Merge pull request #121 from darkskyapp/clean-up-testing

Clean up testing

.kitchen.yml

@@ -1,23 +1,59 @@
+---
 driver:
-  name: vagrant
+  name: dokken
+  privileged: true  # because Docker and SystemD/Upstart
+  chef_version: <%= ENV['CHEF_VERSION'] || 'current' %>
+
+transport:
+  name: dokken
+  require_chef_omnibus: <%= ENV['CHEF_VERSION'] || 'latest' %>
 
 provisioner:
-  name: chef_zero
-  data_bags_path: "test/fixtures/data_bags"
+  name: dokken
+
+verifier:
+  name: inspec
+  deprecations_as_errors: true
 
 # currently only support 2 last major revs of distros (at the most)
 platforms:
-  - name: debian-8.6
-  - name: debian-7.11
-  - name: ubuntu-16.04
+  - name: debian-8
+    driver:
+      image: dokken/debian-8
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+  - name: debian-9
+    driver:
+      image: dokken/debian-9
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+  - name: centos-7
+    driver:
+      image: dokken/centos-7
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: fedora-latest
+    driver:
+      image: dokken/fedora-latest
+      pid_one_command: /usr/lib/systemd/systemd
+
   - name: ubuntu-14.04
-  - name: centos-7.3
-  - name: centos-6.8
-  - name: fedora-25
-  - name: fedora-24
-  - name: freebsd-11.0
-  - name: freebsd-10.3
-  - name: opensuse-leap-42.2
+    driver:
+      image: dokken/ubuntu-14.04
+      pid_one_command: /sbin/init
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+  - name: ubuntu-16.04
+    driver:
+      image: dokken/ubuntu-16.04
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
 
 suites:
   - name: server
@@ -29,14 +65,14 @@ suites:
           verb: 1
           mute: 10
           route:
-           - '192.168.4.0 255.255.255.0'
+            - '192.168.4.0 255.255.255.0'
         push_routes:
           - 192.168.10.0 255.255.255.0
           - 10.12.10.0 255.255.255.0
         push_options:
           dhcp-option:
-          - 'DOMAIN local'
-          - 'DOMAIN-SEARCH local'
+            - 'DOMAIN local'
+            - 'DOMAIN-SEARCH local'
   - name: server_verification
     run_list:
       - recipe[openvpn::server]

.travis.yml

@@ -1,26 +1,39 @@
-# Use Travis's cointainer based infrastructure
-sudo: false
+sudo: required
+dist: trusty
+
 addons:
   apt:
     sources:
-      - chef-current-precise
+      - chef-current-trusty
     packages:
       - chefdk
 
-# Don't `bundle install`
+# Don't `bundle install` which takes about 1.5 mins
 install: echo "skip bundle install"
 
 branches:
   only:
     - master
 
-# Ensure we make ChefDK's Ruby the default
+services: docker
+
+env:
+  matrix:
+  - INSTANCE=server-centos-7
+  - INSTANCE=server-debian-8
+  - INSTANCE=server-debian-9
+  - INSTANCE=server-ubuntu-1404
+  - INSTANCE=server-ubuntu-1604
+
 before_script:
-  - eval "$(/opt/chefdk/bin/chef shell-init bash)"
+  - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER )
+  - eval "$(chef shell-init bash)"
+  - chef --version
 
-script:
-  - /opt/chefdk/embedded/bin/chef --version
-  - /opt/chefdk/embedded/bin/cookstyle --version
-  - /opt/chefdk/embedded/bin/foodcritic --version
-  - /opt/chefdk/bin/chef exec delivery local all
+script: KITCHEN_LOCAL_YAML=.kitchen.dokken.yml kitchen verify ${INSTANCE}
 
+matrix:
+  include:
+    - script:
+      - chef exec delivery local all
+      env: UNIT_AND_LINT=1

Berksfile

@@ -1,7 +1,3 @@
 source 'https://supermarket.chef.io'
 
 metadata
-
-group :integration do
-  cookbook 'test', path: './test/fixtures/cookbooks/test'
-end

CODE_OF_CONDUCT.md

@@ -0,0 +1,3 @@
+# Community Guidelines
+
+This project follows the Chef Community Guidelines <https://docs.chef.io/community_guidelines.html>

README.md

@@ -42,8 +42,8 @@ For further modification of the cookbook see __Usage__ below.
 For more information about OpenVPN, see the [official site](http://openvpn.net/).
 
 
-Attributes
-----------
+## Attributes
+
 These attributes are set by the cookbook by default.
 
 * `node['openvpn']['client_cn']` - The client's Common Name used with the `openvpn::client` recipe (essentially a standalone recipe) for the client certificate and key.
@@ -85,32 +85,39 @@ The following lets you specify the message digest used for generating certificat
 * `node['openvpn']['key']['message_digest']` - Default is `sha256` for a high-level of security.
 
 
-Recipes
--------
+## Recipes
+
 #### `openvpn::default`
+
 Installs the OpenVPN package only.
 
 #### `openvpn::install`
+
 Installs the OpenVPN package only.
 
 #### `openvpn::server`
+
 Installs and configures OpenVPN as a server.
 
 #### `openvpn::client`
+
 Installs and configures OpenVPN as a client.
 
 #### `openvpn::service`
+
 Manages the OpenVPN system service (there is no need to use this recipe directly in your run_list).
 
 #### `openvpn::users`
+
 Utilizes a data bag called `users` to generate OpenVPN keys for each user.
 [chef-solo-search](https://github.com/edelight/chef-solo-search) is required in order to use this recipe with Chef-Solo, although it is not a dependency of this cookbook.
 
 #### `openvpn::easy_rsa`
+
 Installs the easy-rsa package (a CLI utility to build and manage a PKI CA).
 
-Usage
------
+### Usage
+
 Create a role for the OpenVPN server. See above for attributes that can be entered here.
 
 ```ruby
@@ -182,8 +189,8 @@ To automatically create new certificates and configurations for users, create da
 This cookbook also provides an 'up' script that runs when OpenVPN is started. This script is for setting up firewall rules and kernel networking parameters as needed for your environment. Modify to suit your needs, upload the cookbook and re-run chef on the openvpn server. For example, you'll probably want to enable IP forwarding (sample Linux setting is commented out). The attribute `node['openvpn']["script_security"]` must be set to 2 or higher to use this otherwise openvpn server startup will fail.
 
 
-Customizing Server Configuration
---------------------------------
+## Customizing Server Configuration
+
 To further customize the server configuration, there are two templates that can be modified in this cookbook.
 
 * templates/default/server.conf.erb
@@ -192,13 +199,13 @@ To further customize the server configuration, there are two templates that can
 The first is the OpenVPN server configuration file. Modify to suit your needs for more advanced features of [OpenVPN](http://openvpn.net). The second is an `up` script run when OpenVPN starts. This is where you can add firewall rules, enable IP forwarding and other OS network settings required for OpenVPN. Attributes in the cookbook are provided as defaults, you can add more via the openvpn role if you need them.
 
 
-Using the LWRP
---------------
+## Using the LWRP
+
 To create (possibly multiple) "conf" files on a server, use openvpn_conf "name".  See the conf.rb file in the resources directory to find the supported attributes, or add some of your own.  If you don't want to use the default "server.conf" from the default recipe, set `node['openvpn']["configure_default_server"]` to false, then use the LWRP to configure as many as you like.
 
 
-SSL Certificates
-----------------
+## SSL Certificates
+
 Some of the easy-rsa tools are copied to /etc/openvpn/easy-rsa to provide the minimum to generate the certificates using the default and users recipes. We provide a Rakefile to make it easier to generate client certificate sets if you're not using the data bags above. To generate new client certificates you will need `rake` installed (either as a gem or a package), then run:
 
     cd /etc/openvpn/easy-rsa
@@ -208,8 +215,8 @@ Some of the easy-rsa tools are copied to /etc/openvpn/easy-rsa to provide the mi
 Replace `CLIENT_NAME` and `vpn.example.com` with your desired values. The rake task will generate a tar.gz file with the configuration and certificates for the client.
 
 
-License & Authors
------------------
+## License & Authors
+
 - Author:: Chris Fordham (<[email protected]>)
 - Author:: Joshua Timberman (<[email protected]>)