diff --git a/.rubocop.yml b/.rubocop.yml index 9367e99..2cceb73 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -7,7 +7,7 @@ Layout/LineLength: # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`) Max: 88 Metrics/BlockLength: - ExcludedMethods: + IgnoredMethods: - control - describe # Increase from default of `25` diff --git a/Gemfile b/Gemfile index 15a77c3..c08ad6c 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ source 'https://rubygems.org' # Use the latest version of `inspec` prior to `4.23.4`, which introduces a # regression where the diff isn't displayed when comparing using `eq`. gem 'inspec', '~> 4.22.22' -# Install the `kitchen-docker` gem from GitHub because the latest version +# Install the `kitchen-docker` gem using `git` because the latest version # currently available (`2.10.0`) doesn't include a recent fix for Gentoo. # rubocop:disable Layout/LineLength gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf' diff --git a/kitchen.yml b/kitchen.yml index afbf5ad..261d668 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -312,6 +312,7 @@ suites: state_top: base: '*': + - sysctl._mapdata - sysctl pillars: top.sls: diff --git a/sysctl/_mapdata/_mapdata.jinja b/sysctl/_mapdata/_mapdata.jinja new file mode 100644 index 0000000..aa9649c --- /dev/null +++ b/sysctl/_mapdata/_mapdata.jinja @@ -0,0 +1,13 @@ +# yamllint disable rule:indentation rule:line-length +# {{ grains.get("osfinger", grains.os) }} +--- +{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} +{{ salt["slsutil.serialize"]( + "yaml", + map, + default_flow_style=False, + allow_unicode=True, + ) + | regex_replace("^\s+'$", "'", multiline=True) + | trim +}} diff --git a/sysctl/_mapdata/init.sls b/sysctl/_mapdata/init.sls new file mode 100644 index 0000000..a884b2a --- /dev/null +++ b/sysctl/_mapdata/init.sls @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls +--- +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split("/")[0] %} +{%- from tplroot ~ "/map.jinja" import sysctl_settings with context %} + +{%- set _mapdata = { + "values": sysctl_settings, + } %} +{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %} + +{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %} +{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %} + +{{ tplroot }}-mapdata-dump: + file.managed: + - name: {{ output_file }} + - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja + - template: jinja + - context: + map: {{ _mapdata | yaml }} diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml index e40b02b..2f91fe3 100644 --- a/test/integration/default/inspec.yml +++ b/test/integration/default/inspec.yml @@ -6,6 +6,9 @@ title: sysctl formula maintainer: SaltStack Formulas license: Apache-2.0 summary: Verify that the sysctl formula is setup and configured correctly +depends: + - name: share + path: test/integration/share supports: - platform-name: debian - platform-name: ubuntu @@ -14,6 +17,7 @@ supports: - platform-name: opensuse - platform-name: suse - platform-name: freebsd + - platform-name: openbsd - platform-name: amazon - platform-name: oracle - platform-name: arch diff --git a/test/integration/share/README.md b/test/integration/share/README.md new file mode 100644 index 0000000..5c5785b --- /dev/null +++ b/test/integration/share/README.md @@ -0,0 +1,22 @@ +# InSpec Profile: `share` + +This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). + +Its goal is to share the libraries between all profiles. + +## Libraries + +### `system` + +The `system` library provides easy access to system dependent information: + +- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective + - `system.platform[:family]` provide a family name for Arch and Gentoo + - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows` + - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows: + - `Arch` is always `base-latest` + - `Amazon Linux` release `2018` is resolved as `1` + - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`) + - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format + - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version + - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example) diff --git a/test/integration/share/inspec.yml b/test/integration/share/inspec.yml new file mode 100644 index 0000000..cf623a1 --- /dev/null +++ b/test/integration/share/inspec.yml @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +name: share +title: InSpec shared resources +maintainer: SaltStack Formulas +license: Apache-2.0 +summary: shared resources +supports: + - platform-name: debian + - platform-name: ubuntu + - platform-name: centos + - platform-name: fedora + - platform-name: opensuse + - platform-name: suse + - platform-name: freebsd + - platform-name: openbsd + - platform-name: amazon + - platform-name: oracle + - platform-name: arch + - platform-name: gentoo + - platform: windows diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb new file mode 100644 index 0000000..461dea4 --- /dev/null +++ b/test/integration/share/libraries/system.rb @@ -0,0 +1,90 @@ +# frozen_string_literal: true + +# system.rb -- InSpec resources for system values +# Author: Daniel Dehennin +# Copyright (C) 2020 Daniel Dehennin + +class SystemResource < Inspec.resource(1) + name 'system' + + attr_reader :platform + + def initialize + super + @platform = build_platform + end + + private + + def build_platform + { + family: build_platform_family, + name: build_platform_name, + release: build_platform_release, + finger: build_platform_finger + } + end + + def build_platform_family + case inspec.platform[:name] + when 'arch', 'gentoo' + inspec.platform[:name] + else + inspec.platform[:family] + end + end + + def build_platform_name + case inspec.platform[:name] + when 'amazon', 'oracle' + "#{inspec.platform[:name]}linux" + when /^windows_/ + inspec.platform[:family] + else + inspec.platform[:name] + end + end + + # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity + def build_platform_release + case inspec.platform[:name] + when 'amazon' + # `2018` relase is named `1` in kitchen.yaml + inspec.platform[:release].gsub(/2018.*/, '1') + when 'arch' + 'base-latest' + when 'gentoo' + "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" + when 'opensuse' + # rubocop:disable Style/NumericLiterals,Layout/LineLength + inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release] + # rubocop:enable Style/NumericLiterals,Layout/LineLength + when 'windows_8.1_pro' + '8.1' + when 'windows_server_2019_datacenter' + '2019-server' + when 'windows_server_2016_datacenter' + '2016-server' + else + inspec.platform[:release] + end + end + # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity + + def derive_gentoo_init_system + inspec.command('systemctl').exist? ? 'sysd' : 'sysv' + end + + def build_platform_finger + "#{build_platform_name}-#{build_finger_release}" + end + + def build_finger_release + case inspec.platform[:name] + when 'ubuntu' + build_platform_release.split('.').slice(0, 2).join('.') + else + build_platform_release.split('.')[0] + end + end +end