From 89c45f0717c3eced37e6ad34bb809ae052dc69d2 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Mon, 16 Jan 2017 11:18:45 +0200 Subject: [PATCH 1/7] test: Include ACL testing to the "default" suite --- .kitchen.dokken.yml | 3 +++ .kitchen.yml | 21 ++++--------------- .../recipes/{acl.rb => consul_acl.rb} | 3 --- .../cookbooks/consul_spec/recipes/default.rb | 2 +- test/fixtures/policies/default.rb | 2 +- .../serverspec/acl_spec.rb} | 0 6 files changed, 9 insertions(+), 22 deletions(-) rename test/fixtures/cookbooks/consul_spec/recipes/{acl.rb => consul_acl.rb} (96%) rename test/integration/{acl/serverspec/default_spec.rb => default/serverspec/acl_spec.rb} (100%) diff --git a/.kitchen.dokken.yml b/.kitchen.dokken.yml index 4f9955d5..056397ed 100644 --- a/.kitchen.dokken.yml +++ b/.kitchen.dokken.yml @@ -99,6 +99,9 @@ suites: server: true datacenter: FortMeade encrypt: CGXC2NsXW4AvuB4h5ODYzQ== + acl_master_token: doublesecret + acl_datacenter: FortMeade + acl_default_policy: deny - name: webui provisioner: policyfile: test/fixtures/policies/default.rb diff --git a/.kitchen.yml b/.kitchen.yml index 3c359294..1dd16306 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -43,10 +43,14 @@ suites: config: &default-config owner: root group: consul + ui: true bootstrap: true server: true datacenter: FortMeade encrypt: CGXC2NsXW4AvuB4h5ODYzQ== + acl_master_token: doublesecret + acl_datacenter: FortMeade + acl_default_policy: deny - name: client provisioner: policyfile: test/fixtures/policies/default.rb @@ -76,20 +80,3 @@ suites: ui: true datacenter: FortMeade encrypt: CGXC2NsXW4AvuB4h5ODYzQ== - - name: acl - provisioner: - policyfile: test/fixtures/policies/default.rb - attributes: - consul: - config: - bootstrap: true - server: true - datacenter: fortmeade - acl_master_token: doublesecret - acl_datacenter: fortmeade - acl_default_policy: deny - excludes: - - windows-2012r2 - - centos-7.2 - - centos-6.7 - - centos-5.11 diff --git a/test/fixtures/cookbooks/consul_spec/recipes/acl.rb b/test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb similarity index 96% rename from test/fixtures/cookbooks/consul_spec/recipes/acl.rb rename to test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb index cc94f528..02cece3f 100644 --- a/test/fixtures/cookbooks/consul_spec/recipes/acl.rb +++ b/test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb @@ -1,4 +1,3 @@ -include_recipe 'consul_spec::default' include_recipe 'consul::client_gem' package 'curl' @@ -45,5 +44,3 @@ EOS auth_token node['consul']['config']['acl_master_token'] end - - diff --git a/test/fixtures/cookbooks/consul_spec/recipes/default.rb b/test/fixtures/cookbooks/consul_spec/recipes/default.rb index 747a6775..e438992d 100644 --- a/test/fixtures/cookbooks/consul_spec/recipes/default.rb +++ b/test/fixtures/cookbooks/consul_spec/recipes/default.rb @@ -1,5 +1,5 @@ - include_recipe 'consul::default' +include_recipe 'consul_spec::consul_acl' include_recipe 'consul_spec::consul_definition' include_recipe 'consul_spec::consul_watch' include_recipe 'consul_spec::consul_installation_webui' diff --git a/test/fixtures/policies/default.rb b/test/fixtures/policies/default.rb index a1f781a2..b8ecd758 100644 --- a/test/fixtures/policies/default.rb +++ b/test/fixtures/policies/default.rb @@ -2,7 +2,7 @@ default_source :supermarket default_source :chef_repo, '..' cookbook 'consul', path: '../../..' -run_list 'consul::default', "consul_spec::#{name}" +run_list "consul_spec::#{name}" named_run_list :centos, 'sudo::default', run_list named_run_list :debian, 'apt::default', run_list named_run_list :freebsd, 'freebsd::default', 'sudo::default', run_list diff --git a/test/integration/acl/serverspec/default_spec.rb b/test/integration/default/serverspec/acl_spec.rb similarity index 100% rename from test/integration/acl/serverspec/default_spec.rb rename to test/integration/default/serverspec/acl_spec.rb From bb1bf0bf273aecdbd7f95ac9e20535f9d94de7b6 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Mon, 16 Jan 2017 11:21:31 +0200 Subject: [PATCH 2/7] test: Remove unused "client" recipe from the fixture cookbook --- test/fixtures/cookbooks/consul_spec/recipes/client.rb | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 test/fixtures/cookbooks/consul_spec/recipes/client.rb diff --git a/test/fixtures/cookbooks/consul_spec/recipes/client.rb b/test/fixtures/cookbooks/consul_spec/recipes/client.rb deleted file mode 100644 index 60c196a3..00000000 --- a/test/fixtures/cookbooks/consul_spec/recipes/client.rb +++ /dev/null @@ -1,2 +0,0 @@ - -include_recipe 'consul::default' From 556e921efa511845b584d50f3396d9d0a66ec143 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Mon, 16 Jan 2017 15:52:35 +0200 Subject: [PATCH 3/7] test: Fix definitions of consul check and consul watch --- test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb | 8 ++++++-- .../cookbooks/consul_spec/recipes/consul_definition.rb | 3 +-- .../cookbooks/consul_spec/recipes/consul_watch.rb | 3 +-- test/integration/default/serverspec/acl_spec.rb | 4 ++-- 4 files changed, 10 insertions(+), 8 deletions(-) diff --git a/test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb b/test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb index 02cece3f..053e4e8c 100644 --- a/test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb +++ b/test/fixtures/cookbooks/consul_spec/recipes/consul_acl.rb @@ -39,8 +39,12 @@ consul_acl 'reader_token' do type 'client' rules <<-EOS.gsub(/^\s{4}/, '') - dummyrule_line1 - dummyrule_line2 + key "dummykey" { + policy = "read" + } + service "dummyservice" { + policy = "write" + } EOS auth_token node['consul']['config']['acl_master_token'] end diff --git a/test/fixtures/cookbooks/consul_spec/recipes/consul_definition.rb b/test/fixtures/cookbooks/consul_spec/recipes/consul_definition.rb index f403fc71..c18b1bed 100644 --- a/test/fixtures/cookbooks/consul_spec/recipes/consul_definition.rb +++ b/test/fixtures/cookbooks/consul_spec/recipes/consul_definition.rb @@ -2,8 +2,7 @@ # The ruby interpreter is guaranteed to exist since it's currently running. file "/consul_definition_check.rb" do content (<<-EOF).gsub(/^ */, '') - #!#{RbConfig.ruby} - exit 0 + /bin/sh -c 'echo "Consul check script invoked"' EOF unless node.platform?('windows') owner 'root' diff --git a/test/fixtures/cookbooks/consul_spec/recipes/consul_watch.rb b/test/fixtures/cookbooks/consul_spec/recipes/consul_watch.rb index ee94f05f..5c576fe3 100644 --- a/test/fixtures/cookbooks/consul_spec/recipes/consul_watch.rb +++ b/test/fixtures/cookbooks/consul_spec/recipes/consul_watch.rb @@ -2,8 +2,7 @@ # The ruby interpreter is guaranteed to exist since it's currently running. file "/consul_watch_handler.rb" do content (<<-EOF).gsub(/^ */, '') - #!#{RbConfig.ruby} - exit 0 + /bin/sh -c 'echo "Consul watch handler invoked"' EOF unless node.platform?('windows') owner 'root' diff --git a/test/integration/default/serverspec/acl_spec.rb b/test/integration/default/serverspec/acl_spec.rb index 319666c8..8c3524e3 100644 --- a/test/integration/default/serverspec/acl_spec.rb +++ b/test/integration/default/serverspec/acl_spec.rb @@ -5,7 +5,7 @@ its(:stdout) { should match('"ID":"anonymous"') } its(:stdout) { should match('"Name":"Anonymous Token"') } its(:stdout) { should match('"Type":"client"') } - its(:stdout) { should match('"Rules":""') } + its(:stdout) { should include '"Rules":""' } end describe file('/tmp/anonymous-notified') do @@ -26,5 +26,5 @@ its(:stdout) { should match('"ID":"reader_token"') } its(:stdout) { should match('"Name":""') } its(:stdout) { should match('"Type":"client"') } - its(:stdout) { should match /\"Rules\":\"dummyrule_line1\\ndummyrule_line2\\n\"/ } + its(:stdout) { should include '"Rules":"key \"dummykey\"' } end From c9c4b05821814f6a287748541206e8cf662307b9 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Mon, 16 Jan 2017 17:01:01 +0200 Subject: [PATCH 4/7] test: Switch to InSpec verifier --- .kitchen.dokken.yml | 2 +- .kitchen.yml | 6 +- TODO.md | 1 - test/fixtures/policies/default.rb | 1 + test/integration/client/default_spec.rb | 55 ++++++++++++++ .../client/serverspec/default_spec.rb | 76 ------------------- .../default/{serverspec => }/acl_spec.rb | 2 - .../default/{serverspec => }/default_spec.rb | 28 ++++--- .../helpers/serverspec/spec_helper.rb | 26 ------- test/integration/spec_helper.rb | 7 ++ .../webui/{serverspec => }/webui_spec.rb | 2 +- 11 files changed, 82 insertions(+), 124 deletions(-) create mode 100644 test/integration/client/default_spec.rb delete mode 100644 test/integration/client/serverspec/default_spec.rb rename test/integration/default/{serverspec => }/acl_spec.rb (97%) rename test/integration/default/{serverspec => }/default_spec.rb (84%) delete mode 100644 test/integration/helpers/serverspec/spec_helper.rb create mode 100644 test/integration/spec_helper.rb rename test/integration/webui/{serverspec => }/webui_spec.rb (88%) diff --git a/.kitchen.dokken.yml b/.kitchen.dokken.yml index 056397ed..7babf8ad 100644 --- a/.kitchen.dokken.yml +++ b/.kitchen.dokken.yml @@ -8,7 +8,7 @@ transport: provisioner: name: dokken verifier: - root_path: /opt/verifier + name: inspec platforms: - name: centos-7 named_run_list: centos diff --git a/.kitchen.yml b/.kitchen.yml index 1dd16306..b1694628 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -5,6 +5,9 @@ driver: provisioner: name: chef_zero +verifier: + name: inspec + platforms: - name: ubuntu-16.04 named_run_list: debian @@ -52,8 +55,7 @@ suites: acl_datacenter: FortMeade acl_default_policy: deny - name: client - provisioner: - policyfile: test/fixtures/policies/default.rb + named_run_list: client attributes: consul: config: diff --git a/TODO.md b/TODO.md index 9ddfec63..9a35ab32 100644 --- a/TODO.md +++ b/TODO.md @@ -1,3 +1,2 @@ # TODO - Fix the helpers and clean up the where it injects into DSL. -- Use the InSpec instead of ServerSpec. diff --git a/test/fixtures/policies/default.rb b/test/fixtures/policies/default.rb index b8ecd758..03264249 100644 --- a/test/fixtures/policies/default.rb +++ b/test/fixtures/policies/default.rb @@ -7,6 +7,7 @@ named_run_list :debian, 'apt::default', run_list named_run_list :freebsd, 'freebsd::default', 'sudo::default', run_list named_run_list :windows, 'windows::default', run_list +named_run_list :client, 'consul::default' default['authorization']['sudo']['users'] = %w(kitchen vagrant) default['authorization']['sudo']['passwordless'] = true diff --git a/test/integration/client/default_spec.rb b/test/integration/client/default_spec.rb new file mode 100644 index 00000000..5dc7ae0f --- /dev/null +++ b/test/integration/client/default_spec.rb @@ -0,0 +1,55 @@ +require_relative '../spec_helper' + +consul_executable = "/opt/consul/#{consul_version}/consul" +config_file = '/etc/consul/consul.json' +config_dir = '/etc/consul' + +describe file(consul_executable) do + it { should be_file } + it { should be_executable } +end + +describe group('consul') do + it { should exist } +end + +describe user('consul') do + it { should exist } + its('group') { should eq 'consul' } +end + +describe command("su - consul -c 'echo successfully logged in'") do + its(:stdout) { should_not match /successfully logged in/ } + its(:exit_status) { should_not eq 0 } +end + +describe service('consul') do + it { should be_enabled } + it { should be_running } +end + +[8400, 8500, 8600].each do |p| + describe port(p) do + it { should be_listening } + end +end + +describe command("#{consul_executable} members -detailed") do + its(:exit_status) { should eq 0 } + its(:stdout) { should match %r{\balive\b} } + its(:stdout) { should match %r{\brole=node\b} } +end + +describe file('/usr/local/bin/consul') do + it { should be_symlink } +end + +describe file(config_file) do + it { should be_file } + its('mode') { should cmp '0640' } +end + +describe file(config_dir) do + it { should be_directory } + its('mode') { should cmp '0755' } +end diff --git a/test/integration/client/serverspec/default_spec.rb b/test/integration/client/serverspec/default_spec.rb deleted file mode 100644 index 8bcb4b01..00000000 --- a/test/integration/client/serverspec/default_spec.rb +++ /dev/null @@ -1,76 +0,0 @@ -require 'spec_helper' -require 'json' - -if windows? - consul_executable = "C:\\Program Files\\consul\\#{consul_version}\\consul.exe" - consul_command = "& '#{consul_executable}'" -else - consul_executable = "/opt/consul/#{consul_version}/consul" - consul_command = consul_executable -end - -describe file(consul_executable) do - it { should be_file } - it { should be_executable } unless windows? -end - -unless windows? - describe group('consul') do - it { should exist } - end - - describe user('consul') do - it { should exist } - it { should belong_to_group('consul') } - end - - describe command("su - consul -c 'echo successfully logged in'") do - its(:stdout) { should_not match /successfully logged in/ } - its(:exit_status) { should_not eq 0 } - end -end - -describe service('consul') do - it { should be_enabled } - it { should be_running } -end - -[8400, 8500, 8600].each do |p| - describe port(p) do - it { should be_listening } - end -end - -describe command("#{consul_command} members -detailed") do - its(:exit_status) { should eq 0 } - its(:stdout) { should match %r{\balive\b} } - its(:stdout) { should match %r{\brole=node\b} } -end - -unless windows? - config_dir = '/etc/consul' - - describe file(config_dir) do - it { should be_directory } - it { should be_grouped_into 'consul' } - it { should be_mode 755 } - end - - describe file('/usr/local/bin/consul') do - it { should be_symlink } - end -end - -if windows? - config_file = 'C:\Program Files\consul\consul.json' -else - config_file = '/etc/consul/consul.json' -end - -describe file(config_file) do - it { should be_file } - it 'should not render bootstrap_expect parameter' do - content = JSON.parse(subject.content) - expect(content).to_not include(:bootstrap_expect) - end -end diff --git a/test/integration/default/serverspec/acl_spec.rb b/test/integration/default/acl_spec.rb similarity index 97% rename from test/integration/default/serverspec/acl_spec.rb rename to test/integration/default/acl_spec.rb index 8c3524e3..782860e4 100644 --- a/test/integration/default/serverspec/acl_spec.rb +++ b/test/integration/default/acl_spec.rb @@ -1,5 +1,3 @@ -require 'spec_helper' - describe command('curl -s "http://localhost:8500/v1/acl/info/anonymous"') do its(:exit_status) { should eq 0 } its(:stdout) { should match('"ID":"anonymous"') } diff --git a/test/integration/default/serverspec/default_spec.rb b/test/integration/default/default_spec.rb similarity index 84% rename from test/integration/default/serverspec/default_spec.rb rename to test/integration/default/default_spec.rb index 652e7d04..b1b6bfdf 100644 --- a/test/integration/default/serverspec/default_spec.rb +++ b/test/integration/default/default_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper' +require_relative '../spec_helper' if windows? consul_executable = "C:\\Program Files\\consul\\#{consul_version}\\consul.exe" @@ -15,12 +15,12 @@ unless windows? describe group('consul') do - it { should exist } + it { should exist } end describe user('consul') do it { should exist } - it { should belong_to_group('consul') } + its('group') { should eq 'consul' } end describe command("su - consul -c 'echo successfully logged in'") do @@ -49,13 +49,12 @@ end unless windows? - config_dir = '/etc/consul' + config_dir = '/etc/consul' - describe file(config_dir) do - it { should be_directory } - it { should be_owned_by 'root' } + describe directory(config_dir) do + it { should be_owned_by 'root' } it { should be_grouped_into 'consul' } - it { should be_mode 755 } + its('mode') { should cmp '0755' } end describe file('/usr/local/bin/consul') do @@ -78,7 +77,7 @@ unless windows? it { should be_owned_by 'root' } it { should be_grouped_into 'consul' } - it { should be_mode 640 } + its('mode') { should cmp '0640' } end end @@ -87,16 +86,15 @@ unless windows? it { should be_owned_by 'root' } it { should be_grouped_into 'consul' } - it { should be_mode 755 } + its('mode') { should cmp '0755' } end end -describe file(data_dir) do - it { should be_directory } +describe directory(data_dir) do unless windows? it { should be_owned_by 'consul' } it { should be_grouped_into 'consul' } - it { should be_mode 750 } + its('mode') { should cmp '0750' } end end @@ -105,7 +103,7 @@ unless windows? it { should be_owned_by 'root' } it { should be_grouped_into 'consul' } - it { should be_mode 640 } + its('mode') { should cmp '0640' } end end @@ -114,6 +112,6 @@ unless windows? it { should be_owned_by 'root' } it { should be_grouped_into 'consul' } - it { should be_mode 640 } + its('mode') { should cmp '0640' } end end diff --git a/test/integration/helpers/serverspec/spec_helper.rb b/test/integration/helpers/serverspec/spec_helper.rb deleted file mode 100644 index d680e3dd..00000000 --- a/test/integration/helpers/serverspec/spec_helper.rb +++ /dev/null @@ -1,26 +0,0 @@ -require 'serverspec' - -def windows? - (/cygwin|mswin|mingw|bccwin|wince|emx/ =~ RUBY_PLATFORM) != nil -end - -def consul_version - '0.7.2' -end - -if !windows? - set :backend, :exec -else - set :backend, :cmd - set :os, family: 'windows' - set :architecture, :x86_64 -end - -# Tells serverspec to use a login shell for running chkconfig/service, -# which prevents false error reports on Centos 5. -begin - if File.read("/etc/redhat-release") =~ /release 5\./ - Specinfra.configuration.login_shell = true - end -rescue SystemCallError -end diff --git a/test/integration/spec_helper.rb b/test/integration/spec_helper.rb new file mode 100644 index 00000000..352aac9e --- /dev/null +++ b/test/integration/spec_helper.rb @@ -0,0 +1,7 @@ +def windows? + (/cygwin|mswin|mingw|bccwin|wince|emx/ =~ RUBY_PLATFORM) != nil +end + +def consul_version + '0.7.2' +end diff --git a/test/integration/webui/serverspec/webui_spec.rb b/test/integration/webui/webui_spec.rb similarity index 88% rename from test/integration/webui/serverspec/webui_spec.rb rename to test/integration/webui/webui_spec.rb index fe832958..47c0fb8a 100644 --- a/test/integration/webui/serverspec/webui_spec.rb +++ b/test/integration/webui/webui_spec.rb @@ -1,4 +1,4 @@ -require 'spec_helper' +require_relative '../spec_helper' consul_version = '0.7.1' From 343385741547ea9208ee7cc94e97f7ce30e513f4 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Mon, 16 Jan 2017 21:46:57 +0200 Subject: [PATCH 5/7] test: Remove redundant named_run_list It's enough just to provision with the default run_list. Also, there is no need to include recipes from "sudo", "yum", "apt" and "windows" cookbooks --- .kitchen.dokken.yml | 7 ------- .kitchen.yml | 16 +--------------- test/fixtures/policies/default.rb | 8 +------- 3 files changed, 2 insertions(+), 29 deletions(-) diff --git a/.kitchen.dokken.yml b/.kitchen.dokken.yml index 7babf8ad..3e9cd602 100644 --- a/.kitchen.dokken.yml +++ b/.kitchen.dokken.yml @@ -11,7 +11,6 @@ verifier: name: inspec platforms: - name: centos-7 - named_run_list: centos driver: image: centos:7 platform: rhel @@ -23,7 +22,6 @@ platforms: consul: provider: systemd - name: centos-6 - named_run_list: centos driver: image: centos:6 platform: rhel @@ -31,7 +29,6 @@ platforms: intermediate_instructions: - RUN yum -y install which initscripts sudo - name: ubuntu-16.04 - named_run_list: debian driver: image: ubuntu:16.04 pid_one_command: /bin/systemd @@ -43,7 +40,6 @@ platforms: consul: provider: systemd - name: ubuntu-14.04 - named_run_list: debian driver: image: ubuntu-upstart:14.04 pid_one_command: /sbin/init @@ -55,7 +51,6 @@ platforms: consul: provider: upstart - name: ubuntu-12.04 - named_run_list: debian driver: image: ubuntu-upstart:12.04 pid_one_command: /sbin/init @@ -67,7 +62,6 @@ platforms: consul: provider: upstart - name: debian-8 - named_run_list: debian driver: image: debian:8 pid_one_command: /bin/systemd @@ -79,7 +73,6 @@ platforms: consul: provider: systemd - name: debian-7 - named_run_list: debian driver: image: debian:7 pid_one_command: /sbin/init diff --git a/.kitchen.yml b/.kitchen.yml index b1694628..68953b5a 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -4,31 +4,23 @@ driver: provisioner: name: chef_zero + policyfile: test/fixtures/policies/default.rb verifier: name: inspec platforms: - name: ubuntu-16.04 - named_run_list: debian - name: ubuntu-14.04 - named_run_list: debian - name: ubuntu-12.04 - named_run_list: debian - name: centos-7.2 - named_run_list: centos - name: centos-6.7 - named_run_list: centos - name: centos-5.11 - named_run_list: centos - name: debian-8.2 - named_run_list: debian - name: debian-7.9 - named_run_list: debian - name: freebsd-10.2 named_run_list: freebsd - name: windows-2012r2 - named_run_list: windows driver_config: network: - ["forwarded_port", {guest: 3389, host: 3389}] @@ -39,8 +31,6 @@ platforms: suites: - name: default - provisioner: - policyfile: test/fixtures/policies/default.rb attributes: consul: config: &default-config @@ -62,8 +52,6 @@ suites: server: false bootstrap_expect: 1 - name: git - provisioner: - policyfile: test/fixtures/policies/default.rb attributes: consul: config: *default-config @@ -72,8 +60,6 @@ suites: excludes: - windows-2012r2 - name: webui - provisioner: - policyfile: test/fixtures/policies/default.rb attributes: consul: config: diff --git a/test/fixtures/policies/default.rb b/test/fixtures/policies/default.rb index 03264249..01bcfdd1 100644 --- a/test/fixtures/policies/default.rb +++ b/test/fixtures/policies/default.rb @@ -2,12 +2,6 @@ default_source :supermarket default_source :chef_repo, '..' cookbook 'consul', path: '../../..' -run_list "consul_spec::#{name}" -named_run_list :centos, 'sudo::default', run_list -named_run_list :debian, 'apt::default', run_list +run_list 'consul_spec::default' named_run_list :freebsd, 'freebsd::default', 'sudo::default', run_list -named_run_list :windows, 'windows::default', run_list named_run_list :client, 'consul::default' - -default['authorization']['sudo']['users'] = %w(kitchen vagrant) -default['authorization']['sudo']['passwordless'] = true From df56da099437d606cd514c1caa92aebc9d9a9e16 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Mon, 16 Jan 2017 21:51:52 +0200 Subject: [PATCH 6/7] test: Use a separated suite for testing on Windows platform --- .kitchen.yml | 15 +-- .../cookbooks/consul_spec/recipes/default.rb | 2 +- test/integration/default/default_spec.rb | 103 ++++++------------ test/integration/spec_helper.rb | 4 - test/integration/windows/windows_spec.rb | 51 +++++++++ 5 files changed, 95 insertions(+), 80 deletions(-) create mode 100644 test/integration/windows/windows_spec.rb diff --git a/.kitchen.yml b/.kitchen.yml index 68953b5a..e63a95f0 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -21,13 +21,6 @@ platforms: - name: freebsd-10.2 named_run_list: freebsd - name: windows-2012r2 - driver_config: - network: - - ["forwarded_port", {guest: 3389, host: 3389}] - - ["forwarded_port", {guest: 5985, host: 5985}] - communicator: winrm - customize: - usbehci: "off" suites: - name: default @@ -44,6 +37,8 @@ suites: acl_master_token: doublesecret acl_datacenter: FortMeade acl_default_policy: deny + excludes: + - windows-2012r2 - name: client named_run_list: client attributes: @@ -68,3 +63,9 @@ suites: ui: true datacenter: FortMeade encrypt: CGXC2NsXW4AvuB4h5ODYzQ== + - name: windows + attributes: + consul: + config: *default-config + includes: + - windows-2012r2 diff --git a/test/fixtures/cookbooks/consul_spec/recipes/default.rb b/test/fixtures/cookbooks/consul_spec/recipes/default.rb index e438992d..d8bf4fef 100644 --- a/test/fixtures/cookbooks/consul_spec/recipes/default.rb +++ b/test/fixtures/cookbooks/consul_spec/recipes/default.rb @@ -1,5 +1,5 @@ include_recipe 'consul::default' -include_recipe 'consul_spec::consul_acl' include_recipe 'consul_spec::consul_definition' include_recipe 'consul_spec::consul_watch' include_recipe 'consul_spec::consul_installation_webui' +include_recipe 'consul_spec::consul_acl' unless node.platform_family?('windows') diff --git a/test/integration/default/default_spec.rb b/test/integration/default/default_spec.rb index b1b6bfdf..e9661405 100644 --- a/test/integration/default/default_spec.rb +++ b/test/integration/default/default_spec.rb @@ -1,32 +1,28 @@ require_relative '../spec_helper' -if windows? - consul_executable = "C:\\Program Files\\consul\\#{consul_version}\\consul.exe" - consul_command = "& '#{consul_executable}'" -else - consul_executable = "/opt/consul/#{consul_version}/consul" - consul_command = consul_executable -end +consul_executable = "/opt/consul/#{consul_version}/consul" + +config_file = '/etc/consul/consul.json' +confd_dir = '/etc/consul/conf.d' +data_dir = '/var/lib/consul' describe file(consul_executable) do it { should be_file } - it { should be_executable } unless windows? + it { should be_executable } end -unless windows? - describe group('consul') do - it { should exist } - end +describe group('consul') do + it { should exist } +end - describe user('consul') do - it { should exist } - its('group') { should eq 'consul' } - end +describe user('consul') do + it { should exist } + its('group') { should eq 'consul' } +end - describe command("su - consul -c 'echo successfully logged in'") do - its(:stdout) { should_not match /successfully logged in/ } - its(:exit_status) { should_not eq 0 } - end +describe command("su - consul -c 'echo successfully logged in'") do + its(:stdout) { should_not match /successfully logged in/ } + its(:exit_status) { should_not eq 0 } end describe service('consul') do @@ -40,7 +36,7 @@ end end -describe command("#{consul_command} members -detailed") do +describe command("#{consul_executable} members -detailed") do its(:exit_status) { should eq 0 } its(:stdout) { should match %r{\balive\b} } its(:stdout) { should match %r{\brole=consul\b} } @@ -48,70 +44,41 @@ its(:stdout) { should match %r{\bdc=fortmeade\b} } end -unless windows? - config_dir = '/etc/consul' - - describe directory(config_dir) do - it { should be_owned_by 'root' } - it { should be_grouped_into 'consul' } - its('mode') { should cmp '0755' } - end - - describe file('/usr/local/bin/consul') do - it { should be_symlink } - end -end - -if windows? - config_file = 'C:\Program Files\consul\consul.json' - confd_dir = 'C:\Program Files\consul\conf.d' - data_dir = 'C:\Program Files\consul\data' -else - config_file = '/etc/consul/consul.json' - confd_dir = '/etc/consul/conf.d' - data_dir = '/var/lib/consul' +describe file('/usr/local/bin/consul') do + it { should be_symlink } end describe file(config_file) do it { should be_file } - unless windows? - it { should be_owned_by 'root' } - it { should be_grouped_into 'consul' } - its('mode') { should cmp '0640' } - end + it { should be_owned_by 'root' } + it { should be_grouped_into 'consul' } + its('mode') { should cmp '0640' } end describe file(confd_dir) do it { should be_directory } - unless windows? - it { should be_owned_by 'root' } - it { should be_grouped_into 'consul' } - its('mode') { should cmp '0755' } - end + it { should be_owned_by 'root' } + it { should be_grouped_into 'consul' } + its('mode') { should cmp '0755' } end describe directory(data_dir) do - unless windows? - it { should be_owned_by 'consul' } - it { should be_grouped_into 'consul' } - its('mode') { should cmp '0750' } - end + it { should be_directory } + it { should be_owned_by 'consul' } + it { should be_grouped_into 'consul' } + its('mode') { should cmp '0750' } end describe file("#{confd_dir}/consul_definition_check.json") do it { should be_file } - unless windows? - it { should be_owned_by 'root' } - it { should be_grouped_into 'consul' } - its('mode') { should cmp '0640' } - end + it { should be_owned_by 'root' } + it { should be_grouped_into 'consul' } + its('mode') { should cmp '0640' } end describe file("#{confd_dir}/consul_watch_check.json") do it { should be_file } - unless windows? - it { should be_owned_by 'root' } - it { should be_grouped_into 'consul' } - its('mode') { should cmp '0640' } - end + it { should be_owned_by 'root' } + it { should be_grouped_into 'consul' } + its('mode') { should cmp '0640' } end diff --git a/test/integration/spec_helper.rb b/test/integration/spec_helper.rb index 352aac9e..1dad3bab 100644 --- a/test/integration/spec_helper.rb +++ b/test/integration/spec_helper.rb @@ -1,7 +1,3 @@ -def windows? - (/cygwin|mswin|mingw|bccwin|wince|emx/ =~ RUBY_PLATFORM) != nil -end - def consul_version '0.7.2' end diff --git a/test/integration/windows/windows_spec.rb b/test/integration/windows/windows_spec.rb new file mode 100644 index 00000000..620f1a69 --- /dev/null +++ b/test/integration/windows/windows_spec.rb @@ -0,0 +1,51 @@ +require_relative '../spec_helper' + +consul_executable = "C:\\Program\ Files\\consul\\#{consul_version}\\consul.exe" +consul_command = "& '#{consul_executable}'" + +config_file = 'C:\Program Files\consul\consul.json' +confd_dir = 'C:\Program Files\consul\conf.d' +data_dir = 'C:\Program Files\consul\data' + +describe file(consul_executable) do + it { should be_file } +end + +describe service('consul') do + it { should be_enabled } + it { should be_running } +end + +[8300, 8400, 8500, 8600].each do |p| + describe port(p) do + it { should be_listening } + end +end + +describe command("#{consul_command} members -detailed") do + its(:exit_status) { should eq 0 } + its(:stdout) { should match %r{\balive\b} } + its(:stdout) { should match %r{\brole=consul\b} } + its(:stdout) { should match %r{\bbootstrap=1\b} } + its(:stdout) { should match %r{\bdc=fortmeade\b} } +end + +describe file(config_file) do + it { should be_file } +end + +describe directory(confd_dir) do + it { should be_directory } +end + +describe directory(data_dir) do + it { should be_directory } +end + +describe file("#{confd_dir}\\consul_definition_check.json") do + it { should be_file } +end + +describe file("#{confd_dir}\\consul_watch_check.json") do + it { should be_file } +end From 77e4823045f1206b76a51e1ce9d91201bc1cbd25 Mon Sep 17 00:00:00 2001 From: Mikhail Zholobov Date: Tue, 17 Jan 2017 11:18:22 +0200 Subject: [PATCH 7/7] .kitchen.dokken.yml: Install "net-tools", skip "sudo" package --- .kitchen.dokken.yml | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/.kitchen.dokken.yml b/.kitchen.dokken.yml index 3e9cd602..0715011c 100644 --- a/.kitchen.dokken.yml +++ b/.kitchen.dokken.yml @@ -3,12 +3,16 @@ driver: name: dokken chef_version: latest privileged: true + transport: name: dokken + provisioner: name: dokken + verifier: name: inspec + platforms: - name: centos-7 driver: @@ -16,69 +20,76 @@ platforms: platform: rhel pid_one_command: /usr/lib/systemd/systemd intermediate_instructions: - - RUN yum -y install lsof which systemd-sysv initscripts sudo + - RUN yum -y install lsof which systemd-sysv initscripts net-tools attributes: poise-service: consul: provider: systemd + - name: centos-6 driver: image: centos:6 platform: rhel pid_one_command: /sbin/init intermediate_instructions: - - RUN yum -y install which initscripts sudo + - RUN yum -y install which initscripts net-tools + - name: ubuntu-16.04 driver: image: ubuntu:16.04 pid_one_command: /bin/systemd intermediate_instructions: - RUN /usr/bin/apt-get update -y - - RUN /usr/bin/apt-get install sudo net-tools -y + - RUN /usr/bin/apt-get install net-tools -y attributes: poise-service: consul: provider: systemd + - name: ubuntu-14.04 driver: image: ubuntu-upstart:14.04 pid_one_command: /sbin/init intermediate_instructions: - RUN /usr/bin/apt-get update -y - - RUN /usr/bin/apt-get install sudo net-tools -y + - RUN /usr/bin/apt-get install net-tools -y attributes: poise-service: consul: provider: upstart + - name: ubuntu-12.04 driver: image: ubuntu-upstart:12.04 pid_one_command: /sbin/init intermediate_instructions: - RUN /usr/bin/apt-get update -y - - RUN /usr/bin/apt-get install sudo net-tools -y + - RUN /usr/bin/apt-get install net-tools -y attributes: poise-service: consul: provider: upstart + - name: debian-8 driver: image: debian:8 pid_one_command: /bin/systemd intermediate_instructions: - RUN /usr/bin/apt-get update - - RUN /usr/bin/apt-get install lsb-release sudo net-tools -y + - RUN /usr/bin/apt-get install lsb-release net-tools -y attributes: poise-service: consul: provider: systemd + - name: debian-7 driver: image: debian:7 pid_one_command: /sbin/init intermediate_instructions: - RUN /usr/bin/apt-get update - - RUN /usr/bin/apt-get install lsb-release sudo net-tools -y + - RUN /usr/bin/apt-get install lsb-release net-tools -y + suites: - name: default provisioner: @@ -95,6 +106,7 @@ suites: acl_master_token: doublesecret acl_datacenter: FortMeade acl_default_policy: deny + - name: webui provisioner: policyfile: test/fixtures/policies/default.rb