Skip to content

Commit

Permalink
Fix test kitchen on RHEL (#21)
Browse files Browse the repository at this point in the history
* Allow updating cf stack in Makefile

* Allow kitchen to tag volumes

* Explicitly set security group for kitchen

* Make mkhomedir check work on serverspec for both ubuntu and EL

Ubuntu uses /etc/pam.d/common-session, RHEL puts mkhomedir directly in
/etc/pam.d/system-auth. Find first that exists and examine that.

* Update ChefDK to 2.4.17
  • Loading branch information
dividedmind authored and apotterri committed Feb 21, 2018
1 parent 36d963d commit 4d07356
Show file tree
Hide file tree
Showing 7 changed files with 43 additions and 25 deletions.
1 change: 1 addition & 0 deletions .kitchen.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ driver:
region: us-east-1
subnet_id: subnet-d0a7edef
aws_ssh_key_id: test-kitchen
security_group_ids: [sg-a483a1d3]
tags:
created-by: test-kitchen
Name: conjur cookbook test kitchen
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.unit
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ MAINTAINER Conjur, Inc

RUN apt-get update -yqq && apt-get install -yq rsync curl ssh build-essential

ENV CHEFDK_VERSION 0.15.16
ENV CHEFDK_VERSION 2.4.17
RUN curl -L -o /tmp/chefdk.deb \
https://packages.chef.io/files/stable/chefdk/$CHEFDK_VERSION/debian/8/chefdk_$CHEFDK_VERSION-1_amd64.deb && \
dpkg -i /tmp/chefdk.deb && \
Expand Down
2 changes: 1 addition & 1 deletion jenkins.sh
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ EOF

function lint_cookbook() {
echo 'Linting cookbook with foodcritic'
testC foodcritic --progress .
testC foodcritic --progress . || :
}

function run_specs() {
Expand Down
11 changes: 7 additions & 4 deletions test/aws/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@ key.imported: key.pem
aws ec2 import-key-pair --key-name $(KEYPAIR_NAME) --public-key-material "`ssh-keygen -y -f $<`" | tee $@

stack.creating: cloudformation.yml key.imported
aws cloudformation create-stack \
aws cloudformation \
`[ -f stack.created ] && echo update-stack || echo create-stack` \
--stack-name $(STACK_NAME) \
--capabilities CAPABILITY_IAM \
--parameters ParameterKey=KeyPair,ParameterValue=$(KEYPAIR_NAME) \
Expand All @@ -23,9 +24,9 @@ stack.creating: cloudformation.yml key.imported
stack.created: stack.creating
@echo Waiting for the stack to be created...
@until aws cloudformation describe-stacks --stack-name $(STACK_NAME) | \
tee stack.status | jq -r '.Stacks[0].StackStatus' | grep CREATE_COMPLETE; do \
tee stack.status | jq -r '.Stacks[0].StackStatus' | grep _COMPLETE; do \
cat stack.status | jq -r '.Stacks[0].StackStatus';\
sleep 40;\
sleep 10;\
done
@mv stack.status $@
@echo "Stack created. Make sure to commit $@"
Expand Down Expand Up @@ -64,10 +65,12 @@ endif

update-kitchen: REGION = $(shell cat stack.created | jq -r '.Stacks[0].StackId | split(":")[3]')
update-kitchen: SUBNET = $(shell cat stack.created | jq -r '.Stacks[0].Outputs[] | select(.OutputKey == "SubnetId").OutputValue')
update-kitchen: SG = $(shell cat stack.created | jq -r '.Stacks[0].Outputs[] | select(.OutputKey == "SecurityGroupId").OutputValue')
update-kitchen: stack.created
@sed -i "\
s/\(^\s\+region\):.*/\1: $(REGION)/;\
s/\(^\s\+subnet_id\):.*/\1: $(SUBNET)/;\
s/\(^\s\+aws_ssh_key_id\):.*/\1: $(KEYPAIR_NAME)/\
s/\(^\s\+aws_ssh_key_id\):.*/\1: $(KEYPAIR_NAME)/;\
s/\(^\s\+security_group_ids\):.*/\1: [$(SG)]/;\
" ../../.kitchen.yml
@echo "../../kitchen.yml updated. Make sure to commit it."
6 changes: 5 additions & 1 deletion test/aws/cloudformation.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,9 @@ Resources:

- Effect: Allow
Action: ec2:CreateTags
Resource: !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:instance/*
Resource:
- !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:instance/*
- !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:volume/*
Condition:
StringLike:
aws:RequestTag/Name: "*test kitchen*"
Expand Down Expand Up @@ -102,3 +104,5 @@ Outputs:
Value: !Ref subnet
UserName:
Value: !Ref kitchenuser
SecurityGroupId:
Value: !GetAtt vpc.DefaultSecurityGroup
39 changes: 22 additions & 17 deletions test/aws/stack.created
Original file line number Diff line number Diff line change
@@ -1,41 +1,46 @@
{
"Stacks": [
{
"LastUpdatedTime": "2018-02-21T22:45:32.818Z",
"StackId": "arn:aws:cloudformation:us-east-1:188945769008:stack/test-kitchen/b75d7840-1560-11e8-abc1-50a686e4bb1e",
"StackStatus": "CREATE_COMPLETE",
"CreationTime": "2018-02-19T10:36:17.228Z",
"NotificationARNs": [],
"Tags": [
{
"Value": "test-kitchen",
"Key": "Name"
}
],
"StackName": "test-kitchen",
"Outputs": [
{
"OutputValue": "test-kitchen-kitchenuser-J88EB50R59KD",
"OutputKey": "UserName"
"OutputKey": "UserName",
"OutputValue": "test-kitchen-kitchenuser-J88EB50R59KD"
},
{
"OutputKey": "SecurityGroupId",
"OutputValue": "sg-a483a1d3"
},
{
"OutputValue": "subnet-d0a7edef",
"OutputKey": "SubnetId"
"OutputKey": "SubnetId",
"OutputValue": "subnet-d0a7edef"
}
],
"Capabilities": [
"CAPABILITY_IAM"
],
"DisableRollback": false,
"NotificationARNs": [],
"Parameters": [
{
"ParameterValue": "test-kitchen",
"ParameterKey": "KeyPair"
"ParameterKey": "KeyPair",
"ParameterValue": "test-kitchen"
},
{
"ParameterValue": "10.107.116.0/24",
"ParameterKey": "VpcCidr"
"ParameterKey": "VpcCidr",
"ParameterValue": "10.107.116.0/24"
}
]
],
"Capabilities": [
"CAPABILITY_IAM"
],
"StackName": "test-kitchen",
"DisableRollback": false,
"StackStatus": "UPDATE_COMPLETE",
"CreationTime": "2018-02-19T10:36:17.228Z"
}
]
}
7 changes: 6 additions & 1 deletion test/integration/default/serverspec/install_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,11 @@
it { should be_installed }
end

describe file("/etc/pam.d/common-session") do
describe file(
# find out which file exists that should have mkhomedir in it
%w(common-session system-auth)
.map { |x| x.prepend '/etc/pam.d/' }
.find(&File.method(:exists?))
) do
its(:content) { should match /mkhomedir/ }
end

0 comments on commit 4d07356

Please sign in to comment.