diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2016-03-19 10:17:30 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2016-03-19 10:17:30 -0300 |
commit | ff79bc6295e9f089285ccc26c04cc72893a8384f (patch) | |
tree | 1a84dad2d03bc3814305eeaedb4cfd8d8dc09f36 /spec | |
parent | 9b1d0f06fee4b0c457d0154c4153415758c10425 (diff) | |
parent | 672b0985d1c2acfde58fecc4c635517522c86268 (diff) | |
download | puppet-sshd-ff79bc6295e9f089285ccc26c04cc72893a8384f.tar.gz puppet-sshd-ff79bc6295e9f089285ccc26c04cc72893a8384f.tar.bz2 |
Merge branch 'master' of https://gitlab.com/shared-puppet-modules-group/sshd
Conflicts:
README
templates/sshd_config/CentOS.erb
templates/sshd_config/CentOS_Final.erb
templates/sshd_config/Debian_etch.erb
templates/sshd_config/Debian_jessie.erb
templates/sshd_config/Debian_sid.erb
templates/sshd_config/Debian_squeeze.erb
templates/sshd_config/Debian_wheezy.erb
templates/sshd_config/Ubuntu_trusty.erb
Diffstat (limited to 'spec')
-rw-r--r-- | spec/classes/client_spec.rb | 42 | ||||
-rw-r--r-- | spec/classes/init_spec.rb | 122 | ||||
-rw-r--r-- | spec/defines/ssh_authorized_key_spec.rb | 45 | ||||
-rw-r--r-- | spec/functions/ssh_keygen_spec.rb (renamed from spec/unit/parser/functions/ssh_keygen.rb) | 74 | ||||
-rw-r--r-- | spec/spec.opts | 6 | ||||
-rw-r--r-- | spec/spec_helper.rb | 29 | ||||
-rw-r--r-- | spec/spec_helper_system.rb | 25 |
7 files changed, 294 insertions, 49 deletions
diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb new file mode 100644 index 0000000..bd3e35a --- /dev/null +++ b/spec/classes/client_spec.rb @@ -0,0 +1,42 @@ +require 'spec_helper' + +describe 'sshd::client' do + + shared_examples "a Linux OS" do + it { should contain_file('/etc/ssh/ssh_known_hosts').with( + { + 'ensure' => 'present', + 'owner' => 'root', + 'group' => '0', + 'mode' => '0644', + } + )} + end + + context "Debian OS" do + let :facts do + { + :operatingsystem => 'Debian', + :osfamily => 'Debian', + :lsbdistcodename => 'wheezy', + } + end + it_behaves_like "a Linux OS" + it { should contain_package('openssh-clients').with({ + 'name' => 'openssh-client' + }) } + end + + context "CentOS" do + it_behaves_like "a Linux OS" do + let :facts do + { + :operatingsystem => 'CentOS', + :osfamily => 'RedHat', + :lsbdistcodename => 'Final', + } + end + end + end + +end
\ No newline at end of file diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb new file mode 100644 index 0000000..e3003d1 --- /dev/null +++ b/spec/classes/init_spec.rb @@ -0,0 +1,122 @@ +require 'spec_helper' + +describe 'sshd' do + + shared_examples "a Linux OS" do + it { should compile.with_all_deps } + it { should contain_class('sshd') } + it { should contain_class('sshd::client') } + + it { should contain_service('sshd').with({ + :ensure => 'running', + :enable => true, + :hasstatus => true + })} + + it { should contain_file('sshd_config').with( + { + 'ensure' => 'present', + 'owner' => 'root', + 'group' => '0', + 'mode' => '0600', + } + )} + + context 'change ssh port' do + let(:params){{ + :ports => [ 22222], + }} + it { should contain_file( + 'sshd_config' + ).with_content(/Port 22222/)} + end + end + + context "Debian OS" do + let :facts do + { + :operatingsystem => 'Debian', + :osfamily => 'Debian', + :lsbdistcodename => 'wheezy', + } + end + it_behaves_like "a Linux OS" + it { should contain_package('openssh') } + it { should contain_class('sshd::debian') } + it { should contain_service('sshd').with( + :hasrestart => true + )} + + context "Ubuntu" do + let :facts do + { + :operatingsystem => 'Ubuntu', + :lsbdistcodename => 'precise', + } + end + it_behaves_like "a Linux OS" + it { should contain_package('openssh') } + it { should contain_service('sshd').with({ + :hasrestart => true + })} + end + end + + +# context "RedHat OS" do +# it_behaves_like "a Linux OS" do +# let :facts do +# { +# :operatingsystem => 'RedHat', +# :osfamily => 'RedHat', +# } +# end +# end +# end + + context "CentOS" do + it_behaves_like "a Linux OS" do + let :facts do + { + :operatingsystem => 'CentOS', + :osfamily => 'RedHat', + :lsbdistcodename => 'Final', + } + end + end + end + + context "Gentoo" do + let :facts do + { + :operatingsystem => 'Gentoo', + :osfamily => 'Gentoo', + } + end + it_behaves_like "a Linux OS" + it { should contain_class('sshd::gentoo') } + end + + context "OpenBSD" do + let :facts do + { + :operatingsystem => 'OpenBSD', + :osfamily => 'OpenBSD', + } + end + it_behaves_like "a Linux OS" + it { should contain_class('sshd::openbsd') } + end + +# context "FreeBSD" do +# it_behaves_like "a Linux OS" do +# let :facts do +# { +# :operatingsystem => 'FreeBSD', +# :osfamily => 'FreeBSD', +# } +# end +# end +# end + +end
\ No newline at end of file diff --git a/spec/defines/ssh_authorized_key_spec.rb b/spec/defines/ssh_authorized_key_spec.rb new file mode 100644 index 0000000..c73a91c --- /dev/null +++ b/spec/defines/ssh_authorized_key_spec.rb @@ -0,0 +1,45 @@ +require 'spec_helper' + +describe 'sshd::ssh_authorized_key' do + + context 'manage authorized key' do + let(:title) { 'foo' } + let(:ssh_key) { 'some_secret_ssh_key' } + + let(:params) {{ + :key => ssh_key, + }} + + it { should contain_ssh_authorized_key('foo').with({ + 'ensure' => 'present', + 'type' => 'ssh-dss', + 'user' => 'foo', + 'target' => '/home/foo/.ssh/authorized_keys', + 'key' => ssh_key, + }) + } + end + context 'manage authoried key with options' do + let(:title) { 'foo2' } + let(:ssh_key) { 'some_secret_ssh_key' } + + let(:params) {{ + :key => ssh_key, + :options => ['command="/usr/bin/date"', + 'no-pty','no-X11-forwarding','no-agent-forwarding', + 'no-port-forwarding'] + }} + + it { should contain_ssh_authorized_key('foo2').with({ + 'ensure' => 'present', + 'type' => 'ssh-dss', + 'user' => 'foo2', + 'target' => '/home/foo2/.ssh/authorized_keys', + 'key' => ssh_key, + 'options' => ['command="/usr/bin/date"', + 'no-pty','no-X11-forwarding','no-agent-forwarding', + 'no-port-forwarding'] + }) + } + end +end diff --git a/spec/unit/parser/functions/ssh_keygen.rb b/spec/functions/ssh_keygen_spec.rb index da45779..a6b5117 100644 --- a/spec/unit/parser/functions/ssh_keygen.rb +++ b/spec/functions/ssh_keygen_spec.rb @@ -1,44 +1,50 @@ -#! /usr/bin/env ruby - - -require File.dirname(__FILE__) + '/../../../spec_helper' - +#! /usr/bin/env ruby -S rspec +require 'spec_helper' +require 'rspec-puppet' require 'mocha' require 'fileutils' -describe "the ssh_keygen function" do +describe 'ssh_keygen' do - before :each do - @scope = Puppet::Parser::Scope.new - end + let(:scope) { PuppetlabsSpec::PuppetInternals.scope } - it "should exist" do + it 'should exist' do Puppet::Parser::Functions.function("ssh_keygen").should == "function_ssh_keygen" end - it "should raise a ParseError if no argument is passed" do - lambda { @scope.function_ssh_keygen }.should( raise_error(Puppet::ParseError)) + it 'should raise a ParseError if no argument is passed' do + lambda { + scope.function_ssh_keygen([]) + }.should(raise_error(Puppet::ParseError)) end - it "should raise a ParseError if there is more than 1 arguments" do - lambda { @scope.function_ssh_keygen("foo", "bar") }.should( raise_error(Puppet::ParseError)) + it 'should raise a ParseError if there is more than 1 arguments' do + lambda { + scope.function_ssh_keygen(["foo", "bar"]) + }.should( raise_error(Puppet::ParseError)) end - it "should raise a ParseError if the argument is not fully qualified" do - lambda { @scope.function_ssh_keygen("foo") }.should( raise_error(Puppet::ParseError)) + it 'should raise a ParseError if the argument is not fully qualified' do + lambda { + scope.function_ssh_keygen(["foo"]) + }.should( raise_error(Puppet::ParseError)) end it "should raise a ParseError if the private key path is a directory" do File.stubs(:directory?).with("/some_dir").returns(true) - lambda { @scope.function_ssh_keygen("/some_dir") }.should( raise_error(Puppet::ParseError)) + lambda { + scope.function_ssh_keygen(["/some_dir"]) + }.should( raise_error(Puppet::ParseError)) end it "should raise a ParseError if the public key path is a directory" do File.stubs(:directory?).with("/some_dir.pub").returns(true) - lambda { @scope.function_ssh_keygen("/some_dir") }.should( raise_error(Puppet::ParseError)) + lambda { + scope.function_ssh_keygen(["/some_dir.pub"]) + }.should( raise_error(Puppet::ParseError)) end - describe "when executing properly" do + describe 'when executing properly' do before do File.stubs(:directory?).with('/tmp/a/b/c').returns(false) File.stubs(:directory?).with('/tmp/a/b/c.pub').returns(false) @@ -46,16 +52,20 @@ describe "the ssh_keygen function" do File.stubs(:read).with('/tmp/a/b/c.pub').returns('publickey') end - it "should fail if the public but not the private key exists" do - File.stubs(:exists?).with("/tmp/a/b/c").returns(true) - File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false) - lambda { @scope.function_ssh_keygen("/tmp/a/b/c") }.should( raise_error(Puppet::ParseError)) + it 'should fail if the public but not the private key exists' do + File.stubs(:exists?).with('/tmp/a/b/c').returns(true) + File.stubs(:exists?).with('/tmp/a/b/c.pub').returns(false) + lambda { + scope.function_ssh_keygen(['/tmp/a/b/c']) + }.should( raise_error(Puppet::ParseError)) end it "should fail if the private but not the public key exists" do File.stubs(:exists?).with("/tmp/a/b/c").returns(false) File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(true) - lambda { @scope.function_ssh_keygen("/tmp/a/b/c") }.should( raise_error(Puppet::ParseError)) + lambda { + scope.function_ssh_keygen(["/tmp/a/b/c"]) + }.should( raise_error(Puppet::ParseError)) end @@ -64,7 +74,7 @@ describe "the ssh_keygen function" do File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(true) File.stubs(:directory?).with('/tmp/a/b').returns(true) Puppet::Util.expects(:execute).never - result = @scope.function_ssh_keygen('/tmp/a/b/c') + result = scope.function_ssh_keygen(['/tmp/a/b/c']) result.length.should == 2 result[0].should == 'privatekey' result[1].should == 'publickey' @@ -75,8 +85,8 @@ describe "the ssh_keygen function" do File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false) File.stubs(:directory?).with("/tmp/a/b").returns(false) FileUtils.expects(:mkdir_p).with("/tmp/a/b", :mode => 0700) - Puppet::Util.expects(:execute).returns("") - result = @scope.function_ssh_keygen('/tmp/a/b/c') + Puppet::Util::Execution.expects(:execute).returns("") + result = scope.function_ssh_keygen(['/tmp/a/b/c']) result.length.should == 2 result[0].should == 'privatekey' result[1].should == 'publickey' @@ -86,8 +96,8 @@ describe "the ssh_keygen function" do File.stubs(:exists?).with("/tmp/a/b/c").returns(false) File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false) File.stubs(:directory?).with("/tmp/a/b").returns(true) - Puppet::Util.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("") - result = @scope.function_ssh_keygen('/tmp/a/b/c') + Puppet::Util::Execution.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("") + result = scope.function_ssh_keygen(['/tmp/a/b/c']) result.length.should == 2 result[0].should == 'privatekey' result[1].should == 'publickey' @@ -97,8 +107,10 @@ describe "the ssh_keygen function" do File.stubs(:exists?).with("/tmp/a/b/c").returns(false) File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false) File.stubs(:directory?).with("/tmp/a/b").returns(true) - Puppet::Util.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("something is wrong") - lambda { @scope.function_ssh_keygen("/tmp/a/b/c") }.should( raise_error(Puppet::ParseError)) + Puppet::Util::Execution.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("something is wrong") + lambda { + scope.function_ssh_keygen(["/tmp/a/b/c"]) + }.should( raise_error(Puppet::ParseError)) end end end diff --git a/spec/spec.opts b/spec/spec.opts deleted file mode 100644 index 91cd642..0000000 --- a/spec/spec.opts +++ /dev/null @@ -1,6 +0,0 @@ ---format -s ---colour ---loadby -mtime ---backtrace diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 6ba62e1..b4123fd 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,16 +1,21 @@ -require 'pathname' -dir = Pathname.new(__FILE__).parent -$LOAD_PATH.unshift(dir, dir + 'lib', dir + '../lib') +dir = File.expand_path(File.dirname(__FILE__)) +$LOAD_PATH.unshift File.join(dir, 'lib') require 'puppet' -gem 'rspec', '>= 1.2.9' -require 'spec/autorun' +require 'rspec' +require 'puppetlabs_spec_helper/module_spec_helper' +#require 'rspec-hiera-puppet' +require 'rspec-puppet/coverage' +require 'rspec/autorun' -Dir[File.join(File.dirname(__FILE__), 'support', '*.rb')].each do |support_file| - require support_file -end +fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures')) -# We need this because the RAL uses 'should' as a method. This -# allows us the same behaviour but with a different method name. -class Object - alias :must :should +RSpec.configure do |c| + c.module_path = File.join(fixture_path, 'modules') + c.manifest_dir = File.join(fixture_path, 'manifests') + c.pattern = "spec/*/*_spec.rb" end + +Puppet::Util::Log.level = :warning +Puppet::Util::Log.newdestination(:console) + +at_exit { RSpec::Puppet::Coverage.report! }
\ No newline at end of file diff --git a/spec/spec_helper_system.rb b/spec/spec_helper_system.rb new file mode 100644 index 0000000..2c6812f --- /dev/null +++ b/spec/spec_helper_system.rb @@ -0,0 +1,25 @@ +require 'rspec-system/spec_helper' +require 'rspec-system-puppet/helpers' +require 'rspec-system-serverspec/helpers' +include Serverspec::Helper::RSpecSystem +include Serverspec::Helper::DetectOS +include RSpecSystemPuppet::Helpers + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Enable colour + c.tty = true + + c.include RSpecSystemPuppet::Helpers + + # This is where we 'setup' the nodes before running our tests + c.before :suite do + # Install puppet + puppet_install + # Install modules and dependencies + puppet_module_install(:source => proj_root, :module_name => 'sshd') + shell('puppet module install puppetlabs-stdlib') + end +end |