diff --git a/.travis.yml b/.travis.yml index cb68c07b..6a9af09c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,22 +20,22 @@ services: env: matrix: - INSTANCE: debian-debian-9-develop-py3 - # - INSTANCE: debian-ubuntu-1804-develop-py3 + # - INSTANCE: ubuntu-ubuntu-1804-develop-py3 # - INSTANCE: redhat-centos-7-develop-py3 # - INSTANCE: redhat-fedora-29-develop-py3 # - INSTANCE: suse-opensuse-leap-15-develop-py3 # - INSTANCE: debian-debian-9-2019-2-py3 - - INSTANCE: debian-ubuntu-1804-2019-2-py3 + - INSTANCE: ubuntu-ubuntu-1804-2019-2-py3 - INSTANCE: redhat-centos-7-2019-2-py3 # - INSTANCE: redhat-fedora-29-2019-2-py3 # - INSTANCE: suse-opensuse-leap-15-2019-2-py3 # - INSTANCE: debian-debian-9-2018-3-py2 - # - INSTANCE: debian-ubuntu-1604-2018-3-py2 + # - INSTANCE: ubuntu-ubuntu-1604-2018-3-py2 # - INSTANCE: redhat-centos-7-2018-3-py2 - INSTANCE: redhat-fedora-29-2018-3-py2 - INSTANCE: suse-opensuse-leap-42-2018-3-py2 # - INSTANCE: debian-debian-8-2017-7-py2 - # - INSTANCE: debian-ubuntu-1604-2017-7-py2 + # - INSTANCE: ubuntu-ubuntu-1604-2017-7-py2 - INSTANCE: redhat-centos-6-2017-7-py2 # - INSTANCE: redhat-fedora-28-2017-7-py2 # - INSTANCE: suse-opensuse-leap-42-2017-7-py2 @@ -54,7 +54,7 @@ jobs: # Install and run `yamllint` - pip install --user yamllint # yamllint disable-line rule:line-length - - yamllint -s . .yamllint pillar.example test/salt/pillar/debian.sls test/salt/pillar/redhat.sls test/salt/pillar/suse.sls + - yamllint -s . .yamllint pillar.example test/salt/pillar/debian.sls test/salt/pillar/ubuntu.sls test/salt/pillar/redhat.sls test/salt/pillar/suse.sls # Install and run `commitlint` - npm install @commitlint/config-conventional -D - npm install @commitlint/travis-cli -D diff --git a/kitchen.yml b/kitchen.yml index 3d492dee..457532db 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -137,25 +137,54 @@ suites: - name: debian includes: - debian-9-develop-py3 - - ubuntu-1804-develop-py3 - debian-9-2019-2-py3 - - ubuntu-1804-2019-2-py3 - debian-9-2018-3-py2 - - ubuntu-1604-2018-3-py2 - debian-8-2017-7-py2 + provisioner: + state_top: + base: + '*': + - php.repo + - php.fpm.install + - php.fpm.config + - php.fpm.pools + - php.modules + - php.fpm.service + pillars: + top.sls: + base: + '*': + - php + pillars_from_files: + php.sls: test/salt/pillar/debian.sls + verifier: + inspec_tests: + - path: test/integration/default + - name: ubuntu + includes: + - ubuntu-1804-develop-py3 + - ubuntu-1804-2019-2-py3 + - ubuntu-1604-2018-3-py2 - ubuntu-1604-2017-7-py2 provisioner: state_top: base: '*': - - php + - php.repo + - php.fpm.install + - php.fpm.config + - php.fpm.pools + - php.modules + - php.fpm.service pillars: top.sls: base: '*': - php + - ubuntu pillars_from_files: php.sls: test/salt/pillar/debian.sls + ubuntu.sls: test/salt/pillar/ubuntu.sls verifier: inspec_tests: - path: test/integration/default diff --git a/php/fpm/init.sls b/php/fpm/init.sls index e7b56cee..85b38fad 100644 --- a/php/fpm/init.sls +++ b/php/fpm/init.sls @@ -6,39 +6,49 @@ include: - php.fpm.pools {% set pillar_php_version = salt['pillar.get']('php:version', '7.0') %} + extend: - php_fpm_service: +{% if pillar_php_version is iterable and pillar_php_version is not string %} + {% for version in pillar_php_version %} + + php_fpm_service_{{ version }}: service: - watch: - {% if pillar_php_version is iterable and pillar_php_version is not string %} - {% for version in pillar_php_version %} - file: php_fpm_ini_config_{{ version }} - file: php_fpm_conf_config_{{ version }} - {% endfor %} - {% else %} - - file: php_fpm_ini_config - - file: php_fpm_conf_config - {% endif %} - require: - sls: php.fpm.config - {% if pillar_php_version is iterable and pillar_php_version is not string %} - {% for version in pillar_php_version %} + php_fpm_ini_config_{{ version }}: file: - require: - pkg: php_install_fpm + php_fpm_conf_config_{{ version }}: file: - require: - pkg: php_install_fpm - {% endfor %} - {% else %} + + {% endfor %} + +{% else %} + + php_fpm_service: + service: + - watch: + - file: php_fpm_ini_config + - file: php_fpm_conf_config + - require: + - sls: php.fpm.config + php_fpm_ini_config: file: - require: - pkg: php_install_fpm + php_fpm_conf_config: file: - require: - pkg: php_install_fpm - {% endif %} + +{% endif %} diff --git a/php/fpm/pools.sls b/php/fpm/pools.sls index bd5cc28d..01e82024 100644 --- a/php/fpm/pools.sls +++ b/php/fpm/pools.sls @@ -1,24 +1,38 @@ # Manages the php-fpm pools config files {% from "php/map.jinja" import php with context %} {% from "php/macro.jinja" import sls_block %} +{% from "php/macro.jinja" import file_requisites %} {% from "php/fpm/pools_config.sls" import pool_states with context %} -{% macro file_requisites(states) %} - {%- for state in states %} - - file: {{ state }} - {%- endfor -%} -{% endmacro %} - include: - php.fpm.service - php.fpm.pools_config +{% set pillar_php_version = salt['pillar.get']('php:version', '7.0') %} + {% if pool_states %} extend: + +{% if pillar_php_version is iterable and pillar_php_version is not string %} + {% for version in pillar_php_version %} + php_fpm_service_{{ version }}: + service: + - watch: +{{ file_requisites(pool_states) }} + - require: +{{ file_requisites(pool_states) }} + + {% endfor %} + +{% else %} + php_fpm_service: service: - watch: {{ file_requisites(pool_states) }} - require: {{ file_requisites(pool_states) }} + +{% endif %} + {% endif %} diff --git a/php/fpm/service.sls b/php/fpm/service.sls index bed2ff2c..1eb2f66c 100644 --- a/php/fpm/service.sls +++ b/php/fpm/service.sls @@ -3,10 +3,28 @@ {% from "php/macro.jinja" import sls_block %} {% set service_function = {True:'running', False:'dead'}.get(php.fpm.service.enabled) %} +{% set pillar_php_version = salt['pillar.get']('php:version', '7.0') %} include: - php.fpm.install +{% if pillar_php_version is iterable and pillar_php_version is not string %} + {% for version in pillar_php_version %} + +php_fpm_service_{{ version }}: + service.{{ service_function }}: + {{ sls_block(php.fpm.service.opts) }} + - name: {{ 'php' ~ version ~ '-fpm' }} + - enable: {{ php.fpm.service.enabled }} + - require: + - sls: php.fpm.install + - watch: + - pkg: php_install_fpm + + {% endfor %} + +{% else %} + php_fpm_service: service.{{ service_function }}: {{ sls_block(php.fpm.service.opts) }} @@ -16,3 +34,5 @@ php_fpm_service: - sls: php.fpm.install - watch: - pkg: php_install_fpm + +{% endif %} diff --git a/php/macro.jinja b/php/macro.jinja index 57908204..f5e22692 100644 --- a/php/macro.jinja +++ b/php/macro.jinja @@ -27,3 +27,17 @@ {{ ret|json() }} {%- endmacro -%} + +{% macro file_requisites(states) %} + {%- for state in states %} + - file: {{ state }} + {%- endfor -%} +{% endmacro %} + +{%- macro format_kwargs(kwarg) -%} + {%- filter indent(4) %} + {%- for k, v in kwarg|dictsort() %} +- {{ k }}: {{ v }} + {%- endfor %} + {%- endfilter %} +{%- endmacro %} diff --git a/php/map.jinja b/php/map.jinja index 9fc102cd..0b4cb185 100644 --- a/php/map.jinja +++ b/php/map.jinja @@ -67,7 +67,8 @@ 'php': 'php' + php_version, 'phpenmod_command': 'phpenmod -v' + php_version, 'pspell': 'php' + php_version + '-pspell', - 'redis': 'php' + php_version + '-redis', + 'readline': 'php' + php_version + '-readline', + 'redis': 'php-redis', 'seclib': ['php-phpseclib', 'php-seclib'], 'snmp': 'php' + php_version + '-snmp', 'soap': 'php' + php_version + '-soap', @@ -81,7 +82,7 @@ 'tcpdf': 'php-tcpdf', 'temp_dir': '/tmp', 'tidy': 'php' + php_version + '-tidy', - 'xdebug': 'php' + php_version + '-xdebug', + 'xdebug': 'php-xdebug', 'xml': ['php' + php_version + '-xml', 'php' + php_version + '-xmlrpc'], 'xsl': 'php' + php_version + '-xsl', 'zip': 'php' + php_version + '-zip', @@ -2263,7 +2264,7 @@ 'tcpdf': 'php-tcpdf', 'temp_dir': '/tmp', 'tidy': 'php' + php_version + '-tidy', - 'xdebug': 'php' + php_version + '-xdebug', + 'xdebug': 'php-xdebug', 'xml': ['php' + php_version + '-xml', 'php' + php_version + '-xmlrpc'], 'xsl': 'php' + php_version + '-xsl', 'zip': 'php' + php_version + '-zip', diff --git a/php/repo/init.sls b/php/repo/init.sls new file mode 100644 index 00000000..d3e55181 --- /dev/null +++ b/php/repo/init.sls @@ -0,0 +1,5 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +include: + - .install diff --git a/php/repo/install.sls b/php/repo/install.sls new file mode 100644 index 00000000..41ee3a32 --- /dev/null +++ b/php/repo/install.sls @@ -0,0 +1,11 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls + +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split('/')[0] %} +{%- from tplroot ~ "/map.jinja" import php with context %} +{%- from tplroot ~ "/macro.jinja" import format_kwargs with context %} + +php/repo/install: + pkgrepo.managed: + {{- format_kwargs(php.repo) }} diff --git a/test/integration/default/controls/config_spec.rb b/test/integration/default/controls/config_spec.rb new file mode 100644 index 00000000..fee1f2da --- /dev/null +++ b/test/integration/default/controls/config_spec.rb @@ -0,0 +1,38 @@ +control 'Php configuration' do + title 'should match desired lines' + + def test_debian + describe file('/etc/php/5.6/fpm/pool.d/radius-admin.conf') do + its('content') { should include '[radius-admin]' } + its('content') { should include 'php_admin_value[date.timezone] = Europe/Paris' } + end + + describe file('/etc/php/7.3/fpm/pool.d/ldap-admin.conf') do + its('content') { should include '[ldap-admin]' } + its('content') { should include 'php_admin_value[date.timezone] = Europe/Paris' } + end + + describe file('/etc/php/5.6/fpm/php.ini') do + its('content') { should include 'date.timezone = Europe/Paris' } + end + + describe file('/etc/php/7.3/fpm/php.ini') do + its('content') { should include 'date.timezone = Europe/Paris' } + end + end + + def test_redhat + end + + def test_suse + end + + case os[:family] + when 'debian' + test_debian + when 'redhat', 'fedora' + test_redhat + when 'suse' + test_suse + end +end diff --git a/test/integration/default/controls/package_spec.rb b/test/integration/default/controls/package_spec.rb index 6023dbce..860c92cd 100644 --- a/test/integration/default/controls/package_spec.rb +++ b/test/integration/default/controls/package_spec.rb @@ -1,22 +1,52 @@ control 'Php package' do title 'should be installed' - pkg_name = - case os[:family] - when 'debian' - case os[:name] - when 'ubuntu' - 'php' - when 'debian' - 'php7.0' + def test_debian + describe package('php-imagick') do + it { should be_installed } + end + + describe package('php-redis') do + it { should be_installed } + end + + describe package('php-xdebug') do + it { should be_installed } + end + + %w[ + bz2 cli curl fpm gd imap intl mbstring + mysql readline xml zip + ].each do |pkg| + + describe package("php5.6-#{pkg}") do + it { should be_installed } + end + + describe package("php7.3-#{pkg}") do + it { should be_installed } end - when 'redhat', 'fedora' - 'php' - when 'suse' - 'php5' end + end + + def test_redhat + describe package('php') do + it { should be_installed } + end + end + + def test_suse + describe package('php5') do + it { should be_installed } + end + end - describe package(pkg_name) do - it { should be_installed } + case os[:family] + when 'debian' + test_debian + when 'redhat', 'fedora' + test_redhat + when 'suse' + test_suse end end diff --git a/test/integration/default/controls/service_spec.rb b/test/integration/default/controls/service_spec.rb new file mode 100644 index 00000000..d1932aba --- /dev/null +++ b/test/integration/default/controls/service_spec.rb @@ -0,0 +1,30 @@ +control 'Php service' do + title 'should be running and enabled' + + def test_debian + describe service('php5.6-fpm') do + it { should be_enabled } + it { should be_running } + end + + describe service('php7.3-fpm') do + it { should be_enabled } + it { should be_running } + end + end + + def test_redhat + end + + def test_suse + end + + case os[:family] + when 'debian' + test_debian + when 'redhat', 'fedora' + test_redhat + when 'suse' + test_suse + end +end diff --git a/test/salt/pillar/debian.sls b/test/salt/pillar/debian.sls index b6880f22..d63e3157 100644 --- a/test/salt/pillar/debian.sls +++ b/test/salt/pillar/debian.sls @@ -1,4 +1,90 @@ # -*- coding: utf-8 -*- # vim: ft=yaml --- -php: {} +php: + repo: + humanname: php-sury repo + # yamllint disable-line rule:line-length + name: "deb https://packages.sury.org/php/ {{ salt['grains.get']('oscodename') }} main" + file: /etc/apt/sources.list.d/php-sury.list + key_url: https://packages.sury.org/php/apt.gpg + + version: + - '5.6' + - '7.3' + + fpm: + config: + ini: + settings: + Assertion: + zend.assertions: -1 + PHP: + expose_php: 'Off' + default_charset: UTF-8 + cgi.fix_pathinfo: 0 + Date: + date.timezone: Europe/Paris + + pools: + 'radius-admin.conf': + enabled: true + phpversion: '5.6' + settings: + radius-admin: + user: www-data + group: www-data + listen: /tmp/php-fpm-radius-admin.sock + listen.mode: '0666' + pm: static + pm.max_children: 3 + pm.max_requests: 500 + pm.status_path: /php-status + ping.path: /php-ping + catch_workers_output: 'yes' + security.limit_extensions: .php + 'php_admin_value[date.timezone]': Europe/Paris + + 'ldap-admin.conf': + enabled: true + phpversion: '7.3' + settings: + ldap-admin: + user: www-data + group: www-data + listen: /tmp/php-fpm-ldap-admin2.sock + listen.mode: '0666' + pm: static + pm.max_children: 3 + pm.max_requests: 500 + pm.status_path: /php-status + ping.path: /php-ping + catch_workers_output: 'yes' + security.limit_extensions: .php + 'php_admin_value[date.timezone]': Europe/Paris + + cli: + ini: + settings: + Assertion: + zend.assertions: -1 + PHP: + default_charset: UTF-8 + Date: + date.timezone: Europe/Paris + + modules: + - bz2 + - cli + - curl + - gd + - imagick + - imap + - intl + - mbstring + - mysql + - readline + - redis + - xdebug + - xml + - zip diff --git a/test/salt/pillar/ubuntu.sls b/test/salt/pillar/ubuntu.sls new file mode 100644 index 00000000..2f090053 --- /dev/null +++ b/test/salt/pillar/ubuntu.sls @@ -0,0 +1,12 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +php: + use_external_repo: true + repo: + humanname: php-sury ppa + # yamllint disable-line rule:line-length + name: "deb http://ppa.launchpad.net/ondrej/php/ubuntu {{ salt['grains.get']('oscodename') }} main" + file: /etc/apt/sources.list.d/php-sury.list + # yamllint disable-line rule:line-length + key_url: https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x14aa40ec0831756756d7f66c4f4ea0aae5267a6c