saltstack-formulas/packages-formula
1
0
Fork 0
mirror of https://github.com/saltstack-formulas/packages-formula.git synced 2025-04-17 10:10:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #10 from netmanagers/master

Browse source 
Allow to hold/unhold system packages
This commit is contained in:
Niels Abspoel 2018-03-03 12:33:14 +01:00 committed by GitHub
commit dfb5cfcf15
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 269 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.kitchen.yml
View file

@ -40,7 +40,7 @@ verifier:
name: inspec
sudo: false
# cli, documentation, html, progress, json, json-min, json-rspec, junit
format: cli
reporter: cli
inspec_tests:
- path: test/integration/default
@ -57,7 +57,7 @@ suites:
- centos-7
provisioner:
pillars-from-files:
packages.sls: test/integration/default/pillar.example.redhat
packages.sls: test/integration/default/pillar.example.fedora
- name: centos
excludes:

5
CHANGELOG.rst
View file

@ -8,3 +8,8 @@ packages formula
0.0.2 (2018-02-23)
- Add Fedora support
0.0.3 (2018-03-02)
- Allow to hold/unhold system packages (#8)
- Add more tests

43
README.rst
View file

@ -47,9 +47,48 @@ Runs all the other states in the formula.
``packages.pkgs``
-----------------
You can specify:
Allows you to manage system's packages. You can specify:
* ``wanted`` system packages, which will be installed.
* ``held``: a dict of `package: version` which will be installed and pinned
to that version using SaltStack's `hold/unhold` capability. When upgrading a
version, the package will be temporarily unheld, upgraded and then held
again.
In the RedHat family, helding packages depend on a yum plugin that you
need to install. In order to do this, you can add it using this formula, adding
to your ``pkgs.required.pkgs`` one of the following packages:
+ CentOS
```
packages:
pkgs:
required:
pkgs:
- yum-plugin-versionlock
```
+ Fedora > 26 with Python3:
```
packages:
pkgs:
required:
pkgs:
- python3-dnf-plugin-versionlock
```
+ Fedora > 26 with Python2:
```
packages:
pkgs:
required:
pkgs:
- python2-dnf-plugin-versionlock
```
* ``wanted``: a list of packages which will be installed. Packages in this
list will be automatically unheld so, if you want to permanently unheld a
package you were previously helding to a version, just move it from the
``held`` dict to this list.
* ``unwanted`` system packages, which will be uninstalled.
* ``required system packages`` on which any of the ``wanted`` packages depend
for their correct installation.

1
packages/defaults.yaml
View file

@ -3,6 +3,7 @@
packages:
remote_pkgs: {}
pkgs:
held: {}
wanted: []
unwanted: []
required:

2
packages/gems.sls
View file

@ -8,11 +8,9 @@
{% set unwanted_gems = packages.gems.unwanted %}
### REQ PKGS (without these, some of the WANTED GEMS will fail to install)
{% if req_pkgs != {} %}
gem_req_pkgs:
pkg.installed:
- pkgs: {{ req_pkgs }}
{% endif %}
### GEMS to install
# (requires the ruby/rubygem deb/rpm installed, either by the system or listed in

4
packages/osfamilymap.yaml
View file

@ -10,6 +10,10 @@ Debian:
pkgs:
- ruby
RedHat:
pkgs:
required:
pkgs:
- yum-plugin-versionlock
pips:
required:
states:

4
packages/osmap.yaml
View file

@ -1,4 +1,8 @@
Fedora:
pkgs:
required:
pkgs:
- python2-dnf-plugin-versionlock
pips:
required:
states: []

2
packages/pips.sls
View file

@ -8,11 +8,9 @@
{% set unwanted_pips = packages.pips.unwanted %}
### REQ PKGS (without these, some of the WANTED PIPS will fail to install)
{% if req_pkgs != {} %}
pip_req_pkgs:
pkg.installed:
- pkgs: {{ req_pkgs }}
{% endif %}
### PYTHON PKGS to install using PIP
# (requires the python-pip deb/rpm installed, either by the system or listed in

30
packages/pkgs.sls
View file

@ -5,12 +5,12 @@
{% set req_states = packages.pkgs.required.states %}
{% set req_packages = packages.pkgs.required.pkgs %}
{% set held_packages = packages.pkgs.held %}
{% set wanted_packages = packages.pkgs.wanted %}
{% set unwanted_packages = packages.pkgs.unwanted %}
### PRE-REQ PKGS (without these, some of the WANTED PKGS will fail to install)
{% if req_packages != {} %}
prereq_packages:
pkg_req_pkgs:
pkg.installed:
- pkgs: {{ req_packages }}
{% if req_states %}
@ -19,24 +19,36 @@ prereq_packages:
- sls: {{ dep }}
{% endfor %}
{% endif %}
{% if held_packages != {} %}
held_pkgs:
pkg.installed:
- pkgs:
{% for p, v in held_packages.items() %}
- {{ p }}: {{ v }}
{% endfor %}
- hold: true
- update_holds: true
- require:
- pkg: pkg_req_pkgs
{% for dep in req_states %}
- sls: {{ dep }}
{% endfor %}
{% endif %}
{% if wanted_packages != {} %}
wanted_packages:
wanted_pkgs:
pkg.installed:
- pkgs: {{ wanted_packages }}
- hold: false
- require:
- pkg: prereq_packages
- pkg: pkg_req_pkgs
{% if req_states %}
{% for dep in req_states %}
- sls: {{ dep }}
{% endfor %}
{% endif %}
{% endif %}
{% if unwanted_packages != {} %}
unwanted_packages:
unwanted_pkgs:
pkg.purged:
- pkgs: {{ unwanted_packages }}
{% endif %}

3
pillar.example
View file

@ -1,5 +1,8 @@
packages:
pkgs:
held:
alien: 8.95
iotop: 0.6-2
wanted:
- git
- less

27
test/integration/default/gems_spec.rb Normal file
View file

@ -0,0 +1,27 @@
### WANTED/REQUIRED
control 'Wanted/Required gems' do
title 'should be installed'
%w{
progressbar
aws-sdk
}.each do |p|
describe gem(p) do
it { should be_installed }
end
end
end
### UNWANTED
control 'Unwanted gems' do
title 'should be uninstalled'
%w{
diff-lcs
kwalify
kitchen-vagrant
}.each do |p|
describe gem(p) do
it { should_not be_installed }
end
end
end

36
test/integration/default/pillar.example.fedora Normal file
View file

@ -0,0 +1,36 @@
packages:
pkgs:
held:
alien: 8.95-5.fc27
iotop: 0.6-15.fc27
wanted:
- git
- less
- bc
- curl
- fail2ban
unwanted:
- avahi-daemon
required:
pkgs:
- git
- python2-dnf-plugin-versionlock
- python3-dnf-plugin-versionlock
pips:
wanted:
- dxpy
- makerlabs
unwanted:
- campbel
- reverse_geocode
- indy-crypto
gems:
wanted:
- progressbar
- aws-sdk
unwanted:
- diff-lcs
- kitchen-vagrant
- kwalify
remote_pkgs:
zoom: 'https://zoom.us/client/latest/zoom_x86_64.rpm'

4
test/integration/default/pillar.example.redhat
View file

@ -1,5 +1,8 @@
packages:
pkgs:
held:
alien: 8.95
iotop: 0.6-2.el7
wanted:
- git
- less
@ -11,6 +14,7 @@ packages:
required:
pkgs:
- git
- yum-plugin-versionlock
pips:
wanted:
- dxpy

35
test/integration/default/pips_spec.rb
View file

@ -1,18 +1,27 @@
%w{
dxpy
makerlabs
}.each do |p|
describe pip(p) do
it { should be_installed }
### WANTED/REQUIRED
control 'Wanted/Required python packages' do
title 'should be installed'
%w{
dxpy
makerlabs
}.each do |p|
describe pip(p) do
it { should be_installed }
end
end
end
%w{
campbel
reverse_geocode
indy-crypto
}.each do |p|
describe pip(p) do
it { should_not be_installed }
### UNWANTED
control 'Unwanted python packages' do
title 'should be uninstalled'
%w{
campbel
reverse_geocode
indy-crypto
}.each do |p|
describe pip(p) do
it { should_not be_installed }
end
end
end

99
test/integration/default/pkgs_spec.rb
View file

@ -1,20 +1,99 @@
%w{
git
## Some vars
common_packages = %w(
git
less
bc
curl
fail2ban
}.each do |p|
describe package(p) do
it { should be_installed }
)
case os[:name]
when 'redhat', 'centos'
os_packages = %w(yum-plugin-versionlock)
held_packages = {
'alien': '8.95',
'iotop': '0.6-2.el7'
}
lock_file = '/etc/yum/pluginconf.d/versionlock.list'
when 'fedora'
os_packages = %w(
python2-dnf-plugin-versionlock
python3-dnf-plugin-versionlock
)
held_packages = {
'alien': '8.95-5.fc27',
'iotop': '0.6-15.fc27'
}
lock_file = '/etc/dnf/plugins/versionlock.list'
when 'debian', 'ubuntu'
os_packages = %w()
held_packages = {
'alien': '8.95',
'iotop': '0.6-2'
}
lock_file = '/var/lib/dpkg/status'
end
unheld_packages = (common_packages + os_packages).flatten.uniq
all_packages = (unheld_packages + held_packages.keys.map { |k| k.to_s }).flatten.uniq
### WANTED/REQUIRED/HELD
control 'Wanted/Required/Held packages' do
title 'should be installed'
all_packages.each do |p|
describe package(p) do
it { should be_installed }
end
end
end
%w{
avahi-daemon
}.each do |p|
describe package(p) do
it { should_not be_installed }
### WANTED UNHELD
control 'Wanted packages' do
title 'should NOT be marked as hold'
unheld_packages.each do |p,v|
case os[:name]
when 'redhat', 'centheld_packagesheld_packagesos', 'fedora'
match_string = "#{p}-.*#{v}"
describe file(lock_file) do
its('content') { should_not match(match_string) }
end
when 'debian', 'ubuntu'
match_string = "^Package: #{p}\nStatus: install ok installed"
describe file(lock_file) do
its('content') { should match(match_string) }
end
end
end
end
### HELD
control 'Held packages' do
title 'should be marked as hold'
held_packages.each do |p,v|
case os[:name]
when 'redhat', 'centos', 'fedora'
match_string = "#{p}-.*#{v}"
when 'debian', 'ubuntu'
match_string = "^Package: #{p}\nStatus: hold ok installed\nP.*\nS.*\nI.*\nM.*\nA.*\nVersion: #{v}"
end
describe file(lock_file) do
its('content') { should match(match_string) }
end
end
end
### UNWANTED
control 'Unwanted packages' do
title 'should be uninstalled'
%w{
avahi-daemon
}.each do |p|
describe package(p) do
it { should_not be_installed }
end
end
end

15
test/integration/default/remote_pkgs_spec.rb
View file

@ -1,7 +1,12 @@
%w{
zoom
}.each do |p|
describe package(p) do
it { should be_installed }
### REMOTE PKGS
control 'Remote packages' do
title 'should be downloaded and installed'
%w{
zoom
}.each do |p|
describe package(p) do
it { should be_installed }
end
end
end