diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 841c9f4..33a2e44 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -134,6 +134,7 @@ rubocop: # default-debian-11-tiamat-py3: {extends: '.test_instance'} # default-debian-10-tiamat-py3: {extends: '.test_instance'} # default-debian-9-tiamat-py3: {extends: '.test_instance'} +# default-ubuntu-2204-tiamat-py3: {extends: '.test_instance_failure_permitted'} # default-ubuntu-2004-tiamat-py3: {extends: '.test_instance'} # default-ubuntu-1804-tiamat-py3: {extends: '.test_instance'} # default-centos-stream8-tiamat-py3: {extends: '.test_instance_failure_permitted'} @@ -146,12 +147,13 @@ rubocop: default-debian-11-master-py3: {extends: '.test_instance'} default-debian-10-master-py3: {extends: '.test_instance'} default-debian-9-master-py3: {extends: '.test_instance'} +default-ubuntu-2204-master-py3: {extends: '.test_instance_failure_permitted'} default-ubuntu-2004-master-py3: {extends: '.test_instance'} default-ubuntu-1804-master-py3: {extends: '.test_instance'} default-centos-stream8-master-py3: {extends: '.test_instance_failure_permitted'} default-centos-7-master-py3: {extends: '.test_instance'} +default-fedora-36-master-py3: {extends: '.test_instance_failure_permitted'} default-fedora-35-master-py3: {extends: '.test_instance'} -default-fedora-34-master-py3: {extends: '.test_instance'} default-opensuse-leap-153-master-py3: {extends: '.test_instance'} default-opensuse-tmbl-latest-master-py3: {extends: '.test_instance_failure_permitted'} default-amazonlinux-2-master-py3: {extends: '.test_instance'} @@ -165,12 +167,13 @@ default-rockylinux-8-master-py3: {extends: '.test_instance'} # default-debian-11-3004-1-py3: {extends: '.test_instance'} # default-debian-10-3004-1-py3: {extends: '.test_instance'} # default-debian-9-3004-1-py3: {extends: '.test_instance'} +# default-ubuntu-2204-3004-1-py3: {extends: '.test_instance_failure_permitted'} # default-ubuntu-2004-3004-1-py3: {extends: '.test_instance'} # default-ubuntu-1804-3004-1-py3: {extends: '.test_instance'} # default-centos-stream8-3004-1-py3: {extends: '.test_instance_failure_permitted'} # default-centos-7-3004-1-py3: {extends: '.test_instance'} +# default-fedora-36-3004-1-py3: {extends: '.test_instance_failure_permitted'} # default-fedora-35-3004-1-py3: {extends: '.test_instance'} -# default-fedora-34-3004-1-py3: {extends: '.test_instance'} # default-amazonlinux-2-3004-1-py3: {extends: '.test_instance'} # default-oraclelinux-8-3004-1-py3: {extends: '.test_instance'} # default-oraclelinux-7-3004-1-py3: {extends: '.test_instance'} @@ -191,14 +194,6 @@ default-rockylinux-8-master-py3: {extends: '.test_instance'} # default-oraclelinux-8-3003-4-py3: {extends: '.test_instance'} # default-oraclelinux-7-3003-4-py3: {extends: '.test_instance'} # default-almalinux-8-3003-4-py3: {extends: '.test_instance'} -# default-debian-10-3002-8-py3: {extends: '.test_instance'} -# default-debian-9-3002-8-py3: {extends: '.test_instance'} -# default-ubuntu-2004-3002-8-py3: {extends: '.test_instance'} -# default-ubuntu-1804-3002-8-py3: {extends: '.test_instance'} -# default-centos-7-3002-8-py3: {extends: '.test_instance'} -# default-amazonlinux-2-3002-8-py3: {extends: '.test_instance'} -# default-oraclelinux-8-3002-8-py3: {extends: '.test_instance'} -# default-oraclelinux-7-3002-8-py3: {extends: '.test_instance'} # yamllint enable rule:line-length ############################################################################### diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2cb381e..1299a84 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,6 +3,18 @@ --- # See https://pre-commit.com for more information # See https://pre-commit.com/hooks.html for more hooks +ci: + autofix_commit_msg: | + ci(pre-commit.ci): apply auto fixes from pre-commit.com hooks + + For more information, see https://pre-commit.ci + autofix_prs: true + autoupdate_branch: '' + autoupdate_commit_msg: | + ci(pre-commit.ci): perform `pre-commit` autoupdate + autoupdate_schedule: quarterly + skip: [] + submodules: false default_stages: [commit] repos: - repo: https://github.com/dafyddj/commitlint-pre-commit-hook @@ -18,7 +30,7 @@ repos: additional_dependencies: ['@commitlint/config-conventional@8.3.4'] always_run: true - repo: https://github.com/rubocop-hq/rubocop - rev: v1.25.1 + rev: v1.30.1 hooks: - id: rubocop name: Check Ruby files with rubocop diff --git a/.travis.yml b/.travis.yml index 42abb00..63db262 100644 --- a/.travis.yml +++ b/.travis.yml @@ -86,6 +86,7 @@ jobs: # - env: INSTANCE=default-debian-11-tiamat-py3 # - env: INSTANCE=default-debian-10-tiamat-py3 # - env: INSTANCE=default-debian-9-tiamat-py3 + # - env: INSTANCE=default-ubuntu-2204-tiamat-py3 # - env: INSTANCE=default-ubuntu-2004-tiamat-py3 # - env: INSTANCE=default-ubuntu-1804-tiamat-py3 # - env: INSTANCE=default-centos-stream8-tiamat-py3 @@ -98,12 +99,13 @@ jobs: - env: INSTANCE=default-debian-11-master-py3 - env: INSTANCE=default-debian-10-master-py3 - env: INSTANCE=default-debian-9-master-py3 + - env: INSTANCE=default-ubuntu-2204-master-py3 - env: INSTANCE=default-ubuntu-2004-master-py3 - env: INSTANCE=default-ubuntu-1804-master-py3 - env: INSTANCE=default-centos-stream8-master-py3 - env: INSTANCE=default-centos-7-master-py3 + - env: INSTANCE=default-fedora-36-master-py3 - env: INSTANCE=default-fedora-35-master-py3 - - env: INSTANCE=default-fedora-34-master-py3 - env: INSTANCE=default-opensuse-leap-153-master-py3 - env: INSTANCE=default-opensuse-tmbl-latest-master-py3 - env: INSTANCE=default-amazonlinux-2-master-py3 @@ -117,12 +119,13 @@ jobs: # - env: INSTANCE=default-debian-11-3004-1-py3 # - env: INSTANCE=default-debian-10-3004-1-py3 # - env: INSTANCE=default-debian-9-3004-1-py3 + # - env: INSTANCE=default-ubuntu-2204-3004-1-py3 # - env: INSTANCE=default-ubuntu-2004-3004-1-py3 # - env: INSTANCE=default-ubuntu-1804-3004-1-py3 # - env: INSTANCE=default-centos-stream8-3004-1-py3 # - env: INSTANCE=default-centos-7-3004-1-py3 + # - env: INSTANCE=default-fedora-36-3004-1-py3 # - env: INSTANCE=default-fedora-35-3004-1-py3 - # - env: INSTANCE=default-fedora-34-3004-1-py3 # - env: INSTANCE=default-amazonlinux-2-3004-1-py3 # - env: INSTANCE=default-oraclelinux-8-3004-1-py3 # - env: INSTANCE=default-oraclelinux-7-3004-1-py3 @@ -143,14 +146,6 @@ jobs: # - env: INSTANCE=default-oraclelinux-8-3003-4-py3 # - env: INSTANCE=default-oraclelinux-7-3003-4-py3 # - env: INSTANCE=default-almalinux-8-3003-4-py3 - # - env: INSTANCE=default-debian-10-3002-8-py3 - # - env: INSTANCE=default-debian-9-3002-8-py3 - # - env: INSTANCE=default-ubuntu-2004-3002-8-py3 - # - env: INSTANCE=default-ubuntu-1804-3002-8-py3 - # - env: INSTANCE=default-centos-7-3002-8-py3 - # - env: INSTANCE=default-amazonlinux-2-3002-8-py3 - # - env: INSTANCE=default-oraclelinux-8-3002-8-py3 - # - env: INSTANCE=default-oraclelinux-7-3002-8-py3 ## Define the release stage that runs `semantic-release` - stage: 'release' diff --git a/CODEOWNERS b/CODEOWNERS index 3d15bd0..f47783d 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,7 +2,7 @@ # SECTION: Owner(s) for everything in the repo, unless a later match takes precedence # FILE PATTERN OWNER(S) -* @daks +* @saltstack-formulas/wg # SECTION: Owner(s) for specific directories # FILE PATTERN OWNER(S) diff --git a/Gemfile b/Gemfile index 5991260..12d9b1d 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ # frozen_string_literal: true -source ENV['PROXY_RUBYGEMSORG'] || 'https://rubygems.org' +source ENV.fetch('PROXY_RUBYGEMSORG', 'https://rubygems.org') # Install the `inspec` gem using `git` because versions after `4.22.22` # suppress diff output; this version fixes this for our uses. diff --git a/Gemfile.lock b/Gemfile.lock index ddb1742..471bb68 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,20 +1,20 @@ GIT remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec - revision: 31b5b09a827ed9fcbc0b2d550ae4056013dcc92e + revision: aaef842906a5666f0fc0b4f186b4dd3498f5b28c branch: ssf specs: - inspec (5.10.11) + inspec (5.18.15) cookstyle faraday_middleware (>= 0.12.2, < 1.1) - inspec-core (= 5.10.11) + inspec-core (= 5.18.15) mongo (= 2.13.2) progress_bar (~> 1.3.3) rake - train (~> 3.0) + train (~> 3.10) train-aws (~> 0.2) train-habitat (~> 0.1) train-winrm (~> 0.2) - inspec-core (5.10.11) + inspec-core (5.18.15) addressable (~> 2.4) chef-telemetry (~> 1.0, >= 1.0.8) faraday (>= 0.9.0, < 1.5) @@ -34,13 +34,13 @@ GIT sslshake (~> 1.2) thor (>= 0.20, < 2.0) tomlrb (>= 1.2, < 2.1) - train-core (~> 3.0) + train-core (~> 3.10) tty-prompt (~> 0.17) tty-table (~> 0.10) GIT remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker - revision: 4e03ca42d98624323c1c2d91ceb39c09a29bbfc8 + revision: 9a09bc1e571e25f3ccabf4725ca2048d970fff82 branch: ssf specs: kitchen-docker (2.12.0) @@ -49,7 +49,7 @@ GIT GEM remote: https://rubygems.org/ specs: - activesupport (7.0.2.3) + activesupport (7.0.3.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -58,14 +58,14 @@ GEM public_suffix (>= 2.0.2, < 5.0) ast (2.4.2) aws-eventstream (1.2.0) - aws-partitions (1.573.0) + aws-partitions (1.607.0) aws-sdk-alexaforbusiness (1.56.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-amplify (1.32.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-apigateway (1.75.0) + aws-sdk-apigateway (1.78.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-apigatewayv2 (1.42.0) @@ -74,7 +74,7 @@ GEM aws-sdk-applicationautoscaling (1.51.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-athena (1.52.0) + aws-sdk-athena (1.55.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-autoscaling (1.63.0) @@ -83,13 +83,13 @@ GEM aws-sdk-batch (1.47.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-budgets (1.49.0) + aws-sdk-budgets (1.50.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudformation (1.68.0) + aws-sdk-cloudformation (1.70.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudfront (1.63.0) + aws-sdk-cloudfront (1.65.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-cloudhsm (1.39.0) @@ -98,16 +98,16 @@ GEM aws-sdk-cloudhsmv2 (1.42.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudtrail (1.48.0) + aws-sdk-cloudtrail (1.49.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatch (1.62.0) + aws-sdk-cloudwatch (1.64.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-cloudwatchevents (1.46.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchlogs (1.52.0) + aws-sdk-cloudwatchlogs (1.53.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-codecommit (1.51.0) @@ -125,24 +125,24 @@ GEM aws-sdk-cognitoidentityprovider (1.53.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-configservice (1.76.0) + aws-sdk-configservice (1.79.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.130.0) + aws-sdk-core (3.131.2) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.525.0) aws-sigv4 (~> 1.1) - jmespath (~> 1.0) + jmespath (~> 1, >= 1.6.1) aws-sdk-costandusagereportservice (1.40.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-databasemigrationservice (1.53.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-dynamodb (1.74.0) + aws-sdk-dynamodb (1.75.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ec2 (1.305.0) + aws-sdk-ec2 (1.322.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-ecr (1.56.0) @@ -151,16 +151,16 @@ GEM aws-sdk-ecrpublic (1.12.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ecs (1.99.0) + aws-sdk-ecs (1.100.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-efs (1.53.0) + aws-sdk-efs (1.54.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-eks (1.74.0) + aws-sdk-eks (1.75.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticache (1.76.0) + aws-sdk-elasticache (1.78.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-elasticbeanstalk (1.51.0) @@ -169,7 +169,7 @@ GEM aws-sdk-elasticloadbalancing (1.40.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancingv2 (1.77.0) + aws-sdk-elasticloadbalancingv2 (1.78.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-elasticsearchservice (1.65.0) @@ -187,31 +187,31 @@ GEM aws-sdk-glue (1.88.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-guardduty (1.56.0) + aws-sdk-guardduty (1.58.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.68.0) + aws-sdk-iam (1.69.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-kafka (1.49.0) + aws-sdk-kafka (1.50.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-kinesis (1.41.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.55.0) + aws-sdk-kms (1.57.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-lambda (1.82.0) + aws-sdk-lambda (1.84.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-mq (1.40.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-networkfirewall (1.15.0) + aws-sdk-networkfirewall (1.17.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-networkmanager (1.22.0) + aws-sdk-networkmanager (1.24.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-organizations (1.59.0) @@ -220,13 +220,13 @@ GEM aws-sdk-ram (1.26.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-rds (1.142.0) + aws-sdk-rds (1.148.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-redshift (1.80.0) + aws-sdk-redshift (1.84.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-route53 (1.62.0) + aws-sdk-route53 (1.63.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-route53domains (1.40.0) @@ -235,7 +235,7 @@ GEM aws-sdk-route53resolver (1.37.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.113.0) + aws-sdk-s3 (1.114.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.4) @@ -245,7 +245,7 @@ GEM aws-sdk-secretsmanager (1.46.0) aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-securityhub (1.62.0) + aws-sdk-securityhub (1.67.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-servicecatalog (1.60.0) @@ -263,16 +263,16 @@ GEM aws-sdk-simpledb (1.29.0) aws-sdk-core (~> 3, >= 3.120.0) aws-sigv2 (~> 1.0) - aws-sdk-sms (1.39.0) + aws-sdk-sms (1.40.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-sns (1.53.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-sqs (1.51.0) + aws-sdk-sqs (1.51.1) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) - aws-sdk-ssm (1.134.0) + aws-sdk-ssm (1.137.0) aws-sdk-core (~> 3, >= 3.127.0) aws-sigv4 (~> 1.1) aws-sdk-states (1.39.0) @@ -288,7 +288,7 @@ GEM aws-sdk-core (~> 3, >= 3.122.0) aws-sigv4 (~> 1.1) aws-sigv2 (1.1.0) - aws-sigv4 (1.4.0) + aws-sigv4 (1.5.0) aws-eventstream (~> 1, >= 1.0.2) azure_graph_rbac (0.17.2) ms_rest_azure (~> 0.12.0) @@ -301,7 +301,7 @@ GEM azure_mgmt_storage (0.23.0) ms_rest_azure (~> 0.12.0) bcrypt_pbkdf (1.1.0) - bson (4.14.1) + bson (4.15.0) builder (3.2.4) chef-config (17.10.0) addressable @@ -328,7 +328,7 @@ GEM unf (>= 0.0.5, < 1.0.0) ed25519 (1.3.0) erubi (1.10.0) - excon (0.92.2) + excon (0.92.3) faraday (1.4.3) faraday-em_http (~> 1.0) faraday-em_synchrony (~> 1.0) @@ -372,18 +372,18 @@ GEM rexml (~> 3.0) hashie (4.1.0) highline (2.0.3) - http-cookie (1.0.4) + http-cookie (1.0.5) domain_name (~> 0.5) httpclient (2.8.3) - i18n (1.10.0) + i18n (1.12.0) concurrent-ruby (~> 1.0) inifile (3.0.0) jmespath (1.6.1) - json (2.6.1) - jwt (2.3.0) - kitchen-inspec (2.5.2) + json (2.6.2) + jwt (2.4.1) + kitchen-inspec (2.6.1) hashie (>= 3.4, <= 5.0) - inspec (>= 2.2.64, < 6.0) + inspec (>= 2.2.64, < 7.0) test-kitchen (>= 2.7, < 4) kitchen-salt (0.7.2) hashie (>= 3.5) @@ -394,21 +394,21 @@ GEM tty-box (~> 0.6) tty-prompt (~> 0.20) little-plugger (1.1.4) - logging (2.3.0) + logging (2.3.1) little-plugger (~> 1.1) multi_json (~> 1.14) memoist (0.16.2) method_source (1.0.0) mini_mime (1.1.2) - minitest (5.15.0) - mixlib-config (3.0.9) + minitest (5.16.2) + mixlib-config (3.0.27) tomlrb - mixlib-install (3.12.16) + mixlib-install (3.12.19) mixlib-shellout mixlib-versioning thor mixlib-log (3.0.9) - mixlib-shellout (3.2.6) + mixlib-shellout (3.2.7) chef-utils mixlib-versioning (1.2.12) mongo (2.13.2) @@ -423,7 +423,7 @@ GEM faraday-cookie_jar (~> 0.0.6) ms_rest (~> 0.7.6) multi_json (1.15.0) - multipart-post (2.1.1) + multipart-post (2.2.3) net-scp (3.0.0) net-ssh (>= 2.6.5, < 7.0.0) net-ssh (6.1.0) @@ -433,7 +433,7 @@ GEM options (2.3.2) os (1.1.4) parallel (1.22.1) - parser (3.1.1.0) + parser (3.1.2.0) ast (~> 2.4.1) parslet (1.8.2) pastel (0.8.0) @@ -444,11 +444,11 @@ GEM pry (0.14.1) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (4.0.6) + public_suffix (4.0.7) rainbow (3.1.1) rake (13.0.6) - regexp_parser (2.2.1) - representable (3.1.1) + regexp_parser (2.5.0) + representable (3.2.0) declarative (< 0.1.0) trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) @@ -479,16 +479,16 @@ GEM rubocop-ast (>= 1.15.1, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 3.0) - rubocop-ast (1.16.0) + rubocop-ast (1.19.1) parser (>= 3.1.1.0) ruby-progressbar (1.11.0) ruby2_keywords (0.0.5) rubyntlm (0.6.3) rubyzip (2.3.2) - semverse (3.0.0) - signet (0.16.1) + semverse (3.0.2) + signet (0.17.0) addressable (~> 2.8) - faraday (>= 0.17.5, < 3.0) + faraday (>= 0.17.5, < 3.a) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) sslshake (1.3.1) @@ -497,7 +497,7 @@ GEM unicode-display_width (>= 1.5, < 3.0) unicode_utils (~> 1.4) strings-ansi (0.2.0) - test-kitchen (3.2.2) + test-kitchen (3.3.1) bcrypt_pbkdf (~> 1.0) chef-utils (>= 16.4.35) ed25519 (~> 1.2) @@ -515,7 +515,7 @@ GEM timeliness (0.3.10) tomlrb (1.3.0) trailblazer-option (0.1.2) - train (3.8.9) + train (3.10.1) activesupport (>= 6.0.3.1) azure_graph_rbac (~> 0.16) azure_mgmt_key_vault (~> 0.17) @@ -526,7 +526,7 @@ GEM google-api-client (>= 0.23.9, <= 0.52.0) googleauth (>= 0.6.6, <= 0.14.0) inifile (~> 3.0) - train-core (= 3.8.9) + train-core (= 3.10.1) train-winrm (~> 0.2) train-aws (0.2.24) aws-sdk-alexaforbusiness (~> 1.0) @@ -604,7 +604,7 @@ GEM aws-sdk-synthetics (~> 1.19.0) aws-sdk-transfer (>= 1.26, < 1.35) aws-sdk-waf (~> 1.43.0) - train-core (3.8.9) + train-core (3.10.1) addressable (~> 2.5) ffi (!= 1.13.0) json (>= 1.8, < 3.0) @@ -639,8 +639,8 @@ GEM uber (0.1.0) unf (0.1.4) unf_ext - unf_ext (0.0.8.1) - unicode-display_width (2.1.0) + unf_ext (0.0.8.2) + unicode-display_width (2.2.0) unicode_utils (1.4.0) winrm (2.3.6) builder (>= 2.1.2) diff --git a/bin/kitchen b/bin/kitchen index dcfdb4c..5d5663e 100755 --- a/bin/kitchen +++ b/bin/kitchen @@ -19,8 +19,8 @@ if File.file?(bundle_binstub) load(bundle_binstub) else abort( - 'Your `bin/bundle` was not generated by Bundler, '\ - 'so this binstub cannot run. Replace `bin/bundle` by running '\ + 'Your `bin/bundle` was not generated by Bundler, ' \ + 'so this binstub cannot run. Replace `bin/bundle` by running ' \ '`bundle binstubs bundler --force`, then run this command again.' ) end diff --git a/haproxy/templates/haproxy.jinja b/haproxy/templates/haproxy.jinja index 0f014cc..9ad1544 100644 --- a/haproxy/templates/haproxy.jinja +++ b/haproxy/templates/haproxy.jinja @@ -45,12 +45,9 @@ global {%- if salt['pillar.get']('haproxy:global:daemon', 'no') == True %} daemon {%- endif %} -{%- if salt['pillar.get']('haproxy:global:stats:enable', 'no') == True %} - {%- set socketpath = salt['pillar.get']('haproxy:global:stats:socketpath', '/tmp/ha_stats.sock') %} - {%- set mode = salt['pillar.get']('haproxy:global:stats:mode', '660') %} - {%- set level = salt['pillar.get']('haproxy:global:stats:level', 'operator') %} - stats socket {{ socketpath }} mode {{ mode }} level {{ level }}{% if 'extra' in salt['pillar.get']('haproxy:global:stats', {}) %} {{ salt['pillar.get']('haproxy:global:stats:extra') }}{% endif %} -{%- endif %} +{%- for socket, socket_config in salt['pillar.get']('haproxy:global:stats', {}).items() %} + stats socket {{ socket }} mode {{ socket_config.get('mode', '0600') }} level {{ socket_config.get('level', 'user') }} user {{ socket_config.get('user', 'haproxy') }} group {{ socket_config.get('group', 'haproxy') }} +{%- endfor %} {%- if 'maxconn' in salt['pillar.get']('haproxy:global', {}) %} maxconn {{ salt['pillar.get']('haproxy:global:maxconn') }} {%- endif %} diff --git a/kitchen.yml b/kitchen.yml index d7de175..d4fd909 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -32,6 +32,10 @@ platforms: driver: image: saltimages/salt-tiamat-py3:debian-9 run_command: /lib/systemd/systemd + - name: ubuntu-2204-tiamat-py3 + driver: + image: saltimages/salt-tiamat-py3:ubuntu-22.04 + run_command: /lib/systemd/systemd - name: ubuntu-2004-tiamat-py3 driver: image: saltimages/salt-tiamat-py3:ubuntu-20.04 @@ -75,6 +79,10 @@ platforms: driver: image: saltimages/salt-master-py3:debian-9 run_command: /lib/systemd/systemd + - name: ubuntu-2204-master-py3 + driver: + image: saltimages/salt-master-py3:ubuntu-22.04 + run_command: /lib/systemd/systemd - name: ubuntu-2004-master-py3 driver: image: saltimages/salt-master-py3:ubuntu-20.04 @@ -89,12 +97,12 @@ platforms: - name: centos-7-master-py3 driver: image: saltimages/salt-master-py3:centos-7 + - name: fedora-36-master-py3 + driver: + image: saltimages/salt-master-py3:fedora-36 - name: fedora-35-master-py3 driver: image: saltimages/salt-master-py3:fedora-35 - - name: fedora-34-master-py3 - driver: - image: saltimages/salt-master-py3:fedora-34 - name: opensuse-leap-153-master-py3 driver: image: saltimages/salt-master-py3:opensuse-leap-15.3 @@ -148,6 +156,10 @@ platforms: driver: image: saltimages/salt-3004.1-py3:debian-9 run_command: /lib/systemd/systemd + - name: ubuntu-2204-3004-1-py3 + driver: + image: saltimages/salt-3004.1-py3:ubuntu-22.04 + run_command: /lib/systemd/systemd - name: ubuntu-2004-3004-1-py3 driver: image: saltimages/salt-3004.1-py3:ubuntu-20.04 @@ -162,12 +174,12 @@ platforms: - name: centos-7-3004-1-py3 driver: image: saltimages/salt-3004.1-py3:centos-7 + - name: fedora-36-3004-1-py3 + driver: + image: saltimages/salt-3004.1-py3:fedora-36 - name: fedora-35-3004-1-py3 driver: image: saltimages/salt-3004.1-py3:fedora-35 - - name: fedora-34-3004-1-py3 - driver: - image: saltimages/salt-3004.1-py3:fedora-34 - name: amazonlinux-2-3004-1-py3 driver: image: saltimages/salt-3004.1-py3:amazonlinux-2 @@ -246,36 +258,6 @@ platforms: driver: image: saltimages/salt-3003.4-py3:almalinux-8 - ## SALT `3002.8` - - name: debian-10-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:debian-10 - run_command: /lib/systemd/systemd - - name: debian-9-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:debian-9 - run_command: /lib/systemd/systemd - - name: ubuntu-2004-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:ubuntu-20.04 - run_command: /lib/systemd/systemd - - name: ubuntu-1804-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:ubuntu-18.04 - run_command: /lib/systemd/systemd - - name: centos-7-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:centos-7 - - name: amazonlinux-2-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:amazonlinux-2 - - name: oraclelinux-8-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:oraclelinux-8 - - name: oraclelinux-7-3002-8-py3 - driver: - image: saltimages/salt-3002.8-py3:oraclelinux-7 - verifier: # https://www.inspec.io/ name: inspec diff --git a/pillar.example b/pillar.example index 1daeab4..3a05a85 100644 --- a/pillar.example +++ b/pillar.example @@ -24,14 +24,19 @@ haproxy: log-tag: haproxy # Optional log-send-hostname parameter, sets the hostname field in the syslog header log-send-hostname: localhost + # stats sockets stats: - enable: true - socketpath: /var/lib/haproxy/stats - mode: 660 - level: admin - # yamllint disable-line rule:line-length - # Optional extra bind parameter, for example to set the owner/group on the socket file - extra: user haproxy group haproxy + /run/haproxy/stats-ro: + # the defaults + level: user + mode: 600 + user: haproxy + group: haproxy + /run/haproxy/stats-rw: + # custom example + level: admin + mode: 660 + group: sysadmins # yamllint disable-line rule:line-length ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384" ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11" diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml index 85f4ecd..02d4554 100644 --- a/test/integration/default/inspec.yml +++ b/test/integration/default/inspec.yml @@ -24,4 +24,5 @@ supports: - platform-name: gentoo - platform-name: almalinux - platform-name: rocky + - platform-name: mac_os_x - platform: windows diff --git a/test/integration/share/inspec.yml b/test/integration/share/inspec.yml index ee20080..28a97b9 100644 --- a/test/integration/share/inspec.yml +++ b/test/integration/share/inspec.yml @@ -21,4 +21,5 @@ supports: - platform-name: gentoo - platform-name: almalinux - platform-name: rocky + - platform-name: mac_os_x - platform: windows diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb index 64fe7ea..64405bb 100644 --- a/test/integration/share/libraries/system.rb +++ b/test/integration/share/libraries/system.rb @@ -57,6 +57,8 @@ def build_platform_release 'base-latest' when 'gentoo' "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" + when 'mac_os_x' + inspec.command('sw_vers -productVersion').stdout.to_s when 'opensuse' # rubocop:disable Style/NumericLiterals,Layout/LineLength inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release] @@ -95,6 +97,8 @@ def build_finger_release # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity def build_platform_codename case build_platform_finger + when 'ubuntu-22.04' + 'jammy' when 'ubuntu-20.04' 'focal' when 'ubuntu-18.04' diff --git a/test/salt/pillar/default.sls b/test/salt/pillar/default.sls index 47b33a7..2bd03ac 100644 --- a/test/salt/pillar/default.sls +++ b/test/salt/pillar/default.sls @@ -21,14 +21,13 @@ haproxy: # Optional log-send-hostname parameter, sets the hostname field in the syslog header log-send-hostname: localhost stats: - enable: true - # Using the `haproxy:global:chroot:path` - socketpath: /var/lib/haproxy/stats - mode: 660 - level: admin - # yamllint disable-line rule:line-length - # Optional extra bind parameter, for example to set the owner/group on the socket file - extra: user haproxy group haproxy + /run/haproxy/stats-operator: + level: operator + mode: 660 + group: users + /run/haproxy/stats-admin: + level: admin + mode: 600 # yamllint disable-line rule:line-length ssl-default-bind-ciphers: "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384" ssl-default-bind-options: "no-sslv3 no-tlsv10 no-tlsv11"