test(map): standardise map.jinja verification

* Automated using myii/ssf-formula#281

CODEOWNERS

@@ -15,8 +15,11 @@
 /docs/AUTHORS.rst                           @saltstack-formulas/ssf
 /docs/CHANGELOG.rst                         @saltstack-formulas/ssf
 /docs/TOFS_pattern.rst                      @saltstack-formulas/ssf
+/*/_mapdata/                                @saltstack-formulas/ssf
 /*/libsaltcli.jinja                         @saltstack-formulas/ssf
 /*/libtofs.jinja                            @saltstack-formulas/ssf
+/test/integration/**/_mapdata_spec.rb       @saltstack-formulas/ssf
+/test/integration/**/libraries/system.rb    @saltstack-formulas/ssf
 /test/integration/**/inspec.yml             @saltstack-formulas/ssf
 /test/integration/**/README.md              @saltstack-formulas/ssf
 /.gitignore                                 @saltstack-formulas/ssf

openntpd/_mapdata/init.sls

@@ -3,19 +3,17 @@
 ---
 {#- Get the `tplroot` from `tpldir` #}
 {%- set tplroot = tpldir.split('/')[0] %}
-{%- from tplroot ~ "/map.jinja" import openntpd with context %}
+{%- from tplroot ~ "/map.jinja" import openntpd as mapdata with context %}
 
-{%- set map = {
-      'openntpd': openntpd,
-    } %}
-{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ map | yaml(False)) %}
+{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %}
 
-{%- set output_file = '/tmp/salt_mapdata_dump.yaml' %}
+{%- set output_dir = '/temp' if grains.os_family == 'Windows' else '/tmp' %}
+{%- set output_file = output_dir ~ '/salt_mapdata_dump.yaml' %}
 
 {{ tplroot }}-mapdata-dump:
   file.managed:
     - name: {{ output_file }}
     - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
     - template: jinja
     - context:
-        map: {{ map | yaml }}
+        map: {{ mapdata | yaml }}

test/integration/default/controls/_mapdata_spec.rb

@@ -1,13 +1,23 @@
 # frozen_string_literal: true
 
+require 'yaml'
+
 control '`map.jinja` YAML dump' do
-  title 'should contain the lines'
+  title 'should match the comparison file'
 
+  # Strip the `platform[:finger]` version number down to the "OS major release"
   mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml"
-  mapdata_dump = inspec.profile.file(mapdata_file)
 
-  describe file('/tmp/salt_mapdata_dump.yaml') do
-    it { should exist }
-    its('content') { should include mapdata_dump }
+  # Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files
+  mapdata_dump = YAML.safe_load(inspec.profile.file(mapdata_file))
+
+  # Derive the location of the dumped mapdata
+  output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
+  output_file = "#{output_dir}/salt_mapdata_dump.yaml"
+
+  describe 'File content' do
+    it 'should match profile map data exactly' do
+      expect(yaml(output_file).params).to eq(mapdata_dump)
+    end
   end
 end

test/integration/share/README.md

@@ -2,37 +2,20 @@
 
 This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
 
-It's goal is to share the libraries between all profiles.
+Its goal is to share the libraries between all profiles.
 
-## Verify a profile
+## Libraries
 
-InSpec ships with built-in features to verify a profile structure.
+### `system`
 
-```bash
-$ inspec check share
-Summary
--------
-Location: share
-Profile: profile
-Controls: 4
-Timestamp: 2019-06-24T23:09:01+00:00
-Valid: true
+The `system` library provides easy access to system dependent information:
 
-Errors
-------
-
-Warnings
---------
-```
-
-## Execute a profile
-
-To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
-
-```bash
-$ inspec exec share
-..
-
-Finished in 0.0025 seconds (files took 0.12449 seconds to load)
-8 examples, 0 failures
-```
+- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
+  - `system.platform[:family]` provide a family name for Arch and Gentoo
+  - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
+  - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo and Windows:
+    - `Arch` is always `base-latest`
+    - `Amazon Linux` release `2018` is resolved as `1`
+    - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
+    - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
+  - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)

test/integration/share/inspec.yml

@@ -2,7 +2,7 @@
 # vim: ft=yaml
 ---
 name: share
-title: openntpd formula
+title: InSpec shared resources
 maintainer: SaltStack Formulas
 license: Apache-2.0
 summary: shared resources
@@ -15,4 +15,7 @@ supports:
   - platform-name: suse
   - platform-name: freebsd
   - platform-name: amazon
+  - platform-name: oracle
   - platform-name: arch
+  - platform-name: gentoo
+  - platform: windows

test/integration/share/libraries/system.rb

@@ -4,47 +4,18 @@
 # Author: Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
 # Copyright (C) 2020 Daniel Dehennin <daniel.dehennin@ac-dijon.fr>
 
-HOSTNAME_CMDS = %w[hostname hostnamectl].freeze
-HOSTNAME_CMDS_OPT = {
-  'hostname' => '-s',
-  'hostnamectl' => '--static'
-}.freeze
-
 class SystemResource < Inspec.resource(1)
   name 'system'
 
   attr_reader :platform
-  attr_reader :hostname
 
   def initialize
+    super
     @platform = build_platform
-    @hostname = found_hostname
   end
 
   private
 
-  def found_hostname
-    cmd = guess_hostname_cmd
-
-    unless cmd.exit_status.zero?
-      raise Inspec::Exceptions::ResourceSkipped,
-            "Error running '#{cmd}': #{cmd.stderr}"
-    end
-
-    cmd.stdout.chomp
-  end
-
-  def guess_hostname_cmd
-    HOSTNAME_CMDS.each do |cmd|
-      if inspec.command(cmd).exist?
-        return inspec.command("#{cmd} #{HOSTNAME_CMDS_OPT[cmd]}")
-      end
-    end
-
-    raise Inspec::Exceptions::ResourceSkipped,
-          "Error: #{@platform[:finger]}} has none of #{HOSTNAME_CMDS.join(', ')}"
-  end
-
   def build_platform
     {
       family: build_platform_family,
@@ -56,33 +27,52 @@ def build_platform
 
   def build_platform_family
     case inspec.platform[:name]
-    when 'arch'
-      'arch'
+    when 'arch', 'gentoo'
+      inspec.platform[:name]
     else
       inspec.platform[:family]
     end
   end
 
   def build_platform_name
     case inspec.platform[:name]
-    when 'amazon'
-      'amazonlinux'
+    when 'amazon', 'oracle'
+      "#{inspec.platform[:name]}linux"
+    when 'windows_8.1_pro', 'windows_server_2019_datacenter'
+      'windows'
     else
       inspec.platform[:name]
     end
   end
 
+  # rubocop:disable Metrics/MethodLength
   def build_platform_release
     case inspec.platform[:name]
     when 'amazon'
       # `2018` relase is named `1` in kitchen.yaml
       inspec.platform[:release].gsub(/2018.*/, '1')
     when 'arch'
       'base-latest'
+    when 'gentoo'
+      "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
+    when 'windows_8.1_pro'
+      '8.1'
+    when 'windows_server_2019_datacenter'
+      '2019-server'
     else
       inspec.platform[:release]
     end
   end
+  # rubocop:enable Metrics/MethodLength
+
+  def derive_gentoo_init_system
+    case inspec.command('systemctl').exist?
+    when true
+      'sysd'
+    else
+      'sysv'
+    end
+  end
 
   def build_platform_finger
     "#{build_platform_name}-#{build_finger_release}"