diff --git a/.gitignore b/.gitignore index 6995110..39752a7 100644 --- a/.gitignore +++ b/.gitignore @@ -91,6 +91,9 @@ celerybeat-schedule venv/ ENV/ +# visual studio +.vs/ + # Spyder project settings .spyderproject .spyproject @@ -120,3 +123,12 @@ docs/*.md Dockerfile.*_* ignore/ tmp/ + +# `salt-formula` -- Vagrant Specific files +.vagrant +top.sls +!test/salt/pillar/top.sls + +# `suricata-formula` -- Platform binaries +*.rpm +*.deb diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..0919397 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,160 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +############################################################################### +# Define all YAML node anchors +############################################################################### +.node_anchors: + # `only` (also used for `except` where applicable) + only_branch_master_parent_repo: &only_branch_master_parent_repo + - 'master@saltstack-formulas/apt-formula' + # `stage` + stage_lint: &stage_lint 'lint' + stage_release: &stage_release 'release' + stage_test: &stage_test 'test' + # `image` + image_commitlint: &image_commitlint 'techneg/ci-commitlint:v1.1.76' + image_dindruby: &image_dindruby 'techneg/ci-docker-python-ruby:v2.2.45' + image_dindrubybionic: &image_dindrubybionic 'techneg/ci-docker-python-ruby:v2.2.45' + image_precommit: &image_precommit 'techneg/ci-pre-commit:v2.4.10' + image_rubocop: &image_rubocop 'pipelinecomponents/rubocop:latest' + image_semantic-release: &image_semanticrelease 'myii/ssf-semantic-release:15.14' + # `services` + services_docker_dind: &services_docker_dind + - 'docker:dind' + # `variables` + # https://forum.gitlab.com/t/gitlab-com-ci-caching-rubygems/5627/3 + # https://bundler.io/v1.16/bundle_config.html + variables_bundler: &variables_bundler + BUNDLE_CACHE_PATH: '${CI_PROJECT_DIR}/.cache/bundler' + BUNDLE_WITHOUT: 'production' + # `cache` + cache_bundler: &cache_bundler + key: '${CI_JOB_STAGE}' + paths: + - '${BUNDLE_CACHE_PATH}' + +############################################################################### +# Define stages and global variables +############################################################################### +stages: + - *stage_lint + - *stage_test + - *stage_release +variables: + DOCKER_DRIVER: 'overlay2' + +############################################################################### +# `lint` stage: `commitlint`, `pre-commit` & `rubocop` (latest, failure allowed) +############################################################################### +commitlint: + stage: *stage_lint + image: *image_commitlint + script: + # Add `upstream` remote to get access to `upstream/master` + - 'git remote add upstream + https://gitlab.com/saltstack-formulas/apt-formula.git' + - 'git fetch --all' + # Set default commit hashes for `--from` and `--to` + - 'export COMMITLINT_FROM="$(git merge-base upstream/master HEAD)"' + - 'export COMMITLINT_TO="${CI_COMMIT_SHA}"' + # `coqbot` adds a merge commit to test PRs on top of the latest commit in + # the repo; amend this merge commit message to avoid failure + - | + if [ "${GITLAB_USER_LOGIN}" = "coqbot" ] \ + && [ "${CI_COMMIT_BRANCH}" != "master" ]; then + git commit --amend -m \ + 'chore: reword coqbot merge commit message for commitlint' + export COMMITLINT_TO=HEAD + fi + # Run `commitlint` + - 'commitlint --from "${COMMITLINT_FROM}" + --to "${COMMITLINT_TO}" + --verbose' + +pre-commit: + stage: *stage_lint + image: *image_precommit + # https://pre-commit.com/#gitlab-ci-example + variables: + PRE_COMMIT_HOME: '${CI_PROJECT_DIR}/.cache/pre-commit' + cache: + key: '${CI_JOB_NAME}' + paths: + - '${PRE_COMMIT_HOME}' + script: + - 'pre-commit run --all-files --color always --verbose' + +# Use a separate job for `rubocop` other than the one potentially run by `pre-commit` +# - The `pre-commit` check will only be available for formulas that pass the default +# `rubocop` check -- and must continue to do so +# - This job is allowed to fail, so can be used for all formulas +# - Furthermore, this job uses all of the latest `rubocop` features & cops, +# which will help when upgrading the `rubocop` linter used in `pre-commit` +rubocop: + allow_failure: true + stage: *stage_lint + image: *image_rubocop + script: + - 'rubocop -d -P -S --enable-pending-cops' + +############################################################################### +# Define `test` template +############################################################################### +.test_instance: &test_instance + stage: *stage_test + image: *image_dindruby + services: *services_docker_dind + variables: *variables_bundler + cache: *cache_bundler + before_script: + # TODO: This should work from the env vars above automatically + - 'bundle config set path "${BUNDLE_CACHE_PATH}"' + - 'bundle config set without "${BUNDLE_WITHOUT}"' + - 'bundle install' + script: + # Alternative value to consider: `${CI_JOB_NAME}` + - 'bin/kitchen verify "${DOCKER_ENV_CI_JOB_NAME}"' + +############################################################################### +# Define `test` template (`allow_failure: true`) +############################################################################### +.test_instance_failure_permitted: + <<: *test_instance + allow_failure: true + +############################################################################### +# `test` stage: each instance below uses the `test` template above +############################################################################### +## Define the rest of the matrix based on Kitchen testing +# Make sure the instances listed below match up with +# the `platforms` defined in `kitchen.yml` +# yamllint disable rule:line-length +debian-12-master-py3: {extends: '.test_instance'} +debian-11-master-py3: {extends: '.test_instance'} +ubuntu-2404-master-py3: {extends: '.test_instance'} +ubuntu-2204-master-py3: {extends: '.test_instance'} +debian-12-3007-1-py3: {extends: '.test_instance'} +debian-11-3007-1-py3: {extends: '.test_instance'} +ubuntu-2404-3007-1-py3: {extends: '.test_instance'} +ubuntu-2204-3007-1-py3: {extends: '.test_instance'} +debian-12-3006-10-py3: {extends: '.test_instance'} +debian-11-3006-10-py3: {extends: '.test_instance'} +ubuntu-2404-3006-10-py3: {extends: '.test_instance'} +ubuntu-2204-3006-10-py3: {extends: '.test_instance'} +# yamllint enable rule:line-length + +############################################################################### +# `release` stage: `semantic-release` +############################################################################### +semantic-release: + only: *only_branch_master_parent_repo + stage: *stage_release + image: *image_semanticrelease + variables: + MAINTAINER_TOKEN: '${GH_TOKEN}' + script: + # Update `AUTHORS.md` + - '${HOME}/go/bin/maintainer contributor' + # Run `semantic-release` + - 'semantic-release' diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..01e4346 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,95 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks +ci: + autofix_commit_msg: | + ci(pre-commit.ci): apply auto fixes from pre-commit.com hooks + + For more information, see https://pre-commit.ci + autofix_prs: true + autoupdate_branch: '' + autoupdate_commit_msg: | + ci(pre-commit.ci): perform `pre-commit` autoupdate + autoupdate_schedule: quarterly + skip: [] + submodules: false +default_stages: [commit] +repos: + - repo: https://github.com/dafyddj/commitlint-pre-commit-hook + rev: v2.3.0 + hooks: + - id: commitlint + name: Check commit message using commitlint + description: Lint commit message against @commitlint/config-conventional rules + stages: [commit-msg] + additional_dependencies: ['@commitlint/config-conventional@17.1.0'] + - repo: https://github.com/rubocop-hq/rubocop + rev: v1.57.0 + hooks: + - id: rubocop + name: Check Ruby files with rubocop + args: [--debug] + - repo: https://github.com/shellcheck-py/shellcheck-py + rev: v0.9.0.6 + hooks: + - id: shellcheck + name: Check shell scripts with shellcheck + files: ^.*\.(sh|bash|ksh)$ + types: [] + - repo: https://github.com/adrienverge/yamllint + rev: v1.32.0 + hooks: + - id: yamllint + name: Check YAML syntax with yamllint + args: [--strict] + types: [file] + # Files to include + # 1. Obvious YAML files + # 2. `pillar.example` and similar files + # 3. SLS files under directory `test/` which are pillar files + # Files to exclude + # 1. SLS files under directory `test/` which are state files + # 2. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax + # 3. YAML files heavily reliant on Jinja + files: | + (?x)^( + .*\.yaml| + .*\.yml| + \.salt-lint| + \.yamllint| + .*\.example| + test/.*\.sls + )$ + exclude: | + (?x)^( + kitchen.vagrant.yml| + test/.*/states/.*\.sls + )$ + - repo: https://github.com/warpnet/salt-lint + rev: v0.9.2 + hooks: + - id: salt-lint + name: Check Salt files using salt-lint + files: ^.*\.(sls|jinja|j2|tmpl|tst)$ + - repo: https://github.com/myint/rstcheck + rev: v6.2.0 + hooks: + - id: rstcheck + name: Check reST files using rstcheck + exclude: 'docs/CHANGELOG.rst' + additional_dependencies: [sphinx==7.2.6] + - repo: https://github.com/saltstack-formulas/mirrors-rst-lint + rev: v1.3.2 + hooks: + - id: rst-lint + name: Check reST files using rst-lint + exclude: | + (?x)^( + docs/CHANGELOG.rst| + docs/TOFS_pattern.rst| + docs/CONTRIBUTING_DOCS.rst| + docs/index.rst| + )$ + additional_dependencies: [pygments==2.16.1] diff --git a/.rstcheck.cfg b/.rstcheck.cfg new file mode 100644 index 0000000..5383623 --- /dev/null +++ b/.rstcheck.cfg @@ -0,0 +1,4 @@ +[rstcheck] +report=info +ignore_language=rst +ignore_messages=(Duplicate (ex|im)plicit target.*|Hyperlink target ".*" is not referenced\.$) diff --git a/.rubocop.yml b/.rubocop.yml index 7fd75ac..bf4d107 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -7,10 +7,17 @@ Layout/LineLength: # Based on https://github.com/PyCQA/flake8-bugbear#opinionated-warnings (`B950`) Max: 88 Metrics/BlockLength: - ExcludedMethods: + IgnoredMethods: - control - describe # Increase from default of `25` Max: 30 +Security/YAMLLoad: + Exclude: + - test/integration/**/_mapdata.rb + +# General settings across all cops in this formula +AllCops: + NewCops: enable # Any offenses that should be fixed, e.g. collected via. `rubocop --auto-gen-config` diff --git a/.travis.yml b/.travis.yml index 4361fdf..75dabaf 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,6 +1,15 @@ # -*- coding: utf-8 -*- # vim: ft=yaml --- +################################################################################ +# NOTE: This file is UNMAINTAINED; it is provided for references purposes only. +# No guarantees are tendered that this structure will work after 2020. +################################################################################ +# * https://en.wikipedia.org/wiki/Travis_CI: +# - "... free open-source plans were removed in [sic] the end of 2020" +# - https://blog.travis-ci.com/2020-11-02-travis-ci-new-billing +# - https://ropensci.org/technotes/2020/11/19/moving-away-travis/ +################################################################################ ## Machine config os: 'linux' arch: 'amd64' @@ -22,8 +31,10 @@ script: ## Stages and jobs matrix stages: - test - - name: 'release' - if: 'branch = master AND type != pull_request' + # # As part of the switch away from Travis CI, ensure that the `release` stage + # # is not run inadvertently + # - name: 'release' + # if: 'branch = master AND type != pull_request' jobs: include: ## Define the test stage that runs the linters (and testing matrix, if applicable) @@ -55,25 +66,63 @@ jobs: @commitlint/travis-cli - commitlint-travis + # Run `pre-commit` linters in a single job + - language: 'python' + env: 'Lint_pre-commit' + name: 'Lint: pre-commit' + before_install: 'skip' + cache: + directories: + - $HOME/.cache/pre-commit + script: + # Install and run `pre-commit` + - pip install pre-commit==2.7.1 + - pre-commit run --all-files --color always --verbose + - pre-commit run --color always --hook-stage manual --verbose commitlint-travis + ## Define the rest of the matrix based on Kitchen testing # Make sure the instances listed below match up with # the `platforms` defined in `kitchen.yml` + # - env: INSTANCE=repositories-debian-11-tiamat-py3 + # - env: INSTANCE=repositories-debian-10-tiamat-py3 + # - env: INSTANCE=repositories-debian-9-tiamat-py3 + # - env: INSTANCE=repositories-ubuntu-2204-tiamat-py3 + # - env: INSTANCE=repositories-ubuntu-2004-tiamat-py3 + # - env: INSTANCE=repositories-ubuntu-1804-tiamat-py3 + # - env: INSTANCE=repositories-debian-11-master-py3 + # - env: INSTANCE=preferences-debian-11-master-py3 + # - env: INSTANCE=unattended-debian-11-master-py3 + - env: INSTANCE=debian-11-master-py3 # - env: INSTANCE=repositories-debian-10-master-py3 # - env: INSTANCE=preferences-debian-10-master-py3 # - env: INSTANCE=unattended-debian-10-master-py3 - - env: INSTANCE=repositories-debian-10-master-py3 - - env: INSTANCE=repositories-ubuntu-1804-master-py3 + - env: INSTANCE=debian-10-master-py3 + # - env: INSTANCE=repositories-debian-9-master-py3 + # - env: INSTANCE=preferences-debian-9-master-py3 + # - env: INSTANCE=unattended-debian-9-master-py3 + - env: INSTANCE=debian-9-master-py3 + # - env: INSTANCE=repositories-ubuntu-2204-master-py3 + # - env: INSTANCE=preferences-ubuntu-2204-master-py3 + # - env: INSTANCE=unattended-ubuntu-2204-master-py3 + - env: INSTANCE=ubuntu-2204-master-py3 + # - env: INSTANCE=repositories-ubuntu-2004-master-py3 + # - env: INSTANCE=preferences-ubuntu-2004-master-py3 + # - env: INSTANCE=unattended-ubuntu-2004-master-py3 + - env: INSTANCE=ubuntu-2004-master-py3 + # - env: INSTANCE=repositories-ubuntu-1804-master-py3 # - env: INSTANCE=preferences-ubuntu-1804-master-py3 # - env: INSTANCE=unattended-ubuntu-1804-master-py3 - # - env: INSTANCE=ubuntu-1804-master-py3 - # - env: INSTANCE=repositories-debian-9-2019-2-py3 - - env: INSTANCE=preferences-debian-9-2019-2-py3 - # - env: INSTANCE=unattended-debian-9-2019-2-py3 - # - env: INSTANCE=debian-9-2019-2-py3 - # - env: INSTANCE=repositories-ubuntu-1804-2019-2-py3 - # - env: INSTANCE=preferences-ubuntu-1804-2019-2-py3 - - env: INSTANCE=unattended-ubuntu-1804-2019-2-py3 - # - env: INSTANCE=ubuntu-1804-2019-2-py3 + - env: INSTANCE=ubuntu-1804-master-py3 + # - env: INSTANCE=repositories-debian-11-3004-1-py3 + # - env: INSTANCE=repositories-debian-10-3004-1-py3 + # - env: INSTANCE=repositories-debian-9-3004-1-py3 + # - env: INSTANCE=repositories-ubuntu-2204-3004-1-py3 + # - env: INSTANCE=repositories-ubuntu-2004-3004-1-py3 + # - env: INSTANCE=repositories-ubuntu-1804-3004-1-py3 + # - env: INSTANCE=repositories-debian-10-3003-4-py3 + # - env: INSTANCE=repositories-debian-9-3003-4-py3 + # - env: INSTANCE=repositories-ubuntu-2004-3003-4-py3 + # - env: INSTANCE=repositories-ubuntu-1804-3003-4-py3 ## Define the release stage that runs `semantic-release` - stage: 'release' diff --git a/.yamllint b/.yamllint index 740beca..716baaf 100644 --- a/.yamllint +++ b/.yamllint @@ -2,16 +2,24 @@ # vim: ft=yaml --- # Extend the `default` configuration provided by `yamllint` -extends: default +extends: 'default' # Files to ignore completely -# 1. All YAML files under directory `node_modules/`, introduced during the Travis run -# 2. Any SLS files under directory `test/`, which are actually state files -# 3. Any YAML files under directory `.kitchen/`, introduced during local testing +# 1. All YAML files under directory `.bundle/`, introduced if gems are installed locally +# 2. All YAML files under directory `.cache/`, introduced during the CI run +# 3. All YAML files under directory `.git/` +# 4. All YAML files under directory `node_modules/`, introduced during the CI run +# 5. Any SLS files under directory `test/`, which are actually state files +# 6. Any YAML files under directory `.kitchen/`, introduced during local testing +# 7. `kitchen.vagrant.yml`, which contains Embedded Ruby (ERB) template syntax ignore: | + .bundle/ + .cache/ + .git/ node_modules/ test/**/states/**/*.sls .kitchen/ + kitchen.vagrant.yml yaml-files: # Default settings diff --git a/AUTHORS.md b/AUTHORS.md index 2f485a8..7261281 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -4,27 +4,30 @@ This list is sorted by the number of commits per contributor in _descending_ ord Avatar|Contributor|Contributions :-:|---|:-: -@myii|[@myii](https://github.com/myii)|55 -@javierbertoli|[@javierbertoli](https://github.com/javierbertoli)|28 -@gravyboat|[@gravyboat](https://github.com/gravyboat)|12 -@bmcclure|[@bmcclure](https://github.com/bmcclure)|8 -@aboe76|[@aboe76](https://github.com/aboe76)|8 -@arthurlogilab|[@arthurlogilab](https://github.com/arthurlogilab)|7 -@nmadhok|[@nmadhok](https://github.com/nmadhok)|7 -@boltronics|[@boltronics](https://github.com/boltronics)|5 -@jdkelleher|[@jdkelleher](https://github.com/jdkelleher)|5 -@westurner|[@westurner](https://github.com/westurner)|4 -@daschatten|[@daschatten](https://github.com/daschatten)|4 -@techhat|[@techhat](https://github.com/techhat)|3 -@whiteinge|[@whiteinge](https://github.com/whiteinge)|3 -@devster31|[@devster31](https://github.com/devster31)|3 -@fzipi|[@fzipi](https://github.com/fzipi)|1 -@jerrykan|[@jerrykan](https://github.com/jerrykan)|1 -@rpatterson|[@rpatterson](https://github.com/rpatterson)|1 -@simonclausen|[@simonclausen](https://github.com/simonclausen)|1 -@babilen5|[@babilen5](https://github.com/babilen5)|1 -@daks|[@daks](https://github.com/daks)|1 +@myii|[@myii](https://github.com/myii)|141 +@javierbertoli|[@javierbertoli](https://github.com/javierbertoli)|31 +@gravyboat|[@gravyboat](https://github.com/gravyboat)|12 +@bmcclure|[@bmcclure](https://github.com/bmcclure)|8 +@aboe76|[@aboe76](https://github.com/aboe76)|8 +@arthurzenika|[@arthurzenika](https://github.com/arthurzenika)|7 +@nmadhok|[@nmadhok](https://github.com/nmadhok)|7 +@dafyddj|[@dafyddj](https://github.com/dafyddj)|6 +@jdkelleher|[@jdkelleher](https://github.com/jdkelleher)|5 +@boltronics|[@boltronics](https://github.com/boltronics)|5 +@westurner|[@westurner](https://github.com/westurner)|4 +@daschatten|[@daschatten](https://github.com/daschatten)|4 +@techhat|[@techhat](https://github.com/techhat)|3 +@whiteinge|[@whiteinge](https://github.com/whiteinge)|3 +@devster31|[@devster31](https://github.com/devster31)|3 +@baby-gnu|[@baby-gnu](https://github.com/baby-gnu)|1 +@didiermfb|[@didiermfb](https://github.com/didiermfb)|1 +@jerrykan|[@jerrykan](https://github.com/jerrykan)|1 +@rpatterson|[@rpatterson](https://github.com/rpatterson)|1 +@simonclausen|[@simonclausen](https://github.com/simonclausen)|1 +@wwentland|[@wwentland](https://github.com/wwentland)|1 +@noelmcloughlin|[@noelmcloughlin](https://github.com/noelmcloughlin)|1 +@daks|[@daks](https://github.com/daks)|1 --- -Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2020-09-21. +Auto-generated by a [forked version](https://github.com/myii/maintainer) of [gaocegege/maintainer](https://github.com/gaocegege/maintainer) on 2025-04-14. diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bec2c7..59a489f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,94 @@ # Changelog +## [0.11.2](https://github.com/saltstack-formulas/apt-formula/compare/v0.11.1...v0.11.2) (2025-04-14) + + +### Bug Fixes + +* **repositories:** force aptkey if signed-by and allow aptkey ([3e11c59](https://github.com/saltstack-formulas/apt-formula/commit/3e11c5999255f22f36e1fd63e10e9e553ed3f538)) + +## [0.11.1](https://github.com/saltstack-formulas/apt-formula/compare/v0.11.0...v0.11.1) (2025-04-10) + + +### Continuous Integration + +* update `pre-commit` configuration inc. for pre-commit.ci [skip ci] ([347dc41](https://github.com/saltstack-formulas/apt-formula/commit/347dc41faa1520a83e79adc814099abf985612d1)) +* use latest test images ([222aa6c](https://github.com/saltstack-formulas/apt-formula/commit/222aa6c79b7e5b8c4907666b6b361c7885ef17f8)) + + +### Tests + +* **system.rb:** add support for `mac_os_x` [skip ci] ([bb4d0f8](https://github.com/saltstack-formulas/apt-formula/commit/bb4d0f86db59cf323032c5cee5c8cba22c2fa9cf)) + +# [0.11.0](https://github.com/saltstack-formulas/apt-formula/compare/v0.10.4...v0.11.0) (2022-04-18) + + +### Continuous Integration + +* **kitchen+gitlab:** update for new pre-salted images [skip ci] ([31773f1](https://github.com/saltstack-formulas/apt-formula/commit/31773f18966831cba08939cd7987750c0961a491)) + + +### Features + +* **repositories:** allow to specify custom filename ([2a7e4af](https://github.com/saltstack-formulas/apt-formula/commit/2a7e4afe5a2804035a09a742361354c8039a7d80)) + + +### Tests + +* **system:** add `build_platform_codename` [skip ci] ([1a132d8](https://github.com/saltstack-formulas/apt-formula/commit/1a132d84422218bc12f31890c1a92b51bb3ec71c)) + +## [0.10.4](https://github.com/saltstack-formulas/apt-formula/compare/v0.10.3...v0.10.4) (2022-02-12) + + +### Code Refactoring + +* **salt-lint:** fix violations ([7cc688c](https://github.com/saltstack-formulas/apt-formula/commit/7cc688cf1554ebff114321f1be09ea59f83d9c66)) + + +### Continuous Integration + +* update linters to latest versions [skip ci] ([37ca1fa](https://github.com/saltstack-formulas/apt-formula/commit/37ca1fa0574550758947bd0a2b26e5944121d222)) +* **3003.1:** update inc. AlmaLinux, Rocky & `rst-lint` [skip ci] ([97b0af6](https://github.com/saltstack-formulas/apt-formula/commit/97b0af695acd8adfd3c3a048de21d03a04560636)) +* **commitlint:** ensure `upstream/master` uses main repo URL [skip ci] ([b4cce02](https://github.com/saltstack-formulas/apt-formula/commit/b4cce02adfbd902ee86d175f66c61f5b41b37b15)) +* **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] ([a8d9d34](https://github.com/saltstack-formulas/apt-formula/commit/a8d9d347717e17afc0f149f9f23852bf3b26cde9)) +* **gemfile+lock:** use `ssf` customised `inspec` repo [skip ci] ([1f136cd](https://github.com/saltstack-formulas/apt-formula/commit/1f136cd52c960ffbd43f97c4e4d658e827c34bc3)) +* **gemfile+lock:** use `ssf` customised `kitchen-docker` repo [skip ci] ([ce4f1a8](https://github.com/saltstack-formulas/apt-formula/commit/ce4f1a8488ac65a0d3e34d2f28a47007924958fc)) +* **gitlab-ci:** add `rubocop` linter (with `allow_failure`) [skip ci] ([057b19e](https://github.com/saltstack-formulas/apt-formula/commit/057b19ec7ad97afec550ca7c2dbbf28acf53d311)) +* **gitlab-ci:** use GitLab CI as Travis CI replacement ([0f9b059](https://github.com/saltstack-formulas/apt-formula/commit/0f9b05940899957ac1c1fe4d6594cbab1d422e56)) +* **kitchen:** move `provisioner` block & update `run_command` [skip ci] ([d08806c](https://github.com/saltstack-formulas/apt-formula/commit/d08806c07d7382fb9e6965c0db46b916aad3a386)) +* **kitchen+ci:** update with `3004` pre-salted images/boxes [skip ci] ([380c689](https://github.com/saltstack-formulas/apt-formula/commit/380c6894b4c022ca4586693d8e9fd03845aa3b61)) +* **kitchen+ci:** update with latest `3003.2` pre-salted images [skip ci] ([efe8592](https://github.com/saltstack-formulas/apt-formula/commit/efe8592337a698ca3361076e1dec453dca9d69d9)) +* **kitchen+ci:** update with latest CVE pre-salted images [skip ci] ([9762abf](https://github.com/saltstack-formulas/apt-formula/commit/9762abfb4d3fecd5d4a9028c2e4a6e09667e7ceb)) +* **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] ([d5c38c1](https://github.com/saltstack-formulas/apt-formula/commit/d5c38c1dda806cf874d66292a862cea7b6c21ea1)) +* **kitchen+gitlab:** adjust matrix to add `3003` [skip ci] ([6be32dc](https://github.com/saltstack-formulas/apt-formula/commit/6be32dcd4254ef6b0dc7d9033b2b030f5701322a)) +* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] ([8086687](https://github.com/saltstack-formulas/apt-formula/commit/8086687001e0e5d38472f65a7b1d2097d818b1b8)) +* **kitchen+gitlab:** update for new pre-salted images [skip ci] ([091870b](https://github.com/saltstack-formulas/apt-formula/commit/091870b18c7b1c47536c7df012a553f29a78648c)) +* add `arch-master` to matrix and update `.travis.yml` [skip ci] ([5637e07](https://github.com/saltstack-formulas/apt-formula/commit/5637e073b698b3970d99901e1a4abd24fa34318b)) +* add Debian 11 Bullseye & update `yamllint` configuration [skip ci] ([758d646](https://github.com/saltstack-formulas/apt-formula/commit/758d646d1e509e1e1a10bfa9b30c3f8261d6bf30)) +* **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] ([d486305](https://github.com/saltstack-formulas/apt-formula/commit/d48630589f28fc42d8f0ddb65b6c6d1de3da12b0)) +* **pre-commit:** update hook for `rubocop` ([67c1130](https://github.com/saltstack-formulas/apt-formula/commit/67c1130d8957a47ddc71a45a438bb6e74b4a10ac)) + + +### Tests + +* standardise use of `share` suite & `_mapdata` state [skip ci] ([9f6b2b1](https://github.com/saltstack-formulas/apt-formula/commit/9f6b2b1250ae4d134d3904cd09df9902bb42f677)) + +## [0.10.3](https://github.com/saltstack-formulas/apt-formula/compare/v0.10.2...v0.10.3) (2020-10-19) + + +### Continuous Integration + +* **pre-commit:** add to formula [skip ci] ([a472351](https://github.com/saltstack-formulas/apt-formula/commit/a472351b988d980a6a8dcf0c3d138ce547f2db65)) +* **pre-commit:** add to formula [skip ci] ([fe75b59](https://github.com/saltstack-formulas/apt-formula/commit/fe75b5923112b88f16497a6e8c7890830874410e)) +* **pre-commit:** add to formula [skip ci] ([d9f480a](https://github.com/saltstack-formulas/apt-formula/commit/d9f480a4a435ffe895d435b9870d95a7f0d06b97)) +* **pre-commit:** enable/disable `rstcheck` as relevant [skip ci] ([4cf4741](https://github.com/saltstack-formulas/apt-formula/commit/4cf4741228a1210c52f994bec071bfaf6e45609d)) +* **pre-commit:** finalise `rstcheck` configuration [skip ci] ([2d520d2](https://github.com/saltstack-formulas/apt-formula/commit/2d520d2f533de5072b45cb47fbc949b92a2eae97)) + + +### Tests + +* **repositories:** change to a repo with no key expiration ([e677b78](https://github.com/saltstack-formulas/apt-formula/commit/e677b7891e99bd731981526453a041645f002a78)) + ## [0.10.2](https://github.com/saltstack-formulas/apt-formula/compare/v0.10.1...v0.10.2) (2020-09-21) diff --git a/CODEOWNERS b/CODEOWNERS index bdecb2d..3615886 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -10,16 +10,24 @@ # SECTION: Owner(s) for files/directories related to `semantic-release` # FILE PATTERN OWNER(S) /.github/workflows/ @saltstack-formulas/ssf +/bin/install-hooks @saltstack-formulas/ssf /bin/kitchen @saltstack-formulas/ssf /docs/AUTHORS.rst @saltstack-formulas/ssf /docs/CHANGELOG.rst @saltstack-formulas/ssf /docs/TOFS_pattern.rst @saltstack-formulas/ssf -/apt/libsaltcli.jinja @saltstack-formulas/ssf -/apt/libtofs.jinja @saltstack-formulas/ssf +/*/_mapdata/ @saltstack-formulas/ssf +/*/libsaltcli.jinja @saltstack-formulas/ssf +/*/libtofs.jinja @saltstack-formulas/ssf +/test/integration/**/_mapdata.rb @saltstack-formulas/ssf +/test/integration/**/libraries/system.rb @saltstack-formulas/ssf /test/integration/**/inspec.yml @saltstack-formulas/ssf /test/integration/**/README.md @saltstack-formulas/ssf +/test/salt/pillar/top.sls @saltstack-formulas/ssf /.gitignore @saltstack-formulas/ssf /.cirrus.yml @saltstack-formulas/ssf +/.gitlab-ci.yml @saltstack-formulas/ssf +/.pre-commit-config.yaml @saltstack-formulas/ssf +/.rstcheck.cfg @saltstack-formulas/ssf /.rubocop.yml @saltstack-formulas/ssf /.salt-lint @saltstack-formulas/ssf /.travis.yml @saltstack-formulas/ssf @@ -32,6 +40,8 @@ /Gemfile @saltstack-formulas/ssf /Gemfile.lock @saltstack-formulas/ssf /kitchen.yml @saltstack-formulas/ssf +/kitchen.vagrant.yml @saltstack-formulas/ssf +/kitchen.windows.yml @saltstack-formulas/ssf /pre-commit_semantic-release.sh @saltstack-formulas/ssf /release-rules.js @saltstack-formulas/ssf /release.config.js @saltstack-formulas/ssf diff --git a/FORMULA b/FORMULA index e90d761..ec9b6c5 100644 --- a/FORMULA +++ b/FORMULA @@ -1,7 +1,7 @@ name: apt os: Debian, Ubuntu, Raspbian os_family: Debian -version: 0.10.2 +version: 0.11.2 release: 1 minimum_version: 2017.7 summary: Apt formula diff --git a/Gemfile b/Gemfile index 5a232b6..51d2dc9 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,22 @@ # frozen_string_literal: true -source 'https://rubygems.org' +source ENV.fetch('PROXY_RUBYGEMSORG', 'https://rubygems.org') -gem 'kitchen-docker', '>= 2.9' -gem 'kitchen-inspec', '>= 1.1' -gem 'kitchen-salt', '>= 0.6.0' +# Install the `inspec` gem using `git` because versions after `4.22.22` +# suppress diff output; this version fixes this for our uses. +# rubocop:disable Layout/LineLength +gem 'inspec', git: 'https://gitlab.com/saltstack-formulas/infrastructure/inspec', branch: 'ssf' +# rubocop:enable Layout/LineLength + +# Install the `kitchen-docker` gem using `git` in order to gain a performance +# improvement: avoid package installations which are already covered by the +# `salt-image-builder` (i.e. the pre-salted images that we're using) +# rubocop:disable Layout/LineLength +gem 'kitchen-docker', git: 'https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker', branch: 'ssf' +# rubocop:enable Layout/LineLength + +gem 'kitchen-inspec', '>= 2.5.0' +gem 'kitchen-salt', '>= 0.7.2' + +# Avoid the error 'pkeys are immutable on OpenSSL 3.0' +gem 'net-ssh', '>= 7.0.0' diff --git a/Gemfile.lock b/Gemfile.lock index 38dca3a..be16d6e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,315 +1,446 @@ +GIT + remote: https://gitlab.com/saltstack-formulas/infrastructure/inspec + revision: a0c6295303f7d7a4d2a6164b5e77868560b04945 + branch: ssf + specs: + inspec (5.21.15) + cookstyle + faraday_middleware (>= 0.12.2, < 1.1) + inspec-core (= 5.21.15) + mongo (= 2.13.2) + progress_bar (~> 1.3.3) + rake + roo (~> 2.9.0) + roo-xls + train (~> 3.10) + train-aws (~> 0.2) + train-habitat (~> 0.1) + train-winrm (~> 0.2) + inspec-core (5.21.15) + addressable (~> 2.4) + chef-telemetry (~> 1.0, >= 1.0.8) + faraday (>= 1, < 3) + faraday-follow_redirects (~> 0.3) + hashie (>= 3.4, < 5.0) + license-acceptance (>= 0.2.13, < 3.0) + method_source (>= 0.8, < 2.0) + mixlib-log (~> 3.0) + multipart-post (~> 2.0) + parallel (~> 1.9) + parslet (>= 1.5, < 2.0) + pry (~> 0.13) + rspec (>= 3.9, <= 3.11) + rspec-its (~> 1.2) + rubyzip (>= 1.2.2, < 3.0) + semverse (~> 3.0) + sslshake (~> 1.2) + thor (>= 0.20, < 2.0) + tomlrb (>= 1.2, < 2.1) + train-core (~> 3.10) + tty-prompt (~> 0.17) + tty-table (~> 0.10) + +GIT + remote: https://gitlab.com/saltstack-formulas/infrastructure/kitchen-docker + revision: 104079a1d2fe34f5b076f4d316f6f837fa76e412 + branch: ssf + specs: + kitchen-docker (2.13.0) + test-kitchen (>= 1.0.0) + GEM remote: https://rubygems.org/ specs: - activesupport (5.2.4.3) + activesupport (7.1.1) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 0.7, < 2) - minitest (~> 5.1) - tzinfo (~> 1.1) - addressable (2.7.0) - public_suffix (>= 2.0.2, < 5.0) - aws-eventstream (1.1.0) - aws-partitions (1.338.0) - aws-sdk-apigateway (1.48.0) - aws-sdk-core (~> 3, >= 3.99.0) + connection_pool (>= 2.2.5) + drb + i18n (>= 1.6, < 2) + minitest (>= 5.1) + mutex_m + tzinfo (~> 2.0) + addressable (2.8.5) + public_suffix (>= 2.0.2, < 6.0) + ast (2.4.2) + aws-eventstream (1.2.0) + aws-partitions (1.836.0) + aws-sdk-account (1.18.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-alexaforbusiness (1.65.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-amplify (1.32.0) + aws-sdk-core (~> 3, >= 3.120.0) + aws-sigv4 (~> 1.1) + aws-sdk-apigateway (1.88.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-apigatewayv2 (1.51.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-applicationautoscaling (1.51.0) + aws-sdk-core (~> 3, >= 3.112.0) + aws-sigv4 (~> 1.1) + aws-sdk-athena (1.75.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-apigatewayv2 (1.23.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-autoscaling (1.92.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-athena (1.30.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-batch (1.73.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-autoscaling (1.22.0) - aws-sdk-core (~> 3, >= 3.52.1) + aws-sdk-budgets (1.60.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-budgets (1.32.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudformation (1.91.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudformation (1.41.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudfront (1.83.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudfront (1.33.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudhsm (1.48.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudhsm (1.24.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudhsmv2 (1.51.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudhsmv2 (1.26.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudtrail (1.69.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudtrail (1.26.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudwatch (1.81.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatch (1.41.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudwatchevents (1.62.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchlogs (1.34.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cloudwatchlogs (1.71.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-codecommit (1.37.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-codecommit (1.60.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-codedeploy (1.34.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-codedeploy (1.60.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-codepipeline (1.34.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-codepipeline (1.62.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-configservice (1.48.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-cognitoidentity (1.45.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.103.0) + aws-sdk-cognitoidentityprovider (1.76.0) + aws-sdk-core (~> 3, >= 3.176.0) + aws-sigv4 (~> 1.1) + aws-sdk-configservice (1.99.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-core (3.185.1) aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.239.0) + aws-partitions (~> 1, >= 1.651.0) + aws-sigv4 (~> 1.5) + jmespath (~> 1, >= 1.6.1) + aws-sdk-costandusagereportservice (1.50.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-databasemigrationservice (1.80.0) + aws-sdk-core (~> 3, >= 3.176.0) + aws-sigv4 (~> 1.1) + aws-sdk-dynamodb (1.95.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-ec2 (1.413.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-ecr (1.65.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-ecrpublic (1.23.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-ecs (1.130.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - jmespath (~> 1.0) - aws-sdk-costandusagereportservice (1.24.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-efs (1.67.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-dynamodb (1.51.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-eks (1.90.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ec2 (1.174.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-elasticache (1.92.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ecr (1.34.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-elasticbeanstalk (1.61.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ecs (1.67.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-elasticloadbalancing (1.49.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-efs (1.32.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-elasticloadbalancingv2 (1.93.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-eks (1.39.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-elasticsearchservice (1.77.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticache (1.40.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-emr (1.53.0) + aws-sdk-core (~> 3, >= 3.121.2) aws-sigv4 (~> 1.1) - aws-sdk-elasticbeanstalk (1.34.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-eventbridge (1.46.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancing (1.25.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-firehose (1.58.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancingv2 (1.47.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-glue (1.145.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-elasticsearchservice (1.39.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-guardduty (1.80.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-firehose (1.31.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-iam (1.87.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.43.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-kafka (1.63.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-kafka (1.23.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-kinesis (1.52.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-kinesis (1.26.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-kms (1.72.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.36.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-lambda (1.106.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-lambda (1.46.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-mq (1.40.0) + aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-organizations (1.17.0) - aws-sdk-core (~> 3, >= 3.39.0) - aws-sigv4 (~> 1.0) - aws-sdk-rds (1.92.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-networkfirewall (1.35.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-redshift (1.46.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-networkmanager (1.37.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-route53 (1.40.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-organizations (1.77.0) + aws-sdk-core (~> 3, >= 3.176.0) aws-sigv4 (~> 1.1) - aws-sdk-route53domains (1.25.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-ram (1.26.0) + aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sdk-route53resolver (1.17.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-rds (1.197.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.73.0) - aws-sdk-core (~> 3, >= 3.102.1) + aws-sdk-redshift (1.99.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-route53 (1.80.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-route53domains (1.52.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-route53resolver (1.49.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-s3 (1.136.0) + aws-sdk-core (~> 3, >= 3.181.0) aws-sdk-kms (~> 1) + aws-sigv4 (~> 1.6) + aws-sdk-s3control (1.43.0) + aws-sdk-core (~> 3, >= 3.122.0) + aws-sigv4 (~> 1.1) + aws-sdk-secretsmanager (1.46.0) + aws-sdk-core (~> 3, >= 3.112.0) + aws-sigv4 (~> 1.1) + aws-sdk-securityhub (1.94.0) + aws-sdk-core (~> 3, >= 3.184.0) + aws-sigv4 (~> 1.1) + aws-sdk-servicecatalog (1.60.0) + aws-sdk-core (~> 3, >= 3.112.0) + aws-sigv4 (~> 1.1) + aws-sdk-ses (1.41.0) + aws-sdk-core (~> 3, >= 3.120.0) + aws-sigv4 (~> 1.1) + aws-sdk-shield (1.58.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-securityhub (1.29.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-signer (1.32.0) + aws-sdk-core (~> 3, >= 3.120.0) aws-sigv4 (~> 1.1) - aws-sdk-ses (1.33.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-simpledb (1.29.0) + aws-sdk-core (~> 3, >= 3.120.0) + aws-sigv2 (~> 1.0) + aws-sdk-sms (1.50.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-sms (1.23.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-sns (1.67.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-sns (1.27.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-sqs (1.64.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-sqs (1.30.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-ssm (1.158.0) + aws-sdk-core (~> 3, >= 3.184.0) aws-sigv4 (~> 1.1) - aws-sdk-ssm (1.84.0) - aws-sdk-core (~> 3, >= 3.99.0) + aws-sdk-states (1.39.0) + aws-sdk-core (~> 3, >= 3.112.0) aws-sigv4 (~> 1.1) - aws-sigv4 (1.2.1) + aws-sdk-synthetics (1.19.0) + aws-sdk-core (~> 3, >= 3.121.2) + aws-sigv4 (~> 1.1) + aws-sdk-transfer (1.73.0) + aws-sdk-core (~> 3, >= 3.176.0) + aws-sigv4 (~> 1.1) + aws-sdk-waf (1.43.0) + aws-sdk-core (~> 3, >= 3.122.0) + aws-sigv4 (~> 1.1) + aws-sigv2 (1.1.0) + aws-sigv4 (1.6.0) aws-eventstream (~> 1, >= 1.0.2) azure_graph_rbac (0.17.2) ms_rest_azure (~> 0.12.0) - azure_mgmt_key_vault (0.17.6) + azure_mgmt_key_vault (0.17.7) ms_rest_azure (~> 0.12.0) - azure_mgmt_resources (0.17.9) + azure_mgmt_resources (0.18.2) ms_rest_azure (~> 0.12.0) - azure_mgmt_security (0.18.2) + azure_mgmt_security (0.19.0) ms_rest_azure (~> 0.12.0) - azure_mgmt_storage (0.21.2) + azure_mgmt_storage (0.23.0) ms_rest_azure (~> 0.12.0) - bcrypt_pbkdf (1.0.1) + base64 (0.1.1) + bcrypt_pbkdf (1.1.0) + bigdecimal (3.1.4) + bson (4.15.0) builder (3.2.4) - chef-config (16.2.73) + chef-config (18.3.0) addressable - chef-utils (= 16.2.73) + chef-utils (= 18.3.0) fuzzyurl mixlib-config (>= 2.2.12, < 4.0) mixlib-shellout (>= 2.0, < 4.0) tomlrb (~> 1.2) - chef-telemetry (1.0.8) + chef-telemetry (1.1.1) chef-config concurrent-ruby (~> 1.0) - ffi-yajl (~> 2.2) - chef-utils (16.2.73) + chef-utils (18.3.0) + concurrent-ruby coderay (1.1.3) - concurrent-ruby (1.1.6) + concurrent-ruby (1.2.2) + connection_pool (2.4.1) + cookstyle (7.32.2) + rubocop (= 1.25.1) declarative (0.0.20) - declarative-option (0.1.0) - diff-lcs (1.4.4) - docker-api (1.34.2) + diff-lcs (1.5.0) + docker-api (2.2.0) excon (>= 0.47.0) multi_json domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - ecma-re-validator (0.2.1) - regexp_parser (~> 1.2) - ed25519 (1.2.4) - equatable (0.6.1) - erubi (1.9.0) - excon (0.75.0) - faraday (0.17.3) - multipart-post (>= 1.2, < 3) - faraday-cookie_jar (0.0.6) - faraday (>= 0.7.4) + drb (2.1.1) + ruby2_keywords + ed25519 (1.3.0) + erubi (1.12.0) + excon (0.104.0) + faraday (1.10.3) + faraday-em_http (~> 1.0) + faraday-em_synchrony (~> 1.0) + faraday-excon (~> 1.1) + faraday-httpclient (~> 1.0) + faraday-multipart (~> 1.0) + faraday-net_http (~> 1.0) + faraday-net_http_persistent (~> 1.0) + faraday-patron (~> 1.0) + faraday-rack (~> 1.0) + faraday-retry (~> 1.0) + ruby2_keywords (>= 0.0.4) + faraday-cookie_jar (0.0.7) + faraday (>= 0.8.0) http-cookie (~> 1.0.0) - faraday_middleware (0.12.2) - faraday (>= 0.7.4, < 1.0) - ffi (1.13.1) - ffi-yajl (2.3.3) - libyajl2 (~> 1.2) + faraday-em_http (1.0.0) + faraday-em_synchrony (1.0.0) + faraday-excon (1.1.0) + faraday-follow_redirects (0.3.0) + faraday (>= 1, < 3) + faraday-httpclient (1.0.1) + faraday-multipart (1.0.4) + multipart-post (~> 2) + faraday-net_http (1.0.1) + faraday-net_http_persistent (1.2.0) + faraday-patron (1.0.0) + faraday-rack (1.0.0) + faraday-retry (1.0.3) + faraday_middleware (1.0.0) + faraday (~> 1.0) + ffi (1.16.3) fuzzyurl (0.9.0) - google-api-client (0.34.1) + google-api-client (0.52.0) addressable (~> 2.5, >= 2.5.1) googleauth (~> 0.9) httpclient (>= 2.8.1, < 3.0) mini_mime (~> 1.0) representable (~> 3.0) retriable (>= 2.0, < 4.0) + rexml signet (~> 0.12) - googleauth (0.10.0) - faraday (~> 0.12) + googleauth (0.14.0) + faraday (>= 0.17.3, < 2.0) jwt (>= 1.4, < 3.0) memoist (~> 0.16) multi_json (~> 1.11) os (>= 0.9, < 2.0) - signet (~> 0.12) - gssapi (1.3.0) + signet (~> 0.14) + gssapi (1.3.1) ffi (>= 1.0.1) - gyoku (1.3.1) + gyoku (1.4.0) builder (>= 2.1.2) - hana (1.3.6) - hashie (3.6.0) - htmlentities (4.3.4) - http-cookie (1.0.3) + rexml (~> 3.0) + hashie (4.1.0) + highline (2.1.0) + http-cookie (1.0.5) domain_name (~> 0.5) httpclient (2.8.3) - i18n (1.8.3) + i18n (1.14.1) concurrent-ruby (~> 1.0) inifile (3.0.0) - inspec (4.21.3) - faraday_middleware (~> 0.12.2) - inspec-core (= 4.21.3) - train (~> 3.0) - train-aws (~> 0.1) - train-habitat (~> 0.1) - train-winrm (~> 0.2) - inspec-core (4.21.3) - addressable (~> 2.4) - chef-telemetry (~> 1.0) - faraday (>= 0.9.0) - hashie (~> 3.4) - htmlentities (~> 4.3) - json_schemer (~> 0.2.1) - license-acceptance (>= 0.2.13, < 2.0) - method_source (>= 0.8, < 2.0) - mixlib-log (~> 3.0) - multipart-post (~> 2.0) - parallel (~> 1.9) - parslet (~> 1.5) - pry (~> 0.13) - rspec (~> 3.9) - rspec-its (~> 1.2) - rubyzip (~> 1.2, >= 1.2.2) - semverse (~> 3.0) - sslshake (~> 1.2) - term-ansicolor (~> 1.7) - thor (>= 0.20, < 2.0) - tomlrb (~> 1.2.0) - train-core (~> 3.0) - tty-prompt (~> 0.17) - tty-table (~> 0.10) - jmespath (1.4.0) - json (2.3.1) - json_schemer (0.2.11) - ecma-re-validator (~> 0.2) - hana (~> 1.3) - regexp_parser (~> 1.5) - uri_template (~> 0.7) - jwt (2.2.1) - kitchen-docker (2.10.0) - test-kitchen (>= 1.0.0) - kitchen-inspec (2.0.0) - hashie (~> 3.4) - inspec (>= 2.2.64, < 5.0) - test-kitchen (>= 1.6, < 3) - kitchen-salt (0.6.3) + jmespath (1.6.2) + json (2.6.3) + jwt (2.7.1) + kitchen-inspec (2.6.2) + hashie (>= 3.4, <= 5.0) + inspec (>= 2.2.64, < 6.0) + test-kitchen (>= 2.7, < 4) + kitchen-salt (0.7.2) hashie (>= 3.5) test-kitchen (>= 1.4) - libyajl2 (1.2.0) - license-acceptance (1.0.19) + license-acceptance (2.1.13) pastel (~> 0.7) - tomlrb (~> 1.2) - tty-box (~> 0.3) - tty-prompt (~> 0.18) + tomlrb (>= 1.2, < 3.0) + tty-box (~> 0.6) + tty-prompt (~> 0.20) little-plugger (1.1.4) - logging (2.3.0) + logging (2.3.1) little-plugger (~> 1.1) multi_json (~> 1.14) memoist (0.16.2) method_source (1.0.0) - mini_mime (1.0.2) - minitest (5.14.1) - mixlib-config (3.0.6) + mini_mime (1.1.5) + mini_portile2 (2.8.4) + minitest (5.20.0) + mixlib-config (3.0.27) tomlrb - mixlib-install (3.12.1) + mixlib-install (3.12.27) mixlib-shellout mixlib-versioning thor - mixlib-log (3.0.8) - mixlib-shellout (3.0.9) + mixlib-log (3.0.9) + mixlib-shellout (3.2.7) + chef-utils mixlib-versioning (1.2.12) + mongo (2.13.2) + bson (>= 4.8.2, < 5.0.0) ms_rest (0.7.6) concurrent-ruby (~> 1.0) faraday (>= 0.9, < 2.0.0) @@ -319,101 +450,138 @@ GEM faraday (>= 0.9, < 2.0.0) faraday-cookie_jar (~> 0.0.6) ms_rest (~> 0.7.6) - multi_json (1.14.1) - multipart-post (2.1.1) - necromancer (0.5.1) - net-scp (3.0.0) - net-ssh (>= 2.6.5, < 7.0.0) - net-ssh (6.1.0) + multi_json (1.15.0) + multipart-post (2.3.0) + mutex_m (0.1.2) + net-scp (4.0.0) + net-ssh (>= 2.6.5, < 8.0.0) + net-ssh (7.2.0) net-ssh-gateway (2.0.0) net-ssh (>= 4.0.0) + nokogiri (1.15.4) + mini_portile2 (~> 2.8.2) + racc (~> 1.4) nori (2.6.0) - os (1.1.0) - parallel (1.19.2) + options (2.3.2) + os (1.1.4) + parallel (1.23.0) + parser (3.2.2.4) + ast (~> 2.4.1) + racc parslet (1.8.2) - pastel (0.7.4) - equatable (~> 0.6) + pastel (0.8.0) tty-color (~> 0.5) - pry (0.13.1) + progress_bar (1.3.3) + highline (>= 1.6, < 3) + options (~> 2.3.0) + pry (0.14.2) coderay (~> 1.1) method_source (~> 1.0) - public_suffix (4.0.5) - regexp_parser (1.7.1) - representable (3.0.4) + public_suffix (5.0.3) + racc (1.7.1) + rainbow (3.1.1) + rake (13.0.6) + regexp_parser (2.8.2) + representable (3.2.0) declarative (< 0.1.0) - declarative-option (< 0.2.0) + trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) retriable (3.1.2) - rspec (3.9.0) - rspec-core (~> 3.9.0) - rspec-expectations (~> 3.9.0) - rspec-mocks (~> 3.9.0) - rspec-core (3.9.2) - rspec-support (~> 3.9.3) - rspec-expectations (3.9.2) + rexml (3.2.6) + roo (2.9.0) + nokogiri (~> 1) + rubyzip (>= 1.3.0, < 3.0.0) + roo-xls (1.2.0) + nokogiri + roo (>= 2.0.0, < 3) + spreadsheet (> 0.9.0) + rspec (3.11.0) + rspec-core (~> 3.11.0) + rspec-expectations (~> 3.11.0) + rspec-mocks (~> 3.11.0) + rspec-core (3.11.0) + rspec-support (~> 3.11.0) + rspec-expectations (3.11.1) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.9.0) + rspec-support (~> 3.11.0) rspec-its (1.3.0) rspec-core (>= 3.0.0) rspec-expectations (>= 3.0.0) - rspec-mocks (3.9.1) + rspec-mocks (3.11.2) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.9.0) - rspec-support (3.9.3) - rubyntlm (0.6.2) - rubyzip (1.3.0) - semverse (3.0.0) - signet (0.14.0) - addressable (~> 2.3) - faraday (>= 0.17.3, < 2.0) + rspec-support (~> 3.11.0) + rspec-support (3.11.1) + rubocop (1.25.1) + parallel (~> 1.10) + parser (>= 3.1.0.0) + rainbow (>= 2.2.2, < 4.0) + regexp_parser (>= 1.8, < 3.0) + rexml + rubocop-ast (>= 1.15.1, < 2.0) + ruby-progressbar (~> 1.7) + unicode-display_width (>= 1.4.0, < 3.0) + rubocop-ast (1.29.0) + parser (>= 3.2.1.0) + ruby-ole (1.2.12.2) + ruby-progressbar (1.13.0) + ruby2_keywords (0.0.5) + rubyntlm (0.6.3) + rubyzip (2.3.2) + semverse (3.0.2) + signet (0.18.0) + addressable (~> 2.8) + faraday (>= 0.17.5, < 3.a) jwt (>= 1.5, < 3.0) multi_json (~> 1.10) + spreadsheet (1.3.0) + ruby-ole sslshake (1.3.1) - strings (0.1.8) - strings-ansi (~> 0.1) - unicode-display_width (~> 1.5) + strings (0.2.1) + strings-ansi (~> 0.2) + unicode-display_width (>= 1.5, < 3.0) unicode_utils (~> 1.4) strings-ansi (0.2.0) - sync (0.5.0) - term-ansicolor (1.7.1) - tins (~> 1.0) - test-kitchen (2.5.2) + test-kitchen (3.5.0) bcrypt_pbkdf (~> 1.0) + chef-utils (>= 16.4.35) ed25519 (~> 1.2) - license-acceptance (~> 1.0, >= 1.0.11) + license-acceptance (>= 1.0.11, < 3.0) mixlib-install (~> 3.6) mixlib-shellout (>= 1.2, < 4.0) - net-scp (>= 1.1, < 4.0) - net-ssh (>= 2.9, < 7.0) + net-scp (>= 1.1, < 5.0) + net-ssh (>= 2.9, < 8.0) net-ssh-gateway (>= 1.2, < 3.0) thor (>= 0.19, < 2.0) winrm (~> 2.0) winrm-elevated (~> 1.0) winrm-fs (~> 1.1) - thor (1.0.1) - thread_safe (0.3.6) + thor (1.2.2) timeliness (0.3.10) - tins (1.25.0) - sync - tomlrb (1.2.9) - train (3.3.6) - activesupport (>= 5.2.4.3, < 6.0.0) + tomlrb (1.3.0) + trailblazer-option (0.1.2) + train (3.10.8) + activesupport (>= 6.0.3.1) azure_graph_rbac (~> 0.16) azure_mgmt_key_vault (~> 0.17) azure_mgmt_resources (~> 0.15) azure_mgmt_security (~> 0.18) azure_mgmt_storage (~> 0.18) - docker-api (~> 1.26) - google-api-client (>= 0.23.9, < 0.35.0) - googleauth (>= 0.6.6, < 0.11.0) + docker-api (>= 1.26, < 3.0) + google-api-client (>= 0.23.9, <= 0.52.0) + googleauth (>= 0.6.6, <= 0.14.0) inifile (~> 3.0) - train-core (= 3.3.6) + train-core (= 3.10.8) train-winrm (~> 0.2) - train-aws (0.1.17) + train-aws (0.2.36) + aws-sdk-account (~> 1.14) + aws-sdk-alexaforbusiness (~> 1.0) + aws-sdk-amplify (~> 1.32.0) aws-sdk-apigateway (~> 1.0) aws-sdk-apigatewayv2 (~> 1.0) + aws-sdk-applicationautoscaling (>= 1.46, < 1.52) aws-sdk-athena (~> 1.0) - aws-sdk-autoscaling (~> 1.22.0) + aws-sdk-autoscaling (>= 1.22, < 1.93) + aws-sdk-batch (>= 1.36, < 1.74) aws-sdk-budgets (~> 1.0) aws-sdk-cloudformation (~> 1.0) aws-sdk-cloudfront (~> 1.0) @@ -421,16 +589,21 @@ GEM aws-sdk-cloudhsmv2 (~> 1.0) aws-sdk-cloudtrail (~> 1.8) aws-sdk-cloudwatch (~> 1.13) + aws-sdk-cloudwatchevents (>= 1.36, < 1.63) aws-sdk-cloudwatchlogs (~> 1.13) aws-sdk-codecommit (~> 1.0) aws-sdk-codedeploy (~> 1.0) aws-sdk-codepipeline (~> 1.0) + aws-sdk-cognitoidentity (>= 1.26, < 1.46) + aws-sdk-cognitoidentityprovider (>= 1.46, < 1.77) aws-sdk-configservice (~> 1.21) aws-sdk-core (~> 3.0) aws-sdk-costandusagereportservice (~> 1.6) + aws-sdk-databasemigrationservice (>= 1.42, < 1.81) aws-sdk-dynamodb (~> 1.31) aws-sdk-ec2 (~> 1.70) aws-sdk-ecr (~> 1.18) + aws-sdk-ecrpublic (~> 1.3) aws-sdk-ecs (~> 1.30) aws-sdk-efs (~> 1.0) aws-sdk-eks (~> 1.9) @@ -439,67 +612,82 @@ GEM aws-sdk-elasticloadbalancing (~> 1.8) aws-sdk-elasticloadbalancingv2 (~> 1.0) aws-sdk-elasticsearchservice (~> 1.0) + aws-sdk-emr (~> 1.53.0) + aws-sdk-eventbridge (>= 1.24, < 1.47) aws-sdk-firehose (~> 1.0) + aws-sdk-glue (>= 1.71, < 1.146) + aws-sdk-guardduty (~> 1.31) aws-sdk-iam (~> 1.13) aws-sdk-kafka (~> 1.0) aws-sdk-kinesis (~> 1.0) aws-sdk-kms (~> 1.13) aws-sdk-lambda (~> 1.0) - aws-sdk-organizations (~> 1.17.0) + aws-sdk-mq (~> 1.40.0) + aws-sdk-networkfirewall (>= 1.6.0) + aws-sdk-networkmanager (>= 1.13.0) + aws-sdk-organizations (>= 1.17, < 1.78) + aws-sdk-ram (>= 1.21, < 1.27) aws-sdk-rds (~> 1.43) aws-sdk-redshift (~> 1.0) aws-sdk-route53 (~> 1.0) aws-sdk-route53domains (~> 1.0) aws-sdk-route53resolver (~> 1.0) aws-sdk-s3 (~> 1.30) + aws-sdk-s3control (~> 1.43.0) + aws-sdk-secretsmanager (>= 1.42, < 1.47) aws-sdk-securityhub (~> 1.0) - aws-sdk-ses (~> 1.0) + aws-sdk-servicecatalog (>= 1.48, < 1.61) + aws-sdk-ses (~> 1.41.0) + aws-sdk-shield (~> 1.30) + aws-sdk-signer (~> 1.32.0) + aws-sdk-simpledb (~> 1.29.0) aws-sdk-sms (~> 1.0) aws-sdk-sns (~> 1.9) aws-sdk-sqs (~> 1.10) aws-sdk-ssm (~> 1.0) - train-core (3.3.6) + aws-sdk-states (>= 1.35, < 1.40) + aws-sdk-synthetics (~> 1.19.0) + aws-sdk-transfer (>= 1.26, < 1.74) + aws-sdk-waf (~> 1.43.0) + train-core (3.10.8) addressable (~> 2.5) ffi (!= 1.13.0) json (>= 1.8, < 3.0) mixlib-shellout (>= 2.0, < 4.0) - net-scp (>= 1.2, < 4.0) - net-ssh (>= 2.9, < 7.0) - train-habitat (0.2.13) - train-winrm (0.2.6) - winrm (~> 2.0) + net-scp (>= 1.2, < 5.0) + net-ssh (>= 2.9, < 8.0) + train-habitat (0.2.22) + train-winrm (0.2.13) + winrm (>= 2.3.6, < 3.0) + winrm-elevated (~> 1.2.2) winrm-fs (~> 1.0) - tty-box (0.5.0) - pastel (~> 0.7.2) - strings (~> 0.1.6) + tty-box (0.7.0) + pastel (~> 0.8) + strings (~> 0.2.0) tty-cursor (~> 0.7) - tty-color (0.5.1) + tty-color (0.6.0) tty-cursor (0.7.1) - tty-prompt (0.21.0) - necromancer (~> 0.5.0) - pastel (~> 0.7.0) - tty-reader (~> 0.7.0) - tty-reader (0.7.0) + tty-prompt (0.23.1) + pastel (~> 0.8) + tty-reader (~> 0.8) + tty-reader (0.9.0) tty-cursor (~> 0.7) - tty-screen (~> 0.7) - wisper (~> 2.0.0) - tty-screen (0.8.0) - tty-table (0.11.0) - equatable (~> 0.6) - necromancer (~> 0.5) - pastel (~> 0.7.2) - strings (~> 0.1.5) - tty-screen (~> 0.7) - tzinfo (1.2.7) - thread_safe (~> 0.1) + tty-screen (~> 0.8) + wisper (~> 2.0) + tty-screen (0.8.1) + tty-table (0.12.0) + pastel (~> 0.8) + strings (~> 0.2.0) + tty-screen (~> 0.8) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) uber (0.1.0) unf (0.1.4) unf_ext - unf_ext (0.0.7.7) - unicode-display_width (1.7.0) + unf_ext (0.0.8.2) + unicode-display_width (2.5.0) unicode_utils (1.4.0) - uri_template (0.7.0) - winrm (2.3.4) + winrm (2.3.6) builder (>= 2.1.2) erubi (~> 1.8) gssapi (~> 1.2) @@ -507,15 +695,15 @@ GEM httpclient (~> 2.2, >= 2.2.0.2) logging (>= 1.6.1, < 3.0) nori (~> 2.0) - rubyntlm (~> 0.6.0, >= 0.6.1) - winrm-elevated (1.2.1) + rubyntlm (~> 0.6.0, >= 0.6.3) + winrm-elevated (1.2.3) erubi (~> 1.8) winrm (~> 2.0) winrm-fs (~> 1.0) - winrm-fs (1.3.3) + winrm-fs (1.3.5) erubi (~> 1.8) logging (>= 1.6.1, < 3.0) - rubyzip (~> 1.1) + rubyzip (~> 2.0) winrm (~> 2.0) wisper (2.0.1) @@ -523,9 +711,11 @@ PLATFORMS ruby DEPENDENCIES - kitchen-docker (>= 2.9) - kitchen-inspec (>= 1.1) - kitchen-salt (>= 0.6.0) + inspec! + kitchen-docker! + kitchen-inspec (>= 2.5.0) + kitchen-salt (>= 0.7.2) + net-ssh (>= 7.0.0) BUNDLED WITH 2.1.2 diff --git a/apt/_mapdata/_mapdata.jinja b/apt/_mapdata/_mapdata.jinja new file mode 100644 index 0000000..aa9649c --- /dev/null +++ b/apt/_mapdata/_mapdata.jinja @@ -0,0 +1,13 @@ +# yamllint disable rule:indentation rule:line-length +# {{ grains.get("osfinger", grains.os) }} +--- +{#- use salt.slsutil.serialize to avoid encoding errors on some platforms #} +{{ salt["slsutil.serialize"]( + "yaml", + map, + default_flow_style=False, + allow_unicode=True, + ) + | regex_replace("^\s+'$", "'", multiline=True) + | trim +}} diff --git a/apt/_mapdata/init.sls b/apt/_mapdata/init.sls new file mode 100644 index 0000000..50bae9b --- /dev/null +++ b/apt/_mapdata/init.sls @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# vim: ft=sls +--- +{#- Get the `tplroot` from `tpldir` #} +{%- set tplroot = tpldir.split("/")[0] %} +{%- from tplroot ~ "/map.jinja" import apt with context %} + +{%- set _mapdata = { + "values": apt, + } %} +{%- do salt["log.debug"]("### MAP.JINJA DUMP ###\n" ~ _mapdata | yaml(False)) %} + +{%- set output_dir = "/temp" if grains.os_family == "Windows" else "/tmp" %} +{%- set output_file = output_dir ~ "/salt_mapdata_dump.yaml" %} + +{{ tplroot }}-mapdata-dump: + file.managed: + - name: {{ output_file }} + - source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja + - template: jinja + - context: + map: {{ _mapdata | yaml }} diff --git a/apt/apt_conf.sls b/apt/apt_conf.sls index 8a07461..be6d436 100644 --- a/apt/apt_conf.sls +++ b/apt/apt_conf.sls @@ -18,7 +18,7 @@ {{ confd_dir }}: file.directory: - - mode: 755 + - mode: '0755' - user: root - group: root - clean: {{ clean_apt_conf_d }} @@ -30,7 +30,7 @@ - template: jinja - user: root - group: root - - mode: 644 + - mode: '0644' - context: data: {{ contents }} - require_in: diff --git a/apt/dist_upgrade.sls b/apt/dist_upgrade.sls index 2da6fa5..74b751d 100644 --- a/apt/dist_upgrade.sls +++ b/apt/dist_upgrade.sls @@ -1,5 +1,5 @@ apt-get -y dist-upgrade: - cmd.wait: - - watch: + cmd.run: + - onchanges: - file: /etc/apt/sources.list - file: /etc/apt/sources.list.d diff --git a/apt/listchanges.sls b/apt/listchanges.sls index 87fb06f..2d81edc 100644 --- a/apt/listchanges.sls +++ b/apt/listchanges.sls @@ -13,5 +13,5 @@ apt_listchanges_pkgs: - template: jinja - user: root - group: root - - mode: 644 + - mode: '0644' - source: {{ listchanges_config_template }} diff --git a/apt/map.jinja b/apt/map.jinja index d77073e..c1ae3b4 100644 --- a/apt/map.jinja +++ b/apt/map.jinja @@ -1,5 +1,6 @@ {% set distribution = salt['grains.get']('lsb_distrib_codename') %} {% set arch = salt['grains.get']('osarch').split(' ') %} +{% set debian_comp = ['main', 'contrib', 'non-free', 'non-free-firmware'] if salt['grains.get']('osmajorrelease') >= 12 else ['main', 'contrib', 'non-free'] %} {% set apt = salt['grains.filter_by']({ 'Debian': { 'pkgs': ['unattended-upgrades'], @@ -13,6 +14,8 @@ 'preferences': {}, 'remove_preferences': false, 'clean_preferences_d': false, + 'keyrings_dir': '/etc/apt/keyrings', + 'clean_keyrings_d': false, 'remove_apt_conf': false, 'clean_apt_conf_d': false, 'apt_conf_d': {}, @@ -24,19 +27,22 @@ 'distro': distribution, 'url': 'http://deb.debian.org/debian/', 'arch': arch, - 'comps': ['main'], + 'comps': debian_comp, + 'opts': 'signed-by=/usr/share/keyrings/debian-archive-keyring.gpg' }, 'security-stable': { 'distro': distribution ~ '/updates', 'url': 'http://security.debian.org/', 'arch': arch, - 'comps': ['main'], + 'comps': debian_comp, + 'opts': 'signed-by=/usr/share/keyrings/debian-archive-keyring.gpg' }, 'default-updates': { 'distro': distribution ~ '-updates', 'url': 'http://deb.debian.org/debian/', 'arch': arch, - 'comps': ['main'], + 'comps': debian_comp, + 'opts': 'signed-by=/usr/share/keyrings/debian-archive-keyring.gpg' }, }, }, @@ -52,6 +58,8 @@ 'preferences': {}, 'remove_preferences': false, 'clean_preferences_d': false, + 'keyrings_dir': '/etc/apt/keyrings', + 'clean_keyrings_d': false, 'remove_apt_conf': false, 'clean_apt_conf_d': false, 'apt_conf_d': {}, diff --git a/apt/repositories.sls b/apt/repositories.sls index 4373b01..6f61a1d 100644 --- a/apt/repositories.sls +++ b/apt/repositories.sls @@ -4,6 +4,8 @@ {% set clean_sources_list_d = apt.get('clean_sources_list_d', apt_map.clean_sources_list_d) %} {% set sources_list_dir = apt.get('sources_list_dir', apt_map.sources_list_dir) %} {% set repositories = apt.get('repositories', apt_map.repositories) %} +{% set keyrings_dir = apt.get('keyrings_dir', apt_map.keyrings_dir) %} +{% set clean_keyrings_d = apt.get('clean_keyrings_d', apt_map.clean_keyrings_d) %} {% set default_url = apt.get('default_url', apt_map.default_url) %} {% set keyring_package = apt.get('keyring_package', apt_map.default_keyring_package) %} @@ -23,12 +25,35 @@ - replace: False {% endif %} +{% set excluded_sources = [] %} +{% set unmanaged_repos = [] %} +{% for repo, args in repositories.items() %} + {% if args.unmanaged is defined and args.unmanaged %} + {# repo.list is considered the filename unless filename is explicitly defined. + # managed repo lists files are constructed repo-type.list #} + {% do excluded_sources.append(args.filename if args.filename is defined else repo ~ '.list') %} + {% do unmanaged_repos.append(repo) %} + {% endif %} +{% endfor %} +{% for repo in unmanaged_repos %} + {# remove these repo's to avoid pgrepo.managed loop #} + {% do repositories.pop(repo) %} +{% endfor %} + {{ sources_list_dir }}: file.directory: - mode: '0755' - user: root - group: root - clean: {{ clean_sources_list_d }} + - exclude_pat: {{ excluded_sources | json }} + +{{ keyrings_dir }}: + file.directory: + - mode: '0755' + - user: root + - group: root + - clean: {{ clean_keyrings_d }} {% for repo, args in repositories.items() %} @@ -58,16 +83,20 @@ {%- set r_keyserver = args.keyserver if args.keyserver is defined else apt_map.default_keyserver %} {%- for type in args.type|d(['binary']) %} - {%- set r_type = 'deb-src' if type == 'source' else 'deb' %} + {%- set r_type = 'deb-src' if type == 'source' else 'deb' %} + {%- set r_file = args.filename if args.filename is defined else repo ~ '-' ~ type ~ '.list' %} {{ r_type }} {{ repo }}: pkgrepo.managed: - name: {{ r_type }} {{ r_options }} {{ r_url }} {{ r_distro }} {{ r_comps }} - - file: {{ sources_list_dir }}/{{ repo }}-{{ type }}.list + - file: {{ sources_list_dir }}/{{ r_file }} {# You can use either keyid+keyserver or key_url. If both are provided the latter will be used. #} {% if args.key_url is defined %} - key_url: {{ args.key_url }} + {% if 'signed-by=' in r_opts|lower and args.aptkey is not defined %} + - aptkey: false + {% endif %} {% elif args.key_text is defined %} - key_text: {{ args.key_text }} {% elif args.keyid is defined %} @@ -77,9 +106,18 @@ - clean_file: true - refresh: False - refresh_db: False + {% if args.aptkey is defined %} + - aptkey: {{ args.aptkey }} + {% endif %} - onchanges_in: - module: apt.refresh_db - + file.managed: + - name: {{ sources_list_dir }}/{{ r_file }} + - replace: false + - require_in: + - file: {{ sources_list_dir }} + # require_in the directory clean state + # This way, we don't remove all the files, just to add them again. {%- endfor %} {% endfor %} diff --git a/apt/update.sls b/apt/update.sls index e83a114..6bd27bb 100644 --- a/apt/update.sls +++ b/apt/update.sls @@ -1,5 +1,5 @@ apt-get -y update: - cmd.wait: - - watch: + cmd.run: + - onchanges: - file: /etc/apt/sources.list - file: /etc/apt/sources.list.d diff --git a/apt/upgrade.sls b/apt/upgrade.sls index 7171769..483bd09 100644 --- a/apt/upgrade.sls +++ b/apt/upgrade.sls @@ -1,5 +1,5 @@ apt-get -y upgrade: - cmd.wait: - - watch: + cmd.run: + - onchanges: - file: /etc/apt/sources.list - file: /etc/apt/sources.list.d diff --git a/bin/install-hooks b/bin/install-hooks new file mode 100755 index 0000000..840bb6c --- /dev/null +++ b/bin/install-hooks @@ -0,0 +1,16 @@ +#!/usr/bin/env sh +set -o nounset # Treat unset variables as an error and immediately exit +set -o errexit # If a command fails exit the whole script + +if [ "${DEBUG:-false}" = "true" ]; then + set -x # Run the entire script in debug mode +fi + +if ! command -v pre-commit >/dev/null 2>&1; then + echo "pre-commit not found: please install or check your PATH" >&2 + echo "See https://pre-commit.com/#installation" >&2 + exit 1 +fi + +pre-commit install --install-hooks +pre-commit install --hook-type commit-msg --install-hooks diff --git a/bin/kitchen b/bin/kitchen index dcfdb4c..5d5663e 100755 --- a/bin/kitchen +++ b/bin/kitchen @@ -19,8 +19,8 @@ if File.file?(bundle_binstub) load(bundle_binstub) else abort( - 'Your `bin/bundle` was not generated by Bundler, '\ - 'so this binstub cannot run. Replace `bin/bundle` by running '\ + 'Your `bin/bundle` was not generated by Bundler, ' \ + 'so this binstub cannot run. Replace `bin/bundle` by running ' \ '`bundle binstubs bundler --force`, then run this command again.' ) end diff --git a/commitlint.config.js b/commitlint.config.js index 2f9d1aa..4eb37f4 100644 --- a/commitlint.config.js +++ b/commitlint.config.js @@ -1,3 +1,8 @@ module.exports = { extends: ['@commitlint/config-conventional'], + rules: { + 'body-max-line-length': [2, 'always', 120], + 'footer-max-line-length': [2, 'always', 120], + 'header-max-length': [2, 'always', 72], + }, }; diff --git a/docs/AUTHORS.rst b/docs/AUTHORS.rst index 99d2e9a..baf26e8 100644 --- a/docs/AUTHORS.rst +++ b/docs/AUTHORS.rst @@ -13,68 +13,77 @@ This list is sorted by the number of commits per contributor in *descending* ord * - Avatar - Contributor - Contributions - * - :raw-html-m2r:`@myii` + * - :raw-html-m2r:`@myii` - `@myii `_ - - 55 - * - :raw-html-m2r:`@javierbertoli` + - 141 + * - :raw-html-m2r:`@javierbertoli` - `@javierbertoli `_ - - 28 - * - :raw-html-m2r:`@gravyboat` + - 31 + * - :raw-html-m2r:`@gravyboat` - `@gravyboat `_ - 12 - * - :raw-html-m2r:`@bmcclure` + * - :raw-html-m2r:`@bmcclure` - `@bmcclure `_ - 8 - * - :raw-html-m2r:`@aboe76` + * - :raw-html-m2r:`@aboe76` - `@aboe76 `_ - 8 - * - :raw-html-m2r:`@arthurlogilab` - - `@arthurlogilab `_ + * - :raw-html-m2r:`@arthurzenika` + - `@arthurzenika `_ - 7 - * - :raw-html-m2r:`@nmadhok` + * - :raw-html-m2r:`@nmadhok` - `@nmadhok `_ - 7 - * - :raw-html-m2r:`@boltronics` - - `@boltronics `_ - - 5 - * - :raw-html-m2r:`@jdkelleher` + * - :raw-html-m2r:`@dafyddj` + - `@dafyddj `_ + - 6 + * - :raw-html-m2r:`@jdkelleher` - `@jdkelleher `_ - 5 - * - :raw-html-m2r:`@westurner` + * - :raw-html-m2r:`@boltronics` + - `@boltronics `_ + - 5 + * - :raw-html-m2r:`@westurner` - `@westurner `_ - 4 - * - :raw-html-m2r:`@daschatten` + * - :raw-html-m2r:`@daschatten` - `@daschatten `_ - 4 - * - :raw-html-m2r:`@techhat` + * - :raw-html-m2r:`@techhat` - `@techhat `_ - 3 - * - :raw-html-m2r:`@whiteinge` + * - :raw-html-m2r:`@whiteinge` - `@whiteinge `_ - 3 - * - :raw-html-m2r:`@devster31` + * - :raw-html-m2r:`@devster31` - `@devster31 `_ - 3 - * - :raw-html-m2r:`@fzipi` - - `@fzipi `_ + * - :raw-html-m2r:`@baby-gnu` + - `@baby-gnu `_ + - 1 + * - :raw-html-m2r:`@didiermfb` + - `@didiermfb `_ - 1 - * - :raw-html-m2r:`@jerrykan` + * - :raw-html-m2r:`@jerrykan` - `@jerrykan `_ - 1 - * - :raw-html-m2r:`@rpatterson` + * - :raw-html-m2r:`@rpatterson` - `@rpatterson `_ - 1 - * - :raw-html-m2r:`@simonclausen` + * - :raw-html-m2r:`@simonclausen` - `@simonclausen `_ - 1 - * - :raw-html-m2r:`@babilen5` - - `@babilen5 `_ + * - :raw-html-m2r:`@wwentland` + - `@wwentland `_ + - 1 + * - :raw-html-m2r:`@noelmcloughlin` + - `@noelmcloughlin `_ - 1 - * - :raw-html-m2r:`@daks` + * - :raw-html-m2r:`@daks` - `@daks `_ - 1 ---- -Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2020-09-21. +Auto-generated by a `forked version `_ of `gaocegege/maintainer `_ on 2025-04-14. diff --git a/docs/CHANGELOG.rst b/docs/CHANGELOG.rst index d5d691b..7de8960 100644 --- a/docs/CHANGELOG.rst +++ b/docs/CHANGELOG.rst @@ -2,6 +2,111 @@ Changelog ========= +`0.11.2 `_ (2025-04-14) +-------------------------------------------------------------------------------------------------------- + +Bug Fixes +^^^^^^^^^ + + +* **repositories:** force aptkey if signed-by and allow aptkey (\ `3e11c59 `_\ ) + +`0.11.1 `_ (2025-04-10) +-------------------------------------------------------------------------------------------------------- + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* update ``pre-commit`` configuration inc. for pre-commit.ci [skip ci] (\ `347dc41 `_\ ) +* use latest test images (\ `222aa6c `_\ ) + +Tests +^^^^^ + + +* **system.rb:** add support for ``mac_os_x`` [skip ci] (\ `bb4d0f8 `_\ ) + +`0.11.0 `_ (2022-04-18) +-------------------------------------------------------------------------------------------------------- + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* **kitchen+gitlab:** update for new pre-salted images [skip ci] (\ `31773f1 `_\ ) + +Features +^^^^^^^^ + + +* **repositories:** allow to specify custom filename (\ `2a7e4af `_\ ) + +Tests +^^^^^ + + +* **system:** add ``build_platform_codename`` [skip ci] (\ `1a132d8 `_\ ) + +`0.10.4 `_ (2022-02-12) +-------------------------------------------------------------------------------------------------------- + +Code Refactoring +^^^^^^^^^^^^^^^^ + + +* **salt-lint:** fix violations (\ `7cc688c `_\ ) + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* update linters to latest versions [skip ci] (\ `37ca1fa `_\ ) +* **3003.1:** update inc. AlmaLinux, Rocky & ``rst-lint`` [skip ci] (\ `97b0af6 `_\ ) +* **commitlint:** ensure ``upstream/master`` uses main repo URL [skip ci] (\ `b4cce02 `_\ ) +* **gemfile:** allow rubygems proxy to be provided as an env var [skip ci] (\ `a8d9d34 `_\ ) +* **gemfile+lock:** use ``ssf`` customised ``inspec`` repo [skip ci] (\ `1f136cd `_\ ) +* **gemfile+lock:** use ``ssf`` customised ``kitchen-docker`` repo [skip ci] (\ `ce4f1a8 `_\ ) +* **gitlab-ci:** add ``rubocop`` linter (with ``allow_failure``\ ) [skip ci] (\ `057b19e `_\ ) +* **gitlab-ci:** use GitLab CI as Travis CI replacement (\ `0f9b059 `_\ ) +* **kitchen:** move ``provisioner`` block & update ``run_command`` [skip ci] (\ `d08806c `_\ ) +* **kitchen+ci:** update with ``3004`` pre-salted images/boxes [skip ci] (\ `380c689 `_\ ) +* **kitchen+ci:** update with latest ``3003.2`` pre-salted images [skip ci] (\ `efe8592 `_\ ) +* **kitchen+ci:** update with latest CVE pre-salted images [skip ci] (\ `9762abf `_\ ) +* **kitchen+ci:** use latest pre-salted images (after CVE) [skip ci] (\ `d5c38c1 `_\ ) +* **kitchen+gitlab:** adjust matrix to add ``3003`` [skip ci] (\ `6be32dc `_\ ) +* **kitchen+gitlab:** remove Ubuntu 16.04 & Fedora 32 (EOL) [skip ci] (\ `8086687 `_\ ) +* **kitchen+gitlab:** update for new pre-salted images [skip ci] (\ `091870b `_\ ) +* add ``arch-master`` to matrix and update ``.travis.yml`` [skip ci] (\ `5637e07 `_\ ) +* add Debian 11 Bullseye & update ``yamllint`` configuration [skip ci] (\ `758d646 `_\ ) +* **kitchen+gitlab-ci:** use latest pre-salted images [skip ci] (\ `d486305 `_\ ) +* **pre-commit:** update hook for ``rubocop`` (\ `67c1130 `_\ ) + +Tests +^^^^^ + + +* standardise use of ``share`` suite & ``_mapdata`` state [skip ci] (\ `9f6b2b1 `_\ ) + +`0.10.3 `_ (2020-10-19) +-------------------------------------------------------------------------------------------------------- + +Continuous Integration +^^^^^^^^^^^^^^^^^^^^^^ + + +* **pre-commit:** add to formula [skip ci] (\ `a472351 `_\ ) +* **pre-commit:** add to formula [skip ci] (\ `fe75b59 `_\ ) +* **pre-commit:** add to formula [skip ci] (\ `d9f480a `_\ ) +* **pre-commit:** enable/disable ``rstcheck`` as relevant [skip ci] (\ `4cf4741 `_\ ) +* **pre-commit:** finalise ``rstcheck`` configuration [skip ci] (\ `2d520d2 `_\ ) + +Tests +^^^^^ + + +* **repositories:** change to a repo with no key expiration (\ `e677b78 `_\ ) + `0.10.2 `_ (2020-09-21) -------------------------------------------------------------------------------------------------------- diff --git a/kitchen.yml b/kitchen.yml index 6f7357e..c3c6eb0 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -6,26 +6,7 @@ driver: name: docker use_sudo: false privileged: true - run_command: /lib/systemd/systemd - -# Make sure the platforms listed below match up with -# the `env.matrix` instances defined in `.travis.yml` -platforms: - ## SALT `master` - - name: debian-10-master-py3 - driver: - image: saltimages/salt-master-py3:debian-10 - - name: ubuntu-1804-master-py3 - driver: - image: saltimages/salt-master-py3:ubuntu-18.04 - - ## SALT `2019.2` - - name: debian-9-2019-2-py3 - driver: - image: saltimages/salt-2019.2-py3:debian-9 - - name: ubuntu-1804-2019-2-py3 - driver: - image: saltimages/salt-2019.2-py3:ubuntu-18.04 + run_command: /usr/lib/systemd/systemd provisioner: name: salt_solo @@ -37,12 +18,239 @@ provisioner: - .kitchen - .git +platforms: + ## SALT `master` + - name: debian-12-master-py3 + driver: + image: saltimages/salt-master-py3:debian-12 + run_command: /lib/systemd/systemd + - name: debian-11-master-py3 + driver: + image: saltimages/salt-master-py3:debian-11 + run_command: /lib/systemd/systemd + - name: ubuntu-2404-master-py3 + driver: + image: saltimages/salt-master-py3:ubuntu-24.04 + run_command: /lib/systemd/systemd + - name: ubuntu-2204-master-py3 + driver: + image: saltimages/salt-master-py3:ubuntu-22.04 + run_command: /lib/systemd/systemd + - name: ubuntu-2004-master-py3 + driver: + image: saltimages/salt-master-py3:ubuntu-20.04 + run_command: /lib/systemd/systemd + - name: centos-stream9-master-py3 + driver: + image: saltimages/salt-master-py3:centos-stream9 + - name: opensuse-leap-156-master-py3 + driver: + image: saltimages/salt-master-py3:opensuse-leap-15.6 + # Workaround to avoid intermittent failures on `opensuse-leap-15.6`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-leap-155-master-py3 + driver: + image: saltimages/salt-master-py3:opensuse-leap-15.5 + # Workaround to avoid intermittent failures on `opensuse-leap-15.5`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-tmbl-latest-master-py3 + driver: + image: saltimages/salt-master-py3:opensuse-tumbleweed-latest + # Workaround to avoid intermittent failures on `opensuse-tumbleweed`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: fedora-41-master-py3 + driver: + image: saltimages/salt-master-py3:fedora-41 + - name: fedora-40-master-py3 + driver: + image: saltimages/salt-master-py3:fedora-40 + - name: amazonlinux-2023-master-py3 + driver: + image: saltimages/salt-master-py3:amazonlinux-2023 + - name: oraclelinux-9-master-py3 + driver: + image: saltimages/salt-master-py3:oraclelinux-9 + - name: oraclelinux-8-master-py3 + driver: + image: saltimages/salt-master-py3:oraclelinux-8 + - name: almalinux-9-master-py3 + driver: + image: saltimages/salt-master-py3:almalinux-9 + - name: almalinux-8-master-py3 + driver: + image: saltimages/salt-master-py3:almalinux-8 + - name: rockylinux-9-master-py3 + driver: + image: saltimages/salt-master-py3:rockylinux-9 + - name: rockylinux-8-master-py3 + driver: + image: saltimages/salt-master-py3:rockylinux-8 + + ## SALT `3007.1` + - name: debian-12-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:debian-12 + run_command: /lib/systemd/systemd + - name: debian-11-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:debian-11 + run_command: /lib/systemd/systemd + - name: ubuntu-2404-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:ubuntu-24.04 + run_command: /lib/systemd/systemd + - name: ubuntu-2204-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:ubuntu-22.04 + run_command: /lib/systemd/systemd + - name: ubuntu-2004-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:ubuntu-20.04 + run_command: /lib/systemd/systemd + - name: centos-stream9-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:centos-stream9 + - name: opensuse-leap-155-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:opensuse-leap-15.5 + # Workaround to avoid intermittent failures on `opensuse-leap-15.5`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-leap-156-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:opensuse-leap-15.6 + # Workaround to avoid intermittent failures on `opensuse-leap-15.6`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-tmbl-latest-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:opensuse-tumbleweed-latest + # Workaround to avoid intermittent failures on `opensuse-tumbleweed`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: fedora-41-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:fedora-41 + - name: fedora-40-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:fedora-40 + - name: amazonlinux-2023-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:amazonlinux-2023 + - name: amazonlinux-2-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:amazonlinux-2 + - name: oraclelinux-9-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:oraclelinux-9 + - name: oraclelinux-8-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:oraclelinux-8 + - name: almalinux-9-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:almalinux-9 + - name: almalinux-8-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:almalinux-8 + - name: rockylinux-9-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:rockylinux-9 + - name: rockylinux-8-3007-1-py3 + driver: + image: saltimages/salt-3007.1-py3:rockylinux-8 + + ## SALT `3006.10` + - name: debian-12-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:debian-12 + run_command: /lib/systemd/systemd + - name: debian-11-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:debian-11 + run_command: /lib/systemd/systemd + - name: ubuntu-2404-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:ubuntu-24.04 + run_command: /lib/systemd/systemd + - name: ubuntu-2204-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:ubuntu-22.04 + run_command: /lib/systemd/systemd + - name: ubuntu-2004-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:ubuntu-20.04 + run_command: /lib/systemd/systemd + - name: centos-stream9-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:centos-stream9 + - name: opensuse-tmbl-latest-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:opensuse-tumbleweed-latest + # Workaround to avoid intermittent failures on `opensuse-tumbleweed`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-leap-156-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:opensuse-leap-15.6 + # Workaround to avoid intermittent failures on `opensuse-leap-15.6`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: opensuse-leap-155-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:opensuse-leap-15.5 + # Workaround to avoid intermittent failures on `opensuse-leap-15.5`: + # => SCP did not finish successfully (255): (Net::SCP::Error) + transport: + max_ssh_sessions: 1 + - name: fedora-41-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:fedora-41 + - name: fedora-40-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:fedora-40 + - name: amazonlinux-2023-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:amazonlinux-2023 + - name: amazonlinux-2-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:amazonlinux-2 + - name: oraclelinux-9-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:oraclelinux-9 + - name: oraclelinux-8-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:oraclelinux-8 + - name: almalinux-9-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:almalinux-9 + - name: almalinux-8-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:almalinux-8 + - name: rockylinux-9-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:rockylinux-9 + - name: rockylinux-8-3006-10-py3 + driver: + image: saltimages/salt-3006.10-py3:rockylinux-8 + + verifier: # https://www.inspec.io/ name: inspec sudo: true - # cli, documentation, html, progress, json, json-min, json-rspec, junit reporter: + # cli, documentation, html, progress, json, json-min, json-rspec, junit - cli suites: @@ -51,6 +259,8 @@ suites: state_top: base: '*': + - states/unmanaged + - apt._mapdata - apt.repositories - apt.update pillars: @@ -59,7 +269,10 @@ suites: '*': - apt pillars_from_files: - apt.sls: test/salt/pillar/repositories.pillar.sls + apt.sls: test/salt/pillar/repositories.sls + dependencies: + - name: states + path: ./test/salt verifier: inspec_tests: - path: test/integration/repositories @@ -68,6 +281,7 @@ suites: state_top: base: '*': + - apt._mapdata - apt.preferences pillars: top.sls: @@ -75,7 +289,7 @@ suites: '*': - apt pillars_from_files: - apt.sls: test/salt/pillar/preferences.pillar.sls + apt.sls: test/salt/pillar/preferences.sls verifier: inspec_tests: - path: test/integration/preferences @@ -84,6 +298,7 @@ suites: state_top: base: '*': + - apt._mapdata - apt.unattended pillars: top.sls: @@ -91,7 +306,7 @@ suites: '*': - apt pillars_from_files: - apt.sls: test/salt/pillar/unattended.pillar.sls + apt.sls: test/salt/pillar/unattended.sls verifier: inspec_tests: - path: test/integration/unattended diff --git a/pillar.example b/pillar.example index c4e4ad7..8df4614 100644 --- a/pillar.example +++ b/pillar.example @@ -14,6 +14,9 @@ apt: remove_preferences: true clean_preferences_d: true + keyrings_dir: '/etc/apt/keyrings' + clean_keyrings_d: true + apt_conf_d: 30release: 'APT::Default-Release': stable @@ -98,6 +101,9 @@ apt: comps: [main, contrib, non-free] key_url: https://ftp-master.debian.org/keys/archive-key-10.asc raspbian: + # If you want to use a particular filename under /etc/apt/sources.list.d + # set it here, with extension included + filename: my_raspbian_repo.list distro: stable url: http://archive.raspbian.org/raspbian type: [source] @@ -123,6 +129,16 @@ apt: opts: trusted: 'yes' another: whatever + saltstack: + distro: stable + url: https://packages.broadcom.com/artifactory/saltproject-deb + comps: [main] + type: [binary] + key_url: https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public # yamllint disable-line rule:line-length + opts: "signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp" + rabbitmq: + unmanaged: true # useful when rabbitmq.list is managed by another formula + filename: rabbitmq.list preferences: 00-rspamd: diff --git a/pre-commit_semantic-release.sh b/pre-commit_semantic-release.sh index ba80535..80f46e2 100755 --- a/pre-commit_semantic-release.sh +++ b/pre-commit_semantic-release.sh @@ -7,16 +7,16 @@ sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA ############################################################################### -# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst` +# (B) Use `m2r2` to convert automatically produced `.md` docs to `.rst` ############################################################################### -# Install `m2r` -sudo -H pip install m2r +# Install `m2r2` +pip3 install m2r2 # Copy and then convert the `.md` docs cp ./*.md docs/ cd docs/ || exit -m2r --overwrite ./*.md +m2r2 --overwrite ./*.md # Change excess `H1` headings to `H2` in converted `CHANGELOG.rst` sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst diff --git a/release.config.js b/release.config.js index 6af7aa8..15bf012 100644 --- a/release.config.js +++ b/release.config.js @@ -1,5 +1,6 @@ module.exports = { branch: 'master', + repositoryUrl: 'https://github.com/saltstack-formulas/apt-formula', plugins: [ ['@semantic-release/commit-analyzer', { preset: 'angular', diff --git a/test/integration/preferences/inspec.yml b/test/integration/preferences/inspec.yml index f4cb7a4..7e8b3eb 100644 --- a/test/integration/preferences/inspec.yml +++ b/test/integration/preferences/inspec.yml @@ -6,6 +6,9 @@ title: apt formula maintainer: SaltStack Formulas license: Apache-2.0 summary: Verify that the apt preferences are configured correctly +depends: + - name: share + path: test/integration/share supports: - platform-name: debian - platform-name: ubuntu diff --git a/test/integration/repositories/controls/repositories_spec.rb b/test/integration/repositories/controls/repositories_spec.rb index 8935a27..12cfdd1 100644 --- a/test/integration/repositories/controls/repositories_spec.rb +++ b/test/integration/repositories/controls/repositories_spec.rb @@ -25,27 +25,57 @@ its('mode') { should cmp '0755' } end - describe file('/etc/apt/sources.list.d/spotify-binary.list') do + describe file('/etc/apt/sources.list.d/unmanaged.list') do + it { should exist } + its(:content) do + should match("## unmanged list file that shouldn't be removed") + end + end + + describe file('/etc/apt/sources.list.d/heroku-binary.list') do it { should exist } it { should be_owned_by 'root' } it { should be_grouped_into 'root' } its('mode') { should cmp '0644' } its(:content) do should match( - %r{deb \[arch=amd64\] http://repository.spotify.com stable non-free} + %r{deb \[arch=amd64\] https://cli-assets.heroku.com/apt ./} ) end end - describe file('/etc/apt/sources.list.d/heroku-binary.list') do + describe file('/etc/apt/sources.list.d/my_raspbian_repo.list') do it { should exist } it { should be_owned_by 'root' } it { should be_grouped_into 'root' } its('mode') { should cmp '0644' } its(:content) do should match( - %r{deb \[arch=amd64\] https://cli-assets.heroku.com/apt ./} + %r{deb-src http://archive.raspbian.org/raspbian stable main} ) end end + + describe file('/etc/apt/sources.list.d/raspbian-binary.list') do + it { should_not exist } + end + + describe file('/etc/apt/sources.list.d/saltstack.list') do + it { should exist } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('mode') { should cmp '0644' } + its(:content) do + should match( + %r{deb \[\s?signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp\s?\] https://packages.broadcom.com/artifactory/saltproject-deb stable main} + ) + end + end + + describe file('/etc/apt/keyrings/salt-archive-keyring.pgp') do + it { should exist } + it { should be_owned_by 'root' } + it { should be_grouped_into 'root' } + its('mode') { should cmp '0644' } + end end diff --git a/test/integration/repositories/inspec.yml b/test/integration/repositories/inspec.yml index 5cda415..dbb5089 100644 --- a/test/integration/repositories/inspec.yml +++ b/test/integration/repositories/inspec.yml @@ -6,6 +6,9 @@ title: apt formula maintainer: SaltStack Formulas license: Apache-2.0 summary: Verify that the apt repositories are configured correctly +depends: + - name: share + path: test/integration/share supports: - platform-name: debian - platform-name: ubuntu diff --git a/test/integration/share/README.md b/test/integration/share/README.md new file mode 100644 index 0000000..5c5785b --- /dev/null +++ b/test/integration/share/README.md @@ -0,0 +1,22 @@ +# InSpec Profile: `share` + +This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md). + +Its goal is to share the libraries between all profiles. + +## Libraries + +### `system` + +The `system` library provides easy access to system dependent information: + +- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective + - `system.platform[:family]` provide a family name for Arch and Gentoo + - `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows` + - `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo, openSUSE and Windows: + - `Arch` is always `base-latest` + - `Amazon Linux` release `2018` is resolved as `1` + - `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`) + - `openSUSE` is resolved as `tumbleweed` if the `platform[:release]` is in date format + - `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version + - `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example) diff --git a/test/integration/share/inspec.yml b/test/integration/share/inspec.yml new file mode 100644 index 0000000..28a97b9 --- /dev/null +++ b/test/integration/share/inspec.yml @@ -0,0 +1,25 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +name: share +title: InSpec shared resources +maintainer: SaltStack Formulas +license: Apache-2.0 +summary: shared resources +supports: + - platform-name: debian + - platform-name: ubuntu + - platform-name: centos + - platform-name: fedora + - platform-name: opensuse + - platform-name: suse + - platform-name: freebsd + - platform-name: openbsd + - platform-name: amazon + - platform-name: oracle + - platform-name: arch + - platform-name: gentoo + - platform-name: almalinux + - platform-name: rocky + - platform-name: mac_os_x + - platform: windows diff --git a/test/integration/share/libraries/system.rb b/test/integration/share/libraries/system.rb new file mode 100644 index 0000000..64405bb --- /dev/null +++ b/test/integration/share/libraries/system.rb @@ -0,0 +1,138 @@ +# frozen_string_literal: true + +# system.rb -- InSpec resources for system values +# Author: Daniel Dehennin +# Copyright (C) 2020 Daniel Dehennin + +# rubocop:disable Metrics/ClassLength +class SystemResource < Inspec.resource(1) + name 'system' + + attr_reader :platform + + def initialize + super + @platform = build_platform + end + + private + + def build_platform + { + family: build_platform_family, + name: build_platform_name, + release: build_platform_release, + finger: build_platform_finger, + codename: build_platform_codename + } + end + + def build_platform_family + case inspec.platform[:name] + when 'arch', 'gentoo' + inspec.platform[:name] + else + inspec.platform[:family] + end + end + + def build_platform_name + case inspec.platform[:name] + when 'amazon', 'oracle', 'rocky' + "#{inspec.platform[:name]}linux" + when /^windows_/ + inspec.platform[:family] + else + inspec.platform[:name] + end + end + + # rubocop:disable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity + def build_platform_release + case inspec.platform[:name] + when 'amazon' + # `2018` relase is named `1` in `kitchen.yml` + inspec.platform[:release].gsub(/2018.*/, '1') + when 'arch' + 'base-latest' + when 'gentoo' + "#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}" + when 'mac_os_x' + inspec.command('sw_vers -productVersion').stdout.to_s + when 'opensuse' + # rubocop:disable Style/NumericLiterals,Layout/LineLength + inspec.platform[:release].to_i > 20210101 ? 'tumbleweed' : inspec.platform[:release] + # rubocop:enable Style/NumericLiterals,Layout/LineLength + when 'windows_8.1_pro' + '8.1' + when 'windows_server_2022_datacenter' + '2022-server' + when 'windows_server_2019_datacenter' + '2019-server' + when 'windows_server_2016_datacenter' + '2016-server' + else + inspec.platform[:release] + end + end + # rubocop:enable Metrics/MethodLength,Metrics/AbcSize,Metrics/CyclomaticComplexity + + def derive_gentoo_init_system + inspec.command('systemctl').exist? ? 'sysd' : 'sysv' + end + + def build_platform_finger + "#{build_platform_name}-#{build_finger_release}" + end + + def build_finger_release + case inspec.platform[:name] + when 'ubuntu' + build_platform_release.split('.').slice(0, 2).join('.') + else + build_platform_release.split('.')[0] + end + end + + # rubocop:disable Metrics/MethodLength,Metrics/CyclomaticComplexity + def build_platform_codename + case build_platform_finger + when 'ubuntu-22.04' + 'jammy' + when 'ubuntu-20.04' + 'focal' + when 'ubuntu-18.04' + 'bionic' + when 'debian-11' + 'bullseye' + when 'debian-10' + 'buster' + when 'debian-9' + 'stretch' + when 'almalinux-8' + "AlmaLinux #{build_platform_release} (Arctic Sphynx)" + when 'amazonlinux-2' + 'Amazon Linux 2' + when 'arch-base-latest' + 'Arch Linux' + when 'centos-7' + 'CentOS Linux 7 (Core)' + when 'centos-8' + 'CentOS Stream 8' + when 'opensuse-tumbleweed' + 'openSUSE Tumbleweed' + when 'opensuse-15' + "openSUSE Leap #{build_platform_release}" + when 'oraclelinux-8', 'oraclelinux-7' + "Oracle Linux Server #{build_platform_release}" + when 'gentoo-2-sysd', 'gentoo-2-sysv' + 'Gentoo/Linux' + when 'rockylinux-8' + "Rocky Linux #{build_platform_release} (Green Obsidian)" + else + '' + end + end + # rubocop:enable Metrics/MethodLength,Metrics/CyclomaticComplexity +end +# rubocop:enable Metrics/ClassLength diff --git a/test/integration/unattended/inspec.yml b/test/integration/unattended/inspec.yml index c832c01..294dc86 100644 --- a/test/integration/unattended/inspec.yml +++ b/test/integration/unattended/inspec.yml @@ -6,6 +6,9 @@ title: apt formula maintainer: SaltStack Formulas license: Apache-2.0 summary: Verify that the apt unattended preferences are configured correctly +depends: + - name: share + path: test/integration/share supports: - platform-name: debian - platform-name: ubuntu diff --git a/test/salt/pillar/preferences.pillar.sls b/test/salt/pillar/preferences.sls similarity index 100% rename from test/salt/pillar/preferences.pillar.sls rename to test/salt/pillar/preferences.sls diff --git a/test/salt/pillar/repositories.pillar.sls b/test/salt/pillar/repositories.pillar.sls deleted file mode 100644 index e1be3b2..0000000 --- a/test/salt/pillar/repositories.pillar.sls +++ /dev/null @@ -1,21 +0,0 @@ -# -*- coding: utf-8 -*- -# vim: ft=yaml ---- -apt: - remove_sources_list: true - clean_sources_list_d: true - - repositories: - spotify: - distro: stable - url: http://repository.spotify.com - arch: [amd64] - comps: [non-free] - keyid: 2EBF997C15BDA244B6EBF5D84773BD5E130D1D45 - keyserver: keyserver.ubuntu.com - heroku: - distro: ./ - url: https://cli-assets.heroku.com/apt - arch: [amd64] - comps: [] - key_url: https://cli-assets.heroku.com/apt/release.key diff --git a/test/salt/pillar/repositories.sls b/test/salt/pillar/repositories.sls new file mode 100644 index 0000000..91d82ce --- /dev/null +++ b/test/salt/pillar/repositories.sls @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +apt: + remove_sources_list: true + clean_sources_list_d: true + + repositories: + unmanaged: + unmanaged: true # do not remove this file when clean_sources_list_d=true + filename: unmanaged.list # optional + heroku: + distro: ./ + url: https://cli-assets.heroku.com/apt + arch: [amd64] + comps: [] + key_url: https://cli-assets.heroku.com/apt/release.key + raspbian: + # If you want to use a particular filename under /etc/apt/sources.list.d + # set it here, with extension included + filename: my_raspbian_repo.list + distro: stable + url: http://archive.raspbian.org/raspbian + type: [source] + key_url: https://archive.raspbian.org/raspbian.public.key + saltstack: + filename: saltstack.list + distro: stable + url: https://packages.broadcom.com/artifactory/saltproject-deb + comps: [main] + type: [binary] + key_url: https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public # yamllint disable-line rule:line-length + opts: "signed-by=/etc/apt/keyrings/salt-archive-keyring.pgp" diff --git a/test/salt/pillar/unattended.pillar.sls b/test/salt/pillar/unattended.sls similarity index 100% rename from test/salt/pillar/unattended.pillar.sls rename to test/salt/pillar/unattended.sls diff --git a/test/salt/states/unmanaged.sls b/test/salt/states/unmanaged.sls new file mode 100644 index 0000000..4cd5468 --- /dev/null +++ b/test/salt/states/unmanaged.sls @@ -0,0 +1,5 @@ +repos_maintained_by_another_formula: + file.managed: + - name: /etc/apt/sources.list.d/unmanaged.list + - mode: '0644' + - contents: "## unmanged list file that shouldn't be removed"