diff --git a/.kitchen-cluster.yml b/.kitchen-cluster.yml new file mode 100644 index 0000000..e550e79 --- /dev/null +++ b/.kitchen-cluster.yml @@ -0,0 +1,56 @@ +--- + +driver : + name : docker + socket : unix:///var/run/docker.sock + use_sudo : false + privileged : true + volume : /opt/concourseci/worker + provision_command : mkdir -p /run/sshd + +verifier : + name : serverspec + remote_exec : false + default_pattern : true + bundler_path : <%= '/opt/hellofresh/kitchen/embedded/bin' if File.exist?('/opt/hellofresh/kitchen/embedded/bin/bundler') %> + rspec_path : <%= '/opt/hellofresh/kitchen/embedded/bin' if File.exist?('/opt/hellofresh/kitchen/embedded/bin/rspec') %> + gemfile : ./test/integration/Gemfile + +provisioner : + name : ansible_push + ansible_config : "tests/ansible.cfg" + ansible_playbook_bin : "`avm path v2.7`ansible-playbook" + extra_vars : "@./test/integration/simple/concourse-vars.yml" + raw_arguments : "--extra-vars='ansible_python_interpreter=/usr/bin/python3'" + + groups : + concourse-web : ['web-ubuntu1804'] + concourse-worker : ['worker-ubuntu1804'] + chef_bootstrap_url : nil + use_instance_name : True + idempotency_test : false + diff : True + sudo : True + verbose : "v" + +platforms : + - name : "ubuntu1804" + driver_config : + image : ubuntu:18.04 + platform : ubuntu + +suites: + - name : web + provisioner : + playbook : "test/integration/web/web.yml" + driver_config : + instance_name : "web-ubuntu1804" + hostname : "web-ubuntu1804" + + - name : worker + provisioner : + playbook : "test/integration/worker/worker.yml" + driver_config : + hostname : "worker-ubuntu1804" + instance_name : "worker-ubuntu1804" + links : "web-ubuntu1804" diff --git a/.kitchen.yml b/.kitchen.yml index 1d2cf9a..98f7d5c 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -24,49 +24,37 @@ provisioner : idempotency_test : True diff : True sudo : True + extra_vars : "@./test/integration/simple/concourse-vars.yml" #verbose : "vvvvv" platforms : - - - name : "ubuntu1404_24" +### Ubuntu 1404 + - name : "ubuntu1404_25" driver_config : image : ubuntu:14.04 platform : ubuntu provisioner : - ansible_playbook_bin : "`avm path v2.4`ansible-playbook" + ansible_playbook_bin : "`avm path v2.5`ansible-playbook" groups : concourse-web : - - 'simple-ubuntu1404-24' + - 'simple-ubuntu1404-25' concourse-worker : - - 'simple-ubuntu1404-24' - - 'worker-ubuntu1404-24' + - 'simple-ubuntu1404-25' + - 'worker-ubuntu1404-25' - - name : "ubuntu1404_26" + - name : "ubuntu1404_27" driver_config : image : ubuntu:14.04 platform : ubuntu provisioner : - ansible_playbook_bin : "`avm path v2.6`ansible-playbook" - groups : - concourse-web : - - 'simple-ubuntu1404-26' - concourse-worker : - - 'simple-ubuntu1404-26' - - 'worker-ubuntu1404-26' - - - name : "ubuntu1604_24" - driver_config : - image : ubuntu:16.04 - platform : ubuntu - provisioner : - ansible_playbook_bin : "`avm path v2.4`ansible-playbook" + ansible_playbook_bin : "`avm path v2.7`ansible-playbook" groups : concourse-web : - - 'simple-ubuntu1604-24' + - 'simple-ubuntu1404-27' concourse-worker : - - 'simple-ubuntu1604-24' - - 'worker-ubuntu1604-24' - + - 'simple-ubuntu1404-27' + - 'worker-ubuntu1404-27' +### Ubuntu 1604 - name : "ubuntu1604_25" driver_config : image : ubuntu:16.04 @@ -93,6 +81,19 @@ platforms : - 'simple-ubuntu1604-26' - 'worker-ubuntu1604-26' + - name : "ubuntu1604_27" + driver_config : + image : ubuntu:16.04 + platform : ubuntu + provisioner : + ansible_playbook_bin : "`avm path v2.7`ansible-playbook" + groups : + concourse-web : + - 'simple-ubuntu1604-27' + concourse-worker : + - 'simple-ubuntu1604-27' + - 'worker-ubuntu1604-27' +### Ubuntu 1804 - name : "ubuntu1804_25" driver_config : image : ubuntu:18.04 @@ -106,20 +107,18 @@ platforms : - 'simple-ubuntu1804-25' - 'worker-ubuntu1804-25' - - name : "ubuntu1804_26" + - name : "ubuntu1804_27" driver_config : image : ubuntu:18.04 platform : ubuntu provisioner : - ansible_playbook_bin : "`avm path v2.6`ansible-playbook" + ansible_playbook_bin : "`avm path v2.7`ansible-playbook" groups : concourse-web : - - 'simple-ubuntu1804-26' + - 'simple-ubuntu1804-27' concourse-worker : - - 'simple-ubuntu1804-26' - - 'worker-ubuntu1804-26' - - + - 'simple-ubuntu1804-27' + - 'worker-ubuntu1804-27' suites: - name : simple @@ -127,9 +126,3 @@ suites: playbook : "test/integration/simple/simple.yml" driver_config : hostname : "simple" - - # - name : manage - # provisioner : - # playbook : "test/integration/manage/manage.yml" - # driver_config : - # hostname : "manage" \ No newline at end of file diff --git a/.travis.yml b/.travis.yml index 591c2c0..5713fcc 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,12 +7,16 @@ services: - docker env: - - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1404-26" - - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1604-24" + - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1404-25" + - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1404-27" + - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1604-25" - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1604-26" + - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1604-27" + - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1804-25" - - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1804-26" + - TEST_COMMAND="bundle exec kitchen test simple-ubuntu1804-27" + - TEST_COMMAND="./test/test-cluster.sh" before_install: # Make sure everything's up to date. diff --git a/Gemfile b/Gemfile index 8e97994..1227cf5 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ group :development do gem 'kitchen-ansiblepush' gem 'kitchen-docker' gem 'kitchen-verifier-serverspec' - gem 'thor', '0.19.1' # temp fix for issue http://stackoverflow.com/questions/40823526/validate-default-type-an-options-default-must-match-its-type-argumenterror + gem 'thor' gem 'net-ssh' gem 'serverspec' end diff --git a/Gemfile.lock b/Gemfile.lock index e373373..13a417a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -41,7 +41,7 @@ GEM rspec-mocks (~> 3.8.0) rspec-core (3.8.0) rspec-support (~> 3.8.0) - rspec-expectations (3.8.1) + rspec-expectations (3.8.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-its (1.2.0) @@ -59,7 +59,7 @@ GEM rspec-its specinfra (~> 2.72) sfl (2.3) - specinfra (2.76.2) + specinfra (2.76.3) net-scp net-ssh (>= 2.7) net-telnet (= 0.1.1) @@ -74,8 +74,8 @@ GEM winrm (~> 2.0) winrm-elevated (~> 1.0) winrm-fs (~> 1.1) - thor (0.19.1) - winrm (2.2.3) + thor (0.20.3) + winrm (2.3.0) builder (>= 2.1.2) erubis (~> 2.7) gssapi (~> 1.2) @@ -87,7 +87,7 @@ GEM winrm-elevated (1.1.0) winrm (~> 2.0) winrm-fs (~> 1.0) - winrm-fs (1.3.0) + winrm-fs (1.3.1) erubis (~> 2.7) logging (>= 1.6.1, < 3.0) rubyzip (~> 1.1) @@ -103,7 +103,7 @@ DEPENDENCIES net-ssh serverspec test-kitchen - thor (= 0.19.1) + thor BUNDLED WITH 1.16.0 diff --git a/tasks/common_nix.yml b/tasks/common_nix.yml index 0e3e8f5..9a651fa 100644 --- a/tasks/common_nix.yml +++ b/tasks/common_nix.yml @@ -1,6 +1,5 @@ --- - - name: common | Combine dictionary options (web) set_fact: concourse_web_options_combined: '{{ concourse_web_options_default | combine(concourse_web_options) | combine(concourse_facts_local_users) | combine(concourse_facts_main_users) }}' diff --git a/test/ansible-setup.sh b/test/ansible-setup.sh index 35bd0e9..10bac71 100644 --- a/test/ansible-setup.sh +++ b/test/ansible-setup.sh @@ -3,20 +3,20 @@ set -e AVM_VERSION="v1.0.0" -export ANSIBLE_VERSIONS_1="2.4.5" +export ANSIBLE_VERSIONS_1="2.5.11" export INSTALL_TYPE_1="pip" -export ANSIBLE_LABEL_1="v2.4" +export ANSIBLE_LABEL_1="v2.5" -export ANSIBLE_VERSIONS_2="2.5.10" +export ANSIBLE_VERSIONS_2="2.6.7" export INSTALL_TYPE_2="pip" -export ANSIBLE_LABEL_2="v2.5" +export ANSIBLE_LABEL_2="v2.6" -export ANSIBLE_VERSIONS_3="2.6.6" +export ANSIBLE_VERSIONS_3="2.7.1" export INSTALL_TYPE_3="pip" -export ANSIBLE_LABEL_3="v2.6" +export ANSIBLE_LABEL_3="v2.7" # Whats the default version -export ANSIBLE_DEFAULT_VERSION="v2.4" +export ANSIBLE_DEFAULT_VERSION="v2.5" ## Create a temp dir to download avm avm_dir="$(mktemp -d 2> /dev/null || mktemp -d -t 'mytmpdir')" diff --git a/test/ansible.cfg b/test/ansible.cfg index 0f4dc43..0bc66ff 100644 --- a/test/ansible.cfg +++ b/test/ansible.cfg @@ -7,4 +7,4 @@ callback_whitelist = changes pipelining=True ## SSH Args -control_path = %(directory)s/%%h-%%r +control_path=%(directory)s/ansible-ssh-%%h-%%p-%%r diff --git a/test/integration/simple/concourse-vars.yml b/test/integration/simple/concourse-vars.yml new file mode 100644 index 0000000..14c7f8c --- /dev/null +++ b/test/integration/simple/concourse-vars.yml @@ -0,0 +1,179 @@ +--- + +postgresql_version: 9.5 +postgresql_databases: + - name: "concourse" + owner: "concourseci" +postgresql_users: + - name : "concourseci" + pass : "conpass" +concourse_worker_options : + CONCOURSE_BAGGAGECLAIM_DRIVER : "naive" + CONCOURSE_GARDEN_DESTROY_CONTAINERS_ON_STARTUP : true + CONCOURSE_GARDEN_DNS_PROXY_ENABLE : true + CONCOURSE_GARDEN_DNS_SERVER : 8.8.8.8 +concourse_web_options: + CONCOURSE_MAIN_TEAM_LOCAL_USER : "user1,user6" + CONCOURSE_EXTERNAL_URL : "{{ CONCOURSE_EXTERNAL_URL_VAGRANT | default('http://127.0.0.1:8080') }}" + CONCOURSE_POSTGRES_DATABASE : "concourse" + CONCOURSE_POSTGRES_HOST : "127.0.0.1" + CONCOURSE_POSTGRES_PASSWORD : "conpass" + CONCOURSE_POSTGRES_SSLMODE : "disable" + CONCOURSE_POSTGRES_USER : "concourseci" + # ********************* Example Keys (YOU MUST OVERRIDE THEM) ********************* + # This keys are used for demo only you should generate your own and store them + # safely i.e. ansible-vault + # ********************************************************************************** +concourseci_key_session_public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6tKHmRtRp0a5SAeqbVy3pJSuoWQfmTIk106Md1bGjELPDkj0A8Z4a5rJZrAR7WqrRmHr2dTL9eKroymtIqxgJdu1RO+SM3uZVV5UFfYrBV0rmp5fP2g/+Wom2RB+zCzPT1TjDnKph8xPqj19P/0FY9rKbU8h6EzEp6Z5DjwKZKvxAF8p9r6wJde4nY+oneIuG1qpxYmLpNvdM3G44vgNeMg20jVywjJVwYDNe8ourqPu8rBauLbSiQI8Uxx6dlJSTsVawrKwHQUPEI9B5LPwUzZ9t/d7k2uJnCig6aJwM8dcyr8tqxlfdfmQiHRlZozail8UzIv65MbVngji5sqoB +concourseci_key_session_private : | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEAurSh5kbUadGuUgHqm1ct6SUrqFkH5kyJNdOjHdWxoxCzw5I9 + APGeGuayWawEe1qq0Zh69nUy/Xiq6MprSKsYCXbtUTvkjN7mVVeVBX2KwVdK5qeX + z9oP/lqJtkQfswsz09U4w5yqYfMT6o9fT/9BWPaym1PIehMxKemeQ48CmSr8QBfK + fa+sCXXuJ2PqJ3iLhtaqcWJi6Tb3TNxuOL4DXjINtI1csIyVcGAzXvKLq6j7vKwW + ri20okCPFMcenZSUk7FWsKysB0FDxCPQeSz8FM2fbf3e5NriZwooOmicDPHXMq/L + asZX3X5kIh0ZWaM2opfFMyL+uTG1Z4I4ubKqAQIDAQABAoIBAFWUZoF/Be5bRmQg + rMD3fPvZJeHMrWpKuroJgEM0qG/uP/ftGDlOhwIdrLKdvpAsRxA7rGE751t37B84 + aWStyB7OfIk3wtMveLS1qIETwn5M3PBM8bE8awhTx7vcDgurnt4CZjqDnTW4jfB+ + N1obzoBQ1B2Okd4i3e4wP3MIIlDCMoTPPd79DfQ6Hz2vd0eFlQcwb2S66oAGTgxi + oG0X0A+o+/GXGGhcuoRfXCR/oaeMtCTAML8UVNT8qktYr+Lfo4JoQR6VroQMStOm + 7DvS3yJe7ZZDrQBdNDHVAsIG9/QXEWmiKNv3p1gHm216FQeJV6rzSXGjeE22tE9S + JzmBKAECgYEA6CiFBIMECPzEnBooyrh8tehb5m0F6TeSeYwdgu+WuuBDRMh5Kruu + 9ydHE3tYHE1uR2Lng6suoU4Mnzmjv4E6THPTmTlolDQEqv7V24a0e8nWxV/+K7lN + XHrq4BFE5Xa8lkLAHw4tF8Ix6162ooHkaLhhmUWzkGVxAUhL/tbVc/ECgYEAzeEn + cR2NMDsNMR/anJzkjDilhiM5pORtN5O+eBIzpbFUEDZL4LIT7gqzic0kKnMJczr7 + 0WYUp2U762yrA4U2BqiGyTO2yhcMM5kuDTG+1VTdw3G6rZ0L80jUugW9131VC3tB + zcinIUs8N2hWsbuaRNhTCmlEzfe5UsikRjHgZxECgYEAze1DMCFWrvInI6BAlrDW + TjTxb489MwVMM+yJMN98f/71LEn20GTyaeC5NxqtqU01iLS+TxjEn+gvYf0qtm/W + WoJTKxK1JOCPU24AHF18MmFy1Fi1h+syJ9oQBPjMeA2+cjp7WBCnBvAGf5Tfw34c + MJd8WwxsnqScfFq4ri+53sECgYBGobw6Xn0V0uyPsfH6UQlH4hdHkcYw//1IV/O8 + leIKMnA4r6gQioez3xABctO5jIXtdor2KCNl2qFX/4wcRRNn7WFwncFUS9vvx9m4 + xRxHbDo410fIUFzNNmtk9ptO1rzal4rX4sMT9Q/Poog7qbUfcWfr5nmogBiggh15 + x5rJQQKBgE4khLJKEpLi8ozo/h02R/H4XT1YGNuadyuIULZDyuXVzcUP8R7Xx43n + ITU3tVCvmKizZmC3LZvVPkfDskhI9Yl3X7weBMUDeXxgDeUJNJZXXuDf1CC//Uo9 + N1EQdIhtxo4mgHXjF/8L32SqinAJb5ErNXQQwT5k9G22mZkHZY7Y + -----END RSA PRIVATE KEY----- + +concourseci_key_tsa_public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjddjviqF3BjVnxrledNsKM0wm7bwJwRgnUomLVrwHXjfArEz5yFa2C87IT9CYpIxkZMgmd0Bdtwj3kiNPP0qYpcj/uTqQTE5xLzTiJIUFsgSQwrMt/zd5x44g71qiHF/1KtHdcZq1dW3+5IwBog692HjcytbAxpUEGGpocHs/aoJ5/xn2tx61QOhkr5+PP1Ft7eHu719/pb1czhH8tZwCwNJQs4vzf79Mlgt0ikjJ84o9kOiUGP+Fc0+EjapBg9M2GE6/l86IJzcx/t/uQYCFOdKbg5ukck9NztldaOUeAPkUttPtf2vdjZU+EwSYc3XvhyQlN/QQmZ8tvG3gV9wv +concourseci_key_tsa_private : | + -----BEGIN RSA PRIVATE KEY----- + MIIEogIBAAKCAQEAo3XY74qhdwY1Z8a5XnTbCjNMJu28CcEYJ1KJi1a8B143wKxM + +chWtgvOyE/QmKSMZGTIJndAXbcI95IjTz9KmKXI/7k6kExOcS804iSFBbIEkMKz + Lf83eceOIO9aohxf9SrR3XGatXVt/uSMAaIOvdh43MrWwMaVBBhqaHB7P2qCef8Z + 9rcetUDoZK+fjz9Rbe3h7u9ff6W9XM4R/LWcAsDSULOL83+/TJYLdIpIyfOKPZDo + lBj/hXNPhI2qQYPTNhhOv5fOiCc3Mf7f7kGAhTnSm4ObpHJPTc7ZXWjlHgD5FLbT + 7X9r3Y2VPhMEmHN174ckJTf0EJmfLbxt4FfcLwIDAQABAoIBAFzux2OJIbuV4A8c + QI+fSFlISOdpChtRmPXiSyjZKxXVT0VPsIPijsn5dJsWJbZi9x6s3c5gxkuBoKuA + fmqzxSl8OAaLvOwFNiPLfvmDYc2XJFlZGJ3yGAw4lGnNK243S6cLrT2FNTwtg1gD + gEX9aPwucqi0+duoC1jEuNqf+LJYZykDicw3yHixgas/pKe2yDvsUhyQy2m/g9SW + rpKjppxas7aKQr1GEI4Gz4JY6L78ksdLLFCiXD/pg/DLbyfOoMid8eCUnGbh1rhB + PsKNyk3r/CSWsSlUlrujEqFdc/H8Ej07wVmVduTZddvjE4LcVtFlBzcEZbEofnyx + H8wLv8ECgYEA0F/jBIVcSWLTB00R/Fix7Bo9ICtZ1sXL+hLPm/zVlL/gD+MlAAVB + FimJKqMZa25B1ZUrYWV+Zddtel61ZxTrb86KKqtb0yuIVtPBc2ssVsO9hKL7NJ9i + g6tpR0hOhD46WJxOI9Srjv61f9tP7izlwbKXo6TrdYxM8YdjXlUyMCcCgYEAyNIB + IayYqg+pFoNdqKi3/n7/yGGWvlO0kW9aXkzrwTxT/k3NCHwarGgeSqU+/XVhnAHB + pvsORLAnf++gQNfoxU10nrdhkj6YIdg8OK5rO4n7iNysa4bZi2DrwJt9/mFpNkvY + lD956Lof/J1gPKmcNAwnsxijJE7w3I3rJ5UucLkCgYB5PMEGWV2XqTMlVVc4npZu + y9lyxSZRSuZiSt2WYaYXFQiV1dAqUeRLs8EGGL1qf004qsEBux6uvIgLId2j600M + 0XwcVXVoyTRbaHtu3xV+Kgczi+xi8rVL7MilW9GrKdWixtbEDDIBUftiN8Uqy96m + M3X9FbCVxRrjkKVlNmasEwKBgBCMxg0ZZUd2nO+/CcPxi6BMpRXFfR/YVCQ8Mg1d + d3xoVV+616/gUm5s8joinitTNiUeO/Bf9lAQ2GCBxgoyAPvpozfFUyQzRmRbprLh + JPM2LuWbkhYWee0zopov9lU1f+86lvG4vXpBhItUCO9W5wmfCtKGsEM4wj7a70tG + zxn5AoGARTzJJb6nxhqQCAWTq2GOQ1dL3uJvHihDs8+Brtn686Xqkajaw+1+OX2i + ehm8iE8k8Mdv7BqPMXQxlLb954l/ieTYkmwTnTG5Ot2+bx0Q15TGJqKFCWQZRveV + uPTcE+vQzvMV3lJo0CHTlNMo1JgHOO5UsFZ1cBxO7MZXCzChGE8= + -----END RSA PRIVATE KEY----- + +concourseci_worker_position : "{{ groups[concourseci_worker_group].index(inventory_hostname)| default(0) }}" +concourseci_key_worker_public : "{{ concourseci_worker_keys[concourseci_worker_position | int ].public}}" +concourseci_key_worker_private : "{{ concourseci_worker_keys[concourseci_worker_position | int ].private}}" +concourseci_worker_keys : + - public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKW31QIWcCR2Gh8i1fodDPHqviQV5eAW7Zv37Hzs1SKISvYeJ32EQ1mx2UXV8omzJiVojlXIsqkTXIBK6awvXQcRt8HFXwB9LjBfbYOUm+vU6L46HG3p2rBFAynh3NOeXvV1IBMNeuJ/w7v4CNNIkfKfQ34iwpirnX9fwoRV1pIt7c7MnKwZVrq/BwFpGh/GfOKrXLRXUsJAxDA+Mm0q2rvfpcsviINM7V41Lzemany1KVfjMLVe86CKWT0j2WERYejVlhxTXLlz7lHAowyU87dXh4QVHmDgMMSRIWgbMS0/1uAwfpdLMkzBEUhWRgKXDe/NWRk2I+Q77IJa1fnunJ + private : | + -----BEGIN RSA PRIVATE KEY----- + MIIEpQIBAAKCAQEAylt9UCFnAkdhofItX6HQzx6r4kFeXgFu2b9+x87NUiiEr2Hi + d9hENZsdlF1fKJsyYlaI5VyLKpE1yASumsL10HEbfBxV8AfS4wX22DlJvr1Oi+Oh + xt6dqwRQMp4dzTnl71dSATDXrif8O7+AjTSJHyn0N+IsKYq51/X8KEVdaSLe3OzJ + ysGVa6vwcBaRofxnziq1y0V1LCQMQwPjJtKtq736XLL4iDTO1eNS83pmp8tSlX4z + C1XvOgilk9I9lhEWHo1ZYcU1y5c+5RwKMMlPO3V4eEFR5g4DDEkSFoGzEtP9bgMH + 6XSzJMwRFIVkYClw3vzVkZNiPkO+yCWtX57pyQIDAQABAoIBAQCP6rWbEcaDFmVX + mjeu9hTd2YCBb+A/l2FROCJg1LGuJucHHOTGO2d3gJRu+mE9LfONgOHnzgOkCJZp + ZPsRUmslDexwPm7YQZg4oftHGKdcIqMEVqauG5GjGXQ4K8AiP3VK3Z2S/zvFvuZj + T/WLd7u2EE6CmDa0bNdzwpzNv1eJ92DGTm7bz71tGbjexuXuIzJVmUq1UVhj6lle + dklzM9RIp0wAaCrKVifNhEdZ4cy6YG0vBaAVbUZfxO9Qnec9V5Ycor9HZ9bsPhub + 7H3i5j7eGFH6f01bm2o3bSVwsvSosIiG6uXbNw83RGZhsIIFK1bJ2W4CtP86C1fG + +L2GaZtpAoGBAO9Anc8hsLAZEJ9gYm+abTFbTkNv4f/TPQxSngNbPx/OaDsBtHK0 + pQ0piG21wx6eKER0Bsb3p44Qav1G/3NVMwYAPWkoujai6OGt0bAjNCBZe5jzoYHO + cN/PTSNuhfri5Hpp6EqF8m3H6gJT/rMVgEfflorXnfj7WvNwVIh50CynAoGBANiF + t5pHWmvIWJs3feLiJm0o0Jp7IlpwS7vn62qfnoqv9Yze/0vNVscczkCzCbUuayf4 + TVgtfOe+AHs+N8u38BHrLzcYf/uRAj6fi9rf8Lhxbjv+jFOhPNttGdP5m+GDjlsW + 5D14cNjD/8jKIgecmYSgRTIQmdevfZseQQKhPtQPAoGBAMVVAFQlL3wvUDyD3Oy7 + 7C/3ZRfOIhNFAWc2hUmzat8q+WEhyNmLEU9H4FTMxABu5jt/j09wWGyeMgBxHKTd + stXSQNSJWP1TZM0u9nJWttmvtHe1CpLr2MFgU/lTYYJKvbQRwhwlWo0dhG8jJEJF + C6c8TQh7SrpfZua+0Zo3DnKlAoGAPYpL8/Kh1Y6c+IjeI9VJPK9kEvQ6gF/4dpDl + TWnOwvZeIUrkXuQe7PrX+HWqpa9qz3J4cT6EiM1tD5pQe3ttJXql8c/p2FOPwsLQ + GkaaAaJjxXOE6OQkCu3IcII6du9QT72C46HO2R1kHuqsn2M4EwUGhcNIJpB/b846 + hgfUdqsCgYEAn3EGdd1DNC+ykrCk2P6nlFXvjxdlxCKNzCPWHjwPGE3t2DRIaEWI + 0XBHuBy2hbiZPIZpAK3DtPONUjjrcv3gPmhraoz5K7saY5vxyEJFYNCu2nKCJUkp + ZNJ69MjK2HDIBIpqFJ7jnp32Dp8wviHXQ5e1PJQxoaXNyubfOs1Cpa0= + -----END RSA PRIVATE KEY----- + + - public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXQFU/VlngUtaW9i6HgkdEfcB6Ak+Ogk/EN96lB6lm6NHvMWL0ggtrxzPcyQ+K6Rri1Vh2zDKenF+ZutqfxfNEmmDUNuHW96djUXEzwLuTYYdoobHNFtV9s2pEix2QFaMxMnvWSIfvKqDvI2Z+zwfzNFKjDweiVsCPw3vAF9vIL6W12zDb3hGN4uJqpz4GCj0K3DR/dxMZVEcE4VQ5ITOusqRKeZTt3QMJI9ZdJF8xg+Bdg/NSDvH7GOcmN5eLEheIx3lWCmhtQvh1iwa+JlDVWQFmxbVqPTzI/8phjOIfEqimg+nBVq157UIfDf77Xj2YyVQSv2inVc4RLZSMQw3p + private : | + -----BEGIN RSA PRIVATE KEY----- + MIIEowIBAAKCAQEA10BVP1ZZ4FLWlvYuh4JHRH3AegJPjoJPxDfepQepZujR7zFi + 9IILa8cz3MkPiuka4tVYdswynpxfmbran8XzRJpg1Dbh1venY1FxM8C7k2GHaKGx + zRbVfbNqRIsdkBWjMTJ71kiH7yqg7yNmfs8H8zRSow8HolbAj8N7wBfbyC+ltdsw + 294RjeLiaqc+Bgo9Ctw0f3cTGVRHBOFUOSEzrrKkSnmU7d0DCSPWXSRfMYPgXYPz + Ug7x+xjnJjeXixIXiMd5VgpobUL4dYsGviZQ1VkBZsW1aj08yP/KYYziHxKopoPp + wVatee1CHw3++149mMlUEr9op1XOES2UjEMN6QIDAQABAoIBAH42vsWwwGqEqEdE + euwCO/+xLNdd24BYcKVBjU9/OpmZEuAKOVfdmQzNdV+UlYSCQr2XE5Q1D8lpL7VY + lzDwRUCItRY6SBpghMn7y0DpVhOJMHjttu/m37AhL8KZP/Bof5QtYee4B9z5Rfxy + 6XqZsrOsjngGLBfIfojNuxZb5wdttX/u7Qp9otnESxifTbn9PfUM5UwhXRncWbsT + MJ0p+aP36aNxwWDKht6bxiBRryvwNbRZX2iu18oxUUWg50uK0M/lo0KK4Svvc5lN + YfBFvum78KckgDX7zVenEOmU9bQfXWgB79oP8IpRP5OyPF2AJjgiKOfR7X+JA7Nq + pfXj48ECgYEA8MjIKz4ILS0ahsaxOIPsc1UyOK6F9v1PrU7ooi8WfLdY4ouPvIl5 + BI6zCFL9IdNOlc6Rh+UpfPYndaJz/1cWJyC0diChVdLAR+j6fuEqIKPSiv/Xn+hM + sbsiNn23MoA6C2Jvv1FLez+Shvlj6fF4G1t8MfHwoXZ0yVhuSkJH9o0CgYEA5Np/ + k4fA9w/OsbtJu0KtGN0AwhCVmFE/3doE4BVSsmWGznzHcC864S924CHsgznrM3OW + HX7C+PFgbsbtXwqxiaMAaxrh1wBnx28c4wMsNkXCFUds4DkjqDW6IhNH7W9TtuDL + qNoniBH/o18aj0xGF6HJFt6tU7f9iTxJ+tmY280CgYB2HMe0DpXMM1fTzRuZ8XzH + hn9ANrwYUGIJTa/n/tk1DGtZlcRIY9ctWSKRbsQlF5Zw/gd9dfhICCeLGMl18642 + O2DKoW8CvoL7w1k9bA5SPIpHDQEku7sDZByARmLbLvNKKltOqf4w0xp5g1RzqbOV + F+dwSJIVYhofunU/kAvk8QKBgGMPcUma6ZwH66BjQXcdVW/9ueZG53oXMV4GkTWu + BS3TZJbczDdzOjlfIkXCaW4kE/shfUknJZ48XVGWKgmJx2+cbwHtkPRP6JwbLJXX + ObwEVg5/7FDiatzU5Mz7K5dLKSFwDLf6NkJgCBffgs+kZHK2RSTxHnWunsBYqG08 + 4z3BAoGBAItHnGHbnl7cVHJFHd8teLzS+ki+gv+mKwPwSmeimV6zALAKZvj4RIg8 + 4g6kUWry+NNuiaH6fsDA0FWnT3Kyc59/M/EuKNCR7ci1Gnkunc0IUn78aWtNcxX5 + RsCKJUM8l63P0jyUufpTbG6nAP8fMdWCdtDBidFLV2JMPYnWb4aP + -----END RSA PRIVATE KEY----- +concourseci_reboot : false +concourse_local_users: + - {user: "user1", pass: "pass1"} + - {user: "user2", pass: "pass2"} + - {user: "user3", pass: "pass3"} + - {user: "user4", pass: "pass4"} + - {user: "user5", pass: "pass5"} + - {user: "user6", pass: "pass6"} +concourseci_manage_teams : true +concourseci_teams : + - name: "x1" + state: "present" + flags: + local-user: user1 + - name: "x2" + state: "absent" + flags: + local-user: user2 + - name: "x3" + state: "present" + flags: + local-user: user2 + - name: "x4" + state: "present" + flags: + local-user: user4 + - name: "x5" + state: "absent" + flags: + local-user: user5 diff --git a/test/integration/simple/serverspec/c_binary_spec.rb b/test/integration/simple/serverspec/c_binary_spec.rb index f6ee302..c01cdeb 100644 --- a/test/integration/simple/serverspec/c_binary_spec.rb +++ b/test/integration/simple/serverspec/c_binary_spec.rb @@ -14,19 +14,3 @@ expect(subject.stdout).to match('web') end end - -describe file('/opt/concourseci/bin/concourse-web') do - it 'concourse-web script has right permission' do - expect(subject).to be_file - expect(subject).to be_executable - expect(subject).to be_owned_by 'root' - end -end - -describe file('/opt/concourseci/bin/concourse-worker') do - it 'concourse-worker script has right permission' do - expect(subject).to be_file - expect(subject).to be_executable - expect(subject).to be_owned_by 'root' - end -end diff --git a/test/integration/simple/serverspec/ca_binary_web_spec.rb b/test/integration/simple/serverspec/ca_binary_web_spec.rb new file mode 100644 index 0000000..0446d10 --- /dev/null +++ b/test/integration/simple/serverspec/ca_binary_web_spec.rb @@ -0,0 +1,9 @@ +require_relative '../../helper_spec.rb' + +describe file('/opt/concourseci/bin/concourse-web') do + it 'concourse-web script has right permission' do + expect(subject).to be_file + expect(subject).to be_executable + expect(subject).to be_owned_by 'root' + end +end diff --git a/test/integration/simple/serverspec/cb_binary_worker_spec.rb b/test/integration/simple/serverspec/cb_binary_worker_spec.rb new file mode 100644 index 0000000..7cf1ec2 --- /dev/null +++ b/test/integration/simple/serverspec/cb_binary_worker_spec.rb @@ -0,0 +1,9 @@ +require_relative '../../helper_spec.rb' + +describe file('/opt/concourseci/bin/concourse-worker') do + it 'concourse-worker script has right permission' do + expect(subject).to be_file + expect(subject).to be_executable + expect(subject).to be_owned_by 'root' + end +end diff --git a/test/integration/simple/simple.yml b/test/integration/simple/simple.yml index d203579..09d64db 100644 --- a/test/integration/simple/simple.yml +++ b/test/integration/simple/simple.yml @@ -9,196 +9,18 @@ raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal) changed_when: False -- name: Install iproute2 +- name: Install iproute2 hosts: all gather_facts: False become: True tasks: - name: install iproute 2 - apt: + apt: name: iproute2 - name: Provision Concourse hosts: all become: True - vars : - concourse_local_users: - - {user: "user1", pass: "pass1"} - - {user: "user2", pass: "pass2"} - - {user: "user3", pass: "pass3"} - - {user: "user4", pass: "pass4"} - - {user: "user5", pass: "pass5"} - - {user: "user6", pass: "pass6"} - postgresql_version: 9.5 - postgresql_databases: - - name: "concourse" - owner: "concourseci" - postgresql_users: - - name : "concourseci" - pass : "conpass" - concourse_worker_options : - CONCOURSE_BAGGAGECLAIM_DRIVER : "naive" - CONCOURSE_GARDEN_DESTROY_CONTAINERS_ON_STARTUP : true - CONCOURSE_GARDEN_DNS_PROXY_ENABLE : true - CONCOURSE_GARDEN_DNS_SERVER : 8.8.8.8 - concourse_web_options: - CONCOURSE_MAIN_TEAM_LOCAL_USER : "user1,user6" - CONCOURSE_EXTERNAL_URL : "{{ CONCOURSE_EXTERNAL_URL_VAGRANT | default('http://127.0.0.1:8080') }}" - CONCOURSE_POSTGRES_DATABASE : "concourse" - CONCOURSE_POSTGRES_HOST : "127.0.0.1" - CONCOURSE_POSTGRES_PASSWORD : "conpass" - CONCOURSE_POSTGRES_SSLMODE : "disable" - CONCOURSE_POSTGRES_USER : "concourseci" - # ********************* Example Keys (YOU MUST OVERRIDE THEM) ********************* - # This keys are used for demo only you should generate your own and store them - # safely i.e. ansible-vault - # ********************************************************************************** - concourseci_key_session_public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6tKHmRtRp0a5SAeqbVy3pJSuoWQfmTIk106Md1bGjELPDkj0A8Z4a5rJZrAR7WqrRmHr2dTL9eKroymtIqxgJdu1RO+SM3uZVV5UFfYrBV0rmp5fP2g/+Wom2RB+zCzPT1TjDnKph8xPqj19P/0FY9rKbU8h6EzEp6Z5DjwKZKvxAF8p9r6wJde4nY+oneIuG1qpxYmLpNvdM3G44vgNeMg20jVywjJVwYDNe8ourqPu8rBauLbSiQI8Uxx6dlJSTsVawrKwHQUPEI9B5LPwUzZ9t/d7k2uJnCig6aJwM8dcyr8tqxlfdfmQiHRlZozail8UzIv65MbVngji5sqoB - concourseci_key_session_private : | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAurSh5kbUadGuUgHqm1ct6SUrqFkH5kyJNdOjHdWxoxCzw5I9 - APGeGuayWawEe1qq0Zh69nUy/Xiq6MprSKsYCXbtUTvkjN7mVVeVBX2KwVdK5qeX - z9oP/lqJtkQfswsz09U4w5yqYfMT6o9fT/9BWPaym1PIehMxKemeQ48CmSr8QBfK - fa+sCXXuJ2PqJ3iLhtaqcWJi6Tb3TNxuOL4DXjINtI1csIyVcGAzXvKLq6j7vKwW - ri20okCPFMcenZSUk7FWsKysB0FDxCPQeSz8FM2fbf3e5NriZwooOmicDPHXMq/L - asZX3X5kIh0ZWaM2opfFMyL+uTG1Z4I4ubKqAQIDAQABAoIBAFWUZoF/Be5bRmQg - rMD3fPvZJeHMrWpKuroJgEM0qG/uP/ftGDlOhwIdrLKdvpAsRxA7rGE751t37B84 - aWStyB7OfIk3wtMveLS1qIETwn5M3PBM8bE8awhTx7vcDgurnt4CZjqDnTW4jfB+ - N1obzoBQ1B2Okd4i3e4wP3MIIlDCMoTPPd79DfQ6Hz2vd0eFlQcwb2S66oAGTgxi - oG0X0A+o+/GXGGhcuoRfXCR/oaeMtCTAML8UVNT8qktYr+Lfo4JoQR6VroQMStOm - 7DvS3yJe7ZZDrQBdNDHVAsIG9/QXEWmiKNv3p1gHm216FQeJV6rzSXGjeE22tE9S - JzmBKAECgYEA6CiFBIMECPzEnBooyrh8tehb5m0F6TeSeYwdgu+WuuBDRMh5Kruu - 9ydHE3tYHE1uR2Lng6suoU4Mnzmjv4E6THPTmTlolDQEqv7V24a0e8nWxV/+K7lN - XHrq4BFE5Xa8lkLAHw4tF8Ix6162ooHkaLhhmUWzkGVxAUhL/tbVc/ECgYEAzeEn - cR2NMDsNMR/anJzkjDilhiM5pORtN5O+eBIzpbFUEDZL4LIT7gqzic0kKnMJczr7 - 0WYUp2U762yrA4U2BqiGyTO2yhcMM5kuDTG+1VTdw3G6rZ0L80jUugW9131VC3tB - zcinIUs8N2hWsbuaRNhTCmlEzfe5UsikRjHgZxECgYEAze1DMCFWrvInI6BAlrDW - TjTxb489MwVMM+yJMN98f/71LEn20GTyaeC5NxqtqU01iLS+TxjEn+gvYf0qtm/W - WoJTKxK1JOCPU24AHF18MmFy1Fi1h+syJ9oQBPjMeA2+cjp7WBCnBvAGf5Tfw34c - MJd8WwxsnqScfFq4ri+53sECgYBGobw6Xn0V0uyPsfH6UQlH4hdHkcYw//1IV/O8 - leIKMnA4r6gQioez3xABctO5jIXtdor2KCNl2qFX/4wcRRNn7WFwncFUS9vvx9m4 - xRxHbDo410fIUFzNNmtk9ptO1rzal4rX4sMT9Q/Poog7qbUfcWfr5nmogBiggh15 - x5rJQQKBgE4khLJKEpLi8ozo/h02R/H4XT1YGNuadyuIULZDyuXVzcUP8R7Xx43n - ITU3tVCvmKizZmC3LZvVPkfDskhI9Yl3X7weBMUDeXxgDeUJNJZXXuDf1CC//Uo9 - N1EQdIhtxo4mgHXjF/8L32SqinAJb5ErNXQQwT5k9G22mZkHZY7Y - -----END RSA PRIVATE KEY----- - - concourseci_key_tsa_public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjddjviqF3BjVnxrledNsKM0wm7bwJwRgnUomLVrwHXjfArEz5yFa2C87IT9CYpIxkZMgmd0Bdtwj3kiNPP0qYpcj/uTqQTE5xLzTiJIUFsgSQwrMt/zd5x44g71qiHF/1KtHdcZq1dW3+5IwBog692HjcytbAxpUEGGpocHs/aoJ5/xn2tx61QOhkr5+PP1Ft7eHu719/pb1czhH8tZwCwNJQs4vzf79Mlgt0ikjJ84o9kOiUGP+Fc0+EjapBg9M2GE6/l86IJzcx/t/uQYCFOdKbg5ukck9NztldaOUeAPkUttPtf2vdjZU+EwSYc3XvhyQlN/QQmZ8tvG3gV9wv - concourseci_key_tsa_private : | - -----BEGIN RSA PRIVATE KEY----- - MIIEogIBAAKCAQEAo3XY74qhdwY1Z8a5XnTbCjNMJu28CcEYJ1KJi1a8B143wKxM - +chWtgvOyE/QmKSMZGTIJndAXbcI95IjTz9KmKXI/7k6kExOcS804iSFBbIEkMKz - Lf83eceOIO9aohxf9SrR3XGatXVt/uSMAaIOvdh43MrWwMaVBBhqaHB7P2qCef8Z - 9rcetUDoZK+fjz9Rbe3h7u9ff6W9XM4R/LWcAsDSULOL83+/TJYLdIpIyfOKPZDo - lBj/hXNPhI2qQYPTNhhOv5fOiCc3Mf7f7kGAhTnSm4ObpHJPTc7ZXWjlHgD5FLbT - 7X9r3Y2VPhMEmHN174ckJTf0EJmfLbxt4FfcLwIDAQABAoIBAFzux2OJIbuV4A8c - QI+fSFlISOdpChtRmPXiSyjZKxXVT0VPsIPijsn5dJsWJbZi9x6s3c5gxkuBoKuA - fmqzxSl8OAaLvOwFNiPLfvmDYc2XJFlZGJ3yGAw4lGnNK243S6cLrT2FNTwtg1gD - gEX9aPwucqi0+duoC1jEuNqf+LJYZykDicw3yHixgas/pKe2yDvsUhyQy2m/g9SW - rpKjppxas7aKQr1GEI4Gz4JY6L78ksdLLFCiXD/pg/DLbyfOoMid8eCUnGbh1rhB - PsKNyk3r/CSWsSlUlrujEqFdc/H8Ej07wVmVduTZddvjE4LcVtFlBzcEZbEofnyx - H8wLv8ECgYEA0F/jBIVcSWLTB00R/Fix7Bo9ICtZ1sXL+hLPm/zVlL/gD+MlAAVB - FimJKqMZa25B1ZUrYWV+Zddtel61ZxTrb86KKqtb0yuIVtPBc2ssVsO9hKL7NJ9i - g6tpR0hOhD46WJxOI9Srjv61f9tP7izlwbKXo6TrdYxM8YdjXlUyMCcCgYEAyNIB - IayYqg+pFoNdqKi3/n7/yGGWvlO0kW9aXkzrwTxT/k3NCHwarGgeSqU+/XVhnAHB - pvsORLAnf++gQNfoxU10nrdhkj6YIdg8OK5rO4n7iNysa4bZi2DrwJt9/mFpNkvY - lD956Lof/J1gPKmcNAwnsxijJE7w3I3rJ5UucLkCgYB5PMEGWV2XqTMlVVc4npZu - y9lyxSZRSuZiSt2WYaYXFQiV1dAqUeRLs8EGGL1qf004qsEBux6uvIgLId2j600M - 0XwcVXVoyTRbaHtu3xV+Kgczi+xi8rVL7MilW9GrKdWixtbEDDIBUftiN8Uqy96m - M3X9FbCVxRrjkKVlNmasEwKBgBCMxg0ZZUd2nO+/CcPxi6BMpRXFfR/YVCQ8Mg1d - d3xoVV+616/gUm5s8joinitTNiUeO/Bf9lAQ2GCBxgoyAPvpozfFUyQzRmRbprLh - JPM2LuWbkhYWee0zopov9lU1f+86lvG4vXpBhItUCO9W5wmfCtKGsEM4wj7a70tG - zxn5AoGARTzJJb6nxhqQCAWTq2GOQ1dL3uJvHihDs8+Brtn686Xqkajaw+1+OX2i - ehm8iE8k8Mdv7BqPMXQxlLb954l/ieTYkmwTnTG5Ot2+bx0Q15TGJqKFCWQZRveV - uPTcE+vQzvMV3lJo0CHTlNMo1JgHOO5UsFZ1cBxO7MZXCzChGE8= - -----END RSA PRIVATE KEY----- - - concourseci_worker_position : "{{ groups[concourseci_worker_group].index(inventory_hostname)| default(0) }}" - concourseci_key_worker_public : "{{ concourseci_worker_keys[concourseci_worker_position | int ].public}}" - concourseci_key_worker_private : "{{ concourseci_worker_keys[concourseci_worker_position | int ].private}}" - concourseci_worker_keys : - - public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKW31QIWcCR2Gh8i1fodDPHqviQV5eAW7Zv37Hzs1SKISvYeJ32EQ1mx2UXV8omzJiVojlXIsqkTXIBK6awvXQcRt8HFXwB9LjBfbYOUm+vU6L46HG3p2rBFAynh3NOeXvV1IBMNeuJ/w7v4CNNIkfKfQ34iwpirnX9fwoRV1pIt7c7MnKwZVrq/BwFpGh/GfOKrXLRXUsJAxDA+Mm0q2rvfpcsviINM7V41Lzemany1KVfjMLVe86CKWT0j2WERYejVlhxTXLlz7lHAowyU87dXh4QVHmDgMMSRIWgbMS0/1uAwfpdLMkzBEUhWRgKXDe/NWRk2I+Q77IJa1fnunJ - private : | - -----BEGIN RSA PRIVATE KEY----- - MIIEpQIBAAKCAQEAylt9UCFnAkdhofItX6HQzx6r4kFeXgFu2b9+x87NUiiEr2Hi - d9hENZsdlF1fKJsyYlaI5VyLKpE1yASumsL10HEbfBxV8AfS4wX22DlJvr1Oi+Oh - xt6dqwRQMp4dzTnl71dSATDXrif8O7+AjTSJHyn0N+IsKYq51/X8KEVdaSLe3OzJ - ysGVa6vwcBaRofxnziq1y0V1LCQMQwPjJtKtq736XLL4iDTO1eNS83pmp8tSlX4z - C1XvOgilk9I9lhEWHo1ZYcU1y5c+5RwKMMlPO3V4eEFR5g4DDEkSFoGzEtP9bgMH - 6XSzJMwRFIVkYClw3vzVkZNiPkO+yCWtX57pyQIDAQABAoIBAQCP6rWbEcaDFmVX - mjeu9hTd2YCBb+A/l2FROCJg1LGuJucHHOTGO2d3gJRu+mE9LfONgOHnzgOkCJZp - ZPsRUmslDexwPm7YQZg4oftHGKdcIqMEVqauG5GjGXQ4K8AiP3VK3Z2S/zvFvuZj - T/WLd7u2EE6CmDa0bNdzwpzNv1eJ92DGTm7bz71tGbjexuXuIzJVmUq1UVhj6lle - dklzM9RIp0wAaCrKVifNhEdZ4cy6YG0vBaAVbUZfxO9Qnec9V5Ycor9HZ9bsPhub - 7H3i5j7eGFH6f01bm2o3bSVwsvSosIiG6uXbNw83RGZhsIIFK1bJ2W4CtP86C1fG - +L2GaZtpAoGBAO9Anc8hsLAZEJ9gYm+abTFbTkNv4f/TPQxSngNbPx/OaDsBtHK0 - pQ0piG21wx6eKER0Bsb3p44Qav1G/3NVMwYAPWkoujai6OGt0bAjNCBZe5jzoYHO - cN/PTSNuhfri5Hpp6EqF8m3H6gJT/rMVgEfflorXnfj7WvNwVIh50CynAoGBANiF - t5pHWmvIWJs3feLiJm0o0Jp7IlpwS7vn62qfnoqv9Yze/0vNVscczkCzCbUuayf4 - TVgtfOe+AHs+N8u38BHrLzcYf/uRAj6fi9rf8Lhxbjv+jFOhPNttGdP5m+GDjlsW - 5D14cNjD/8jKIgecmYSgRTIQmdevfZseQQKhPtQPAoGBAMVVAFQlL3wvUDyD3Oy7 - 7C/3ZRfOIhNFAWc2hUmzat8q+WEhyNmLEU9H4FTMxABu5jt/j09wWGyeMgBxHKTd - stXSQNSJWP1TZM0u9nJWttmvtHe1CpLr2MFgU/lTYYJKvbQRwhwlWo0dhG8jJEJF - C6c8TQh7SrpfZua+0Zo3DnKlAoGAPYpL8/Kh1Y6c+IjeI9VJPK9kEvQ6gF/4dpDl - TWnOwvZeIUrkXuQe7PrX+HWqpa9qz3J4cT6EiM1tD5pQe3ttJXql8c/p2FOPwsLQ - GkaaAaJjxXOE6OQkCu3IcII6du9QT72C46HO2R1kHuqsn2M4EwUGhcNIJpB/b846 - hgfUdqsCgYEAn3EGdd1DNC+ykrCk2P6nlFXvjxdlxCKNzCPWHjwPGE3t2DRIaEWI - 0XBHuBy2hbiZPIZpAK3DtPONUjjrcv3gPmhraoz5K7saY5vxyEJFYNCu2nKCJUkp - ZNJ69MjK2HDIBIpqFJ7jnp32Dp8wviHXQ5e1PJQxoaXNyubfOs1Cpa0= - -----END RSA PRIVATE KEY----- - - - public : ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXQFU/VlngUtaW9i6HgkdEfcB6Ak+Ogk/EN96lB6lm6NHvMWL0ggtrxzPcyQ+K6Rri1Vh2zDKenF+ZutqfxfNEmmDUNuHW96djUXEzwLuTYYdoobHNFtV9s2pEix2QFaMxMnvWSIfvKqDvI2Z+zwfzNFKjDweiVsCPw3vAF9vIL6W12zDb3hGN4uJqpz4GCj0K3DR/dxMZVEcE4VQ5ITOusqRKeZTt3QMJI9ZdJF8xg+Bdg/NSDvH7GOcmN5eLEheIx3lWCmhtQvh1iwa+JlDVWQFmxbVqPTzI/8phjOIfEqimg+nBVq157UIfDf77Xj2YyVQSv2inVc4RLZSMQw3p - private : | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEA10BVP1ZZ4FLWlvYuh4JHRH3AegJPjoJPxDfepQepZujR7zFi - 9IILa8cz3MkPiuka4tVYdswynpxfmbran8XzRJpg1Dbh1venY1FxM8C7k2GHaKGx - zRbVfbNqRIsdkBWjMTJ71kiH7yqg7yNmfs8H8zRSow8HolbAj8N7wBfbyC+ltdsw - 294RjeLiaqc+Bgo9Ctw0f3cTGVRHBOFUOSEzrrKkSnmU7d0DCSPWXSRfMYPgXYPz - Ug7x+xjnJjeXixIXiMd5VgpobUL4dYsGviZQ1VkBZsW1aj08yP/KYYziHxKopoPp - wVatee1CHw3++149mMlUEr9op1XOES2UjEMN6QIDAQABAoIBAH42vsWwwGqEqEdE - euwCO/+xLNdd24BYcKVBjU9/OpmZEuAKOVfdmQzNdV+UlYSCQr2XE5Q1D8lpL7VY - lzDwRUCItRY6SBpghMn7y0DpVhOJMHjttu/m37AhL8KZP/Bof5QtYee4B9z5Rfxy - 6XqZsrOsjngGLBfIfojNuxZb5wdttX/u7Qp9otnESxifTbn9PfUM5UwhXRncWbsT - MJ0p+aP36aNxwWDKht6bxiBRryvwNbRZX2iu18oxUUWg50uK0M/lo0KK4Svvc5lN - YfBFvum78KckgDX7zVenEOmU9bQfXWgB79oP8IpRP5OyPF2AJjgiKOfR7X+JA7Nq - pfXj48ECgYEA8MjIKz4ILS0ahsaxOIPsc1UyOK6F9v1PrU7ooi8WfLdY4ouPvIl5 - BI6zCFL9IdNOlc6Rh+UpfPYndaJz/1cWJyC0diChVdLAR+j6fuEqIKPSiv/Xn+hM - sbsiNn23MoA6C2Jvv1FLez+Shvlj6fF4G1t8MfHwoXZ0yVhuSkJH9o0CgYEA5Np/ - k4fA9w/OsbtJu0KtGN0AwhCVmFE/3doE4BVSsmWGznzHcC864S924CHsgznrM3OW - HX7C+PFgbsbtXwqxiaMAaxrh1wBnx28c4wMsNkXCFUds4DkjqDW6IhNH7W9TtuDL - qNoniBH/o18aj0xGF6HJFt6tU7f9iTxJ+tmY280CgYB2HMe0DpXMM1fTzRuZ8XzH - hn9ANrwYUGIJTa/n/tk1DGtZlcRIY9ctWSKRbsQlF5Zw/gd9dfhICCeLGMl18642 - O2DKoW8CvoL7w1k9bA5SPIpHDQEku7sDZByARmLbLvNKKltOqf4w0xp5g1RzqbOV - F+dwSJIVYhofunU/kAvk8QKBgGMPcUma6ZwH66BjQXcdVW/9ueZG53oXMV4GkTWu - BS3TZJbczDdzOjlfIkXCaW4kE/shfUknJZ48XVGWKgmJx2+cbwHtkPRP6JwbLJXX - ObwEVg5/7FDiatzU5Mz7K5dLKSFwDLf6NkJgCBffgs+kZHK2RSTxHnWunsBYqG08 - 4z3BAoGBAItHnGHbnl7cVHJFHd8teLzS+ki+gv+mKwPwSmeimV6zALAKZvj4RIg8 - 4g6kUWry+NNuiaH6fsDA0FWnT3Kyc59/M/EuKNCR7ci1Gnkunc0IUn78aWtNcxX5 - RsCKJUM8l63P0jyUufpTbG6nAP8fMdWCdtDBidFLV2JMPYnWb4aP - -----END RSA PRIVATE KEY----- - concourseci_reboot : false - concourseci_manage_teams : true - concourseci_teams : - - name: "x1" - state: "present" - flags: - local-user: user1 - - name: "x2" - state: "absent" - flags: - local-user: user2 - - name: "x3" - state: "present" - flags: - local-user: user2 - - name: "x4" - state: "present" - flags: - local-user: user4 - - name: "x5" - state: "absent" - flags: - local-user: user5 roles: - { name: "hosts", tags: "hosts" } - { name: "postgresql", tags: "postgresql" } diff --git a/test/integration/web/serverspec/a_user_spec.rb b/test/integration/web/serverspec/a_user_spec.rb new file mode 120000 index 0000000..0296dbc --- /dev/null +++ b/test/integration/web/serverspec/a_user_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/a_user_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/a_web_spec.rb b/test/integration/web/serverspec/a_web_spec.rb new file mode 120000 index 0000000..ce76083 --- /dev/null +++ b/test/integration/web/serverspec/a_web_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/a_web_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/b_worker_not_running_spec.rb b/test/integration/web/serverspec/b_worker_not_running_spec.rb new file mode 100644 index 0000000..a171d49 --- /dev/null +++ b/test/integration/web/serverspec/b_worker_not_running_spec.rb @@ -0,0 +1,11 @@ +require_relative '../../helper_spec.rb' + +describe file('/opt/concourseci/bin/concourse-worker') do + it { should_not exist } +end + +# Concourse worker process to be running with concourse user +describe command('pgrep -u root -f concourse\\ worker -c') do + its(:exit_status) { should eq 1 } + its(:stdout) { should match '0' } +end diff --git a/test/integration/web/serverspec/c_binary_spec.rb b/test/integration/web/serverspec/c_binary_spec.rb new file mode 120000 index 0000000..4e3ca41 --- /dev/null +++ b/test/integration/web/serverspec/c_binary_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/c_binary_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/ca_binary_web_spec.rb b/test/integration/web/serverspec/ca_binary_web_spec.rb new file mode 120000 index 0000000..c333000 --- /dev/null +++ b/test/integration/web/serverspec/ca_binary_web_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/ca_binary_web_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/d_job_spec.rb b/test/integration/web/serverspec/d_job_spec.rb new file mode 120000 index 0000000..fabd0bd --- /dev/null +++ b/test/integration/web/serverspec/d_job_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/d_job_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/e_manage_spec.rb b/test/integration/web/serverspec/e_manage_spec.rb new file mode 120000 index 0000000..36b21f1 --- /dev/null +++ b/test/integration/web/serverspec/e_manage_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/e_manage_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/ssh_spec.rb b/test/integration/web/serverspec/ssh_spec.rb new file mode 120000 index 0000000..6f6f723 --- /dev/null +++ b/test/integration/web/serverspec/ssh_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/ssh_spec.rb \ No newline at end of file diff --git a/test/integration/web/serverspec/z_web_control_scripts_spec.rb b/test/integration/web/serverspec/z_web_control_scripts_spec.rb new file mode 100644 index 0000000..d05b561 --- /dev/null +++ b/test/integration/web/serverspec/z_web_control_scripts_spec.rb @@ -0,0 +1,48 @@ +require_relative '../../helper_spec.rb' + +PS_WEB = 'ps ax|grep "/opt/concourseci/bin/concourse web"|grep -v grep'.freeze + +## Web stop +describe 'concourse web stopped' do + describe command('sudo service concourse-web stop') do + it 'initd script should stop web and return OK' do + expect(subject.stdout).to match('[ OK ]') + expect(subject.exit_status).to eq(0) + end + end + + describe command('sudo service concourse-web status') do + it 'initd script should return stopped' do + expect(subject.stdout).to match('not running') + end + end + + describe command(PS_WEB.to_s) do + it 'ps should report no process running' do + expect(subject.stdout).to eq('') + end + end +end +## Web running +describe 'concourse web running' do + describe command('sudo service concourse-web start') do + it 'initd script should start and return running' do + expect(subject.stdout).to match('[ OK ]') + expect(subject.exit_status).to eq(0) + end + end + + describe command('sudo service concourse-web status') do + it 'initd script should return running' do + expect(subject.stdout).to match('running with PID:') + expect(subject.exit_status).to eq(0) + end + end + + describe command(PS_WEB.to_s) do + it 'ps should report process running' do + expect(subject.stdout).to match('/opt/concourseci/bin/concourse') + expect(subject.exit_status).to eq(0) + end + end +end diff --git a/test/integration/web/web.yml b/test/integration/web/web.yml new file mode 100644 index 0000000..a917884 --- /dev/null +++ b/test/integration/web/web.yml @@ -0,0 +1,35 @@ +--- + +- name: Check for python3 + hosts: concourse-web + gather_facts: False + become: True + tasks: + - name: install python 3 + raw: test -e /usr/bin/python || (apt -y update && apt install -y python3-minimal) + changed_when: False + +- name: Install some needed packages + hosts: concourse-web + gather_facts: False + become: True + tasks: + - name: install packages + apt: + name: "{{ packages }}" + vars: + packages: + - iproute2 + - gpg + - python3-psycopg2 + - python3-passlib + - python3-bcrypt + +- name: Provision Concourse + hosts: concourse-web + become: True + roles: + - { name: "hosts", tags: "hosts" } + - { name: "postgresql", tags: "postgresql" } + - { name: "ansible-concourse", tags: "concourse" } + - { name: "fly", tags: "fly" } diff --git a/test/integration/worker/serverspec/a_user_spec.rb b/test/integration/worker/serverspec/a_user_spec.rb new file mode 120000 index 0000000..0296dbc --- /dev/null +++ b/test/integration/worker/serverspec/a_user_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/a_user_spec.rb \ No newline at end of file diff --git a/test/integration/worker/serverspec/b_worker_spec.rb b/test/integration/worker/serverspec/b_worker_spec.rb new file mode 120000 index 0000000..da15c1b --- /dev/null +++ b/test/integration/worker/serverspec/b_worker_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/b_worker_spec.rb \ No newline at end of file diff --git a/test/integration/worker/serverspec/c_binary_spec.rb b/test/integration/worker/serverspec/c_binary_spec.rb new file mode 120000 index 0000000..4e3ca41 --- /dev/null +++ b/test/integration/worker/serverspec/c_binary_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/c_binary_spec.rb \ No newline at end of file diff --git a/test/integration/worker/serverspec/cb_binary_worker_spec.rb b/test/integration/worker/serverspec/cb_binary_worker_spec.rb new file mode 120000 index 0000000..d404f22 --- /dev/null +++ b/test/integration/worker/serverspec/cb_binary_worker_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/cb_binary_worker_spec.rb \ No newline at end of file diff --git a/test/integration/worker/serverspec/d-web_not_running_spec.rb b/test/integration/worker/serverspec/d-web_not_running_spec.rb new file mode 100644 index 0000000..2e98f56 --- /dev/null +++ b/test/integration/worker/serverspec/d-web_not_running_spec.rb @@ -0,0 +1,12 @@ +require_relative '../../helper_spec.rb' + +describe file('/opt/concourseci/bin/concourse-web') do + it { should_not exist } +end + + +# Concourse web process to be running with concourse user +describe command('pgrep -u concourseci -f concourse\\ web -c') do + its(:exit_status) { should eq 1 } + its(:stdout) { should match '0' } + end diff --git a/test/integration/worker/serverspec/ssh_spec.rb b/test/integration/worker/serverspec/ssh_spec.rb new file mode 120000 index 0000000..6f6f723 --- /dev/null +++ b/test/integration/worker/serverspec/ssh_spec.rb @@ -0,0 +1 @@ +../../simple/serverspec/ssh_spec.rb \ No newline at end of file diff --git a/test/integration/worker/serverspec/z_worker_control_scripts_spec.rb b/test/integration/worker/serverspec/z_worker_control_scripts_spec.rb new file mode 100644 index 0000000..e5ef924 --- /dev/null +++ b/test/integration/worker/serverspec/z_worker_control_scripts_spec.rb @@ -0,0 +1,50 @@ +require_relative '../../helper_spec.rb' + +PS_WRK = 'ps ax|grep "/opt/concourseci/bin/concourse worker"|grep -v grep'.freeze + +## Worker stop +describe 'concourse worker stopped' do + describe command('sudo service concourse-worker stop') do + it 'initd script should stop worker and return OK' do + expect(subject.stdout).to match('[ OK ]') + expect(subject.exit_status).to eq(0) + end + end + + describe command('sudo service concourse-worker status') do + it 'initd script should return stopped' do + expect(subject.stdout).to match('not running') + expect(subject.exit_status).to eq(0) + end + end + + describe command(PS_WRK.to_s) do + it 'ps should report no process running' do + expect(subject.stdout).to eq('') + end + end +end + +## worker running +describe 'concourse worker running' do + describe command('sudo service concourse-worker start') do + it 'initd script should start worker and return running' do + expect(subject.stdout).to match('[ OK ]') + expect(subject.exit_status).to eq(0) + end + end + + describe command('sudo service concourse-worker status') do + it 'initd script should return running' do + expect(subject.stdout).to match('running with PID:') + expect(subject.exit_status).to eq(0) + end + end + + describe command(PS_WRK.to_s) do + it 'ps should report process running' do + expect(subject.stdout).to match('/opt/concourseci/bin/concourse') + expect(subject.exit_status).to eq(0) + end + end +end diff --git a/test/integration/worker/worker.yml b/test/integration/worker/worker.yml new file mode 100644 index 0000000..f5fc087 --- /dev/null +++ b/test/integration/worker/worker.yml @@ -0,0 +1,33 @@ +--- + +- name: Check for python 3 + hosts: concourse-worker + gather_facts: False + become: True + tasks: + - name: install python 3 + raw: test -e /usr/bin/python || (apt -y update && apt install -y python3-minimal) + changed_when: False + +- name: Install some needed packages + hosts: concourse-worker + gather_facts: False + become: True + tasks: + - name: install packages + apt: + name: "{{ packages }}" + vars: + packages: + - iproute2 + - gpg + - python3-psycopg2 + - python3-passlib + - python3-bcrypt + +- name: Provision Concourse + hosts: concourse-worker + become: True + roles: + - { name: "hosts", tags: "hosts" } + - { name: "ansible-concourse", tags: "concourse" } diff --git a/test/test-cluster.sh b/test/test-cluster.sh new file mode 100755 index 0000000..7576476 --- /dev/null +++ b/test/test-cluster.sh @@ -0,0 +1,23 @@ +#!/bin/sh +set -e + +# Create +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen create web-ubuntu1804 +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen create worker-ubuntu1804 + +# Converge +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen converge web-ubuntu1804 -l debug +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen converge worker-ubuntu1804 -l debug +# run again +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen converge web-ubuntu1804 + +# pause a little +sleep 10 + +# Verify +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen verify worker +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen verify web + +# destory +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen destroy web +KITCHEN_YAML=.kitchen-cluster.yml bundle exec kitchen destroy worker