namespace, :fetch => false, :verbose => @verbose, :check_git => false, :prefix => '' })
           result = false
           rpm_metadata = File.exist?(@rpm_dependency_file) ? YAML.load(File.read(@rpm_dependency_file)) : {}
+          dir_relpath = Pathname.new(dir).relative_path_from(Pathname.new(Dir.pwd)).to_path
+          $stderr.puts "\n  require_rebuild? (#{dir_relpath}):" if @verbose
           Dir.chdir(dir) do
             if File.exist?('metadata.json')
@@ -689,10 +687,23 @@ protect=1
             else
               spec_file = Dir.glob(File.join('build', '*.spec'))
               fail("No spec file found in #{dir}/build") if spec_file.empty?
+              $stderr.puts "    Found spec file: #{File.expand_path(spec_file.first)}" if @verbose
               new_rpm_info = Simp::RPM.new(spec_file.first)
             end
+            if @verbose
+              $stderr.puts '    Details:'
+              $stderr.puts "        Puppetfile name: #{File.basename(dir)}"
+              $stderr.puts "        RPM name:        #{new_rpm_info.name}"
+              $stderr.puts "        Local directory: #{dir}"
+            end
             if opts[:check_git]
+              git_origin_url = nil
+              ['origin','upstream'].each do |r|
+                git_origin_url = %x(git config --get remote.#{r}.url).strip if git_origin_url.to_s.empty?
+              end
+              $stderr.puts "        Git origin URL:  #{git_origin_url}" if @verbose
               require_tag = false
               #FIXME The check below is insufficient. See logic in compare_latest_tag,
@@ -711,28 +722,59 @@ protect=1
               begin
                 rpm_version = Gem::Version.new(new_rpm_info.version)
+                rpm_release = new_rpm_info.release.match(/^(\d+)[.-_]?/) ? new_rpm_info.release.match(/^(\d+)[.-_]?/)[1] : nil
+                if @verbose
+                  $stderr.puts '        ' + [
+                    "RPM version-rel: #{ "#{rpm_version}-#{rpm_release}".ljust(10) }  ",
+                    "(semver: #{rpm_version}, relver: #{rpm_release})",
+                  ].join
+                end
               rescue ArgumentError
-                $stderr.puts ">>#{new_rpm_info.basename}: Could not determine RPM version"
+                $stderr.puts ">>#{new_rpm_info.basename}: Could not determine RPM version from '#{new_rpm_info.version}'"
               end
               begin
                 if latest_tag.empty?
                   require_tag = true
+                  $stderr.puts "        Latest Git tag semver:   (none)" if @verbose
                 else
-                  latest_tag_version = Gem::Version.new(latest_tag)
+                  # Gem::Version interprets an RPM-style release suffix like
+                  # `1.2.3-4` as `1.2.3.pre.4`, which is *less* than `1.2.3`.
+                  # So we compare SemVer first, then relver numbers if needed
+                  latest_tag_version = Gem::Version.new(latest_tag.sub(/-\d+$/,''))
+                  latest_tag_release = latest_tag.match(/-(\d+)$/) ? latest_tag.match(/-(\d+)$/)[1].to_i : nil
+                  if @verbose
+                    $stderr.puts '        ' + [
+                      "Latest Git tag:  #{latest_tag.ljust(10)}  ",
+                      "(semver: #{latest_tag_version}#{latest_tag_release ? ", relver: #{latest_tag_release}" : nil})",
+                    ].join
+                  end
                 end
               rescue ArgumentError
-                $stderr.puts ">>#{new_rpm_info.basename}: Invalid git tag version '#{latest_tag}' "
+                $stderr.puts ">>#{git_origin_url}: Invalid git tag version '#{latest_tag}' "
               end
               if rpm_version && latest_tag_version
-                if rpm_version > latest_tag_version
+                # undefined behavior, so far (this current logic skips it):
+                #   what to do if rpm_release is set and latest_tag_release is nil?
+                if latest_tag_release &&
+                   rpm_release &&
+                   (rpm_version == latest_tag_version) &&
+                   (rpm_release > latest_tag_release)
+                  require_tag = true
+                elsif rpm_version > latest_tag_version
                   require_tag = true
                 end
               end
               if opts[:verbose] && require_tag
-                $stderr.puts  "#{opts[:prefix]}Git Release Tag Required: #{new_rpm_info.basename} #{latest_tag} => #{new_rpm_info.version}"
+                $stderr.puts [
+                  "#{opts[:prefix]}Git Release Tag Required: ",
+                  "[#{git_origin_url || dir_relpath }] ",
+                  "tag: #{latest_tag} => ",
+                  "rpm: #{new_rpm_info.version}#{latest_tag_release ? "-#{rpm_release}" : nil} ",
+                  "[#{new_rpm_info.basename}]",
+                ].join
               end
             end
@@ -751,7 +793,6 @@ protect=1
                     if new_rpm_info.package_newer?(package, published_rpm)
                       if opts[:verbose]
                         $stderr.puts "#{opts[:prefix]}RPM Publish Required: #{published_rpm} => #{new_rpm_info.rpm_name(package)}"
                       end
                       result = true
                     else
@@ -783,7 +824,7 @@ protect=1
                     end
                   else
                     if opts[:verbose]
-                      $stderr.puts "#{opts[:prefix]}RPM Publish Required: #{new_rpm_info.rpm_name(package)}"
+                      $stderr.puts "#{opts[:prefix]}RPM Publish Required (new RPM): #{new_rpm_info.rpm_name(package)}"
                     end
                     result = true
                   end
@@ -881,6 +922,7 @@ protect=1
                     ::Bundler.send(clean_env_method) do
                       %x{#{bundle_install_cmd}}
                       output = %x{#{cmd} 2>&1}
                       unless $?.success?

data/lib/simp/rake/helpers/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@ module Simp; end
 module Simp::Rake; end
 class Simp::Rake::Helpers
-  VERSION = '5.11.5'
+  VERSION = '5.11.6'
 end

data/spec/acceptance/nodesets/default.yml CHANGED Viewed

@@ -1,121 +1,21 @@
 HOSTS:
-  el6-build-server:
+  el7-build-server:
     roles:
       - default
-      - master
-      - agent
       - build_server
-    platform: el-6-x86_64
+    platform: el-7-x86_64
     hypervisor: docker
-    image: centos:6
-    docker_image_commands:
-      - 'yum install -y epel-release'
-      - "echo 'Defaults:build_user !requiretty' >> /etc/sudoers"
-      - "echo 'build_user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
-      - 'useradd -b /home -m -c "Build User" -s /bin/bash -U build_user'
-      - 'yum install -y facter rubygem-json'
-      # simp build-deps
-      - 'yum install -y rpm-build augeas-devel createrepo genisoimage git gnupg2 libicu-devel libxml2 libxml2-devel libxslt libxslt-devel rpmdevtools which'
-      # rvm build-deps
-      - 'yum install -y libyaml-devel glibc-headers autoconf gcc-c++ glibc-devel readline-devel libffi-devel openssl-devel automake libtool bison sqlite-devel'
-      #
-      # Do our best to get one of the keys from at one of the servers, and to
-      # trust the right ones if the GPG keyservers return bad keys
-      #
-      # These are the keys we want:
-      #
-      #  409B6B1796C275462A1703113804BB82D39DC0E3 # mpapis@gmail.com
-      #  7D2BAF1CF37B13E2069D6956105BD0E739499BDB # piotr.kuczynski@gmail.com
-      #
-      # See:
-      #   - https://rvm.io/rvm/security
-      #   - https://github.com/rvm/rvm/blob/master/docs/gpg.md
-      #   - https://github.com/rvm/rvm/issues/4449
-      #   - https://github.com/rvm/rvm/issues/4250
-      #   - https://seclists.org/oss-sec/2018/q3/174
-      #
-      # NOTE (mostly to self): In addition to RVM's documented procedures,
-      # importing from https://keybase.io/mpapis may be a practical
-      # alternative for 409B6B1796C275462A1703113804BB82D39DC0E3:
-      #
-      #    curl https://keybase.io/mpapis/pgp_keys.asc | gpg2 --import
-      #
-      - 'runuser build_user -l -c "for i in {1..5}; do { gpg2 --keyserver  hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 || gpg2 --keyserver hkp://pgp.mit.edu --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 || gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3; } && break || sleep 1; done"'
-      - 'runuser build_user -l -c "for i in {1..5}; do { gpg2 --keyserver  hkp://pool.sks-keyservers.net --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB || gpg2 --keyserver hkp://pgp.mit.edu --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB || gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB; } && break || sleep 1; done"'
-#      - 'runuser build_user -l -c "gpg2 --refresh-keys"'
-      - 'runuser build_user -l -c "curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer -o rvm-installer && curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer.asc -o rvm-installer.asc && gpg2 --verify rvm-installer.asc rvm-installer && bash rvm-installer"'
-      - 'runuser build_user -l -c "rvm install 2.4"'
-      - 'runuser build_user -l -c "rvm use --default 2.4"'
-      - 'runuser build_user -l -c "rvm all do gem install bundler"'
-    mount_folders:
-      folder1:
-        host_path: ./
-        container_path: /host_files
-    docker_preserve_image: true
+    image: simpproject/simp_build_centos7
+    docker_cmd: '/usr/sbin/sshd -D -E /var/log/sshd.log'
-  el7-build-server:
+  el8-build-server:
     roles:
       - build_server
-    platform: el-7-x86_64
+    platform: el-8-x86_64
     hypervisor: docker
-    image: centos:7
-    docker_cmd: '/sbin/sshd; tail -f /dev/null'
-    docker_image_commands:
-      - 'yum install -y epel-release'
-      - 'ln -sf /bin/true /usr/bin/systemctl'
-      # Work around regression in beaker-docker
-      # https://github.com/puppetlabs/beaker-docker/pull/15/files
-      - 'yum install -y sudo openssh-server openssh-clients'
-      - "sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config"
-      - "sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config"
-      - "sed -ri 's/^#?UseDNS .*/UseDNS no/' /etc/ssh/sshd_config"
-      - "echo 'Defaults:build_user !requiretty' >> /etc/sudoers"
-      - "echo 'build_user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
-      - 'useradd -b /home -m -c "Build User" -s /bin/bash -U build_user'
-      - 'yum install -y facter rubygem-json'
-      # simp build-deps
-      - 'yum install -y rpm-build augeas-devel createrepo genisoimage git gnupg2 libicu-devel libxml2 libxml2-devel libxslt libxslt-devel rpmdevtools clamav-update which'
-      # rvm build-deps
-      #
-      # Do our best to get one of the keys from at one of the servers, and to
-      # trust the right ones if the GPG keyservers return bad keys
-      #
-      # These are the keys we want:
-      #
-      #  409B6B1796C275462A1703113804BB82D39DC0E3 # mpapis@gmail.com
-      #  7D2BAF1CF37B13E2069D6956105BD0E739499BDB # piotr.kuczynski@gmail.com
-      #
-      # See:
-      #   - https://rvm.io/rvm/security
-      #   - https://github.com/rvm/rvm/blob/master/docs/gpg.md
-      #   - https://github.com/rvm/rvm/issues/4449
-      #   - https://github.com/rvm/rvm/issues/4250
-      #   - https://seclists.org/oss-sec/2018/q3/174
-      #
-      # NOTE (mostly to self): In addition to RVM's documented procedures,
-      # importing from https://keybase.io/mpapis may be a practical
-      # alternative for 409B6B1796C275462A1703113804BB82D39DC0E3:
-      #
-      #    curl https://keybase.io/mpapis/pgp_keys.asc | gpg2 --import
-      #
-      - 'runuser build_user -l -c "for i in {1..5}; do { gpg2 --keyserver hkp://pgp.mit.edu --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 || gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3; } && { gpg2 --keyserver hkp://pgp.mit.edu --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB || gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB; } && break || sleep 1; done"'
-      - 'runuser build_user -l -c "gpg2 --refresh-keys"'
-      - 'runuser build_user -l -c "curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer -o rvm-installer && curl -sSL https://raw.githubusercontent.com/rvm/rvm/stable/binscripts/rvm-installer.asc -o rvm-installer.asc && gpg2 --verify rvm-installer.asc rvm-installer && bash rvm-installer"'
-      - 'runuser build_user -l -c "rvm install 2.4"'
-      - 'runuser build_user -l -c "rvm use --default 2.4"'
-      - 'runuser build_user -l -c "rvm all do gem install bundler"'
-      - 'yum install -y rpm-sign'
-    mount_folders:
-      folder1:
-        host_path: ./
-        container_path: /host_files
+    image: simpproject/simp_build_centos8
+    docker_cmd: '["/sbin/init"]'
     docker_preserve_image: true
-    ssh:
-      password: root
-      auth_methods:
-        - password
 CONFIG:
   log_level: verbose
@@ -123,5 +23,17 @@ CONFIG:
 <% if ENV['BEAKER_PUPPET_COLLECTION'] -%>
   puppet_collection: <%= ENV['BEAKER_PUPPET_COLLECTION'] %>
 <% else -%>
-  puppet_collection: puppet5
+  puppet_collection: puppet6
 <% end -%>
+  ssh:
+    password: root
+    auth_methods:
+      - password
+  docker_cap_add:
+    - AUDIT_WRITE
+  docker_preserve_image: true
+  mount_folders:
+    host_files:
+      host_path: ./
+      container_path: /host_files
+      opts: 'z'

data/spec/spec_helper_acceptance.rb CHANGED Viewed

@@ -1,22 +1,35 @@
 require 'beaker-rspec'
+require 'tmpdir'
+require 'yaml'
 require 'simp/beaker_helpers'
 include Simp::BeakerHelpers
-require 'tmpdir'
-require 'pry' if ENV['PRY'] == 'yes'
 require 'acceptance/support/simp_rake_helpers'
 $LOAD_PATH.unshift(File.expand_path('../acceptance/support',__FILE__))
+unless ENV['BEAKER_provision'] == 'no'
+  hosts.each do |host|
+    # Install Puppet
+    if host.is_pe?
+      install_pe
+    else
+      install_puppet
+    end
+  end
+end
 RSpec.configure do |c|
   # provide helper methods to individual examples AND example groups
   c.include Simp::BeakerHelpers::SimpRakeHelpers
   c.extend Simp::BeakerHelpers::SimpRakeHelpers
+  # ensure that environment OS is ready on each host
+  fix_errata_on hosts
   # Readable test descriptions
   c.formatter = :documentation
-  # Configure all nodes in nodeset
   c.before :suite do
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: simp-rake-helpers
 version: !ruby/object:Gem::Version
-  version: 5.11.5
+  version: 5.11.6
 platform: ruby
 authors:
 - Chris Tessmer
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-16 00:00:00.000000000 Z
+date: 2021-02-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: simp-beaker-helpers