diff --git a/.gitignore b/.gitignore index 79776e8..1331d18 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ .kitchen/* +*.pyc diff --git a/.kitchen.yml b/.kitchen.yml deleted file mode 100644 index 7a16e14..0000000 --- a/.kitchen.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -driver: - name: docker_cli - -transport: - name: docker_cli - -provisioner: - name: ansible_playbook - hosts: localhost - require_ansible_repo: false - require_ansible_omnibus: false - require_chef_for_busser: true - ansible_verbose: false - ansible_inventory: ./test/integration/inventory - -platforms: - - name: debian-9 - driver_config: - image: "nishiki/debian9:ansible-<%= ENV['ANSIBLE_VERSION'] ? ENV['ANSIBLE_VERSION'] : '2.7' %>" - command: /bin/systemd - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - security_opt: seccomp=unconfined - -suites: - - name: default diff --git a/.yamllint b/.yamllint index 5465b58..eac5404 100644 --- a/.yamllint +++ b/.yamllint @@ -4,6 +4,7 @@ extends: default ignore: | .kitchen/* vendor/ + molecule/default/converge.yml rules: line-length: diff --git a/CHANGELOG.md b/CHANGELOG.md index 17cb7ed..b522774 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,15 +8,20 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/) ### Added - feat: add logstash patterns for grok +- test: add support debian 11 ### Changed - change logstash_inputs variable: dict to array +- test: replace kitchen to molecule + +### Removed + +- test: remove support debian 9 ## v1.0.0 - 2019-09-29 ### Added -- install kibana package - copy configuration - use the logstash config test to validate the configuration diff --git a/Gemfile b/Gemfile deleted file mode 100644 index 0d96441..0000000 --- a/Gemfile +++ /dev/null @@ -1,8 +0,0 @@ -source 'https://rubygems.org' - -group :development do - gem 'kitchen-ansible' - gem 'kitchen-docker_cli' - gem 'rubocop', '0.50.0' - gem 'test-kitchen' -end diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index a7102f1..0000000 --- a/Gemfile.lock +++ /dev/null @@ -1,130 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - ast (2.4.0) - bcrypt_pbkdf (1.0.1) - builder (3.2.3) - ed25519 (1.2.4) - equatable (0.6.1) - erubis (2.7.0) - ffi (1.11.1) - gssapi (1.3.0) - ffi (>= 1.0.1) - gyoku (1.3.1) - builder (>= 2.1.2) - httpclient (2.8.3) - kitchen-ansible (0.50.1) - net-ssh (>= 3) - test-kitchen (>= 1.4) - kitchen-docker_cli (0.19.0) - test-kitchen (>= 1.3) - license-acceptance (1.0.13) - pastel (~> 0.7) - tomlrb (~> 1.2) - tty-box (~> 0.3) - tty-prompt (~> 0.18) - little-plugger (1.1.4) - logging (2.2.2) - little-plugger (~> 1.1) - multi_json (~> 1.10) - mixlib-install (3.11.21) - mixlib-shellout - mixlib-versioning - thor - mixlib-shellout (3.0.7) - mixlib-versioning (1.2.7) - multi_json (1.13.1) - necromancer (0.5.0) - net-scp (2.0.0) - net-ssh (>= 2.6.5, < 6.0.0) - net-ssh (5.2.0) - net-ssh-gateway (2.0.0) - net-ssh (>= 4.0.0) - nori (2.6.0) - parallel (1.17.0) - parser (2.6.4.0) - ast (~> 2.4.0) - pastel (0.7.3) - equatable (~> 0.6) - tty-color (~> 0.5) - powerpack (0.1.2) - rainbow (2.2.2) - rake - rake (12.3.3) - rubocop (0.50.0) - parallel (~> 1.10) - parser (>= 2.3.3.1, < 3.0) - powerpack (~> 0.1) - rainbow (>= 2.2.2, < 3.0) - ruby-progressbar (~> 1.7) - unicode-display_width (~> 1.0, >= 1.0.1) - ruby-progressbar (1.10.1) - rubyntlm (0.6.2) - rubyzip (1.2.3) - strings (0.1.6) - strings-ansi (~> 0.1) - unicode-display_width (~> 1.5) - unicode_utils (~> 1.4) - strings-ansi (0.1.0) - test-kitchen (2.3.2) - bcrypt_pbkdf (~> 1.0) - ed25519 (~> 1.2) - license-acceptance (~> 1.0, >= 1.0.11) - mixlib-install (~> 3.6) - mixlib-shellout (>= 1.2, < 4.0) - net-scp (>= 1.1, < 3.0) - net-ssh (>= 2.9, < 6.0) - net-ssh-gateway (>= 1.2, < 3.0) - thor (~> 0.19) - winrm (~> 2.0) - winrm-elevated (~> 1.0) - winrm-fs (~> 1.1) - thor (0.20.3) - tomlrb (1.2.8) - tty-box (0.4.1) - pastel (~> 0.7.2) - strings (~> 0.1.6) - tty-cursor (~> 0.7) - tty-color (0.5.0) - tty-cursor (0.7.0) - tty-prompt (0.19.0) - necromancer (~> 0.5.0) - pastel (~> 0.7.0) - tty-reader (~> 0.6.0) - tty-reader (0.6.0) - tty-cursor (~> 0.7) - tty-screen (~> 0.7) - wisper (~> 2.0.0) - tty-screen (0.7.0) - unicode-display_width (1.6.0) - unicode_utils (1.4.0) - winrm (2.3.2) - builder (>= 2.1.2) - erubis (~> 2.7) - gssapi (~> 1.2) - gyoku (~> 1.0) - httpclient (~> 2.2, >= 2.2.0.2) - logging (>= 1.6.1, < 3.0) - nori (~> 2.0) - rubyntlm (~> 0.6.0, >= 0.6.1) - winrm-elevated (1.1.1) - winrm (~> 2.0) - winrm-fs (~> 1.0) - winrm-fs (1.3.2) - erubis (~> 2.7) - logging (>= 1.6.1, < 3.0) - rubyzip (~> 1.1) - winrm (~> 2.0) - wisper (2.0.0) - -PLATFORMS - ruby - -DEPENDENCIES - kitchen-ansible - kitchen-docker_cli - rubocop (= 0.50.0) - test-kitchen - -BUNDLED WITH - 1.16.6 diff --git a/README.md b/README.md index 53caa7a..a8a9eac 100644 --- a/README.md +++ b/README.md @@ -7,8 +7,10 @@ Install and configure logstash ## Requirements -* Ansible >= 2.7 -* Debian Stretch and Buster +* Ansible >= 2.9 +* Debian + * Buster + * Bullseye ## Role variables @@ -75,25 +77,12 @@ Install and configure logstash ## Development -### Test syntax with yamllint - -* install `python` and `python-pip` -* install yamllint `pip install yamllint` -* run `yamllint .` - -### Test syntax with ansible-lint - -* install `python` and `python-pip` -* install yamllint `pip install ansible-lint` -* run `ansible-lint .` - -### Tests with docker +### Test with molecule and docker * install [docker](https://docs.docker.com/engine/installation/) -* install ruby -* install bundler `gem install bundler` -* install dependencies `bundle install` -* run the tests `kitchen test` +* install `python3` and `python3-pip` +* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint` +* run `molecule test` ## License diff --git a/meta/main.yml b/meta/main.yml index a158c6c..718ceb9 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -5,13 +5,13 @@ galaxy_info: company: Adrien Waksberg description: Install and configure logstash license: Apache2 - min_ansible_version: 2.7 + min_ansible_version: 2.9 platforms: - name: Debian versions: - - stretch - buster + - bullseye galaxy_tags: - elk diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml new file mode 100644 index 0000000..e898bf2 --- /dev/null +++ b/molecule/default/converge.yml @@ -0,0 +1,30 @@ +--- +- name: Converge + hosts: all + roles: + - ansible-role-logstash + vars: + logstash_plugins: + - name: logstash-output-influxdb + logstash_patterns: + postfix: | + # Syslog stuff + PROCESS ([\w._\/%-]+) + COMPID postfix\/%{PROCESS:process}(?:\[%{NUMBER:pid}\])? + POSTFIX (?:%{SYSLOGTIMESTAMP:timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{COMPID}: + logstash_inputs: + - > + file { + path => "/var/log/syslog" + } + logstash_outputs: + - > + file { + path => "/tmp/logstash.log" + codec => "json" + } + pre_tasks: + - name: update apt cache + ansible.builtin.apt: + update_cache: true + cache_valid_time: 3600 diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml new file mode 100644 index 0000000..0507c53 --- /dev/null +++ b/molecule/default/molecule.yml @@ -0,0 +1,26 @@ +--- +driver: + name: docker +platforms: + - name: debian10 + image: nishiki/debian10:molecule + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + command: /bin/systemd + capabilities: + - SYS_ADMIN + - name: debian11 + image: nishiki/debian11:molecule + privileged: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + command: /bin/systemd + capabilities: + - SYS_ADMIN +lint: | + set -e + yamllint . + ansible-lint . +verifier: + name: testinfra diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py new file mode 100644 index 0000000..1b0109e --- /dev/null +++ b/molecule/default/tests/test_default.py @@ -0,0 +1,50 @@ +import testinfra.utils.ansible_runner +import time + +def test_packages(host): + package = host.package('logstash') + assert package.is_installed + +def test_config_file(host): + path = host.file('/etc/logstash/logstash.yml') + assert path.exists + assert path.is_file + assert path.user == 'root' + assert path.group == 'root' + assert path.mode == 0o644 + +def test_input_file(host): + path = host.file('/etc/logstash/conf.d/input.conf') + assert path.exists + assert path.is_file + assert path.user == 'root' + assert path.group == 'root' + assert path.mode == 0o644 + assert path.contains('path => "/var/log/syslog"') + +def test_patterns_file(host): + path = host.file('/etc/logstash/patterns/postfix.conf') + assert path.exists + assert path.is_file + assert path.user == 'root' + assert path.group == 'root' + assert path.mode == 0o644 + assert path.contains('# Syslog stuff') + +def test_service(host): + service = host.service('logstash') + assert service.is_running + assert service.is_enabled + +def test_output(host): + time.sleep(20) + host.run('echo test >> /var/log/syslog') + time.sleep(10) + path = host.file('/tmp/logstash.log') + assert path.exists + assert path.is_file + assert path.contains('test') + +def test_socket(host): + socket = host.socket('tcp://127.0.0.1:9600') + assert socket.is_listening diff --git a/tasks/main.yml b/tasks/main.yml index 5f3fdcc..702051c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -4,8 +4,9 @@ name: '{{ packages }}' vars: packages: - - default-jre - apt-transport-https + - default-jre + - gpg retries: 2 register: result until: result is succeeded diff --git a/test/integration/default/default.yml b/test/integration/default/default.yml deleted file mode 100644 index 024e87a..0000000 --- a/test/integration/default/default.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- hosts: localhost - connection: local - vars: - logstash_plugins: - - name: logstash-output-influxdb - logstash_inputs: - - > - file { - path => "/var/log/syslog" - } - logstash_outputs: - - > - file { - path => "/var/log/syslog" - codec => "json" - } - - roles: - - ansible-role-logstash diff --git a/test/integration/default/serverspec/default_spec.rb b/test/integration/default/serverspec/default_spec.rb deleted file mode 100644 index c30e7a2..0000000 --- a/test/integration/default/serverspec/default_spec.rb +++ /dev/null @@ -1,48 +0,0 @@ -require 'serverspec' - -set :backend, :exec - -puts -puts '================================' -puts %x(ansible --version) -puts '================================' - -describe package('logstash') do - it { should be_installed } -end - -describe file('/etc/logstash/logstash.yml') do - it { should be_file } - it { should be_mode 644 } - it { should be_owned_by 'root' } - it { should be_grouped_into 'root' } -end - -describe file('/etc/logstash/conf.d/input.conf') do - it { should be_file } - it { should be_mode 644 } - it { should be_owned_by 'root' } - it { should be_grouped_into 'root' } - it { should contain 'path => "/var/log/syslog"' } -end - -describe service('logstash') do - it { should be_enabled } - it { should be_running.under('systemd') } -end - -sleep 20 - -open('/tmp/logstash.log', 'a') do |f| - f << "test\n" -end - -sleep 2 - -describe port(9600) do - it { should be_listening } -end - -describe file('/tmp/logstash.log') do - it { should be_file } -end diff --git a/test/integration/inventory b/test/integration/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/test/integration/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost