aboutsummaryrefslogtreecommitdiff
path: root/spec
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-03-19 10:17:30 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-03-19 10:17:30 -0300
commitff79bc6295e9f089285ccc26c04cc72893a8384f (patch)
tree1a84dad2d03bc3814305eeaedb4cfd8d8dc09f36 /spec
parent9b1d0f06fee4b0c457d0154c4153415758c10425 (diff)
parent672b0985d1c2acfde58fecc4c635517522c86268 (diff)
downloadpuppet-sshd-ff79bc6295e9f089285ccc26c04cc72893a8384f.tar.gz
puppet-sshd-ff79bc6295e9f089285ccc26c04cc72893a8384f.tar.bz2
Merge branch 'master' of https://gitlab.com/shared-puppet-modules-group/sshd
Conflicts: README templates/sshd_config/CentOS.erb templates/sshd_config/CentOS_Final.erb templates/sshd_config/Debian_etch.erb templates/sshd_config/Debian_jessie.erb templates/sshd_config/Debian_sid.erb templates/sshd_config/Debian_squeeze.erb templates/sshd_config/Debian_wheezy.erb templates/sshd_config/Ubuntu_trusty.erb
Diffstat (limited to 'spec')
-rw-r--r--spec/classes/client_spec.rb42
-rw-r--r--spec/classes/init_spec.rb122
-rw-r--r--spec/defines/ssh_authorized_key_spec.rb45
-rw-r--r--spec/functions/ssh_keygen_spec.rb (renamed from spec/unit/parser/functions/ssh_keygen.rb)74
-rw-r--r--spec/spec.opts6
-rw-r--r--spec/spec_helper.rb29
-rw-r--r--spec/spec_helper_system.rb25
7 files changed, 294 insertions, 49 deletions
diff --git a/spec/classes/client_spec.rb b/spec/classes/client_spec.rb
new file mode 100644
index 0000000..bd3e35a
--- /dev/null
+++ b/spec/classes/client_spec.rb
@@ -0,0 +1,42 @@
+require 'spec_helper'
+
+describe 'sshd::client' do
+
+ shared_examples "a Linux OS" do
+ it { should contain_file('/etc/ssh/ssh_known_hosts').with(
+ {
+ 'ensure' => 'present',
+ 'owner' => 'root',
+ 'group' => '0',
+ 'mode' => '0644',
+ }
+ )}
+ end
+
+ context "Debian OS" do
+ let :facts do
+ {
+ :operatingsystem => 'Debian',
+ :osfamily => 'Debian',
+ :lsbdistcodename => 'wheezy',
+ }
+ end
+ it_behaves_like "a Linux OS"
+ it { should contain_package('openssh-clients').with({
+ 'name' => 'openssh-client'
+ }) }
+ end
+
+ context "CentOS" do
+ it_behaves_like "a Linux OS" do
+ let :facts do
+ {
+ :operatingsystem => 'CentOS',
+ :osfamily => 'RedHat',
+ :lsbdistcodename => 'Final',
+ }
+ end
+ end
+ end
+
+end \ No newline at end of file
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
new file mode 100644
index 0000000..e3003d1
--- /dev/null
+++ b/spec/classes/init_spec.rb
@@ -0,0 +1,122 @@
+require 'spec_helper'
+
+describe 'sshd' do
+
+ shared_examples "a Linux OS" do
+ it { should compile.with_all_deps }
+ it { should contain_class('sshd') }
+ it { should contain_class('sshd::client') }
+
+ it { should contain_service('sshd').with({
+ :ensure => 'running',
+ :enable => true,
+ :hasstatus => true
+ })}
+
+ it { should contain_file('sshd_config').with(
+ {
+ 'ensure' => 'present',
+ 'owner' => 'root',
+ 'group' => '0',
+ 'mode' => '0600',
+ }
+ )}
+
+ context 'change ssh port' do
+ let(:params){{
+ :ports => [ 22222],
+ }}
+ it { should contain_file(
+ 'sshd_config'
+ ).with_content(/Port 22222/)}
+ end
+ end
+
+ context "Debian OS" do
+ let :facts do
+ {
+ :operatingsystem => 'Debian',
+ :osfamily => 'Debian',
+ :lsbdistcodename => 'wheezy',
+ }
+ end
+ it_behaves_like "a Linux OS"
+ it { should contain_package('openssh') }
+ it { should contain_class('sshd::debian') }
+ it { should contain_service('sshd').with(
+ :hasrestart => true
+ )}
+
+ context "Ubuntu" do
+ let :facts do
+ {
+ :operatingsystem => 'Ubuntu',
+ :lsbdistcodename => 'precise',
+ }
+ end
+ it_behaves_like "a Linux OS"
+ it { should contain_package('openssh') }
+ it { should contain_service('sshd').with({
+ :hasrestart => true
+ })}
+ end
+ end
+
+
+# context "RedHat OS" do
+# it_behaves_like "a Linux OS" do
+# let :facts do
+# {
+# :operatingsystem => 'RedHat',
+# :osfamily => 'RedHat',
+# }
+# end
+# end
+# end
+
+ context "CentOS" do
+ it_behaves_like "a Linux OS" do
+ let :facts do
+ {
+ :operatingsystem => 'CentOS',
+ :osfamily => 'RedHat',
+ :lsbdistcodename => 'Final',
+ }
+ end
+ end
+ end
+
+ context "Gentoo" do
+ let :facts do
+ {
+ :operatingsystem => 'Gentoo',
+ :osfamily => 'Gentoo',
+ }
+ end
+ it_behaves_like "a Linux OS"
+ it { should contain_class('sshd::gentoo') }
+ end
+
+ context "OpenBSD" do
+ let :facts do
+ {
+ :operatingsystem => 'OpenBSD',
+ :osfamily => 'OpenBSD',
+ }
+ end
+ it_behaves_like "a Linux OS"
+ it { should contain_class('sshd::openbsd') }
+ end
+
+# context "FreeBSD" do
+# it_behaves_like "a Linux OS" do
+# let :facts do
+# {
+# :operatingsystem => 'FreeBSD',
+# :osfamily => 'FreeBSD',
+# }
+# end
+# end
+# end
+
+end \ No newline at end of file
diff --git a/spec/defines/ssh_authorized_key_spec.rb b/spec/defines/ssh_authorized_key_spec.rb
new file mode 100644
index 0000000..c73a91c
--- /dev/null
+++ b/spec/defines/ssh_authorized_key_spec.rb
@@ -0,0 +1,45 @@
+require 'spec_helper'
+
+describe 'sshd::ssh_authorized_key' do
+
+ context 'manage authorized key' do
+ let(:title) { 'foo' }
+ let(:ssh_key) { 'some_secret_ssh_key' }
+
+ let(:params) {{
+ :key => ssh_key,
+ }}
+
+ it { should contain_ssh_authorized_key('foo').with({
+ 'ensure' => 'present',
+ 'type' => 'ssh-dss',
+ 'user' => 'foo',
+ 'target' => '/home/foo/.ssh/authorized_keys',
+ 'key' => ssh_key,
+ })
+ }
+ end
+ context 'manage authoried key with options' do
+ let(:title) { 'foo2' }
+ let(:ssh_key) { 'some_secret_ssh_key' }
+
+ let(:params) {{
+ :key => ssh_key,
+ :options => ['command="/usr/bin/date"',
+ 'no-pty','no-X11-forwarding','no-agent-forwarding',
+ 'no-port-forwarding']
+ }}
+
+ it { should contain_ssh_authorized_key('foo2').with({
+ 'ensure' => 'present',
+ 'type' => 'ssh-dss',
+ 'user' => 'foo2',
+ 'target' => '/home/foo2/.ssh/authorized_keys',
+ 'key' => ssh_key,
+ 'options' => ['command="/usr/bin/date"',
+ 'no-pty','no-X11-forwarding','no-agent-forwarding',
+ 'no-port-forwarding']
+ })
+ }
+ end
+end
diff --git a/spec/unit/parser/functions/ssh_keygen.rb b/spec/functions/ssh_keygen_spec.rb
index da45779..a6b5117 100644
--- a/spec/unit/parser/functions/ssh_keygen.rb
+++ b/spec/functions/ssh_keygen_spec.rb
@@ -1,44 +1,50 @@
-#! /usr/bin/env ruby
-
-
-require File.dirname(__FILE__) + '/../../../spec_helper'
-
+#! /usr/bin/env ruby -S rspec
+require 'spec_helper'
+require 'rspec-puppet'
require 'mocha'
require 'fileutils'
-describe "the ssh_keygen function" do
+describe 'ssh_keygen' do
- before :each do
- @scope = Puppet::Parser::Scope.new
- end
+ let(:scope) { PuppetlabsSpec::PuppetInternals.scope }
- it "should exist" do
+ it 'should exist' do
Puppet::Parser::Functions.function("ssh_keygen").should == "function_ssh_keygen"
end
- it "should raise a ParseError if no argument is passed" do
- lambda { @scope.function_ssh_keygen }.should( raise_error(Puppet::ParseError))
+ it 'should raise a ParseError if no argument is passed' do
+ lambda {
+ scope.function_ssh_keygen([])
+ }.should(raise_error(Puppet::ParseError))
end
- it "should raise a ParseError if there is more than 1 arguments" do
- lambda { @scope.function_ssh_keygen("foo", "bar") }.should( raise_error(Puppet::ParseError))
+ it 'should raise a ParseError if there is more than 1 arguments' do
+ lambda {
+ scope.function_ssh_keygen(["foo", "bar"])
+ }.should( raise_error(Puppet::ParseError))
end
- it "should raise a ParseError if the argument is not fully qualified" do
- lambda { @scope.function_ssh_keygen("foo") }.should( raise_error(Puppet::ParseError))
+ it 'should raise a ParseError if the argument is not fully qualified' do
+ lambda {
+ scope.function_ssh_keygen(["foo"])
+ }.should( raise_error(Puppet::ParseError))
end
it "should raise a ParseError if the private key path is a directory" do
File.stubs(:directory?).with("/some_dir").returns(true)
- lambda { @scope.function_ssh_keygen("/some_dir") }.should( raise_error(Puppet::ParseError))
+ lambda {
+ scope.function_ssh_keygen(["/some_dir"])
+ }.should( raise_error(Puppet::ParseError))
end
it "should raise a ParseError if the public key path is a directory" do
File.stubs(:directory?).with("/some_dir.pub").returns(true)
- lambda { @scope.function_ssh_keygen("/some_dir") }.should( raise_error(Puppet::ParseError))
+ lambda {
+ scope.function_ssh_keygen(["/some_dir.pub"])
+ }.should( raise_error(Puppet::ParseError))
end
- describe "when executing properly" do
+ describe 'when executing properly' do
before do
File.stubs(:directory?).with('/tmp/a/b/c').returns(false)
File.stubs(:directory?).with('/tmp/a/b/c.pub').returns(false)
@@ -46,16 +52,20 @@ describe "the ssh_keygen function" do
File.stubs(:read).with('/tmp/a/b/c.pub').returns('publickey')
end
- it "should fail if the public but not the private key exists" do
- File.stubs(:exists?).with("/tmp/a/b/c").returns(true)
- File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false)
- lambda { @scope.function_ssh_keygen("/tmp/a/b/c") }.should( raise_error(Puppet::ParseError))
+ it 'should fail if the public but not the private key exists' do
+ File.stubs(:exists?).with('/tmp/a/b/c').returns(true)
+ File.stubs(:exists?).with('/tmp/a/b/c.pub').returns(false)
+ lambda {
+ scope.function_ssh_keygen(['/tmp/a/b/c'])
+ }.should( raise_error(Puppet::ParseError))
end
it "should fail if the private but not the public key exists" do
File.stubs(:exists?).with("/tmp/a/b/c").returns(false)
File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(true)
- lambda { @scope.function_ssh_keygen("/tmp/a/b/c") }.should( raise_error(Puppet::ParseError))
+ lambda {
+ scope.function_ssh_keygen(["/tmp/a/b/c"])
+ }.should( raise_error(Puppet::ParseError))
end
@@ -64,7 +74,7 @@ describe "the ssh_keygen function" do
File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(true)
File.stubs(:directory?).with('/tmp/a/b').returns(true)
Puppet::Util.expects(:execute).never
- result = @scope.function_ssh_keygen('/tmp/a/b/c')
+ result = scope.function_ssh_keygen(['/tmp/a/b/c'])
result.length.should == 2
result[0].should == 'privatekey'
result[1].should == 'publickey'
@@ -75,8 +85,8 @@ describe "the ssh_keygen function" do
File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false)
File.stubs(:directory?).with("/tmp/a/b").returns(false)
FileUtils.expects(:mkdir_p).with("/tmp/a/b", :mode => 0700)
- Puppet::Util.expects(:execute).returns("")
- result = @scope.function_ssh_keygen('/tmp/a/b/c')
+ Puppet::Util::Execution.expects(:execute).returns("")
+ result = scope.function_ssh_keygen(['/tmp/a/b/c'])
result.length.should == 2
result[0].should == 'privatekey'
result[1].should == 'publickey'
@@ -86,8 +96,8 @@ describe "the ssh_keygen function" do
File.stubs(:exists?).with("/tmp/a/b/c").returns(false)
File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false)
File.stubs(:directory?).with("/tmp/a/b").returns(true)
- Puppet::Util.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("")
- result = @scope.function_ssh_keygen('/tmp/a/b/c')
+ Puppet::Util::Execution.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("")
+ result = scope.function_ssh_keygen(['/tmp/a/b/c'])
result.length.should == 2
result[0].should == 'privatekey'
result[1].should == 'publickey'
@@ -97,8 +107,10 @@ describe "the ssh_keygen function" do
File.stubs(:exists?).with("/tmp/a/b/c").returns(false)
File.stubs(:exists?).with("/tmp/a/b/c.pub").returns(false)
File.stubs(:directory?).with("/tmp/a/b").returns(true)
- Puppet::Util.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("something is wrong")
- lambda { @scope.function_ssh_keygen("/tmp/a/b/c") }.should( raise_error(Puppet::ParseError))
+ Puppet::Util::Execution.expects(:execute).with(['/usr/bin/ssh-keygen','-t', 'rsa', '-b', '4096', '-f', '/tmp/a/b/c', '-P', '', '-q']).returns("something is wrong")
+ lambda {
+ scope.function_ssh_keygen(["/tmp/a/b/c"])
+ }.should( raise_error(Puppet::ParseError))
end
end
end
diff --git a/spec/spec.opts b/spec/spec.opts
deleted file mode 100644
index 91cd642..0000000
--- a/spec/spec.opts
+++ /dev/null
@@ -1,6 +0,0 @@
---format
-s
---colour
---loadby
-mtime
---backtrace
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 6ba62e1..b4123fd 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,16 +1,21 @@
-require 'pathname'
-dir = Pathname.new(__FILE__).parent
-$LOAD_PATH.unshift(dir, dir + 'lib', dir + '../lib')
+dir = File.expand_path(File.dirname(__FILE__))
+$LOAD_PATH.unshift File.join(dir, 'lib')
require 'puppet'
-gem 'rspec', '>= 1.2.9'
-require 'spec/autorun'
+require 'rspec'
+require 'puppetlabs_spec_helper/module_spec_helper'
+#require 'rspec-hiera-puppet'
+require 'rspec-puppet/coverage'
+require 'rspec/autorun'
-Dir[File.join(File.dirname(__FILE__), 'support', '*.rb')].each do |support_file|
- require support_file
-end
+fixture_path = File.expand_path(File.join(__FILE__, '..', 'fixtures'))
-# We need this because the RAL uses 'should' as a method. This
-# allows us the same behaviour but with a different method name.
-class Object
- alias :must :should
+RSpec.configure do |c|
+ c.module_path = File.join(fixture_path, 'modules')
+ c.manifest_dir = File.join(fixture_path, 'manifests')
+ c.pattern = "spec/*/*_spec.rb"
end
+
+Puppet::Util::Log.level = :warning
+Puppet::Util::Log.newdestination(:console)
+
+at_exit { RSpec::Puppet::Coverage.report! } \ No newline at end of file
diff --git a/spec/spec_helper_system.rb b/spec/spec_helper_system.rb
new file mode 100644
index 0000000..2c6812f
--- /dev/null
+++ b/spec/spec_helper_system.rb
@@ -0,0 +1,25 @@
+require 'rspec-system/spec_helper'
+require 'rspec-system-puppet/helpers'
+require 'rspec-system-serverspec/helpers'
+include Serverspec::Helper::RSpecSystem
+include Serverspec::Helper::DetectOS
+include RSpecSystemPuppet::Helpers
+
+RSpec.configure do |c|
+ # Project root
+ proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+
+ # Enable colour
+ c.tty = true
+
+ c.include RSpecSystemPuppet::Helpers
+
+ # This is where we 'setup' the nodes before running our tests
+ c.before :suite do
+ # Install puppet
+ puppet_install
+ # Install modules and dependencies
+ puppet_module_install(:source => proj_root, :module_name => 'sshd')
+ shell('puppet module install puppetlabs-stdlib')
+ end
+end