From 43ff4610451370cf0777102e805c49bc31abd817 Mon Sep 17 00:00:00 2001 From: Adrien Waksberg Date: Sun, 12 Sep 2021 23:58:11 +0200 Subject: [PATCH] test: replace kitchen to molecule --- .gitignore | 2 +- .kitchen.yml | 20 --- .rubocop.yml | 38 ----- CHANGELOG.md | 20 ++- Gemfile | 8 -- Gemfile.lock | 130 ------------------ README.md | 31 ++--- library/luks_decrypt.py | 4 +- library/luks_manage.py | 4 +- molecule/default/converge.yml | 27 ++++ molecule/default/molecule.yml | 25 ++++ molecule/default/tests/test_default.py | 12 ++ test/integration/default/default.yml | 21 --- .../default/serverspec/default_spec.rb | 25 ---- test/integration/inventory | 1 - 15 files changed, 99 insertions(+), 269 deletions(-) delete mode 100644 .kitchen.yml delete mode 100644 .rubocop.yml delete mode 100644 Gemfile delete mode 100644 Gemfile.lock create mode 100644 molecule/default/converge.yml create mode 100644 molecule/default/molecule.yml create mode 100644 molecule/default/tests/test_default.py delete mode 100644 test/integration/default/default.yml delete mode 100644 test/integration/default/serverspec/default_spec.rb delete mode 100644 test/integration/inventory diff --git a/.gitignore b/.gitignore index 9ca390c..1331d18 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ .kitchen/* - +*.pyc diff --git a/.kitchen.yml b/.kitchen.yml deleted file mode 100644 index 08790ea..0000000 --- a/.kitchen.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -driver: - name: vagrant - provider: virtualbox - box: bento/debian-10.2 - -provisioner: - name: ansible_playbook - hosts: localhost - require_ansible_repo: false - require_ansible_omnibus: true - require_chef_for_busser: true - ansible_verbose: false - ansible_inventory: ./test/integration/inventory - -platforms: - - name: debian-10 - -suites: - - name: default diff --git a/.rubocop.yml b/.rubocop.yml deleted file mode 100644 index 66555b6..0000000 --- a/.rubocop.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -AllCops: - Exclude: - - db/**/* - - config/**/* - - Vagrantfile - TargetRubyVersion: 2.4 - -Naming/AccessorMethodName: - Enabled: false - -Lint/RescueWithoutErrorClass: - Enabled: false - -Metrics/LineLength: - Max: 120 -Metrics/CyclomaticComplexity: - Enabled: false -Metrics/PerceivedComplexity: - Enabled: false -Metrics/MethodLength: - Enabled: false -Metrics/BlockLength: - Enabled: false -Metrics/ClassLength: - Enabled: false -Metrics/AbcSize: - Enabled: false - -Style/NumericLiteralPrefix: - Enabled: false -Style/FrozenStringLiteralComment: - Enabled: false -Style/CommandLiteral: - Enabled: true - EnforcedStyle: percent_x -Style/Documentation: - Enabled: false diff --git a/CHANGELOG.md b/CHANGELOG.md index 16a8087..39880aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,23 @@ This project adheres to [Semantic Versioning](http://semver.org/). Which is based on [Keep A Changelog](http://keepachangelog.com/) ## [Unreleased] -- fix: no show log with luks password -## [1.0.0] - 2019-03-16 +### Added + +- support debian 11 + +### Changed + +test: replace kitchen to molecule + +### Fixed + +- no show log with luks password + +### Removed + +- support debian 9 + +## v1.0.0 - 2019-03-16 + - first version diff --git a/Gemfile b/Gemfile deleted file mode 100644 index edffe52..0000000 --- a/Gemfile +++ /dev/null @@ -1,8 +0,0 @@ -source 'https://rubygems.org' - -group :development do - gem 'kitchen-ansible' - gem 'kitchen-vagrant' - gem 'rubocop', '0.50.0' - gem 'test-kitchen' -end diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index 9242199..0000000 --- a/Gemfile.lock +++ /dev/null @@ -1,130 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - ast (2.4.0) - bcrypt_pbkdf (1.0.1) - builder (3.2.4) - ed25519 (1.2.4) - equatable (0.6.1) - erubis (2.7.0) - ffi (1.11.1) - gssapi (1.3.0) - ffi (>= 1.0.1) - gyoku (1.3.1) - builder (>= 2.1.2) - httpclient (2.8.3) - kitchen-ansible (0.50.1) - net-ssh (>= 3) - test-kitchen (>= 1.4) - kitchen-vagrant (1.6.0) - test-kitchen (>= 1.4, < 3) - license-acceptance (1.0.13) - pastel (~> 0.7) - tomlrb (~> 1.2) - tty-box (~> 0.3) - tty-prompt (~> 0.18) - little-plugger (1.1.4) - logging (2.2.2) - little-plugger (~> 1.1) - multi_json (~> 1.10) - mixlib-install (3.11.21) - mixlib-shellout - mixlib-versioning - thor - mixlib-shellout (3.0.7) - mixlib-versioning (1.2.7) - multi_json (1.13.1) - necromancer (0.5.0) - net-scp (2.0.0) - net-ssh (>= 2.6.5, < 6.0.0) - net-ssh (5.2.0) - net-ssh-gateway (2.0.0) - net-ssh (>= 4.0.0) - nori (2.6.0) - parallel (1.17.0) - parser (2.6.4.1) - ast (~> 2.4.0) - pastel (0.7.3) - equatable (~> 0.6) - tty-color (~> 0.5) - powerpack (0.1.2) - rainbow (2.2.2) - rake - rake (13.0.1) - rubocop (0.50.0) - parallel (~> 1.10) - parser (>= 2.3.3.1, < 3.0) - powerpack (~> 0.1) - rainbow (>= 2.2.2, < 3.0) - ruby-progressbar (~> 1.7) - unicode-display_width (~> 1.0, >= 1.0.1) - ruby-progressbar (1.10.1) - rubyntlm (0.6.2) - rubyzip (1.3.0) - strings (0.1.6) - strings-ansi (~> 0.1) - unicode-display_width (~> 1.5) - unicode_utils (~> 1.4) - strings-ansi (0.1.0) - test-kitchen (2.3.3) - bcrypt_pbkdf (~> 1.0) - ed25519 (~> 1.2) - license-acceptance (~> 1.0, >= 1.0.11) - mixlib-install (~> 3.6) - mixlib-shellout (>= 1.2, < 4.0) - net-scp (>= 1.1, < 3.0) - net-ssh (>= 2.9, < 6.0) - net-ssh-gateway (>= 1.2, < 3.0) - thor (~> 0.19) - winrm (~> 2.0) - winrm-elevated (~> 1.0) - winrm-fs (~> 1.1) - thor (0.20.3) - tomlrb (1.2.8) - tty-box (0.4.1) - pastel (~> 0.7.2) - strings (~> 0.1.6) - tty-cursor (~> 0.7) - tty-color (0.5.0) - tty-cursor (0.7.0) - tty-prompt (0.19.0) - necromancer (~> 0.5.0) - pastel (~> 0.7.0) - tty-reader (~> 0.6.0) - tty-reader (0.6.0) - tty-cursor (~> 0.7) - tty-screen (~> 0.7) - wisper (~> 2.0.0) - tty-screen (0.7.0) - unicode-display_width (1.6.0) - unicode_utils (1.4.0) - winrm (2.3.2) - builder (>= 2.1.2) - erubis (~> 2.7) - gssapi (~> 1.2) - gyoku (~> 1.0) - httpclient (~> 2.2, >= 2.2.0.2) - logging (>= 1.6.1, < 3.0) - nori (~> 2.0) - rubyntlm (~> 0.6.0, >= 0.6.1) - winrm-elevated (1.1.1) - winrm (~> 2.0) - winrm-fs (~> 1.0) - winrm-fs (1.3.2) - erubis (~> 2.7) - logging (>= 1.6.1, < 3.0) - rubyzip (~> 1.1) - winrm (~> 2.0) - wisper (2.0.0) - -PLATFORMS - ruby - -DEPENDENCIES - kitchen-ansible - kitchen-vagrant - rubocop (= 0.50.0) - test-kitchen - -BUNDLED WITH - 1.17.3 diff --git a/README.md b/README.md index 543c8a8..51cedae 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # Ansible role: Luks + [![Version](https://img.shields.io/badge/latest_version-1.0.0-green.svg)](https://git.yaegashi.fr/nishiki/ansible-role-luks/releases) [![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://git.yaegashi.fr/nishiki/ansible-role-luks/src/branch/master/LICENSE) @@ -6,8 +7,10 @@ Encrypt device with luks ## Requirements -* Ansible >= 2.5 -* Debian Stretch +* Ansible >= 2.9 +* Debian + * Buster + * Bullseye ## Role variables @@ -32,25 +35,15 @@ Encrypt device with luks ``` ## Development -### Test syntax with yamllint -* install `python` and `python-pip` -* install yamllint `pip install yamllint` -* run `yamllint .` +### Test with molecule and docker -### Test syntax with ansible-lint - -* install `python` and `python-pip` -* install yamllint `pip install ansible-lint` -* run `ansible-lint .` - -### Tests with docker - -* install [docker](https://docs.docker.com/engine/installation/) -* install ruby -* install bundler `gem install bundler` -* install dependencies `bundle install` -* run the tests `kitchen test` +* install libvirt on debian `apt install libvirt-dev qemu-system libvirt-clients libvirt-daemon-system` +* install [vagrant](https://www.vagrantup.com/docs/installation) +* install vagrant libvirt plusin `vagrant plugin install vagrant-libvirt` +* install `python3` and `python3-pip` +* install molecule and dependencies `pip3 install molecule python-vagrant molecule-vagrant ansible-lint pytest-testinfra yamllint` +* run `molecule test` ## License diff --git a/library/luks_decrypt.py b/library/luks_decrypt.py index 01d7682..fbdd876 100644 --- a/library/luks_decrypt.py +++ b/library/luks_decrypt.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from ansible.module_utils.basic import * import subprocess @@ -24,7 +24,7 @@ class LuksDecrypt: 'cryptsetup', '-q', 'open', '-d', '-', self.device, self.name ], stdin=subprocess.PIPE ) - p.stdin.write(key) + p.stdin.write(key.encode()) p.communicate()[0] p.stdin.close() diff --git a/library/luks_manage.py b/library/luks_manage.py index 2219a91..785799c 100644 --- a/library/luks_manage.py +++ b/library/luks_manage.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 from ansible.module_utils.basic import * import subprocess @@ -20,7 +20,7 @@ class LuksManage: '-s', str(size), self.device, '-d', '-' ], stdin=subprocess.PIPE ) - p.stdin.write(key) + p.stdin.write(key.encode()) p.communicate()[0] p.stdin.close() diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml new file mode 100644 index 0000000..d507240 --- /dev/null +++ b/molecule/default/converge.yml @@ -0,0 +1,27 @@ +--- +- name: Converge + hosts: all + become: true + roles: + - ansible-role-luks + vars: + luks_devices: + - name: data_encrypted + device: /tmp/test.img + fstype: ext4 + mount_point: /mnt/data_decrypted + key: secret + + pre_tasks: + - name: update apt cache + ansible.builtin.apt: + update_cache: true + + - name: check if test.img exists + ansible.builtin.stat: + path: /tmp/test.img + register: st + + - name: create test.img + ansible.builtin.command: dd if=/dev/zero of=/tmp/test.img bs=1M count=100 + when: not st.stat.exists diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml new file mode 100644 index 0000000..df41b67 --- /dev/null +++ b/molecule/default/molecule.yml @@ -0,0 +1,25 @@ +--- +driver: + name: vagrant + provider: + name: libvirt + +platforms: + - name: debian10 + box: debian/buster64 + memory: 512 + cpus: 1 + instance_raw_config_args: + - vagrant.plugins = ["vagrant-libvirt"] + - name: debian11 + box: debian/bullseye64 + memory: 512 + cpus: 1 + instance_raw_config_args: + - vagrant.plugins = ["vagrant-libvirt"] +lint: | + set -e + yamllint . + ansible-lint . +verifier: + name: testinfra diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py new file mode 100644 index 0000000..8468d10 --- /dev/null +++ b/molecule/default/tests/test_default.py @@ -0,0 +1,12 @@ +import testinfra.utils.ansible_runner + +def test_packages(host): + for package_name in ['cryptsetup', 'util-linux']: + package = host.package(package_name) + assert package.is_installed + +def test_mount_device_encrypted(host): + mount = host.mount_point('/mnt/data_decrypted') + assert mount.exists + assert mount.device == '/dev/mapper/data_encrypted' + assert mount.filesystem == 'ext4' diff --git a/test/integration/default/default.yml b/test/integration/default/default.yml deleted file mode 100644 index 83891e7..0000000 --- a/test/integration/default/default.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -- hosts: localhost - connection: local - vars: - luks_devices: - - name: data_encrypted - device: /tmp/test.img - fstype: ext4 - mount_point: /mnt/data_decrypted - key: secret - - pre_tasks: - - stat: - path: /tmp/test.img - register: st - - - command: dd if=/dev/zero of=/tmp/test.img bs=1M count=100 - when: not st.stat.exists - - roles: - - ansible-role-luks diff --git a/test/integration/default/serverspec/default_spec.rb b/test/integration/default/serverspec/default_spec.rb deleted file mode 100644 index 04d4007..0000000 --- a/test/integration/default/serverspec/default_spec.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'serverspec' - -set :backend, :exec - -puts -puts '================================' -puts %x(ansible --version) -puts '================================' - -%w[ - cryptsetup - util-linux -].each do |package| - describe package(package) do - it { should be_installed } - end -end - -describe file('/dev/mapper/data_encrypted') do - it { should be_block_device } -end - -describe file('/mnt/data_decrypted') do - it { should be_mounted } -end diff --git a/test/integration/inventory b/test/integration/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/test/integration/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost