From 75526cce61433a5b5edb5708618b380655e49de1 Mon Sep 17 00:00:00 2001 From: Niels Abspoel Date: Fri, 22 Jan 2021 20:57:31 +0100 Subject: [PATCH] feat(centos-8): added RedHat,CentOS and Oracle linux 8 support Add centos 8 to osfingermap add oracle linux 8 to osfingermap moved RedHat/CentOS to osmap and osfingermap to accomodate changes in package provider versionlock enable centos-centos-8-master-py3 remove hardcoded packages yum-plugin-versionlock was hardcoded for all redhat versions, which is removed with centos 8. the package alien has a depency on debhelper which is broken in Centos-8 add share folder testing Co-authored-by: Imran Iqbal --- .gitlab-ci.yml | 3 +- kitchen.yml | 28 +++++- packages/map.jinja | 7 +- packages/osfamilymap.yaml | 4 - packages/osfingermap.yaml | 32 +++++++ packages/osmap.yaml | 6 ++ .../integration/default/controls/gems_spec.rb | 2 +- .../integration/default/controls/pkgs_spec.rb | 10 ++- test/integration/default/inspec.yml | 4 + test/integration/share/README.md | 22 +++++ test/integration/share/inspec.yml | 21 +++++ test/integration/share/libraries/system.rb | 88 +++++++++++++++++++ test/salt/pillar/redhat.sls | 2 +- test/salt/pillar/redhat8.sls | 45 ++++++++++ 14 files changed, 261 insertions(+), 13 deletions(-) create mode 100644 packages/osfingermap.yaml create mode 100644 test/integration/share/README.md create mode 100644 test/integration/share/inspec.yml create mode 100644 test/integration/share/libraries/system.rb create mode 100644 test/salt/pillar/redhat8.sls diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 56c901b..d65e9a8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -126,7 +126,8 @@ rubocop: debian-debian-10-master-py3: {extends: '.test_instance'} # ubuntu-ubuntu-2004-master-py3: {extends: '.test_instance'} ubuntu-ubuntu-1804-master-py3: {extends: '.test_instance'} -# centos-centos-8-master-py3: {extends: '.test_instance'} +redhat8-centos-8-master-py3: {extends: '.test_instance'} +redhat8-oraclelinux-8-master-py3: {extends: '.test_instance'} fedora-fedora-32-master-py3: {extends: '.test_instance'} # fedora-fedora-31-master-py3: {extends: '.test_instance'} # suse-opensuse-leap-152-master-py3: {extends: '.test_instance'} diff --git a/kitchen.yml b/kitchen.yml index cb03f22..995dc09 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -44,6 +44,9 @@ platforms: - name: amazonlinux-2-master-py3 driver: image: saltimages/salt-master-py3:amazonlinux-2 + - name: oraclelinux-8-master-py3 + driver: + image: saltimages/salt-master-py3:oraclelinux-8 ## SALT `3000.3` - name: debian-10-3000-3-py3 @@ -240,10 +243,33 @@ suites: verifier: inspec_tests: - path: test/integration/default - - name: centos + - name: redhat8 includes: - centos-8-master-py3 - centos-8-3000-3-py3 + - oraclelinux-8-master-py3 + provisioner: + state_top: + base: + '*': + - epel + - packages + pillars: + top.sls: + base: + '*': + - packages + pillars_from_files: + packages.sls: test/salt/pillar/redhat8.sls + dependencies: + - name: epel + repo: git + source: https://github.com/saltstack-formulas/epel-formula.git + verifier: + inspec_tests: + - path: test/integration/default + - name: centos + includes: - centos-7-3000-3-py3 - centos-8-2019-2-py3 - centos-7-2019-2-py3 diff --git a/packages/map.jinja b/packages/map.jinja index 5ec612f..7dd78d2 100644 --- a/packages/map.jinja +++ b/packages/map.jinja @@ -4,6 +4,7 @@ {%- import_yaml 'packages/defaults.yaml' as defaults %} {%- import_yaml 'packages/osfamilymap.yaml' as osfamilymap %} {%- import_yaml 'packages/osmap.yaml' as osmap %} +{%- import_yaml 'packages/osfingermap.yaml' as osfingermap %} {%- set packages = salt['grains.filter_by']( defaults, @@ -13,7 +14,11 @@ merge = salt['grains.filter_by']( osmap, grain='os', - merge = salt['config.get']('packages', {}), + merge = salt['grains.filter_by']( + osfingermap, + grain='osfinger', + merge = salt['config.get']('packages', {}), + ), ), ), base='packages') diff --git a/packages/osfamilymap.yaml b/packages/osfamilymap.yaml index 097e268..f4116fc 100644 --- a/packages/osfamilymap.yaml +++ b/packages/osfamilymap.yaml @@ -21,10 +21,6 @@ Debian: pkgs: - ruby RedHat: - pkgs: - required: - pkgs: - - yum-plugin-versionlock pips: required: pkgs: diff --git a/packages/osfingermap.yaml b/packages/osfingermap.yaml new file mode 100644 index 0000000..95cc9d8 --- /dev/null +++ b/packages/osfingermap.yaml @@ -0,0 +1,32 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +CentOS-6: + pkgs: + required: + pkgs: + - yum-plugin-versionlock + +CentOS Linux-7: + pkgs: + required: + pkgs: + - yum-plugin-versionlock + +CentOS Linux-8: + pkgs: + required: + pkgs: + - python3-dnf-plugin-versionlock + snaps: + collides: ['snap'] + symlink: true + +Oracle Linux Server-8: + pkgs: + required: + pkgs: + - python3-dnf-plugin-versionlock + snaps: + collides: ['snap'] + symlink: true diff --git a/packages/osmap.yaml b/packages/osmap.yaml index 7635e71..2ac4a27 100644 --- a/packages/osmap.yaml +++ b/packages/osmap.yaml @@ -1,6 +1,12 @@ # -*- coding: utf-8 -*- # vim: ft=yaml --- +RedHat: + pkgs: + required: + pkgs: + - yum-plugin-versionlock + Fedora: pkgs: required: diff --git a/test/integration/default/controls/gems_spec.rb b/test/integration/default/controls/gems_spec.rb index b793e1b..e7c945b 100644 --- a/test/integration/default/controls/gems_spec.rb +++ b/test/integration/default/controls/gems_spec.rb @@ -9,7 +9,7 @@ control 'Wanted/Required gems' do minitest ] case platform[:name] - when 'centos', 'amazon' + when 'centos', 'amazon', 'oracle' wanted.delete('minitest') end diff --git a/test/integration/default/controls/pkgs_spec.rb b/test/integration/default/controls/pkgs_spec.rb index a30650f..4f76f22 100644 --- a/test/integration/default/controls/pkgs_spec.rb +++ b/test/integration/default/controls/pkgs_spec.rb @@ -1,5 +1,8 @@ # frozen_string_literal: true +# Prepare platform "finger" +platform_finger = system.platform[:finger].split('.').first.to_s + ## Some vars common_packages = %w[ git @@ -12,16 +15,15 @@ common_packages = %w[ case platform[:family] when 'redhat' platform_packages = - case platform[:name] - when 'amazon' - %w[git] + case platform_finger + when 'centos-8', 'oraclelinux-8' + %w[python3-dnf-plugin-versionlock] else %w[yum-plugin-versionlock] end held_packages = { # We use this test for held packages in a list, # with no version (current version). - 'alien': '', 'iotop': '' } lock_file = '/etc/yum/pluginconf.d/versionlock.list' diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml index 6582dfb..2cb4f6c 100644 --- a/test/integration/default/inspec.yml +++ b/test/integration/default/inspec.yml @@ -6,6 +6,9 @@ title: packages formula maintainer: SaltStack Formulas license: Apache-2.0 summary: Verify that the packages formula is setup and configured correctly +depends: + - name: share + path: test/integration/share supports: - platform-name: debian - platform-name: ubuntu @@ -15,4 +18,5 @@ supports: - platform-name: suse - platform-name: freebsd - platform-name: amazon + - platform-name: oracle - platform-name: arch diff --git a/test/integration/share/README.md b/test/integration/share/README.md new file mode 100644 index 0000000..5c5785b --- /dev/null +++ b/test/integration/share/README.md @@ -0,0 +1,22 @@ +# InSpec Profile: `share` + +This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). + +Its goal is to share the libraries between all profiles. + +## Libraries + +### `system` + +The `system` library provides easy access to system dependent information: + +- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective + - `system.platform[:family]` provide a family name for Arch and Gentoo + - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows` + - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows: + - `Arch` is always `base-latest` + - `Amazon Linux` release `2018` is resolved as `1` + - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`) + - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format + - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version + - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example) diff --git a/test/integration/share/inspec.yml b/test/integration/share/inspec.yml new file mode 100644 index 0000000..697417a --- /dev/null +++ b/test/integration/share/inspec.yml @@ -0,0 +1,21 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +name: share +title: InSpec shared resources +maintainer: SaltStack Formulas +license: Apache-2.0 +summary: shared resources +supports: + - platform-name: debian + - platform-name: ubuntu + - platform-name: centos + - platform-name: fedora + - platform-name: opensuse + - platform-name: suse + - platform-name: freebsd + - platform-name: amazon + - platform-name: oracle + - platform-name: arch + - platform-name: gentoo + - platform: windows diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb new file mode 100644 index 0000000..ba08443 --- /dev/null +++ b/test/integration/share/libraries/system.rb @@ -0,0 +1,88 @@ +# frozen_string_literal: true + +# system.rb -- InSpec resources for system values +# Author: Daniel Dehennin +# Copyright (C) 2020 Daniel Dehennin + +class SystemResource < Inspec.resource(1) + name 'system' + + attr_reader :platform + + def initialize + super + @platform = build_platform + end + + private + + def build_platform + { + family: build_platform_family, + name: build_platform_name, + release: build_platform_release, + finger: build_platform_finger + } + end + + def build_platform_family + case inspec.platform[:name] + when 'arch', 'gentoo' + inspec.platform[:name] + else + inspec.platform[:family] + end + end + + def build_platform_name + case inspec.platform[:name] + when 'amazon', 'oracle' + "#{inspec.platform[:name]}linux" + when 'windows_8.1_pro', 'windows_server_2019_datacenter' + 'windows' + else + inspec.platform[:name] + end + end + + # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity + def build_platform_release + case inspec.platform[:name] + when 'amazon' + # `2018` relase is named `1` in kitchen.yaml + inspec.platform[:release].gsub(/2018.*/, '1') + when 'arch' + 'base-latest' + when 'gentoo' + "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" + when 'opensuse' + # rubocop:disable Style/NumericLiterals,Layout/LineLength + inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release] + # rubocop:enable Style/NumericLiterals,Layout/LineLength + when 'windows_8.1_pro' + '8.1' + when 'windows_server_2019_datacenter' + '2019-server' + else + inspec.platform[:release] + end + end + # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity + + def derive_gentoo_init_system + inspec.command('systemctl').exist? ? 'sysd' : 'sysv' + end + + def build_platform_finger + "#{build_platform_name}-#{build_finger_release}" + end + + def build_finger_release + case inspec.platform[:name] + when 'ubuntu' + build_platform_release.split('.').slice(0, 2).join('.') + else + build_platform_release.split('.')[0] + end + end +end diff --git a/test/salt/pillar/redhat.sls b/test/salt/pillar/redhat.sls index bc18ae2..832d27d 100644 --- a/test/salt/pillar/redhat.sls +++ b/test/salt/pillar/redhat.sls @@ -4,7 +4,7 @@ packages: pkgs: held: - - alien + # - alien - iotop wanted: - git diff --git a/test/salt/pillar/redhat8.sls b/test/salt/pillar/redhat8.sls new file mode 100644 index 0000000..8fc591d --- /dev/null +++ b/test/salt/pillar/redhat8.sls @@ -0,0 +1,45 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +packages: + pkgs: + held: + # - alien + - iotop + wanted: + - git + - less + - bc + - curl + - fail2ban + unwanted: + - avahi-daemon + required: + pkgs: + - git + - python3-dnf-plugin-versionlock + pips: + wanted: + - attrs + unwanted: + - campbel + - reverse_geocode + - indy-crypto + gems: + wanted: + - progressbar + # minitest requires Ruby version ~> 2.2. + # ruby 2.0.0p648 (2015-12-16) [x86_64-linux] + # https://stackoverflow.com/a/50931910 + # $ sudo amazon-linux-extras install ruby2.6 + # - minitest + unwanted: + - diff-lcs + - kitchen-vagrant + - kwalify + remote_pkgs: + zoom: 'https://zoom.us/client/latest/zoom_x86_64.rpm' + + # Override the default setting to prevent wasteful delays in Travis + retry_options: + attempts: 1