Skip to content

Commit

Permalink
Merge pull request #401 from legal90/tests-inspec
Browse files Browse the repository at this point in the history
Integration tests: Switch to InSpec, test ACL
  • Loading branch information
legal90 authored Jan 18, 2017
2 parents b2fbd5f + 77e4823 commit d63b6f7
Show file tree
Hide file tree
Showing 18 changed files with 244 additions and 299 deletions.
38 changes: 23 additions & 15 deletions .kitchen.dokken.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,89 +3,93 @@ driver:
name: dokken
chef_version: latest
privileged: true

transport:
name: dokken

provisioner:
name: dokken

verifier:
root_path: /opt/verifier
name: inspec

platforms:
- name: centos-7
named_run_list: centos
driver:
image: centos:7
platform: rhel
pid_one_command: /usr/lib/systemd/systemd
intermediate_instructions:
- RUN yum -y install lsof which systemd-sysv initscripts sudo
- RUN yum -y install lsof which systemd-sysv initscripts net-tools
attributes:
poise-service:
consul:
provider: systemd

- name: centos-6
named_run_list: centos
driver:
image: centos:6
platform: rhel
pid_one_command: /sbin/init
intermediate_instructions:
- RUN yum -y install which initscripts sudo
- RUN yum -y install which initscripts net-tools

- name: ubuntu-16.04
named_run_list: debian
driver:
image: ubuntu:16.04
pid_one_command: /bin/systemd
intermediate_instructions:
- RUN /usr/bin/apt-get update -y
- RUN /usr/bin/apt-get install sudo net-tools -y
- RUN /usr/bin/apt-get install net-tools -y
attributes:
poise-service:
consul:
provider: systemd

- name: ubuntu-14.04
named_run_list: debian
driver:
image: ubuntu-upstart:14.04
pid_one_command: /sbin/init
intermediate_instructions:
- RUN /usr/bin/apt-get update -y
- RUN /usr/bin/apt-get install sudo net-tools -y
- RUN /usr/bin/apt-get install net-tools -y
attributes:
poise-service:
consul:
provider: upstart

- name: ubuntu-12.04
named_run_list: debian
driver:
image: ubuntu-upstart:12.04
pid_one_command: /sbin/init
intermediate_instructions:
- RUN /usr/bin/apt-get update -y
- RUN /usr/bin/apt-get install sudo net-tools -y
- RUN /usr/bin/apt-get install net-tools -y
attributes:
poise-service:
consul:
provider: upstart

- name: debian-8
named_run_list: debian
driver:
image: debian:8
pid_one_command: /bin/systemd
intermediate_instructions:
- RUN /usr/bin/apt-get update
- RUN /usr/bin/apt-get install lsb-release sudo net-tools -y
- RUN /usr/bin/apt-get install lsb-release net-tools -y
attributes:
poise-service:
consul:
provider: systemd

- name: debian-7
named_run_list: debian
driver:
image: debian:7
pid_one_command: /sbin/init
intermediate_instructions:
- RUN /usr/bin/apt-get update
- RUN /usr/bin/apt-get install lsb-release sudo net-tools -y
- RUN /usr/bin/apt-get install lsb-release net-tools -y

suites:
- name: default
provisioner:
Expand All @@ -99,6 +103,10 @@ suites:
server: true
datacenter: FortMeade
encrypt: CGXC2NsXW4AvuB4h5ODYzQ==
acl_master_token: doublesecret
acl_datacenter: FortMeade
acl_default_policy: deny

- name: webui
provisioner:
policyfile: test/fixtures/policies/default.rb
Expand Down
52 changes: 14 additions & 38 deletions .kitchen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,60 +4,49 @@ driver:

provisioner:
name: chef_zero
policyfile: test/fixtures/policies/default.rb

verifier:
name: inspec

platforms:
- name: ubuntu-16.04
named_run_list: debian
- name: ubuntu-14.04
named_run_list: debian
- name: ubuntu-12.04
named_run_list: debian
- name: centos-7.2
named_run_list: centos
- name: centos-6.7
named_run_list: centos
- name: centos-5.11
named_run_list: centos
- name: debian-8.2
named_run_list: debian
- name: debian-7.9
named_run_list: debian
- name: freebsd-10.2
named_run_list: freebsd
- name: windows-2012r2
named_run_list: windows
driver_config:
network:
- ["forwarded_port", {guest: 3389, host: 3389}]
- ["forwarded_port", {guest: 5985, host: 5985}]
communicator: winrm
customize:
usbehci: "off"

suites:
- name: default
provisioner:
policyfile: test/fixtures/policies/default.rb
attributes:
consul:
config: &default-config
owner: root
group: consul
ui: true
bootstrap: true
server: true
datacenter: FortMeade
encrypt: CGXC2NsXW4AvuB4h5ODYzQ==
acl_master_token: doublesecret
acl_datacenter: FortMeade
acl_default_policy: deny
excludes:
- windows-2012r2
- name: client
provisioner:
policyfile: test/fixtures/policies/default.rb
named_run_list: client
attributes:
consul:
config:
server: false
bootstrap_expect: 1
- name: git
provisioner:
policyfile: test/fixtures/policies/default.rb
attributes:
consul:
config: *default-config
Expand All @@ -66,8 +55,6 @@ suites:
excludes:
- windows-2012r2
- name: webui
provisioner:
policyfile: test/fixtures/policies/default.rb
attributes:
consul:
config:
Expand All @@ -76,20 +63,9 @@ suites:
ui: true
datacenter: FortMeade
encrypt: CGXC2NsXW4AvuB4h5ODYzQ==
- name: acl
provisioner:
policyfile: test/fixtures/policies/default.rb
- name: windows
attributes:
consul:
config:
bootstrap: true
server: true
datacenter: fortmeade
acl_master_token: doublesecret
acl_datacenter: fortmeade
acl_default_policy: deny
excludes:
config: *default-config
includes:
- windows-2012r2
- centos-7.2
- centos-6.7
- centos-5.11
1 change: 0 additions & 1 deletion TODO.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,2 @@
# TODO
- Fix the helpers and clean up the where it injects into DSL.
- Use the InSpec instead of ServerSpec.
2 changes: 0 additions & 2 deletions test/fixtures/cookbooks/consul_spec/recipes/client.rb

This file was deleted.

Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
include_recipe 'consul_spec::default'
include_recipe 'consul::client_gem'

package 'curl'
Expand Down Expand Up @@ -40,10 +39,12 @@
consul_acl 'reader_token' do
type 'client'
rules <<-EOS.gsub(/^\s{4}/, '')
dummyrule_line1
dummyrule_line2
key "dummykey" {
policy = "read"
}
service "dummyservice" {
policy = "write"
}
EOS
auth_token node['consul']['config']['acl_master_token']
end


Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@
# The ruby interpreter is guaranteed to exist since it's currently running.
file "/consul_definition_check.rb" do
content (<<-EOF).gsub(/^ */, '')
#!#{RbConfig.ruby}
exit 0
/bin/sh -c 'echo "Consul check script invoked"'
EOF
unless node.platform?('windows')
owner 'root'
Expand Down
3 changes: 1 addition & 2 deletions test/fixtures/cookbooks/consul_spec/recipes/consul_watch.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@
# The ruby interpreter is guaranteed to exist since it's currently running.
file "/consul_watch_handler.rb" do
content (<<-EOF).gsub(/^ */, '')
#!#{RbConfig.ruby}
exit 0
/bin/sh -c 'echo "Consul watch handler invoked"'
EOF
unless node.platform?('windows')
owner 'root'
Expand Down
2 changes: 1 addition & 1 deletion test/fixtures/cookbooks/consul_spec/recipes/default.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

include_recipe 'consul::default'
include_recipe 'consul_spec::consul_definition'
include_recipe 'consul_spec::consul_watch'
include_recipe 'consul_spec::consul_installation_webui'
include_recipe 'consul_spec::consul_acl' unless node.platform_family?('windows')
9 changes: 2 additions & 7 deletions test/fixtures/policies/default.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,6 @@
default_source :supermarket
default_source :chef_repo, '..'
cookbook 'consul', path: '../../..'
run_list 'consul::default', "consul_spec::#{name}"
named_run_list :centos, 'sudo::default', run_list
named_run_list :debian, 'apt::default', run_list
run_list 'consul_spec::default'
named_run_list :freebsd, 'freebsd::default', 'sudo::default', run_list
named_run_list :windows, 'windows::default', run_list

default['authorization']['sudo']['users'] = %w(kitchen vagrant)
default['authorization']['sudo']['passwordless'] = true
named_run_list :client, 'consul::default'
55 changes: 55 additions & 0 deletions test/integration/client/default_spec.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
require_relative '../spec_helper'

consul_executable = "/opt/consul/#{consul_version}/consul"
config_file = '/etc/consul/consul.json'
config_dir = '/etc/consul'

describe file(consul_executable) do
it { should be_file }
it { should be_executable }
end

describe group('consul') do
it { should exist }
end

describe user('consul') do
it { should exist }
its('group') { should eq 'consul' }
end

describe command("su - consul -c 'echo successfully logged in'") do
its(:stdout) { should_not match /successfully logged in/ }
its(:exit_status) { should_not eq 0 }
end

describe service('consul') do
it { should be_enabled }
it { should be_running }
end

[8400, 8500, 8600].each do |p|
describe port(p) do
it { should be_listening }
end
end

describe command("#{consul_executable} members -detailed") do
its(:exit_status) { should eq 0 }
its(:stdout) { should match %r{\balive\b} }
its(:stdout) { should match %r{\brole=node\b} }
end

describe file('/usr/local/bin/consul') do
it { should be_symlink }
end

describe file(config_file) do
it { should be_file }
its('mode') { should cmp '0640' }
end

describe file(config_dir) do
it { should be_directory }
its('mode') { should cmp '0755' }
end
Loading

0 comments on commit d63b6f7

Please sign in to comment.