diff --git a/.gitignore b/.gitignore index debd739e..0bbb03cc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,12 +1,40 @@ -.kitchen/ -.ruby-version -junit*.xml - # Byte-compiled / optimized / DLL files __pycache__/ *.py[cod] *$py.class +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a packager +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + # Unit test / coverage reports htmlcov/ .tox/ @@ -15,5 +43,80 @@ htmlcov/ .cache nosetests.xml coverage.xml -*,cover +*.cover .hypothesis/ +.kitchen +.kitchen.local.yml +kitchen.local.yml +junit-*.xml + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule + +# SageMath parsed files +*.sage.py + +# dotenv +.env + +# virtualenv +.venv +venv/ +ENV/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ + +# Bundler +Gemfile.lock + +# copied `.md` files used for conversion to `.rst` using `m2r` +docs/*.md + +# Vim +*.sw? + +## Collected when centralising formulas (check and sort) +# `collectd-formula` +.pytest_cache/ +/.idea/ +Dockerfile.*_* +ignore/ +tmp/ diff --git a/.kitchen.yml b/.kitchen.yml deleted file mode 100644 index 99e01e87..00000000 --- a/.kitchen.yml +++ /dev/null @@ -1,78 +0,0 @@ ---- -driver: - name: docker - use_sudo: false - privileged: true - -provisioner: - name: salt_solo - log_level: warning - require_chef: false - formula: docker - state_top: - base: - '*': - - docker.remove - - docker - pillars: - top.sls: - base: - '*': - - docker - -platforms: - - name: ubuntu-18.04 - driver_config: - provision_command: - - apt-get update && apt-get install -y locales ifupdown - - locale-gen en_US.UTF-8 - - update-locale LANG=en_US.UTF-8 - - mkdir -p /run/sshd - run_command: /lib/systemd/systemd - - name: debian-stretch - driver_config: - provision_command: - - apt-get update && apt-get install -y locales ifupdown - - locale-gen en_US.UTF-8 - run_command: /lib/systemd/systemd - - name: debian-jessie - driver_config: - provision_command: - - apt-get update && apt-get install -y locales ifupdown - - locale-gen en_US.UTF-8 - run_command: /lib/systemd/systemd -# - name: centos-7 -# driver_config: -# run_command: /lib/systemd/systemd - -suites: - - name: default - provisioner: - pillars: - docker.sls: - docker: - use_upstream_repo: true - - name: version-1.13.1 - provisioner: - pillars: - docker.sls: - docker: - version: '1.13.1*' - use_old_repo: true - excludes: - - ubuntu-18.04 - - name: version-18 - provisioner: - pillars: - docker.sls: - docker: - version: '18.*' - use_old_repo: true - excludes: - - debian-stretch - - debian-jessie - -verifier: - name: shell - remote_exec: false - command: testinfra -vvv --connection=docker --hosts=root@$KITCHEN_CONTAINER_ID --junit-xml junit-$KITCHEN_INSTANCE.xml test/integration/$KITCHEN_SUITE diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 00000000..bdae9aa9 --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,10 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +# General overrides used across formulas in the org +Metrics/LineLength: + # Increase from default of `80` + # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`) + Max: 88 + +# Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config` diff --git a/.salt-lint b/.salt-lint new file mode 100644 index 00000000..ba79fa78 --- /dev/null +++ b/.salt-lint @@ -0,0 +1,15 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +exclude_paths: + # Violation: [204] Lines should be no longer that 160 chars + - docker/repo.sls +skip_list: + # Using `salt-lint` for linting other files as well, such as Jinja macros/templates + - 205 # Use ".sls" as a Salt State file extension + # Skipping `207` and `208` because `210` is sufficient, at least for the time-being + # I.e. Allows 3-digit unquoted codes to still be used, such as `644` and `755` + - 207 # File modes should always be encapsulated in quotation marks + - 208 # File modes should always contain a leading zero +tags: [] +verbosity: 1 diff --git a/.travis.yml b/.travis.yml index afd913a7..148c14a6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,22 +1,104 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +## Machine config +dist: bionic sudo: required +services: + - docker +## Language and cache config +language: ruby +cache: bundler -language: python +## Script to run for the test stage +script: + - bin/kitchen verify "${INSTANCE}" -services: - - docker +## Stages and jobs matrix +stages: + - test + - name: release + if: branch = master AND type != pull_request +jobs: + include: + ## Define the test stage that runs the linters (and testing matrix, if applicable) -before_install: - - bundle install + # Run all of the linters in a single job + - language: node_js + node_js: lts/* + env: Lint + name: 'Lint: salt-lint, yamllint, rubocop & commitlint' + before_install: skip + script: + # Install and run `salt-lint` + - pip install --user salt-lint + - git ls-files | grep '\.sls$\|\.jinja$\|\.j2$\|\.tmpl$' + | xargs -I {} salt-lint {} + # Install and run `yamllint` + # Need at least `v1.17.0` for the `yaml-files` setting + - pip install --user yamllint>=1.17.0 + - yamllint -s . + # Install and run `rubocop` + - gem install rubocop + - rubocop -d + # Install and run `commitlint` + - npm install @commitlint/config-conventional -D + - npm install @commitlint/travis-cli -D + - commitlint-travis + ## Define the rest of the matrix based on Kitchen testing + # Make sure the instances listed below match up with + # the `platforms` defined in `kitchen.yml` + - env: INSTANCE=default-debian-10-develop-py3 + # - env: INSTANCE=default-ubuntu-1804-develop-py3 + # - env: INSTANCE=default-centos-7-develop-py3 + # - env: INSTANCE=default-fedora-30-develop-py3 + # - env: INSTANCE=default-opensuse-leap-15-develop-py3 + # - env: INSTANCE=default-amazonlinux-2-develop-py2 + # - env: INSTANCE=default-arch-base-latest-develop-py2 + - env: INSTANCE=default-debian-9-2019-2-py3 + - env: INSTANCE=default-ubuntu-1804-2019-2-py3 + # - env: INSTANCE=default-centos-7-2019-2-py3 + # - env: INSTANCE=default-fedora-30-2019-2-py3 + # - env: INSTANCE=default-opensuse-leap-15-2019-2-py3 + # - env: INSTANCE=default-amazonlinux-2-2019-2-py2 + - env: INSTANCE=default-arch-base-latest-2019-2-py2 + - env: INSTANCE=default-debian-9-2018-3-py2 + # - env: INSTANCE=default-ubuntu-1604-2018-3-py2 + # - env: INSTANCE=default-centos-7-2018-3-py2 + # - env: INSTANCE=default-fedora-29-2018-3-py2 + # - env: INSTANCE=default-opensuse-leap-15-2018-3-py2 + # - env: INSTANCE=default-amazonlinux-2-2018-3-py2 + # - env: INSTANCE=default-arch-base-latest-2018-3-py2 + # - env: INSTANCE=default-debian-8-2017-7-py2 + - env: INSTANCE=default-ubuntu-1604-2017-7-py2 + # - env: INSTANCE=default-centos-6-2017-7-py2 + # - env: INSTANCE=default-fedora-29-2017-7-py2 + # - env: INSTANCE=default-opensuse-leap-15-2017-7-py2 + # - env: INSTANCE=default-amazonlinux-2-2017-7-py2 + # - env: INSTANCE=default-arch-base-latest-2017-7-py2 -env: - matrix: - - INSTANCE: default-ubuntu-1804 - - INSTANCE: default-debian-jessie - - INSTANCE: default-debian-stretch - - INSTANCE: version-1131-debian-jessie - - INSTANCE: version-1131-debian-stretch + ## Define the release stage that runs `semantic-release` + - stage: release + language: node_js + node_js: lts/* + env: Release + name: 'Run semantic-release inc. file updates to AUTHORS, CHANGELOG & FORMULA' + before_install: skip + script: + # Update `AUTHORS.md` + - export MAINTAINER_TOKEN=${GH_TOKEN} + - go get github.com/myii/maintainer + - maintainer contributor -script: - - bundle exec kitchen verify ${INSTANCE} + # Install all dependencies required for `semantic-release` + - npm install @semantic-release/changelog@3 -D + - npm install @semantic-release/exec@3 -D + - npm install @semantic-release/git@7 -D + deploy: + provider: script + skip_cleanup: true + script: + # Run `semantic-release` + - npx semantic-release@15 diff --git a/.yamllint b/.yamllint new file mode 100644 index 00000000..358570e0 --- /dev/null +++ b/.yamllint @@ -0,0 +1,37 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +# Extend the `default` configuration provided by `yamllint` +extends: default + +# Files to ignore completely +# 1. All YAML files under directory `node_modules/`, introduced during the Travis run +# 2. Any SLS files under directory `test/`, which are actually state files +# 3. Any YAML files under directory `.kitchen/`, introduced during local testing +ignore: | + node_modules/ + test/**/states/**/*.sls + .kitchen/ + docker/osfamilymap.yaml + +yaml-files: + # Default settings + - '*.yaml' + - '*.yml' + - .salt-lint + - .yamllint + # SaltStack Formulas additional settings + - '*.example' + - test/**/*.sls + +rules: + empty-values: + forbid-in-block-mappings: true + forbid-in-flow-mappings: true + line-length: + # Increase from default of `80` + # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`) + max: 88 + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true diff --git a/FORMULA b/FORMULA new file mode 100644 index 00000000..8965b23c --- /dev/null +++ b/FORMULA @@ -0,0 +1,9 @@ +name: docker +os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, Suse, openSUSE, Gentoo, Funtoo, Arch, Manjaro, Alpine, FreeBSD, OpenBSD, Solaris, SmartOS, Windows, MacOS +os_family: Debian, RedHat, Suse, Gentoo, Arch, Alpine, FreeBSD, OpenBSD, Solaris, Windows, MacOS +version: 0.41.0 +release: 1 +minimum_version: 2017.7 +summary: docker formula +description: Formula for working with Docker +top_level_dir: docker diff --git a/Gemfile b/Gemfile index 1947ff45..5a232b61 100644 --- a/Gemfile +++ b/Gemfile @@ -1,5 +1,7 @@ -source "https://rubygems.org" +# frozen_string_literal: true -gem "test-kitchen" -gem "kitchen-docker" -gem "kitchen-salt" +source 'https://rubygems.org' + +gem 'kitchen-docker', '>= 2.9' +gem 'kitchen-inspec', '>= 1.1' +gem 'kitchen-salt', '>= 0.6.0' diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index 384d707b..00000000 --- a/Gemfile.lock +++ /dev/null @@ -1,41 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - artifactory (2.5.0) - kitchen-docker (2.6.0) - test-kitchen (>= 1.0.0) - kitchen-salt (0.0.24) - test-kitchen (~> 1.4) - mixlib-install (2.1.4) - artifactory - mixlib-shellout - mixlib-versioning - thor - mixlib-shellout (2.2.7) - mixlib-versioning (1.1.0) - net-scp (1.2.1) - net-ssh (>= 2.6.5) - net-ssh (3.2.0) - net-ssh-gateway (1.2.0) - net-ssh (>= 2.6.5) - safe_yaml (1.0.4) - test-kitchen (1.13.2) - mixlib-install (>= 1.2, < 3.0) - mixlib-shellout (>= 1.2, < 3.0) - net-scp (~> 1.1) - net-ssh (>= 2.9, < 4.0) - net-ssh-gateway (~> 1.2.0) - safe_yaml (~> 1.0) - thor (~> 0.18) - thor (0.19.1) - -PLATFORMS - ruby - -DEPENDENCIES - kitchen-docker - kitchen-salt - test-kitchen - -BUNDLED WITH - 1.13.6 diff --git a/bin/kitchen b/bin/kitchen new file mode 100755 index 00000000..dcfdb4ca --- /dev/null +++ b/bin/kitchen @@ -0,0 +1,32 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +# +# This file was generated by Bundler. +# +# The application 'kitchen' is installed as part of a gem, and +# this file is here to facilitate running it. +# + +require 'pathname' +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', + Pathname.new(__FILE__).realpath) + +bundle_binstub = File.expand_path('bundle', __dir__) + +if File.file?(bundle_binstub) + if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/ + load(bundle_binstub) + else + abort( + 'Your `bin/bundle` was not generated by Bundler, '\ + 'so this binstub cannot run. Replace `bin/bundle` by running '\ + '`bundle binstubs bundler --force`, then run this command again.' + ) + end +end + +require 'rubygems' +require 'bundler/setup' + +load Gem.bin_path('test-kitchen', 'kitchen') diff --git a/commitlint.config.js b/commitlint.config.js new file mode 100644 index 00000000..2f9d1aa0 --- /dev/null +++ b/commitlint.config.js @@ -0,0 +1,3 @@ +module.exports = { + extends: ['@commitlint/config-conventional'], +}; diff --git a/docker/codenamemap.yaml b/docker/codenamemap.yaml index 714cf862..0620a7ef 100644 --- a/docker/codenamemap.yaml +++ b/docker/codenamemap.yaml @@ -1,5 +1,6 @@ -# vim: sts=2 ts=2 sw=2 et ai - +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- wheezy: kernel: pkg: @@ -33,4 +34,3 @@ precise: pkgs: - linux-image-generic-lts-raring - linux-headers-generic-lts-raring - diff --git a/docker/defaults.yaml b/docker/defaults.yaml index 09736788..84a9ec3b 100644 --- a/docker/defaults.yaml +++ b/docker/defaults.yaml @@ -1,19 +1,20 @@ -# vim: sts=2 ts=2 sw=2 et ai - +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- docker: process_signature: '/usr/bin/docker' - install_docker_py: True + install_docker_py: true python_package: docker - refresh_repo: True + refresh_repo: true configfile: /etc/default/docker config: [] daemon_config: {} version: '' rootuser: root - use_upstream_repo: True - use_old_repo: False - proxy: False + use_upstream_repo: true + use_old_repo: false + proxy: false pkgs: - iptables @@ -24,23 +25,22 @@ docker: old_name: docker-engine # For backward compatibility, this will be overriden by docker:version, if defined version: latest - allow_updates: False - hold: False - use_upstream_app: False #macos + allow_updates: false + hold: false + use_upstream_app: false # macos pip: - install_pypi_pip: False - upgrade: False + install_pypi_pip: false + upgrade: false compose_version: '' containers: skip_translate: None - force_present: False - force_running: False + force_present: false + force_running: false kernel: pkg: fromrepo: '' pkgs: [] - diff --git a/docker/osfamilymap.yaml b/docker/osfamilymap.yaml index 53a4c95c..e33b8a48 100644 --- a/docker/osfamilymap.yaml +++ b/docker/osfamilymap.yaml @@ -15,20 +15,20 @@ {%- endif %} Arch: - python_package: + python_package: ~ pkgs: - python-docker - python-pip - - python2-pip ##see https://github.com/saltstack/salt/issues/48632 + - python2-pip # see https://github.com/saltstack/salt/issues/48632 pkg: name: docker # workaround https://github.com/saltstack-formulas/docker-formula/issues/219 - allow_updates: False - hold: False - use_upstream_app: False + allow_updates: false + hold: false + use_upstream_app: false pip: - install_pypi_pip: False - upgrade: False + install_pypi_pip: false + upgrade: false Debian: pkgs: @@ -47,6 +47,7 @@ RedHat: - python3-pip - python3-docker repo: + # yamllint disable-line rule:line-length url_base: https://download.docker.com/linux/{{ grains['os'] |lower }}/{{ '' if not 'osmajorrelease' in grains else grains['osmajorrelease'] }}/$basearch/stable/ key_url: https://download.docker.com/linux/{{ grains['os'] |lower }}/gpg version: {{ grains['oscodename']|lower if 'oscodename' in grains else '' }} @@ -66,9 +67,9 @@ MacOS: pkg: name: docker #homebrew # workaround https://github.com/saltstack-formulas/docker-formula/issues/219 - allow_updates: False - hold: False - use_upstream_app: True #docker desktop for mac + allow_updates: false + hold: false + use_upstream_app: true #docker desktop for mac app: name: Docker source: https://download.docker.com/mac/stable/Docker.dmg diff --git a/docker/osmap.yaml b/docker/osmap.yaml index 4a9e1c1d..b522db41 100644 --- a/docker/osmap.yaml +++ b/docker/osmap.yaml @@ -1,4 +1,6 @@ - +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- CentOS: pkgs: - python2-pip @@ -6,5 +8,3 @@ CentOS: FreeBSD: pkgs: - devel/py-pip - -# vim: ft=sls diff --git a/kitchen.yml b/kitchen.yml new file mode 100644 index 00000000..9444a053 --- /dev/null +++ b/kitchen.yml @@ -0,0 +1,212 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +# For help on this file's format, see https://kitchen.ci/ +driver: + name: docker + use_sudo: false + privileged: true + run_command: /lib/systemd/systemd + +# Make sure the platforms listed below match up with +# the `env.matrix` instances defined in `.travis.yml` +platforms: + ## SALT `develop` + - name: debian-10-develop-py3 + driver: + image: netmanagers/salt-develop-py3:debian-10 + provision_command: + - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com + - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop + - name: ubuntu-1804-develop-py3 + driver: + image: netmanagers/salt-develop-py3:ubuntu-18.04 + provision_command: + - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com + - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop + - name: centos-7-develop-py3 + driver: + image: netmanagers/salt-develop-py3:centos-7 + provision_command: + - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com + - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop + - name: fedora-30-develop-py3 + driver: + image: netmanagers/salt-develop-py3:fedora-30 + provision_command: + - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com + - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop + - name: opensuse-leap-15-develop-py3 + driver: + image: opensuse/leap:15 + provision_command: + # yamllint disable-line rule:line-length + - zypper install -y glibc-locale net-tools net-tools-deprecated python-xml python3-pip + - systemctl enable sshd.service + run_command: /usr/lib/systemd/systemd + provisioner: + salt_bootstrap_options: -XdPfrq -x python3 git develop + salt_install: bootstrap + # Workaround to avoid intermittent failures on `opensuse-leap-15`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: amazonlinux-2-develop-py2 + driver: + image: netmanagers/salt-develop-py2:amazonlinux-2 + provision_command: + - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com + - sh bootstrap-salt.sh -XdPbfrq -x python2 git develop + - name: arch-base-latest-develop-py2 + driver: + image: netmanagers/salt-develop-py2:arch-base-latest + provision_command: + - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com + - sh bootstrap-salt.sh -XdPbfrq -x python2 git develop + run_command: /usr/lib/systemd/systemd + + ## SALT `2019.2` + - name: debian-9-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:debian-9 + - name: ubuntu-1804-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:ubuntu-18.04 + - name: centos-7-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:centos-7 + - name: fedora-30-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:fedora-30 + - name: opensuse-leap-15-2019-2-py3 + driver: + image: opensuse/leap:15 + provision_command: + # yamllint disable-line rule:line-length + - zypper install -y glibc-locale net-tools net-tools-deprecated python-xml python3-pip + - systemctl enable sshd.service + run_command: /usr/lib/systemd/systemd + provisioner: + salt_bootstrap_options: -XdPfrq -x python3 git 2019.2 + salt_install: bootstrap + # Workaround to avoid intermittent failures on `opensuse-leap-15`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: amazonlinux-2-2019-2-py2 + driver: + image: netmanagers/salt-2019.2-py2:amazonlinux-2 + - name: arch-base-latest-2019-2-py2 + driver: + image: netmanagers/salt-2019.2-py2:arch-base-latest + run_command: /usr/lib/systemd/systemd + + ## SALT `2018.3` + - name: debian-9-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:debian-9 + - name: ubuntu-1604-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:ubuntu-16.04 + - name: centos-7-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:centos-7 + - name: fedora-29-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:fedora-29 + - name: opensuse-leap-15-2018-3-py2 + driver: + image: opensuse/leap:15 + provision_command: + # yamllint disable-line rule:line-length + - zypper install -y glibc-locale net-tools net-tools-deprecated python-xml python2-pip + - systemctl enable sshd.service + run_command: /usr/lib/systemd/systemd + provisioner: + salt_bootstrap_options: -XdPfrq -x python2 git 2018.3 + salt_install: bootstrap + # Workaround to avoid intermittent failures on `opensuse-leap-15`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: amazonlinux-2-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:amazonlinux-2 + - name: arch-base-latest-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:arch-base-latest + run_command: /usr/lib/systemd/systemd + + ## SALT `2017.7` + - name: debian-8-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:debian-8 + - name: ubuntu-1604-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:ubuntu-16.04 + - name: centos-6-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:centos-6 + run_command: /sbin/init + - name: fedora-29-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:fedora-29 + - name: opensuse-leap-15-2017-7-py2 + driver: + image: opensuse/leap:15 + provision_command: + # yamllint disable-line rule:line-length + - zypper install -y glibc-locale net-tools net-tools-deprecated python-xml python2-pip + - systemctl enable sshd.service + run_command: /usr/lib/systemd/systemd + provisioner: + salt_bootstrap_options: -XdPfrq -x python2 git 2017.7 + salt_install: bootstrap + # Workaround to avoid intermittent failures on `opensuse-leap-15`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: amazonlinux-2-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:amazonlinux-2 + - name: arch-base-latest-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:arch-base-latest + run_command: /usr/lib/systemd/systemd + +provisioner: + name: salt_solo + log_level: debug + salt_install: none + require_chef: false + formula: docker + salt_copy_filter: + - .kitchen + - .git + +verifier: + # https://www.inspec.io/ + name: inspec + sudo: true + # cli, documentation, html, progress, json, json-min, json-rspec, junit + reporter: + - cli + +suites: + - name: default + provisioner: + state_top: + base: + '*': + - docker + - docker.containers + pillars: + top.sls: + base: + '*': + - docker + pillars_from_files: + docker.sls: pillar.example + verifier: + inspec_tests: + - path: test/integration/default diff --git a/pillar.example b/pillar.example index 4bd40104..f253e82a 100644 --- a/pillar.example +++ b/pillar.example @@ -1,5 +1,6 @@ -# vi: set ft=yaml: - +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- # example docker registry container # if you want to your own docker registry, use this docker-containers: @@ -7,11 +8,12 @@ docker-containers: # example docker registry container (if you want your own docker registry, use this) registry: - #image: 'docker.io/registry:latest' ##Fedora + # image: 'docker.io/registry:latest' ##Fedora image: "registry:latest" - cmd: - # Pull image on service restart (useful if you override the same tag. example: latest) - pull_before_start: True + cmd: ~ + # Pull image on service restart + # (useful if you override the same tag. example: latest) + pull_before_start: true # Do not force container removal on stop (unless true) remove_on_stop: false runoptions: @@ -25,16 +27,17 @@ docker-containers: - "--rm" stopoptions: - '-t 10' - + prometheus-server: # example Prometheus container using command arguments image: "prom/prometheus:v1.7.1" - cmd: + cmd: ~ args: - '-config.file=/prom-data/prometheus.yml' - '-storage.local.path=/prom-data/data/' - # Pull image on service restart (useful if you override the same tag. example: latest) - pull_before_start: True + # Pull image on service restart + # (useful if you override the same tag. example: latest) + pull_before_start: true # Do not force container removal on stop (unless true) remove_on_stop: false runoptions: @@ -55,15 +58,16 @@ docker-pkg: # Docker compose supported attributes docker: - #install_pypi_pip: True - #install_docker_py: True + # install_pypi_pip: true + # install_docker_py: true # version of docker-compose to install (defaults to latest) - #compose_version: 1.9.0 - #configfile: /etc/default/docker - install_pypi_pip: True - + # compose_version: 1.9.0 + # configfile: /etc/default/docker + install_pypi_pip: true + + # yamllint disable-line rule:line-length ### https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file - #daemon_config: + # daemon_config: # metrics-addr: '0.0.0.0:9323' # experimental: true # registry-mirrors: @@ -73,23 +77,23 @@ docker: # - harbor.local pkg: - # Package handling - #version: 1.13.1 - #allow_updates: True - use_upstream_app: False + # Package handling + # version: 1.13.1 + # allow_updates: true + use_upstream_app: false - # PIP proxy configuration (defaults to False) + # PIP proxy configuration (defaults to false) # proxy: proxy.com:3128 # Global functions for docker_container states containers: skip_translate: ports - force_present: False - force_running: True + force_present: false + force_running: true compose: registry-datastore: - dvc: True + dvc: true # image: ®istry_image 'docker.io/registry:latest' ## Fedora image: ®istry_image 'registry:latest' container_name: &dvc 'registry-datastore' @@ -108,16 +112,16 @@ docker: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: '/registry' ports: - 127.0.0.1:5000:5000 - #restart: 'always' # compose v1.9 - deploy: # compose v3 + # restart: 'always' # compose v1.9 + deploy: # compose v3 restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s - nginx-latest: - #image: 'docker.io/nginx:latest' ##Fedora + nginx-latest: + # image: 'docker.io/nginx:latest' ##Fedora image: 'nginx:latest' container_name: 'nginx-latest' links: @@ -129,8 +133,8 @@ docker: - /srv/docker-registry/nginx/:/etc/nginx/conf.d - /srv/docker-registry/auth/:/etc/nginx/conf.d/auth - /srv/docker-registry/certs/:/etc/nginx/conf.d/certs - #restart: 'always' # compose v1.9 - deploy: # compose v3 + # restart: 'always' # compose v1.9 + deploy: # compose v3 restart_policy: condition: on-failure delay: 5s @@ -142,21 +146,21 @@ docker: # additional pillars supporting backwards compatibility only -#docker-pkg: -# lookup: - # docker-py backwards compatibility - #install_docker_py: True - #python_package: docker==2.1.0 - #pip: - # version: '== 8.1.1' - - # Old docker repositories (docker.io, lxc-docker<=1.7) backwards compatibility - #version: '1.6.2' - #pip_version: '<= 1.2.3' - -#registry: +# docker-pkg: +# lookup: +# docker-py backwards compatibility +# install_docker_py: true +# python_package: docker==2.1.0 +# pip: +# version: '== 8.1.1' +# +# Old docker repositories (docker.io, lxc-docker<=1.7) backwards compatibility +# version: '1.6.2' +# pip_version: '<= 1.2.3' +# +# registry: # lookup: - # docker registry 2.x backwards compatibility +# docker registry 2.x backwards compatibility # version: 2 # restart: always # runoptions: @@ -166,9 +170,8 @@ docker: # - "-e REGISTRY_STORAGE_S3_BUCKET=my-bucket" # - "-e REGISTRY_STORAGE_S3_ROOTDIRECTORY=my-folder/my-subfolder/my-sub-subfolder" # - "--log-driver=syslog" - # docker registry < 1, even older backwards compatibility +# docker registry < 1, even older backwards compatibility # amazon: # aws_bucket: 'my-registry' # aws_key: 'ABCDEFGHIJK123456789' # aws_secret: 'AbcD+efG-HIjK1+++23456+789' - diff --git a/pre-commit_semantic-release.sh b/pre-commit_semantic-release.sh new file mode 100755 index 00000000..9d34d74c --- /dev/null +++ b/pre-commit_semantic-release.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +############################################################################### +# (A) Update `FORMULA` with `${nextRelease.version}` +############################################################################### +sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA + + +############################################################################### +# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst` +############################################################################### + +# Install `m2r` +sudo -H pip install m2r + +# Copy and then convert the `.md` docs +cp *.md docs/ +cd docs/ +m2r --overwrite *.md + +# Change excess `H1` headings to `H2` in converted `CHANGELOG.rst` +sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst +sed -i -e '1,4s/-/=/g' CHANGELOG.rst + +# Use for debugging output, when required +# cat AUTHORS.rst +# cat CHANGELOG.rst + +# Return back to the main directory +cd .. diff --git a/release-rules.js b/release-rules.js new file mode 100644 index 00000000..c63c850d --- /dev/null +++ b/release-rules.js @@ -0,0 +1,18 @@ +// No release is triggered for the types commented out below. +// Commits using these types will be incorporated into the next release. +// +// NOTE: Any changes here must be reflected in `CONTRIBUTING.md`. +module.exports = [ + {breaking: true, release: 'major'}, + // {type: 'build', release: 'patch'}, + // {type: 'chore', release: 'patch'}, + // {type: 'ci', release: 'patch'}, + {type: 'docs', release: 'patch'}, + {type: 'feat', release: 'minor'}, + {type: 'fix', release: 'patch'}, + {type: 'perf', release: 'patch'}, + {type: 'refactor', release: 'patch'}, + {type: 'revert', release: 'patch'}, + {type: 'style', release: 'patch'}, + {type: 'test', release: 'patch'}, +]; diff --git a/release.config.js b/release.config.js new file mode 100644 index 00000000..afa0cb11 --- /dev/null +++ b/release.config.js @@ -0,0 +1,106 @@ +module.exports = { + branch: 'master', + plugins: [ + ['@semantic-release/commit-analyzer', { + preset: 'angular', + releaseRules: './release-rules.js', + }], + '@semantic-release/release-notes-generator', + ['@semantic-release/changelog', { + changelogFile: 'CHANGELOG.md', + changelogTitle: '# Changelog', + }], + ['@semantic-release/exec', { + prepareCmd: 'sh ./pre-commit_semantic-release.sh ${nextRelease.version}', + }], + ['@semantic-release/git', { + assets: ['*.md', 'docs/*.rst', 'FORMULA'], + }], + '@semantic-release/github', + ], + generateNotes: { + preset: 'angular', + writerOpts: { + // Required due to upstream bug preventing all types being displayed. + // Bug: https://github.com/conventional-changelog/conventional-changelog/issues/317 + // Fix: https://github.com/conventional-changelog/conventional-changelog/pull/410 + transform: (commit, context) => { + const issues = [] + + commit.notes.forEach(note => { + note.title = `BREAKING CHANGES` + }) + + // NOTE: Any changes here must be reflected in `CONTRIBUTING.md`. + if (commit.type === `feat`) { + commit.type = `Features` + } else if (commit.type === `fix`) { + commit.type = `Bug Fixes` + } else if (commit.type === `perf`) { + commit.type = `Performance Improvements` + } else if (commit.type === `revert`) { + commit.type = `Reverts` + } else if (commit.type === `docs`) { + commit.type = `Documentation` + } else if (commit.type === `style`) { + commit.type = `Styles` + } else if (commit.type === `refactor`) { + commit.type = `Code Refactoring` + } else if (commit.type === `test`) { + commit.type = `Tests` + } else if (commit.type === `build`) { + commit.type = `Build System` + // } else if (commit.type === `chore`) { + // commit.type = `Maintenance` + } else if (commit.type === `ci`) { + commit.type = `Continuous Integration` + } else { + return + } + + if (commit.scope === `*`) { + commit.scope = `` + } + + if (typeof commit.hash === `string`) { + commit.hash = commit.hash.substring(0, 7) + } + + if (typeof commit.subject === `string`) { + let url = context.repository + ? `${context.host}/${context.owner}/${context.repository}` + : context.repoUrl + if (url) { + url = `${url}/issues/` + // Issue URLs. + commit.subject = commit.subject.replace(/#([0-9]+)/g, (_, issue) => { + issues.push(issue) + return `[#${issue}](${url}${issue})` + }) + } + if (context.host) { + // User URLs. + commit.subject = commit.subject.replace(/\B@([a-z0-9](?:-?[a-z0-9/]){0,38})/g, (_, username) => { + if (username.includes('/')) { + return `@${username}` + } + + return `[@${username}](${context.host}/${username})` + }) + } + } + + // remove references that already appear in the subject + commit.references = commit.references.filter(reference => { + if (issues.indexOf(reference.issue) === -1) { + return true + } + + return false + }) + + return commit + }, + }, + }, +}; diff --git a/test/integration/default/README.md b/test/integration/default/README.md new file mode 100644 index 00000000..37cf963c --- /dev/null +++ b/test/integration/default/README.md @@ -0,0 +1,50 @@ +# InSpec Profile: `default` + +This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). + +## Verify a profile + +InSpec ships with built-in features to verify a profile structure. + +```bash +$ inspec check default +Summary +------- +Location: default +Profile: profile +Controls: 4 +Timestamp: 2019-06-24T23:09:01+00:00 +Valid: true + +Errors +------ + +Warnings +-------- +``` + +## Execute a profile + +To run all **supported** controls on a local machine use `inspec exec /path/to/profile`. + +```bash +$ inspec exec default +.. + +Finished in 0.0025 seconds (files took 0.12449 seconds to load) +8 examples, 0 failures +``` + +## Execute a specific control from a profile + +To run one control from the profile use `inspec exec /path/to/profile --controls name`. + +```bash +$ inspec exec default --controls package +. + +Finished in 0.0025 seconds (files took 0.12449 seconds to load) +1 examples, 0 failures +``` + +See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb). diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml new file mode 100644 index 00000000..477b1fcd --- /dev/null +++ b/test/integration/default/inspec.yml @@ -0,0 +1,18 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +name: default +title: docker formula +maintainer: SaltStack Formulas +license: Apache-2.0 +summary: Verify that the docker formula is setup and configured correctly +supports: + - platform-name: debian + - platform-name: ubuntu + - platform-name: centos + - platform-name: fedora + - platform-name: opensuse + - platform-name: suse + - platform-name: freebsd + - platform-name: amazon + - platform-name: arch