Skip to content

Commit

Permalink
Merge pull request #36 from eole/test/verify-map.jinja-dumps
Browse files Browse the repository at this point in the history 
test(map): verify `map.jinja` dump using `_mapdata` state
  • Loading branch information
@baby-gnu
baby-gnu authored Mar 17, 2021
2 parents d7b7da0 + 9a490de commit 58a0899
Show file tree
Hide file tree
Showing 25 changed files with 545 additions and 0 deletions.
13 changes: 13 additions & 0 deletions cert/_mapdata/_mapdata.jinja
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# yamllint disable rule:indentation rule:line-length
# {{ grains.get("osfinger", grains.os) }}
---
{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #}
{{ salt["slsutil.serialize"](
"yaml",
map,
default_flow_style=False,
allow_unicode=True,
)
| regex_replace("^\s+'$", "'", multiline=True)
| trim
}}
22 changes: 22 additions & 0 deletions cert/_mapdata/init.sls
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# -*- coding: utf-8 -*-
# vim: ft=sls
---
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split("/")[0] %}
{%- from tplroot ~ "/map.jinja" import map with context %}
{%- set _mapdata = {
"values": map,
} %}
{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %}
{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %}
{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %}
{{ tplroot }}-mapdata-dump:
file.managed:
- name: {{ output_file }}
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
- template: jinja
- context:
map: {{ _mapdata | yaml }}
1 change: 1 addition & 0 deletions kitchen.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,6 +318,7 @@ suites:
base:
'*':
- states/setup-certs-to-remove
- cert._mapdata
- cert
pillars:
top.sls:
Expand Down
47 changes: 47 additions & 0 deletions test/integration/default/controls/_mapdata.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# frozen_string_literal: true

require 'yaml'

control 'cert._mapdata' do
title '`map.jinja` should match the reference file'

### Method
# The steps below for each file appear convoluted but they are both required
# and similar in nature:
# 1. The earliest method was to simply compare the files textually but this often
# led to false positives due to inconsistencies (e.g. spacing, ordering)
# 2. The next method was to load the files back into YAML structures and then
# compare but InSpec provided block diffs this way, unusable by end users
# 3. The final step was to dump the YAML structures back into a string to use
# for the comparison; this both worked and provided human-friendly diffs

### Comparison file for the specific platform
### Static, adjusted as part of code contributions, as map data is changed
# Strip the `platform[:finger]` version number down to the "OS major release"
platform_finger = system.platform[:finger].split('.').first.to_s
# Use that to set the path to the file (relative to the InSpec suite directory)
mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
# Load the mapdata from profile, into a YAML structure
# https://docs.chef.io/inspec/profiles/#profile-files
mapdata_file_yaml = YAML.load(inspec.profile.file(mapdata_file_path))
# Dump the YAML back into a string for comparison
mapdata_file_dump = YAML.dump(mapdata_file_yaml)

### Output file produced by running the `_mapdata` state
### Dynamic, generated during Kitchen's `converge` phase
# Derive the location of the dumped mapdata (differs for Windows)
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
# Use that to set the path to the file (absolute path, i.e. within the container)
output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
# Load the output into a YAML structure using InSpec's `yaml` resource
# https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
output_file_yaml = yaml(output_file_path).params
# Dump the YAML back into a string for comparison
output_file_dump = YAML.dump(output_file_yaml)

describe 'File content' do
it 'should match profile map data exactly' do
expect(output_file_dump).to eq(mapdata_file_dump)
end
end
end
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/amazonlinux-2.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# Amazon Linux-2
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
21 changes: 21 additions & 0 deletions test/integration/default/files/_mapdata/arch-base-latest.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# yamllint disable rule:indentation rule:line-length
# Arch
---
values:
cert_dir: /etc/ssl/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
- ca-certificates-mozilla
- ca-certificates-utils
remove: false
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/centos-7.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-7
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/centos-8.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-8
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
20 changes: 20 additions & 0 deletions test/integration/default/files/_mapdata/debian-10.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# yamllint disable rule:indentation rule:line-length
# Debian-10
---
values:
cert_dir: /usr/local/share/ca-certificates
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: ssl-cert
key_mode: 640
key_user: root
pkgs:
- ca-certificates
- ssl-cert
remove: false
20 changes: 20 additions & 0 deletions test/integration/default/files/_mapdata/debian-9.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# yamllint disable rule:indentation rule:line-length
# Debian-9
---
values:
cert_dir: /usr/local/share/ca-certificates
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: ssl-cert
key_mode: 640
key_user: root
pkgs:
- ca-certificates
- ssl-cert
remove: false
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/fedora-32.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# Fedora-32
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/fedora-33.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# Fedora-33
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
17 changes: 17 additions & 0 deletions test/integration/default/files/_mapdata/gentoo-2-sysd.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# yamllint disable rule:indentation rule:line-length
# Gentoo-2
---
values:
cert_dir: /etc/ssl/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
remove: false
17 changes: 17 additions & 0 deletions test/integration/default/files/_mapdata/gentoo-2-sysv.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# yamllint disable rule:indentation rule:line-length
# Gentoo-2
---
values:
cert_dir: /etc/ssl/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
remove: false
20 changes: 20 additions & 0 deletions test/integration/default/files/_mapdata/opensuse-15.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# yamllint disable rule:indentation rule:line-length
# Leap-15
---
values:
cert_dir: /etc/ssl/certs
cert_ext: .crt
cert_group: root
cert_mode: '444'
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
- ca-certificates-mozilla
remove: false
20 changes: 20 additions & 0 deletions test/integration/default/files/_mapdata/opensuse-tumbleweed.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# yamllint disable rule:indentation rule:line-length
# openSUSE Tumbleweed-20210307
---
values:
cert_dir: /etc/ssl/certs
cert_ext: .crt
cert_group: root
cert_mode: '444'
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
- ca-certificates-mozilla
remove: false
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/oraclelinux-7.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# Oracle Linux Server-7
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
19 changes: 19 additions & 0 deletions test/integration/default/files/_mapdata/oraclelinux-8.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# yamllint disable rule:indentation rule:line-length
# Oracle Linux Server-8
---
values:
cert_dir: /etc/pki/tls/certs
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/pki/tls/private
key_ext: .key
key_group: root
key_mode: 600
key_user: root
pkgs:
- ca-certificates
remove: false
20 changes: 20 additions & 0 deletions test/integration/default/files/_mapdata/ubuntu-16.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-16.04
---
values:
cert_dir: /usr/local/share/ca-certificates
cert_ext: .crt
cert_group: root
cert_mode: 644
cert_source_dir: /tmp/kitchen/srv/salt/files/
cert_tmp_dir: /tmp/certs/
cert_user: root
key_dir: /etc/ssl/private
key_ext: .key
key_group: ssl-cert
key_mode: 640
key_user: root
pkgs:
- ca-certificates
- ssl-cert
remove: false
Loading

0 comments on commit 58a0899

Please sign in to comment.