Skip to content

Commit

Permalink
Move integration to use docker, now all platforms work.
Browse files Browse the repository at this point in the history
  • Loading branch information
Michael Chmielewski committed Dec 21, 2020
1 parent 772c26c commit 4479c26
Show file tree
Hide file tree
Showing 2 changed files with 184 additions and 52 deletions.
210 changes: 169 additions & 41 deletions .kitchen.yml
View file
Original file line number Diff line number Diff line change
@@ -1,75 +1,203 @@
---
driver:
name: vagrant
name: docker

provisioner:
product_name: chef
product_version: 14

platforms:
- name: ubuntu-16.04
- name: amazonlinux-1
attributes:
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
- name: ubuntu-18.04
attributes:
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL'] : nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
- name: ubuntu-20.04
attributes:
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL'] : nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
- name: debian-8
attributes:
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL'] : nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
- name: debian-9
attributes:
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL'] : nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
- name: debian-10
url: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/amzn1' : nil %>
key_file_uri: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/amzn1/repomd.xml.key' : nil %>
validate_gpg_key: false # This is ONLY for test purposes! Don't do this in your actual roles/recipes
driver_config:
image: amazonlinux:1
run_command: /sbin/init
privileged: true
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- yum install -y audit initscripts
- sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
- chkconfig auditd on
- name: amazonlinux-2
attributes:
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL'] : nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
url: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/amzn2' : nil %>
key_file_uri: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/amzn2/repomd.xml.key' : nil %>
validate_gpg_key: false # This is ONLY for test purposes! Don't do this in your actual roles/recipes
driver_config:
image: amazonlinux:2
run_command: /sbin/init
privileged: true
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- yum install -y audit initscripts
- sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
- systemctl enable auditd.service
image: centos:7
- name: centos-7
attributes:
threatstack:
repo:
url: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/el7' : nil %>
key_file_uri: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/el7/repomd.xml.key' : nil %>
validate_gpg_key: false # This is ONLY for test purposes! Don't do this in your actual roles/recipes
driver_config:
image: centos:7
run_command: /sbin/init
privileged: true
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- yum install -y audit initscripts
- sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
- systemctl enable auditd.service
- name: centos-8
attributes:
threatstack:
repo:
url: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/el8' : nil %>
key_file_uri: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/el8/repomd.xml.key' : nil %>
validate_gpg_key: false # This is ONLY for test purposes! Don't do this in your actual roles/recipes
- name: amazonlinux-2
driver_config:
image: centos:8
run_command: /sbin/init
privileged: true
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- yum install -y audit initscripts
- sed -i 's/local_events = yes/local_events = no/g' /etc/audit/auditd.conf
- systemctl enable auditd.service
- name: debian-8
attributes:
threatstack:
repo:
url: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/amzn2' : nil %>
key_file_uri: <%= ENV['TS_RPM_REPO_URL'] != nil ? ENV['TS_RPM_REPO_URL'] + '/amzn2/repomd.xml.key' : nil %>
validate_gpg_key: false # This is ONLY for test purposes! Don't do this in your actual roles/recipes
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
driver_config:
image: debian:8
run_command: /sbin/init
cap_add:
- SYS_ADMIN
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable ssh.service
- name: debian-9
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
driver_config:
image: debian:9
run_command: /bin/systemd
cap_add:
- SYS_ADMIN
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable ssh.service
- apt install -y gnupg
- name: debian-10
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
driver_config:
image: debian:10
run_command: /sbin/init
cap_add:
- SYS_ADMIN
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable ssh.service
- apt install -y gnupg
- name: ubuntu-16.04
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
driver_config:
image: ubuntu:16.04
run_command: /sbin/init
cap_add:
- SYS_ADMIN
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable ssh.service
- apt install -y gnupg
- name: ubuntu-18.04
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
driver_config:
image: ubuntu:18.04
run_command: /sbin/init
cap_add:
- SYS_ADMIN
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable ssh.service
- apt install -y gnupg
- name: ubuntu-20.04
threatstack:
repo:
url: <%= ENV['TS_DEB_REPO_URL'] != nil ? ENV['TS_DEB_REPO_URL']: nil %>
key: <%= ENV['TS_DEB_REPO_KEY'] != nil ? ENV['TS_DEB_REPO_KEY'] : nil %>
components: <%= ENV['TS_REPO_COMPONENTS'] != nil ? ENV['TS_REPO_COMPONENTS'] : nil %>
driver_config:
image: ubuntu:20.04
run_command: /sbin/init
cap_add:
- SYS_ADMIN
run_options:
env: container=docker
volume:
- /sys/fs/cgroup:/sys/fs/cgroup
provision_command:
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
- systemctl enable ssh.service
- apt install -y gnupg

suites:
- name: default
Expand Down
26 changes: 15 additions & 11 deletions Gemfile
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,19 @@
source 'https://rubygems.org'
source ENV['GEM_SOURCE'] || 'https://rubygems.org'

gem 'chefspec', '= 7.3.4'
gem 'berkshelf', '= 6.3.1'
gem 'rubocop', '= 0.61.1'
gem 'foodcritic', '= 15.1.0'
gem 'cucumber-core', '= 3.2.1'
gem 'serverspec', '= 2.41.3'
gem 'stove', '= 6.1.1'
gem 'test-kitchen', '= 1.20.0'
gem 'kitchen-vagrant', '= 1.5.0'
gem 'kitchen-ec2'
group :development, :unit_tests , :test do
gem 'rake', "13.0.1", :require => false
gem 'chefspec', '= 7.3.4', :require => false
gem 'berkshelf', '= 6.3.1'
gem 'rubocop', '= 0.61.1'
gem 'foodcritic', '= 15.1.0'
end

group :system_tests do
gem 'serverspec', :require => false
gem 'test-kitchen', :require => false
gem 'kitchen-docker', :require => false
gem 'kitchen-ec2', :require => false
end

if chefversion = ENV['CHEF_VERSION']
gem 'chef', chefversion
Expand Down

0 comments on commit 4479c26

Please sign in to comment.