diff options
Diffstat (limited to 'kitchen-tests/cookbooks')
23 files changed, 287 insertions, 223 deletions
diff --git a/kitchen-tests/cookbooks/audit_test/.gitignore b/kitchen-tests/cookbooks/audit_test/.gitignore deleted file mode 100644 index 1e074046f0..0000000000 --- a/kitchen-tests/cookbooks/audit_test/.gitignore +++ /dev/null @@ -1,15 +0,0 @@ -.vagrant -*~ -*# -.#* -\#*# -.*.sw[a-z] -*.un~ - -# Bundler -Gemfile.lock -bin/* -.bundle/* - -.kitchen/ -.kitchen.local.yml diff --git a/kitchen-tests/cookbooks/audit_test/Berksfile b/kitchen-tests/cookbooks/audit_test/Berksfile index 0ac9b78cf7..967b9a78b6 100644 --- a/kitchen-tests/cookbooks/audit_test/Berksfile +++ b/kitchen-tests/cookbooks/audit_test/Berksfile @@ -1,3 +1,3 @@ -source "https://supermarket.getchef.com" +source "https://supermarket.chef.io" metadata diff --git a/kitchen-tests/cookbooks/audit_test/chefignore b/kitchen-tests/cookbooks/audit_test/chefignore deleted file mode 100644 index 80dc2d20ef..0000000000 --- a/kitchen-tests/cookbooks/audit_test/chefignore +++ /dev/null @@ -1,95 +0,0 @@ -# Put files/directories that should be ignored in this file when uploading -# or sharing to the community site. -# Lines that start with '# ' are comments. - -# OS generated files # -###################### -.DS_Store -Icon? -nohup.out -ehthumbs.db -Thumbs.db - -# SASS # -######## -.sass-cache - -# EDITORS # -########### -\#* -.#* -*~ -*.sw[a-z] -*.bak -REVISION -TAGS* -tmtags -*_flymake.* -*_flymake -*.tmproj -.project -.settings -mkmf.log - -## COMPILED ## -############## -a.out -*.o -*.pyc -*.so -*.com -*.class -*.dll -*.exe -*/rdoc/ - -# Testing # -########### -.watchr -.rspec -spec/* -spec/fixtures/* -test/* -features/* -Guardfile -Procfile - -# SCM # -####### -.git -*/.git -.gitignore -.gitmodules -.gitconfig -.gitattributes -.svn -*/.bzr/* -*/.hg/* -*/.svn/* - -# Berkshelf # -############# -Berksfile -Berksfile.lock -cookbooks/* -tmp - -# Cookbooks # -############# -CONTRIBUTING - -# Strainer # -############ -Colanderfile -Strainerfile -.colander -.strainer - -# Vagrant # -########### -.vagrant -Vagrantfile - -# Travis # -########## -.travis.yml diff --git a/kitchen-tests/cookbooks/audit_test/metadata.rb b/kitchen-tests/cookbooks/audit_test/metadata.rb index 3fbda5dbe1..2b34ce28d0 100644 --- a/kitchen-tests/cookbooks/audit_test/metadata.rb +++ b/kitchen-tests/cookbooks/audit_test/metadata.rb @@ -1,7 +1,7 @@ name "audit_test" maintainer "The Authors" maintainer_email "you@example.com" -license "all_rights" +license "Apache-2.0" description "Installs/Configures audit_test" long_description "Installs/Configures audit_test" version "0.1.0" diff --git a/kitchen-tests/cookbooks/awesome_customers_rhel_wrapper/metadata.rb b/kitchen-tests/cookbooks/awesome_customers_rhel_wrapper/metadata.rb new file mode 100644 index 0000000000..49dbb50869 --- /dev/null +++ b/kitchen-tests/cookbooks/awesome_customers_rhel_wrapper/metadata.rb @@ -0,0 +1,9 @@ +name "awesome_customers_rhel_wrapper" +maintainer "The Authors" +maintainer_email "you@example.com" +license "Apache-2.0" +description "Installs/Configures awesome_customers_rhel" +long_description "Installs/Configures awesome_customers_rhel" +version "0.1.0" + +depends "awesome_customers_rhel" diff --git a/kitchen-tests/cookbooks/awesome_customers_rhel_wrapper/recipes/default.rb b/kitchen-tests/cookbooks/awesome_customers_rhel_wrapper/recipes/default.rb new file mode 100644 index 0000000000..c58db5fe29 --- /dev/null +++ b/kitchen-tests/cookbooks/awesome_customers_rhel_wrapper/recipes/default.rb @@ -0,0 +1,8 @@ +# +# Cookbook:: awesome_customers_rhel +# Recipe:: default +# +# Copyright:: 2014-2017, Chef Software, Inc. +# + +include_recipe "awesome_customers_rhel::default" diff --git a/kitchen-tests/cookbooks/awesome_customers_ubuntu_wrapper/metadata.rb b/kitchen-tests/cookbooks/awesome_customers_ubuntu_wrapper/metadata.rb new file mode 100644 index 0000000000..d07a2c2c13 --- /dev/null +++ b/kitchen-tests/cookbooks/awesome_customers_ubuntu_wrapper/metadata.rb @@ -0,0 +1,9 @@ +name "awesome_customers_ubuntu_wrapper" +maintainer "The Authors" +maintainer_email "you@example.com" +license "Apache-2.0" +description "Installs/Configures awesome_customers_ubuntu" +long_description "Installs/Configures awesome_customers_ubuntu" +version "0.1.0" + +depends "awesome_customers_ubuntu" diff --git a/kitchen-tests/cookbooks/awesome_customers_ubuntu_wrapper/recipes/default.rb b/kitchen-tests/cookbooks/awesome_customers_ubuntu_wrapper/recipes/default.rb new file mode 100644 index 0000000000..f6fd388f16 --- /dev/null +++ b/kitchen-tests/cookbooks/awesome_customers_ubuntu_wrapper/recipes/default.rb @@ -0,0 +1,8 @@ +# +# Cookbook:: awesome_customers_ubuntu +# Recipe:: default +# +# Copyright:: 2016-2017, Chef Software, Inc. +# + +include_recipe "awesome_customers_ubuntu::default" diff --git a/kitchen-tests/cookbooks/base/Berksfile b/kitchen-tests/cookbooks/base/Berksfile new file mode 100644 index 0000000000..967b9a78b6 --- /dev/null +++ b/kitchen-tests/cookbooks/base/Berksfile @@ -0,0 +1,3 @@ +source "https://supermarket.chef.io" + +metadata diff --git a/kitchen-tests/cookbooks/base/README.md b/kitchen-tests/cookbooks/base/README.md new file mode 100644 index 0000000000..2889a2d0dc --- /dev/null +++ b/kitchen-tests/cookbooks/base/README.md @@ -0,0 +1,3 @@ +# base + +A standard chef "base" cookbook that performs various base system configuration tasks using common community cookbooks. diff --git a/kitchen-tests/cookbooks/base/attributes/default.rb b/kitchen-tests/cookbooks/base/attributes/default.rb new file mode 100644 index 0000000000..5e8cee6736 --- /dev/null +++ b/kitchen-tests/cookbooks/base/attributes/default.rb @@ -0,0 +1,76 @@ +puts "CHEF SUGAR THINKS WE ARE ON UBUNTU" if ubuntu? +puts "CHEF SUGAR THINKS WE ARE ON RHEL" if rhel? + +# +# ubuntu cookbook overrides +# + +default["ubuntu"]["include_source_packages"] = true +default["ubuntu"]["components"] = "main restricted universe multiverse" + +# +# openssh cookbook overrides +# + +# turn off old protocols client-side +default["openssh"]["client"]["host_based_authentication"] = "no" +# allow typical ssh v2 rsa/dsa/ecdsa key auth client-side +default["openssh"]["client"]["pubkey_authentication"] = "yes" +# allow password auth client-side (we can ssh 'to' hosts that require passwords) +default["openssh"]["client"]["password_authentication"] = "yes" +# turn off kerberos client-side +default["openssh"]["client"]["gssapi_authentication"] = "no" +default["openssh"]["client"]["check_host_ip"] = "no" +# everone turns strict host key checking off anyway +default["openssh"]["client"]["strict_host_key_checking"] = "no" +# force protocol 2 +default["openssh"]["client"]["protocol"] = "2" + +# it is mostly important that the aes*-ctr ciphers appear first in this list, the cbc ciphers are for compatibility +default["openssh"]["server"]["ciphers"] = "aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc" +# DNS causes long timeouts when connecting clients have busted DNS +default["openssh"]["server"]["use_dns"] = "no" +default["openssh"]["server"]["syslog_facility"] = "AUTH" +# only allow access via ssh pubkeys, all other mechanisms including passwords are turned off for all users +default["openssh"]["server"]["pubkey_authentication"] = "yes" +default["openssh"]["server"]["password_authentication"] = "no" +default["openssh"]["server"]["host_based_authentication"] = "no" +default["openssh"]["server"]["gssapi_authentication"] = "no" +default["openssh"]["server"]["permit_root_login"] = "without-password" +default["openssh"]["server"]["ignore_rhosts"] = "yes" +default["openssh"]["server"]["permit_empty_passwords"] = "no" +default["openssh"]["server"]["challenge_response_authentication"] = "no" +default["openssh"]["server"]["kerberos_authentication"] = "no" +# tcp keepalives are useful to keep connections up through VPNs and firewalls +default["openssh"]["server"]["tcp_keepalive"] = "yes" +default["openssh"]["server"]["max_start_ups"] = "10" +# PAM (i think) already prints the motd on login +default["openssh"]["server"]["print_motd"] = "no" +# force only protocol 2 connections +default["openssh"]["server"]["protocol"] = "2" +# allow tunnelling x-applications back to the client +default["openssh"]["server"]["x11_forwarding"] = "yes" + +# +# chef-client cookbook overrides +# + +# always wait at least 30 mins (1800 secs) between daemonized chef-client runs +default["chef_client"]["interval"] = 1800 +# wait an additional random interval of up to 30 mins (1800 secs) between daemonized runs +default["chef_client"]["splay"] = 1800 +# only log what we change +default["chef_client"]["config"]["verbose_logging"] = false + +# +# resolver cookbook overrides +# + +default["resolver"]["nameservers"] = [ "8.8.8.8", "8.8.4.4" ] +default["resolver"]["search"] = "chef.io" + +# +# nscd cookbook overrides +# + +default["nscd"]["server_user"] = "nobody" diff --git a/kitchen-tests/cookbooks/base/libraries/chef-sugar.rb b/kitchen-tests/cookbooks/base/libraries/chef-sugar.rb new file mode 100644 index 0000000000..90d02a361f --- /dev/null +++ b/kitchen-tests/cookbooks/base/libraries/chef-sugar.rb @@ -0,0 +1,4 @@ +require "chef/sugar" + +# hack until this gets baked into chef-sugar so we can use chef-sugar in attributes files +Chef::Node.send(:include, Chef::Sugar::DSL) diff --git a/kitchen-tests/cookbooks/base/metadata.rb b/kitchen-tests/cookbooks/base/metadata.rb new file mode 100644 index 0000000000..f526318bb7 --- /dev/null +++ b/kitchen-tests/cookbooks/base/metadata.rb @@ -0,0 +1,33 @@ +name "base" +maintainer "" +maintainer_email "" +license "Apache-2.0" +description "Installs/Configures base" +long_description "Installs/Configures base" +version "0.1.0" + +gem "chef-sugar" + +depends "chef-client" +depends "logrotate" +depends "multipackage" +depends "nscd" +depends "ntp" +depends "openssh" +depends "resolver" +depends "selinux" +depends "ubuntu" +depends "users" +depends "cron" +depends "git" + +supports "ubuntu" +supports "debian" +supports "redhat" +supports "opensuse" +supports "fedora" +supports "amazon" + +chef_version ">= 14" +issues_url "https://github.com/chef/chef/issues" +source_url "https://github.com/chef/chef" diff --git a/kitchen-tests/cookbooks/base/recipes/default.rb b/kitchen-tests/cookbooks/base/recipes/default.rb new file mode 100644 index 0000000000..ea0215ca96 --- /dev/null +++ b/kitchen-tests/cookbooks/base/recipes/default.rb @@ -0,0 +1,87 @@ +# +# Cookbook:: base +# Recipe:: default +# +# Copyright:: 2014-2017, Chef Software, Inc. +# + +hostname "chef-travis-ci.chef.io" + +apt_update + +include_recipe "ubuntu" if platform?("ubuntu") + +if platform_family?("rhel", "fedora", "amazon") + include_recipe "selinux::disabled" +end + +yum_repository "epel" do + enabled true + description "Extra Packages for Enterprise Linux #{node['platform_version'].to_i} - $basearch" + failovermethod "priority" + gpgkey "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" + gpgcheck true + mirrorlist "https://mirrors.fedoraproject.org/metalink?repo=epel-#{node['platform_version'].to_i}&arch=$basearch" + only_if { platform_family?("rhel") } +end + +build_essential + +include_recipe "::packages" + +include_recipe "ntp" + +include_recipe "resolver" + +users_manage "sysadmin" do + group_id 2300 + action [:create] +end + +sudo "sysadmins" do + group ["sysadmin", "%superadmin"] + nopasswd true +end + +sudo "some_person" do + nopasswd true + user "some_person" + commands ["/opt/chef/bin/chef-client"] + env_keep_add %w{PATH RBENV_ROOT RBENV_VERSION} +end + +include_recipe "chef-client::delete_validation" +include_recipe "chef-client::config" +include_recipe "chef-client" + +include_recipe "openssh" + +include_recipe "nscd" + +include_recipe "logrotate" + +include_recipe "cron" + +include_recipe "git" + +directory "/etc/ssl" + +# Generate new key and certificate +openssl_dhparam "/etc/ssl/dhparam.pem" do + key_length 1024 + action :create +end + +# Generate new key with aes-128-cbc cipher +openssl_rsa_private_key "/etc/ssl/rsakey_aes128cbc.pem" do + key_length 1024 + key_cipher "aes-128-cbc" + action :create +end + +openssl_rsa_public_key "/etc/ssl/rsakey_aes128cbc.pub" do + private_key_path "/etc/ssl/rsakey_aes128cbc.pem" + action :create +end + +include_recipe "::tests" diff --git a/kitchen-tests/cookbooks/base/recipes/packages.rb b/kitchen-tests/cookbooks/base/recipes/packages.rb new file mode 100644 index 0000000000..f8ceb342ad --- /dev/null +++ b/kitchen-tests/cookbooks/base/recipes/packages.rb @@ -0,0 +1,24 @@ +# +# Cookbook:: base +# Recipe:: packages +# +# Copyright:: 2014-2017, Chef Software, Inc. +# + +# this is just a list of package that exist on every O/S we test, and often aren't installed by default. you don't +# have to get too clever here, you can delete packages if they don't exist everywhere we test. +pkgs = %w{lsof tcpdump strace zsh dmidecode ltrace bc curl wget subversion traceroute htop tmux } + +# this deliberately calls the multipackage API N times in order to do one package installation in order to exercise the +# multipackage cookbook. +pkgs.each do |pkg| + multipackage pkgs +end + +gems = %w{fpm community_cookbook_releaser} + +gems.each do |gem| + chef_gem gem do + compile_time false + end +end diff --git a/kitchen-tests/cookbooks/base/recipes/tests.rb b/kitchen-tests/cookbooks/base/recipes/tests.rb new file mode 100644 index 0000000000..c6095eaeb5 --- /dev/null +++ b/kitchen-tests/cookbooks/base/recipes/tests.rb @@ -0,0 +1,21 @@ +# +# Cookbook:: base +# Recipe:: tests +# +# Copyright:: 2014-2017, Chef Software, Inc. +# + +# +# this file is for random tests to check specific chef-client internal functionality +# + +file "/tmp/chef-test-ümlauts" do + content "testing UTF-8 char in the filename" +end + +# this caught a regression in 12.14.70 before it was released when i +# ran it in lamont-ci, so added the test here so everyone else other than +# me gets coverage for this as well. +file "/tmp/chef-test-\xFDmlaut" do + content "testing illegal UTF-8 char in the filename" +end diff --git a/kitchen-tests/cookbooks/webapp/Berksfile b/kitchen-tests/cookbooks/webapp/Berksfile deleted file mode 100644 index 4b6079016e..0000000000 --- a/kitchen-tests/cookbooks/webapp/Berksfile +++ /dev/null @@ -1,5 +0,0 @@ -source "https://api.berkshelf.com" - -metadata - -cookbook "apt" diff --git a/kitchen-tests/cookbooks/webapp/README.md b/kitchen-tests/cookbooks/webapp/README.md deleted file mode 100644 index f19ab46735..0000000000 --- a/kitchen-tests/cookbooks/webapp/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# webapp - -TODO: Enter the cookbook description here. diff --git a/kitchen-tests/cookbooks/webapp/attributes/default.rb b/kitchen-tests/cookbooks/webapp/attributes/default.rb deleted file mode 100644 index 2ff7a6c5ff..0000000000 --- a/kitchen-tests/cookbooks/webapp/attributes/default.rb +++ /dev/null @@ -1,14 +0,0 @@ -default["apache"]["remote_host_ip"] = "127.0.0.1" - -default["webapp"]["database"] = "webapp" -default["webapp"]["db_username"] = "webapp" -default["webapp"]["path"] = "/srv/webapp" - -# XXX: apache2 cookbook 2.0.0 has bugs around changing the mpm and then attempting a graceful restart -# which fails and leaves the service down. -case node["platform"] -when "ubuntu" - if node["platform_version"].to_f >= 14.04 - default[:apache][:mpm] = "event" - end -end diff --git a/kitchen-tests/cookbooks/webapp/metadata.rb b/kitchen-tests/cookbooks/webapp/metadata.rb deleted file mode 100644 index f1f07d952b..0000000000 --- a/kitchen-tests/cookbooks/webapp/metadata.rb +++ /dev/null @@ -1,12 +0,0 @@ -name "webapp" -maintainer "" -maintainer_email "" -license "" -description "Installs/Configures webapp" -long_description "Installs/Configures webapp" -version "0.1.0" - -depends "apache2" -depends "database", "~> 2.3.1" -depends "mysql" -depends "php" diff --git a/kitchen-tests/cookbooks/webapp/recipes/default.rb b/kitchen-tests/cookbooks/webapp/recipes/default.rb deleted file mode 100644 index 2b3459b794..0000000000 --- a/kitchen-tests/cookbooks/webapp/recipes/default.rb +++ /dev/null @@ -1,64 +0,0 @@ -# -# Cookbook Name:: webapp -# Recipe:: default -# -# Copyright (C) 2014 -# - -include_recipe "apache2" -include_recipe "database::mysql" -include_recipe "php" - -creds = Hash.new -%w{mysql webapp}.each do |item_name| - creds[item_name] = data_bag_item("passwords", item_name) -end - -web_app "webapp" do - server_name "localhost" - server_aliases [node["fqdn"], node["hostname"], "localhost.localdomain"] - docroot node["webapp"]["path"] - cookbook "apache2" -end - -mysql_service "default" do - server_root_password creds["mysql"]["server_root_password"] - server_repl_password creds["mysql"]["server_repl_password"] -end - -mysql_database node["webapp"]["database"] do - connection ({ - :host => "localhost", - :username => "root", - :password => creds["mysql"]["server_root_password"], - }) - action :create -end - -mysql_database_user node["webapp"]["db_username"] do - connection ({ - :host => "localhost", - :username => "root", - :password => creds["mysql"]["server_root_password"], - }) - password creds["webapp"]["db_password"] - database_name node["webapp"]["database"] - privileges [:select, :update, :insert, :create, :delete] - action :grant -end - -directory node["webapp"]["path"] do - owner "root" - group "root" - mode "0755" - action :create - recursive true -end - -template "#{node['webapp']['path']}/index.html" do - source "index.html.erb" -end - -template "#{node['webapp']['path']}/index.php" do - source "index.php.erb" -end diff --git a/kitchen-tests/cookbooks/webapp/templates/default/index.html.erb b/kitchen-tests/cookbooks/webapp/templates/default/index.html.erb deleted file mode 100644 index 6da0629b9e..0000000000 --- a/kitchen-tests/cookbooks/webapp/templates/default/index.html.erb +++ /dev/null @@ -1,5 +0,0 @@ -<html> - <body> - <h1>Hello, World!</h1> - </body> -</html> diff --git a/kitchen-tests/cookbooks/webapp/templates/default/index.php.erb b/kitchen-tests/cookbooks/webapp/templates/default/index.php.erb deleted file mode 100644 index b08b076614..0000000000 --- a/kitchen-tests/cookbooks/webapp/templates/default/index.php.erb +++ /dev/null @@ -1,8 +0,0 @@ -<html> - <head> - <title>PHP Test</title> - </head> - <body> - <?php echo '<p>Hello, World!</p>'; ?> - </body> -</html> |