Add Kitchen tests and Travis CI
Change-Id: I12ab98b5602404fa55edc75e6961bb62afbd7e3a
diff --git a/.kitchen.yml b/.kitchen.yml
new file mode 100644
index 0000000..bffe40c
--- /dev/null
+++ b/.kitchen.yml
@@ -0,0 +1,70 @@
+---
+driver:
+ name: docker
+ hostname: mysql.ci.local
+ use_sudo: false
+
+provisioner:
+ name: salt_solo
+ salt_install: bootstrap
+ salt_bootstrap_url: https://bootstrap.saltstack.com
+ salt_version: latest
+ require_chef: false
+ log_level: error
+ formula: mysql
+ grains:
+ noservices: True
+ state_top:
+ base:
+ "*":
+ - mysql
+ pillars:
+ top.sls:
+ base:
+ "*":
+ - mysql
+ - mysqlver
+ mysqlver.sls:
+ mysql:
+ server:
+ enabled: true
+ version: "<%=ENV['MYSQL_VER'] || '5.7'%>"
+
+verifier:
+ name: inspec
+ sudo: true
+
+
+platforms:
+ - name: <%=ENV['PLATFORM'] || 'ubuntu-xenial'%>
+ driver_config:
+ image: <%=ENV['PLATFORM'] || 'trevorj/salty-whales:xenial'%>
+ platform: ubuntu
+
+suites:
+
+ - name: replication_both
+ provisioner:
+ pillars-from-files:
+ mysql.sls: tests/pillar/replication_both.sls
+
+ - name: replication_master
+ provisioner:
+ pillars-from-files:
+ mysql.sls: tests/pillar/replication_master.sls
+
+ - name: replication_slave
+ provisioner:
+ pillars-from-files:
+ mysql.sls: tests/pillar/replication_slave.sls
+
+ - name: server_client_database
+ provisioner:
+ pillars-from-files:
+ mysql.sls: tests/pillar/server_client_database.sls
+
+ - name: server_client_user
+ provisioner:
+ pillars-from-files:
+ mysql.sls: tests/pillar/server_client_user.sls
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
\ No newline at end of file
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..90d0185
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,48 @@
+sudo: required
+services:
+ - docker
+
+install:
+ - pip install PyYAML
+ - pip install virtualenv
+ - |
+ test -e Gemfile || cat <<EOF > Gemfile
+ source 'https://rubygems.org'
+ gem 'rake'
+ gem 'test-kitchen'
+ gem 'kitchen-docker'
+ gem 'kitchen-inspec'
+ gem 'inspec'
+ gem 'kitchen-salt', :git => 'https://github.com/salt-formulas/kitchen-salt.git'
+ - bundle install
+
+env:
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=replication_both MYSQL_VER=5.5
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=replication_both MYSQL_VER=5.7
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=replication_master MYSQL_VER=5.5
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=replication_master MYSQL_VER=5.7
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=replication_slave MYSQL_VER=5.5
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=replication_slave MYSQL_VER=5.7
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=server_client_database MYSQL_VER=5.5
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=server_client_database MYSQL_VER=5.7
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=server_client_user MYSQL_VER=5.5
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=server_client_user MYSQL_VER=5.7
+
+before_script:
+ - set -o pipefail
+ - make test | tail
+
+script:
+ - test ! -e .kitchen.yml || bundle exec kitchen converge ${SUITE} || true
+ - test ! -e .kitchen.yml || bundle exec kitchen verify ${SUITE} -t tests/integration
+
+notifications:
+ webhooks:
+ urls:
+ - https://webhooks.gitter.im/e/6123573504759330786b
+ on_success: change # options: [always|never|change] default: always
+ on_failure: never # options: [always|never|change] default: always
+ on_start: never # options: [always|never|change] default: always
+ on_cancel: never # options: [always|never|change] default: always
+ on_error: never # options: [always|never|change] default: always
+ email: false
\ No newline at end of file
diff --git a/mysql/common.sls b/mysql/common.sls
index 414a752..3990db5 100644
--- a/mysql/common.sls
+++ b/mysql/common.sls
@@ -8,7 +8,7 @@
- data:
'mysql-server/root_password': {'type':'string','value':'{{ server.admin.password }}'}
'mysql-server/root_password_again': {'type':'string','value':'{{ server.admin.password }}'}
- - require_in:
+ - require:
- pkg: mysql_packages
{%- endif %}
@@ -26,15 +26,12 @@
- require:
- pkg: mysql_packages
-{%- if not grains.get('noservices', False) %}
mysql_service:
service.running:
- name: {{ server.service }}
- enable: true
- watch:
- file: mysql_config
-{%- endif %}
-
{%- if grains.get('virtual_subtype', None) == "Docker" %}
mysql_entrypoint:
diff --git a/mysql/conf/my.cnf.Debian b/mysql/conf/my.cnf.Debian
index 9a1c0e4..6c6e9af 100644
--- a/mysql/conf/my.cnf.Debian
+++ b/mysql/conf/my.cnf.Debian
@@ -144,7 +144,8 @@
#
{%- if server.ssl.enabled and server.replication.role in ['master', 'slave', 'both', 'none'] %}
-old_passwords = 1
+#old_passwords = 1
+#old_passwords param is deprecated in MySQL 5.7 and currently only accepts values 0 or 2
ssl-ca=/etc/mysql/cacert.pem
ssl-cert=/etc/mysql/server-cert.pem
ssl-key=/etc/mysql/server-key.pem
diff --git a/mysql/map.jinja b/mysql/map.jinja
index ce4ee0a..1114aef 100644
--- a/mysql/map.jinja
+++ b/mysql/map.jinja
@@ -3,7 +3,7 @@
{%- set server = salt['grains.filter_by']({
'Debian': {
- 'pkgs': ['mysql-server-'+mysql_version, 'python-mysqldb'],
+ 'pkgs': ['mysql-server-'+mysql_version, 'python-mysqldb', 'debconf-utils'],
'service': 'mysql',
'config': '/etc/mysql/my.cnf',
'maintenance_password': '5Pg91H1flC4HSVns',
diff --git a/mysql/server/service.sls b/mysql/server/service.sls
index aaf5912..1ab4167 100644
--- a/mysql/server/service.sls
+++ b/mysql/server/service.sls
@@ -21,7 +21,7 @@
/etc/mysql/server-key.pem:
file.managed:
- {%- if server.ssl.cert is defined %}
+ {%- if server.ssl.key is defined %}
- contents_pillar: mysql:server:ssl:key
{%- else %}
- source: salt://pki/{{ server.ssl.authority }}/certs/{{ server.ssl.certificate }}.key.pem
@@ -83,7 +83,7 @@
- connection_user: {{ mysql_connection_args.user }}
- connection_pass: {{ mysql_connection_args.password }}
- connection_charset: {{ mysql_connection_args.charset }}
- - watch_in:
+ - watch:
- service: mysql_service
{{ server.replication.user }}_replication_grants:
@@ -95,7 +95,7 @@
- connection_user: {{ mysql_connection_args.user }}
- connection_pass: {{ mysql_connection_args.password }}
- connection_charset: {{ mysql_connection_args.charset }}
- - watch_in:
+ - watch:
- service: mysql_service
{%- endif %}
diff --git a/tests/pillar/client_database.sls b/tests/pillar/client_database.sls
deleted file mode 100644
index 255abb2..0000000
--- a/tests/pillar/client_database.sls
+++ /dev/null
@@ -1,19 +0,0 @@
-mysql:
- client:
- enabled: true
- server:
- server01:
- admin:
- host: database.host
- port: 3306
- user: root
- password: password
- encoding: utf8
- database:
- database01:
- encoding: utf8
- users:
- - name: username
- password: 'password'
- host: 'localhost'
- rights: 'all privileges'
diff --git a/tests/pillar/client_user.sls b/tests/pillar/client_user.sls
deleted file mode 100644
index 5dcbaa2..0000000
--- a/tests/pillar/client_user.sls
+++ /dev/null
@@ -1,17 +0,0 @@
-mysql:
- client:
- enabled: true
- server:
- server01:
- admin:
- host: database.host
- port: 3306
- user: root
- password: password
- encoding: utf8
- users:
- - name: user01
- host: "*"
- password: 'sdgdsgdsgd'
- - name: user02
- host: "localhost"
diff --git a/tests/pillar/replication_both.sls b/tests/pillar/replication_both.sls
index 995abac..31901e6 100644
--- a/tests/pillar/replication_both.sls
+++ b/tests/pillar/replication_both.sls
@@ -12,12 +12,76 @@
server_id: 1
ssl:
enabled: true
- authority: Org_CA
- certificate: name_of_service
- client_certificate: name_of_client_cert
+ cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAIfmjJydRX+GMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTM1MzhaFw0yNzA4
+ MjgxMTM1MzhaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQDhW6xXGA2iKd5ngRwqoU0A0pD71/moFm48q0UP
+ Tg8vUsIO3WBIEKVLzpln9sU9gplCTx1ScsFBiRi2E3Wv+PnFAgMBAAGjUDBOMB0G
+ A1UdDgQWBBSJ42eEq3O0faBj+NBXWV5O2Vr1PTAfBgNVHSMEGDAWgBSJ42eEq3O0
+ faBj+NBXWV5O2Vr1PTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EA3fbu
+ x0W+XORSyFcChwFyhd+ka0R/FB4IL2udPXWX96x+0inuYi2Pta++3fMGmf30GF7Y
+ 1Iv89B+NrhLHCfkEbg==
+ -----END CERTIFICATE-----
+ key: |
+ -----BEGIN PRIVATE KEY-----
+ MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEA4VusVxgNoineZ4Ec
+ KqFNANKQ+9f5qBZuPKtFD04PL1LCDt1gSBClS86ZZ/bFPYKZQk8dUnLBQYkYthN1
+ r/j5xQIDAQABAkB4ip+Zin0oY3raJF5bkyHsMbVpcHHS7gSTIQ10jU1kAsBAVA2p
+ wIvZte5fIuaA6pEQ/ogZ5oTdCSz+bgtR50ShAiEA+DjNRJeUvaXNYyNBqKyPI1oT
+ na2QqV43z74txQ8FOykCIQDoa3YqPO4b70hglJOJMIYyMQAkAzdichKTWbBaIJf5
+ PQIhANTqLDCU8RIHoXhTKqPbeGAziLXsxjRxS+BXWf05GByZAiB5whpEZGklL0TO
+ e+eSnl4fGzaEpz6zjykWEo1lmd+jzQIgL740kEr8J+Q1ppNDJBtbZnc7yp+P/DKL
+ wo20+sNoyFU=
+ -----END PRIVATE KEY-----
+
+ client_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAMOZDw2vHe+UMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTU0MzVaFw0yNzA4
+ MjgxMTU0MzVaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQD68iXHw1rQDWXFmdEPuv/8OCiUS1R6FoHqL357
+ VvqHA5339j8XKxtPnV2SY8DoMxEy1j7SYAyxD5xsZDVx14RpAgMBAAGjUDBOMB0G
+ A1UdDgQWBBTJ25400u3yEyiHykdeja+TGEMVKjAfBgNVHSMEGDAWgBTJ25400u3y
+ EyiHykdeja+TGEMVKjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EAaiMK
+ a4m6eSuk5emcw7igaV3UtydA6tduMvjL3zNcbI58on5YV7xgBTPXqDjq4QvAw06P
+ /PWEXbl2jaCHaX06wA==
+ -----END CERTIFICATE-----
+
+ client_key: |
+ -----BEGIN PRIVATE KEY-----
+ MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA+vIlx8Na0A1lxZnR
+ D7r//DgolEtUehaB6i9+e1b6hwOd9/Y/FysbT51dkmPA6DMRMtY+0mAMsQ+cbGQ1
+ cdeEaQIDAQABAkEApuTYn4ybHvdqEgsEcVPK37Fxu36GBlRlvpwroFfuck9yYod+
+ CZMPdFWD0/H29Tj1g5p/NKHGAcM3jtqf7daOCQIhAP4DCQguBpJChtQ9/LzGasJe
+ LN5bg/ChpFmN6iVnwEDbAiEA/Oj4ELceNaDVsVG8sVI3IrG/8xgXhYnNex/e5LPR
+ oQsCIEXE7akqgzGPRltrv0zWryI+HdLhjib9LxhOC59ElSD7AiEAz98EFWkNMXLy
+ cP4Ho485thB2/m1s19t9wpddcojB4iUCIBJ1hIyrfWFAh8ktK9mNolMPR50+4eZk
+ nTe8UvFB7ZIB
+ -----END PRIVATE KEY-----
+
+ cacert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAOqENcDHki1ZMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTU3MjBaFw0yNzA4
+ MjgxMTU3MjBaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQDR16IIDivaiFCgxe43WuZDNPnn+Efb5E8/oTMY
+ fVR8DS9u+arKL0WRW3unDPErpZAoESa2GV+QIRfmJBtS7MWJAgMBAAGjUDBOMB0G
+ A1UdDgQWBBT3yZnbvcTfd4qUxSSaNMMmToCuETAfBgNVHSMEGDAWgBT3yZnbvcTf
+ d4qUxSSaNMMmToCuETAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EArDqA
+ Y5Dnrw3xbFDoAYGVrvSwdabt5IbTA5xpAWYOqomkIMhJf8UptGZ6SkYoPKFLz+bL
+ 1yBBSG809x2L+BRFEA==
+ -----END CERTIFICATE-----
admin:
- user: user
- password: password
+ user: root
+ password: ''
bind:
address: 0.0.0.0
port: 3306
diff --git a/tests/pillar/replication_master.sls b/tests/pillar/replication_master.sls
index 892e23b..4eac076 100644
--- a/tests/pillar/replication_master.sls
+++ b/tests/pillar/replication_master.sls
@@ -10,12 +10,76 @@
server_id: 1
ssl:
enabled: true
- authority: Org_CA
- certificate: name_of_service
- client_certificate: name_of_client_cert
+ cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAIfmjJydRX+GMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTM1MzhaFw0yNzA4
+ MjgxMTM1MzhaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQDhW6xXGA2iKd5ngRwqoU0A0pD71/moFm48q0UP
+ Tg8vUsIO3WBIEKVLzpln9sU9gplCTx1ScsFBiRi2E3Wv+PnFAgMBAAGjUDBOMB0G
+ A1UdDgQWBBSJ42eEq3O0faBj+NBXWV5O2Vr1PTAfBgNVHSMEGDAWgBSJ42eEq3O0
+ faBj+NBXWV5O2Vr1PTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EA3fbu
+ x0W+XORSyFcChwFyhd+ka0R/FB4IL2udPXWX96x+0inuYi2Pta++3fMGmf30GF7Y
+ 1Iv89B+NrhLHCfkEbg==
+ -----END CERTIFICATE-----
+ key: |
+ -----BEGIN PRIVATE KEY-----
+ MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEA4VusVxgNoineZ4Ec
+ KqFNANKQ+9f5qBZuPKtFD04PL1LCDt1gSBClS86ZZ/bFPYKZQk8dUnLBQYkYthN1
+ r/j5xQIDAQABAkB4ip+Zin0oY3raJF5bkyHsMbVpcHHS7gSTIQ10jU1kAsBAVA2p
+ wIvZte5fIuaA6pEQ/ogZ5oTdCSz+bgtR50ShAiEA+DjNRJeUvaXNYyNBqKyPI1oT
+ na2QqV43z74txQ8FOykCIQDoa3YqPO4b70hglJOJMIYyMQAkAzdichKTWbBaIJf5
+ PQIhANTqLDCU8RIHoXhTKqPbeGAziLXsxjRxS+BXWf05GByZAiB5whpEZGklL0TO
+ e+eSnl4fGzaEpz6zjykWEo1lmd+jzQIgL740kEr8J+Q1ppNDJBtbZnc7yp+P/DKL
+ wo20+sNoyFU=
+ -----END PRIVATE KEY-----
+
+ client_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAMOZDw2vHe+UMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTU0MzVaFw0yNzA4
+ MjgxMTU0MzVaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQD68iXHw1rQDWXFmdEPuv/8OCiUS1R6FoHqL357
+ VvqHA5339j8XKxtPnV2SY8DoMxEy1j7SYAyxD5xsZDVx14RpAgMBAAGjUDBOMB0G
+ A1UdDgQWBBTJ25400u3yEyiHykdeja+TGEMVKjAfBgNVHSMEGDAWgBTJ25400u3y
+ EyiHykdeja+TGEMVKjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EAaiMK
+ a4m6eSuk5emcw7igaV3UtydA6tduMvjL3zNcbI58on5YV7xgBTPXqDjq4QvAw06P
+ /PWEXbl2jaCHaX06wA==
+ -----END CERTIFICATE-----
+
+ client_key: |
+ -----BEGIN PRIVATE KEY-----
+ MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA+vIlx8Na0A1lxZnR
+ D7r//DgolEtUehaB6i9+e1b6hwOd9/Y/FysbT51dkmPA6DMRMtY+0mAMsQ+cbGQ1
+ cdeEaQIDAQABAkEApuTYn4ybHvdqEgsEcVPK37Fxu36GBlRlvpwroFfuck9yYod+
+ CZMPdFWD0/H29Tj1g5p/NKHGAcM3jtqf7daOCQIhAP4DCQguBpJChtQ9/LzGasJe
+ LN5bg/ChpFmN6iVnwEDbAiEA/Oj4ELceNaDVsVG8sVI3IrG/8xgXhYnNex/e5LPR
+ oQsCIEXE7akqgzGPRltrv0zWryI+HdLhjib9LxhOC59ElSD7AiEAz98EFWkNMXLy
+ cP4Ho485thB2/m1s19t9wpddcojB4iUCIBJ1hIyrfWFAh8ktK9mNolMPR50+4eZk
+ nTe8UvFB7ZIB
+ -----END PRIVATE KEY-----
+
+ cacert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAOqENcDHki1ZMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTU3MjBaFw0yNzA4
+ MjgxMTU3MjBaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQDR16IIDivaiFCgxe43WuZDNPnn+Efb5E8/oTMY
+ fVR8DS9u+arKL0WRW3unDPErpZAoESa2GV+QIRfmJBtS7MWJAgMBAAGjUDBOMB0G
+ A1UdDgQWBBT3yZnbvcTfd4qUxSSaNMMmToCuETAfBgNVHSMEGDAWgBT3yZnbvcTf
+ d4qUxSSaNMMmToCuETAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EArDqA
+ Y5Dnrw3xbFDoAYGVrvSwdabt5IbTA5xpAWYOqomkIMhJf8UptGZ6SkYoPKFLz+bL
+ 1yBBSG809x2L+BRFEA==
+ -----END CERTIFICATE-----
admin:
- user: user
- password: password
+ user: root
+ password: ''
bind:
address: 0.0.0.0
port: 3306
diff --git a/tests/pillar/replication_slave.sls b/tests/pillar/replication_slave.sls
index a250527..5d32a1a 100644
--- a/tests/pillar/replication_slave.sls
+++ b/tests/pillar/replication_slave.sls
@@ -12,12 +12,76 @@
server_id: 1
ssl:
enabled: true
- authority: Org_CA
- certificate: name_of_service
- client_certificate: name_of_client_cert
+ cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAIfmjJydRX+GMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTM1MzhaFw0yNzA4
+ MjgxMTM1MzhaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQDhW6xXGA2iKd5ngRwqoU0A0pD71/moFm48q0UP
+ Tg8vUsIO3WBIEKVLzpln9sU9gplCTx1ScsFBiRi2E3Wv+PnFAgMBAAGjUDBOMB0G
+ A1UdDgQWBBSJ42eEq3O0faBj+NBXWV5O2Vr1PTAfBgNVHSMEGDAWgBSJ42eEq3O0
+ faBj+NBXWV5O2Vr1PTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EA3fbu
+ x0W+XORSyFcChwFyhd+ka0R/FB4IL2udPXWX96x+0inuYi2Pta++3fMGmf30GF7Y
+ 1Iv89B+NrhLHCfkEbg==
+ -----END CERTIFICATE-----
+ key: |
+ -----BEGIN PRIVATE KEY-----
+ MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEA4VusVxgNoineZ4Ec
+ KqFNANKQ+9f5qBZuPKtFD04PL1LCDt1gSBClS86ZZ/bFPYKZQk8dUnLBQYkYthN1
+ r/j5xQIDAQABAkB4ip+Zin0oY3raJF5bkyHsMbVpcHHS7gSTIQ10jU1kAsBAVA2p
+ wIvZte5fIuaA6pEQ/ogZ5oTdCSz+bgtR50ShAiEA+DjNRJeUvaXNYyNBqKyPI1oT
+ na2QqV43z74txQ8FOykCIQDoa3YqPO4b70hglJOJMIYyMQAkAzdichKTWbBaIJf5
+ PQIhANTqLDCU8RIHoXhTKqPbeGAziLXsxjRxS+BXWf05GByZAiB5whpEZGklL0TO
+ e+eSnl4fGzaEpz6zjykWEo1lmd+jzQIgL740kEr8J+Q1ppNDJBtbZnc7yp+P/DKL
+ wo20+sNoyFU=
+ -----END PRIVATE KEY-----
+
+ client_cert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAMOZDw2vHe+UMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTU0MzVaFw0yNzA4
+ MjgxMTU0MzVaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQD68iXHw1rQDWXFmdEPuv/8OCiUS1R6FoHqL357
+ VvqHA5339j8XKxtPnV2SY8DoMxEy1j7SYAyxD5xsZDVx14RpAgMBAAGjUDBOMB0G
+ A1UdDgQWBBTJ25400u3yEyiHykdeja+TGEMVKjAfBgNVHSMEGDAWgBTJ25400u3y
+ EyiHykdeja+TGEMVKjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EAaiMK
+ a4m6eSuk5emcw7igaV3UtydA6tduMvjL3zNcbI58on5YV7xgBTPXqDjq4QvAw06P
+ /PWEXbl2jaCHaX06wA==
+ -----END CERTIFICATE-----
+
+ client_key: |
+ -----BEGIN PRIVATE KEY-----
+ MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA+vIlx8Na0A1lxZnR
+ D7r//DgolEtUehaB6i9+e1b6hwOd9/Y/FysbT51dkmPA6DMRMtY+0mAMsQ+cbGQ1
+ cdeEaQIDAQABAkEApuTYn4ybHvdqEgsEcVPK37Fxu36GBlRlvpwroFfuck9yYod+
+ CZMPdFWD0/H29Tj1g5p/NKHGAcM3jtqf7daOCQIhAP4DCQguBpJChtQ9/LzGasJe
+ LN5bg/ChpFmN6iVnwEDbAiEA/Oj4ELceNaDVsVG8sVI3IrG/8xgXhYnNex/e5LPR
+ oQsCIEXE7akqgzGPRltrv0zWryI+HdLhjib9LxhOC59ElSD7AiEAz98EFWkNMXLy
+ cP4Ho485thB2/m1s19t9wpddcojB4iUCIBJ1hIyrfWFAh8ktK9mNolMPR50+4eZk
+ nTe8UvFB7ZIB
+ -----END PRIVATE KEY-----
+
+ cacert: |
+ -----BEGIN CERTIFICATE-----
+ MIIB6TCCAZOgAwIBAgIJAOqENcDHki1ZMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+ BAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkwFwYDVQQHDBBLYXJkYXNvdmEg
+ UmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczAeFw0xNzA4MzAxMTU3MjBaFw0yNzA4
+ MjgxMTU3MjBaMFAxCzAJBgNVBAYTAkNaMRMwEQYDVQQIDApTb21lLVN0YXRlMRkw
+ FwYDVQQHDBBLYXJkYXNvdmEgUmVjaWNlMREwDwYDVQQKDAhNaXJhbnRpczBcMA0G
+ CSqGSIb3DQEBAQUAA0sAMEgCQQDR16IIDivaiFCgxe43WuZDNPnn+Efb5E8/oTMY
+ fVR8DS9u+arKL0WRW3unDPErpZAoESa2GV+QIRfmJBtS7MWJAgMBAAGjUDBOMB0G
+ A1UdDgQWBBT3yZnbvcTfd4qUxSSaNMMmToCuETAfBgNVHSMEGDAWgBT3yZnbvcTf
+ d4qUxSSaNMMmToCuETAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA0EArDqA
+ Y5Dnrw3xbFDoAYGVrvSwdabt5IbTA5xpAWYOqomkIMhJf8UptGZ6SkYoPKFLz+bL
+ 1yBBSG809x2L+BRFEA==
+ -----END CERTIFICATE-----
admin:
- user: user
- password: password
+ user: root
+ password: ''
bind:
address: 0.0.0.0
port: 3306
diff --git a/tests/pillar/server_client_database.sls b/tests/pillar/server_client_database.sls
new file mode 100644
index 0000000..2cb29ea
--- /dev/null
+++ b/tests/pillar/server_client_database.sls
@@ -0,0 +1,42 @@
+mysql:
+ server:
+ enabled: true
+ version: '5.5'
+ force_encoding: utf8
+ admin:
+ user: root
+ password: ''
+ bind:
+ address: 0.0.0.0
+ port: 3306
+ protocol: tcp
+ database:
+ nova:
+ encoding: utf8
+ users:
+ - name: nova
+ password: password
+ host: '%'
+ rights: all
+ - name: nova
+ password: password
+ host: 127.0.0.1
+ rights: all
+ client:
+ enabled: true
+ server:
+ server01:
+ admin:
+ host: 0.0.0.0
+ port: 3306
+ user: root
+ password: ''
+ encoding: utf8
+ database:
+ database01:
+ encoding: utf8
+ users:
+ - name: username
+ password: 'password'
+ host: 'localhost'
+ rights: 'all privileges'
diff --git a/tests/pillar/server_client_user.sls b/tests/pillar/server_client_user.sls
new file mode 100644
index 0000000..0bf1dc1
--- /dev/null
+++ b/tests/pillar/server_client_user.sls
@@ -0,0 +1,34 @@
+mysql:
+ server:
+ enabled: true
+ version: '5.5'
+ force_encoding: utf8
+ admin:
+ user: root
+ password: ''
+ bind:
+ address: 0.0.0.0
+ port: 3306
+ protocol: tcp
+ users:
+ - name: user01
+ host: "*"
+ password: 'sdgdsgdsgd'
+ - name: user02
+ host: "localhost"
+ client:
+ enabled: true
+ server:
+ server01:
+ admin:
+ host: 0.0.0.0
+ port: 3306
+ user: root
+ password: ''
+ encoding: utf8
+ users:
+ - name: user01
+ host: "*"
+ password: 'sdgdsgdsgd'
+ - name: user02
+ host: "localhost"
diff --git a/tests/pillar/server_database.sls b/tests/pillar/server_database.sls
deleted file mode 100644
index 739d4fd..0000000
--- a/tests/pillar/server_database.sls
+++ /dev/null
@@ -1,24 +0,0 @@
-mysql:
- server:
- enabled: true
- version: '5.5'
- force_encoding: utf8
- admin:
- user: admin
- password: password
- bind:
- address: 0.0.0.0
- port: 3306
- protocol: tcp
- database:
- nova:
- encoding: utf8
- users:
- - name: nova
- password: password
- host: '%'
- rights: all
- - name: nova
- password: password
- host: 127.0.0.1
- rights: all
\ No newline at end of file
diff --git a/tests/pillar/server_user.sls b/tests/pillar/server_user.sls
deleted file mode 100644
index 25ef992..0000000
--- a/tests/pillar/server_user.sls
+++ /dev/null
@@ -1,18 +0,0 @@
-mysql:
- server:
- enabled: true
- version: '5.5'
- force_encoding: utf8
- admin:
- user: admin
- password: password
- bind:
- address: 0.0.0.0
- port: 3306
- protocol: tcp
- users:
- - name: user01
- host: "*"
- password: 'sdgdsgdsgd'
- - name: user02
- host: "localhost"
diff --git a/tests/run_tests.sh b/tests/run_tests.sh
index 3f42101..29fb975 100755
--- a/tests/run_tests.sh
+++ b/tests/run_tests.sh
@@ -6,11 +6,13 @@
CURDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
METADATA=${CURDIR}/../metadata.yml
FORMULA_NAME=$(cat $METADATA | python -c "import sys,yaml; print yaml.load(sys.stdin)['name']")
+FORMULA_META_DIR=${CURDIR}/../${FORMULA_NAME}/meta
## Overrideable parameters
PILLARDIR=${PILLARDIR:-${CURDIR}/pillar}
BUILDDIR=${BUILDDIR:-${CURDIR}/build}
VENV_DIR=${VENV_DIR:-${BUILDDIR}/virtualenv}
+MOCK_BIN_DIR=${MOCK_BIN_DIR:-${CURDIR}/mock_bin}
DEPSDIR=${BUILDDIR}/deps
SALT_FILE_DIR=${SALT_FILE_DIR:-${BUILDDIR}/file_root}
@@ -18,7 +20,7 @@
SALT_CONFIG_DIR=${SALT_CONFIG_DIR:-${BUILDDIR}/salt}
SALT_CACHE_DIR=${SALT_CACHE_DIR:-${SALT_CONFIG_DIR}/cache}
-SALT_OPTS="${SALT_OPTS} --retcode-passthrough --local -c ${SALT_CONFIG_DIR}"
+SALT_OPTS="${SALT_OPTS} --retcode-passthrough --local -c ${SALT_CONFIG_DIR} --log-file=/dev/null"
if [ "x${SALT_VERSION}" != "x" ]; then
PIP_SALT_VERSION="==${SALT_VERSION}"
@@ -40,10 +42,20 @@
pip install salt${PIP_SALT_VERSION}
}
+setup_mock_bin() {
+ # If some state requires a binary, a lightweight replacement for
+ # such binary can be put into MOCK_BIN_DIR for test purposes
+ if [ -d "${MOCK_BIN_DIR}" ]; then
+ PATH="${MOCK_BIN_DIR}:$PATH"
+ export PATH
+ fi
+}
+
setup_pillar() {
[ ! -d ${SALT_PILLAR_DIR} ] && mkdir -p ${SALT_PILLAR_DIR}
echo "base:" > ${SALT_PILLAR_DIR}/top.sls
for pillar in ${PILLARDIR}/*; do
+ grep ${FORMULA_NAME}: ${pillar} &>/dev/null || continue
state_name=$(basename ${pillar%.sls})
echo -e " ${state_name}:\n - ${state_name}" >> ${SALT_PILLAR_DIR}/top.sls
done
@@ -56,6 +68,7 @@
echo "base:" > ${SALT_FILE_DIR}/top.sls
for pillar in ${PILLARDIR}/*.sls; do
+ grep ${FORMULA_NAME}: ${pillar} &>/dev/null || continue
state_name=$(basename ${pillar%.sls})
echo -e " ${state_name}:\n - ${FORMULA_NAME}" >> ${SALT_FILE_DIR}/top.sls
done
@@ -64,6 +77,7 @@
file_client: local
cachedir: ${SALT_CACHE_DIR}
verify_env: False
+minion_id_caching: False
file_roots:
base:
@@ -118,6 +132,7 @@
[ -d ${BUILDDIR} ] && mkdir -p ${BUILDDIR}
which salt-call || setup_virtualenv
+ setup_mock_bin
setup_pillar
setup_salt
install_dependencies
@@ -125,8 +140,28 @@
run() {
for pillar in ${PILLARDIR}/*.sls; do
+ grep ${FORMULA_NAME}: ${pillar} &>/dev/null || continue
state_name=$(basename ${pillar%.sls})
+ salt_run grains.set 'noservices' False force=True
+
+ echo "Checking state ${FORMULA_NAME}.${state_name} ..."
salt_run --id=${state_name} state.show_sls ${FORMULA_NAME} || (log_err "Execution of ${FORMULA_NAME}.${state_name} failed"; exit 1)
+
+ # Check that all files in 'meta' folder can be rendered using any valid pillar
+ for meta in `find ${FORMULA_META_DIR} -type f`; do
+ meta_name=$(basename ${meta})
+ echo "Checking meta ${meta_name} ..."
+ salt_run --out=quiet --id=${state_name} cp.get_template ${meta} ${SALT_CACHE_DIR}/${meta_name} \
+ || (log_err "Failed to render meta ${meta} using pillar ${FORMULA_NAME}.${state_name}"; exit 1)
+ cat ${SALT_CACHE_DIR}/${meta_name}
+ done
+ done
+}
+
+real_run() {
+ for pillar in ${PILLARDIR}/*.sls; do
+ state_name=$(basename ${pillar%.sls})
+ salt_run --id=${state_name} state.sls ${FORMULA_NAME} || (log_err "Execution of ${FORMULA_NAME}.${state_name} failed"; exit 1)
done
}
@@ -155,6 +190,9 @@
run)
run
;;
+ real-run)
+ real_run
+ ;;
*)
prepare
run