From 09e0cd5692471789b0ecea54fd2c963a4f9cbf44 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 10:11:34 -0700 Subject: [PATCH 01/12] WIP Build fixes --- .kitchen.docker.yml | 7 +++---- .kitchen.yml | 2 +- .travis.yml | 2 +- CHANGELOG.md | 4 ++++ metadata.rb | 17 +++++++---------- recipes/bundle.rb | 6 +++++- spec/recipes/_repository_spec.rb | 4 ++-- spec/recipes/_services_spec.rb | 2 +- spec/recipes/bundle_spec.rb | 6 +++--- spec/recipes/config_spec.rb | 2 +- spec/recipes/default_spec.rb | 2 +- spec/recipes/mistral_spec.rb | 2 +- spec/recipes/user_spec.rb | 17 +---------------- spec/recipes/web_spec.rb | 2 +- 14 files changed, 32 insertions(+), 43 deletions(-) diff --git a/.kitchen.docker.yml b/.kitchen.docker.yml index d0f3c57..72317b8 100644 --- a/.kitchen.docker.yml +++ b/.kitchen.docker.yml @@ -18,15 +18,14 @@ platforms: disable_upstart: false run_command: /sbin/init provision_command: - - /usr/bin/apt-get update - - /usr/bin/apt-get install -y apt-transport-https net-tools initscripts -- name: centos-7.2 + - /usr/bin/apt-get update && /usr/bin/apt-get install -y apt-transport-https net-tools initscripts libpq5 libpq-dev +- name: centos-7.5 driver: image: centos:7 platform: rhel run_command: /usr/lib/systemd/systemd provision_command: - - /bin/yum install -y initscripts net-tools wget logrotate + - /bin/yum install -y initscripts net-tools wget logrotate postgresql-libs suites: - name: default diff --git a/.kitchen.yml b/.kitchen.yml index 500623b..6365d94 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -13,7 +13,7 @@ verifier: platforms: - name: ubuntu-14.04 - - name: centos-7.2 + - name: centos-7.5 suites: - name: default diff --git a/.travis.yml b/.travis.yml index dbfa3f7..2ad275f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,7 +20,7 @@ env: matrix: - SUITE=default - SUITE=integration:kitchen:default-ubuntu-1404 - - SUITE=integration:kitchen:default-centos-72 + - SUITE=integration:kitchen:default-centos-75 before_script: # https://github.com/zuazo/kitchen-in-travis-native/issues/1#issuecomment-142455888 diff --git a/CHANGELOG.md b/CHANGELOG.md index 7db33ef..b341d0e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # stackstorm cookbook CHANGELOG +## 0.5.0 + + * Migrate from 'mongodb' to 'sc-mongodb' cookbook for Chef 13+ support + ## 0.4.0 * Update Test kitchen to CentOS 7.2 diff --git a/metadata.rb b/metadata.rb index 6d260a2..a1061f9 100644 --- a/metadata.rb +++ b/metadata.rb @@ -4,28 +4,25 @@ license 'Apache-2.0' description 'Installs/Configures stackstorm' long_description 'Installs/Configures stackstorm' -version '0.4.0' +version '0.5.0' supports 'ubuntu', '= 14.04' -supports 'redhat', '~> 7.0' -supports 'centos', '~> 7.0' +supports 'redhat', '~> 7.5' +supports 'centos', '~> 7.5' supports 'amazon' -chef_version '>= 12.4' +chef_version '>= 14.4' depends 'apt' depends 'chef_nginx', '~> 5.0.1' depends 'database' depends 'htpasswd' -depends 'mongodb3', '~> 5.3.0' +depends 'sc-mongodb', '~> 1.2.0' depends 'openssl', '~> 6.0.0' depends 'openstack-mistral', '>= 0.3.0' depends 'packagecloud' -depends 'postgresql' -# For newer RabbitMQ cookbook versions, service fails to start in Dockerized environment under EL7 -# See: https://github.com/StackStorm/chef-stackstorm/pull/62 -depends 'rabbitmq', '<= 4.10.0' -depends 'sudo' +depends 'postgresql', '=6.1.1' +depends 'rabbitmq' depends 'yum' depends 'yum-epel' diff --git a/recipes/bundle.rb b/recipes/bundle.rb index eaf1775..06f0788 100644 --- a/recipes/bundle.rb +++ b/recipes/bundle.rb @@ -41,8 +41,12 @@ node.default['stackstorm']['user']['ssh_pub'] = pubkey node.default['stackstorm']['user']['ssh_key'] = prikey node.default['stackstorm']['user']['authorized_keys'] = [pubkey] +node.default['mongodb']['package_version'] = '3.4.17' +node.default['postgresql']['pg_gem']['version'] = '0.21.0' +node.override['htpasswd']['install_method'] = 'ruby' -include_recipe 'mongodb3::default' +include_recipe 'htpasswd::default' +include_recipe 'sc-mongodb::default' include_recipe 'rabbitmq::default' include_recipe 'stackstorm::default' include_recipe 'stackstorm::mistral' diff --git a/spec/recipes/_repository_spec.rb b/spec/recipes/_repository_spec.rb index f152cba..7c768ca 100644 --- a/spec/recipes/_repository_spec.rb +++ b/spec/recipes/_repository_spec.rb @@ -6,11 +6,11 @@ end let(:chef_run_ubuntu_1404) { ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '14.04').converge(described_recipe) } - let(:chef_run_centos_7) { ChefSpec::SoloRunner.new(platform: 'centos', version: '7.0').converge(described_recipe) } + let(:chef_run_centos_7) { ChefSpec::SoloRunner.new(platform: 'centos', version: '7.5').converge(described_recipe) } platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| diff --git a/spec/recipes/_services_spec.rb b/spec/recipes/_services_spec.rb index f3e48c4..1e6b756 100644 --- a/spec/recipes/_services_spec.rb +++ b/spec/recipes/_services_spec.rb @@ -15,7 +15,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| diff --git a/spec/recipes/bundle_spec.rb b/spec/recipes/bundle_spec.rb index 53e09dc..20fec64 100644 --- a/spec/recipes/bundle_spec.rb +++ b/spec/recipes/bundle_spec.rb @@ -40,7 +40,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| @@ -60,8 +60,8 @@ expect(chef_run.node['stackstorm']['user']['authorized_keys']).to eq([pubkey]) end - it 'should include recipe mongodb3::default' do - expect_any_instance_of(Chef::Recipe).to receive(:include_recipe).with('mongodb3::default') + it 'should include recipe sc-mongodb::default' do + expect_any_instance_of(Chef::Recipe).to receive(:include_recipe).with('sc-mongodb::default') chef_run end diff --git a/spec/recipes/config_spec.rb b/spec/recipes/config_spec.rb index 4ca1f30..85147b0 100644 --- a/spec/recipes/config_spec.rb +++ b/spec/recipes/config_spec.rb @@ -93,7 +93,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| diff --git a/spec/recipes/default_spec.rb b/spec/recipes/default_spec.rb index efa2681..72a6329 100644 --- a/spec/recipes/default_spec.rb +++ b/spec/recipes/default_spec.rb @@ -7,7 +7,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| diff --git a/spec/recipes/mistral_spec.rb b/spec/recipes/mistral_spec.rb index df7cbab..fcedc5c 100644 --- a/spec/recipes/mistral_spec.rb +++ b/spec/recipes/mistral_spec.rb @@ -7,7 +7,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| diff --git a/spec/recipes/user_spec.rb b/spec/recipes/user_spec.rb index ec10b68..40f82a4 100644 --- a/spec/recipes/user_spec.rb +++ b/spec/recipes/user_spec.rb @@ -3,7 +3,7 @@ describe 'stackstorm::user' do platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| @@ -68,21 +68,6 @@ content: "# Generated by Chef. Don't edit!\nssh-rsa fake-key" ) end - - it 'should install sudo "stanley"' do - expect(chef_run).to install_sudo('stanley').with( - user: 'stanley', - nopasswd: true - ) - end - end - - context "Using #{platform} #{version} with node['stackstorm']['user']['enable_sudo'] = false" do - it 'should not install sudo "stanley"' do - chef_run.node.normal['stackstorm']['user']['enable_sudo'] = false - chef_run.converge(described_recipe) - expect(chef_run).to_not install_sudo('stanley') - end end context "Using #{platform} #{version} with node['stackstorm']['user']['ssh_key'] not nil" do diff --git a/spec/recipes/web_spec.rb b/spec/recipes/web_spec.rb index 053a228..dca0a43 100644 --- a/spec/recipes/web_spec.rb +++ b/spec/recipes/web_spec.rb @@ -7,7 +7,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.0'], + 'centos' => ['7.5'], } platforms.each do |platform, versions| From 422d44c58f27ee4d38b119bcc773a5e6445a61ac Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 17:20:11 -0700 Subject: [PATCH 02/12] more specific centos build for fauxhai --- spec/recipes/_repository_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/recipes/_repository_spec.rb b/spec/recipes/_repository_spec.rb index 7c768ca..332d994 100644 --- a/spec/recipes/_repository_spec.rb +++ b/spec/recipes/_repository_spec.rb @@ -6,7 +6,7 @@ end let(:chef_run_ubuntu_1404) { ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '14.04').converge(described_recipe) } - let(:chef_run_centos_7) { ChefSpec::SoloRunner.new(platform: 'centos', version: '7.5').converge(described_recipe) } + let(:chef_run_centos_7) { ChefSpec::SoloRunner.new(platform: 'centos', version: '7.5.1804').converge(described_recipe) } platforms = { 'ubuntu' => ['14.04'], From 15486375832eda32974a7002381182be8f6dc990 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 17:27:01 -0700 Subject: [PATCH 03/12] more specific centos build for fauxhai --- spec/recipes/_repository_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/recipes/_repository_spec.rb b/spec/recipes/_repository_spec.rb index 332d994..8416c14 100644 --- a/spec/recipes/_repository_spec.rb +++ b/spec/recipes/_repository_spec.rb @@ -10,7 +10,7 @@ platforms = { 'ubuntu' => ['14.04'], - 'centos' => ['7.5'], + 'centos' => ['7.5.1804'], } platforms.each do |platform, versions| From 1ae8c54d84effc7677b2277523bf774d4f07d8de Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 17:29:58 -0700 Subject: [PATCH 04/12] newer chefdk --- .travis.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.travis.yml b/.travis.yml index 2ad275f..6738cc8 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,6 +25,9 @@ env: before_script: # https://github.com/zuazo/kitchen-in-travis-native/issues/1#issuecomment-142455888 - sudo iptables -L DOCKER || sudo iptables -N DOCKER + # ChefDK no longer available via APT repo + - wget https://packages.chef.io/files/stable/chefdk/3.2.30/ubuntu/14.04/chefdk_3.2.30-1_amd64.deb + - sudo dpkg -i chefdk_3.2.30-1_amd64.deb - eval "$(/opt/chefdk/bin/chef shell-init bash)" - /opt/chefdk/bin/chef gem install kitchen-docker From db0631bc85b91e25afc83092aca8df778072c842 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 17:31:54 -0700 Subject: [PATCH 05/12] remove chefdk apt section --- .travis.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index 6738cc8..cb1de4b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,13 +2,6 @@ sudo: required services: docker -addons: - apt: - sources: - - chef-stable-precise - packages: - - chefdk - # Don't `bundle install` install: echo "skip bundle install" From 0603da7420aacfed680e094837945470cecf3b21 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 17:47:44 -0700 Subject: [PATCH 06/12] new services --- attributes/config.rb | 12 ++++++------ attributes/user.rb | 2 +- attributes/web.rb | 2 +- recipes/web.rb | 2 +- spec/recipes/_services_spec.rb | 1 + spec/recipes/config_spec.rb | 20 +++++++++++++------- templates/default/st2.conf.erb | 6 ++++++ 7 files changed, 29 insertions(+), 16 deletions(-) diff --git a/attributes/config.rb b/attributes/config.rb index 9439314..28547ba 100644 --- a/attributes/config.rb +++ b/attributes/config.rb @@ -7,23 +7,23 @@ api_url: 'http://127.0.0.1:9101', api_host: '0.0.0.0', api_port: 9101, - api_mask_secrets: true, + api_mask_secrets: True, api_allow_origin: '*', auth_host: '0.0.0.0', auth_port: 9100, - auth_use_ssl: false, - auth_debug: false, - auth_enable: true, + auth_use_ssl: False, + auth_debug: False, + auth_enable: True, auth_standalone_file: '/etc/st2/htpasswd', - syslog_enabled: false, + syslog_enabled: False, syslog_host: '127.0.0.1', syslog_port: 514, syslog_facility: 'local7', syslog_protocol: 'udp', - log_mask_secrets: true, + log_mask_secrets: True, system_user: node['stackstorm']['user']['user'], ssh_key_file: "#{node['stackstorm']['user']['home']}/.ssh/id_rsa", diff --git a/attributes/user.rb b/attributes/user.rb index 5943331..b3ac90f 100644 --- a/attributes/user.rb +++ b/attributes/user.rb @@ -6,4 +6,4 @@ default['stackstorm']['user']['ssh_key'] = nil default['stackstorm']['user']['ssh_pub'] = nil default['stackstorm']['user']['ssh_key_bits'] = 2048 -default['stackstorm']['user']['enable_sudo'] = true +default['stackstorm']['user']['enable_sudo'] = True diff --git a/attributes/web.rb b/attributes/web.rb index bae30ff..158028a 100644 --- a/attributes/web.rb +++ b/attributes/web.rb @@ -4,7 +4,7 @@ # # Self-signed certificate -default['stackstorm']['web']['ssl']['self_signed']['enabled'] = true +default['stackstorm']['web']['ssl']['self_signed']['enabled'] = True default['stackstorm']['web']['ssl']['self_signed']['org'] = 'StackStorm' default['stackstorm']['web']['ssl']['self_signed']['org_unit'] = 'Information Technology' default['stackstorm']['web']['ssl']['self_signed']['country'] = 'US' diff --git a/recipes/web.rb b/recipes/web.rb index 01c3a88..ca1079e 100644 --- a/recipes/web.rb +++ b/recipes/web.rb @@ -18,7 +18,7 @@ org node['stackstorm']['web']['ssl']['self_signed']['org'] org_unit node['stackstorm']['web']['ssl']['self_signed']['org_unit'] country node['stackstorm']['web']['ssl']['self_signed']['country'] - only_if { node['stackstorm']['web']['ssl']['self_signed']['enabled'] == true } + only_if { node['stackstorm']['web']['ssl']['self_signed']['enabled'] == True } end include_recipe 'chef_nginx::repo' diff --git a/spec/recipes/_services_spec.rb b/spec/recipes/_services_spec.rb index 1e6b756..6c7d9aa 100644 --- a/spec/recipes/_services_spec.rb +++ b/spec/recipes/_services_spec.rb @@ -6,6 +6,7 @@ st2actionrunner st2api st2stream st2auth st2garbagecollector st2notifier st2resultstracker st2rulesengine st2sensorcontainer + st2timersengine st2workflowengine ).freeze describe 'stackstorm::_services' do diff --git a/spec/recipes/config_spec.rb b/spec/recipes/config_spec.rb index 85147b0..216f944 100644 --- a/spec/recipes/config_spec.rb +++ b/spec/recipes/config_spec.rb @@ -13,7 +13,7 @@ host = 0.0.0.0 port = 9101 logging = /etc/st2/logging.api.conf -mask_secrets = true +mask_secrets = True # allow_origin is required for handling CORS in st2 web UI. # allow_origin = http://myhost1.example.com:3000,http://myhost2.example.com:3000 allow_origin = * @@ -43,6 +43,12 @@ [garbagecollector] logging = /etc/st2/logging.garbagecollector.conf +[timersengine] +logging = /etc/st2timersengine/logging.st2timersengine.conf + +[workflow_engine] +logging = /etc/st2actions/logging.workflowengine.conf + [auth] host = 0.0.0.0 port = 9100 @@ -154,23 +160,23 @@ 'api_url' => 'http://127.0.0.1:9101', 'api_host' => '0.0.0.0', 'api_port' => 9101, - 'api_mask_secrets' => true, + 'api_mask_secrets' => True, 'api_allow_origin' => '*', 'auth_host' => '0.0.0.0', 'auth_port' => 9100, - 'auth_use_ssl' => false, - 'auth_debug' => false, - 'auth_enable' => true, + 'auth_use_ssl' => False, + 'auth_debug' => False, + 'auth_enable' => True, 'auth_standalone_file' => '/etc/st2/htpasswd', - 'syslog_enabled' => false, + 'syslog_enabled' => False, 'syslog_host' => '127.0.0.1', 'syslog_port' => 514, 'syslog_facility' => 'local7', 'syslog_protocol' => 'udp', - 'log_mask_secrets' => true, + 'log_mask_secrets' => True, 'system_user' => 'stanley', 'ssh_key_file' => '/home/stanley/.ssh/id_rsa', diff --git a/templates/default/st2.conf.erb b/templates/default/st2.conf.erb index 42f9123..9a71896 100644 --- a/templates/default/st2.conf.erb +++ b/templates/default/st2.conf.erb @@ -36,6 +36,12 @@ logging = /etc/st2/logging.exporter.conf [garbagecollector] logging = /etc/st2/logging.garbagecollector.conf +[timersengine] +logging = /etc/st2timersengine/logging.st2timersengine.conf + +[workflow_engine] +logging = /etc/st2actions/logging.workflowengine.conf + [auth] host = <%= @auth_host %> port = <%= @auth_port %> From 1d2876998cf3a6bb7063b71d3dfd435b10eb0965 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Tue, 25 Sep 2018 17:52:32 -0700 Subject: [PATCH 07/12] true/True --- attributes/user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/attributes/user.rb b/attributes/user.rb index b3ac90f..5943331 100644 --- a/attributes/user.rb +++ b/attributes/user.rb @@ -6,4 +6,4 @@ default['stackstorm']['user']['ssh_key'] = nil default['stackstorm']['user']['ssh_pub'] = nil default['stackstorm']['user']['ssh_key_bits'] = 2048 -default['stackstorm']['user']['enable_sudo'] = True +default['stackstorm']['user']['enable_sudo'] = true From 2baf2ee02cfe8d487436fe149e5d7c28be0a8079 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Wed, 26 Sep 2018 10:10:41 -0700 Subject: [PATCH 08/12] further build fixes --- attributes/config.rb | 12 ++++++------ attributes/web.rb | 2 +- recipes/_services.rb | 1 + recipes/bundle.rb | 1 + recipes/web.rb | 2 +- spec/recipes/config_spec.rb | 12 ++++++------ test/recipes/default/_services.rb | 1 + 7 files changed, 17 insertions(+), 14 deletions(-) diff --git a/attributes/config.rb b/attributes/config.rb index 28547ba..9439314 100644 --- a/attributes/config.rb +++ b/attributes/config.rb @@ -7,23 +7,23 @@ api_url: 'http://127.0.0.1:9101', api_host: '0.0.0.0', api_port: 9101, - api_mask_secrets: True, + api_mask_secrets: true, api_allow_origin: '*', auth_host: '0.0.0.0', auth_port: 9100, - auth_use_ssl: False, - auth_debug: False, - auth_enable: True, + auth_use_ssl: false, + auth_debug: false, + auth_enable: true, auth_standalone_file: '/etc/st2/htpasswd', - syslog_enabled: False, + syslog_enabled: false, syslog_host: '127.0.0.1', syslog_port: 514, syslog_facility: 'local7', syslog_protocol: 'udp', - log_mask_secrets: True, + log_mask_secrets: true, system_user: node['stackstorm']['user']['user'], ssh_key_file: "#{node['stackstorm']['user']['home']}/.ssh/id_rsa", diff --git a/attributes/web.rb b/attributes/web.rb index 158028a..bae30ff 100644 --- a/attributes/web.rb +++ b/attributes/web.rb @@ -4,7 +4,7 @@ # # Self-signed certificate -default['stackstorm']['web']['ssl']['self_signed']['enabled'] = True +default['stackstorm']['web']['ssl']['self_signed']['enabled'] = true default['stackstorm']['web']['ssl']['self_signed']['org'] = 'StackStorm' default['stackstorm']['web']['ssl']['self_signed']['org_unit'] = 'Information Technology' default['stackstorm']['web']['ssl']['self_signed']['country'] = 'US' diff --git a/recipes/_services.rb b/recipes/_services.rb index 0311cb0..57a421f 100644 --- a/recipes/_services.rb +++ b/recipes/_services.rb @@ -11,6 +11,7 @@ st2actionrunner st2api st2stream st2auth st2garbagecollector st2notifier st2resultstracker st2rulesengine st2sensorcontainer + st2timersengine st2workflowengine ).freeze # Enable & Start st2 services diff --git a/recipes/bundle.rb b/recipes/bundle.rb index 06f0788..802fb1a 100644 --- a/recipes/bundle.rb +++ b/recipes/bundle.rb @@ -44,6 +44,7 @@ node.default['mongodb']['package_version'] = '3.4.17' node.default['postgresql']['pg_gem']['version'] = '0.21.0' node.override['htpasswd']['install_method'] = 'ruby' +node.override['rabbitmq']['use_distro_version'] = true include_recipe 'htpasswd::default' include_recipe 'sc-mongodb::default' diff --git a/recipes/web.rb b/recipes/web.rb index ca1079e..01c3a88 100644 --- a/recipes/web.rb +++ b/recipes/web.rb @@ -18,7 +18,7 @@ org node['stackstorm']['web']['ssl']['self_signed']['org'] org_unit node['stackstorm']['web']['ssl']['self_signed']['org_unit'] country node['stackstorm']['web']['ssl']['self_signed']['country'] - only_if { node['stackstorm']['web']['ssl']['self_signed']['enabled'] == True } + only_if { node['stackstorm']['web']['ssl']['self_signed']['enabled'] == true } end include_recipe 'chef_nginx::repo' diff --git a/spec/recipes/config_spec.rb b/spec/recipes/config_spec.rb index 216f944..4860447 100644 --- a/spec/recipes/config_spec.rb +++ b/spec/recipes/config_spec.rb @@ -160,23 +160,23 @@ 'api_url' => 'http://127.0.0.1:9101', 'api_host' => '0.0.0.0', 'api_port' => 9101, - 'api_mask_secrets' => True, + 'api_mask_secrets' => true, 'api_allow_origin' => '*', 'auth_host' => '0.0.0.0', 'auth_port' => 9100, - 'auth_use_ssl' => False, - 'auth_debug' => False, - 'auth_enable' => True, + 'auth_use_ssl' => false, + 'auth_debug' => false, + 'auth_enable' => true, 'auth_standalone_file' => '/etc/st2/htpasswd', - 'syslog_enabled' => False, + 'syslog_enabled' => false, 'syslog_host' => '127.0.0.1', 'syslog_port' => 514, 'syslog_facility' => 'local7', 'syslog_protocol' => 'udp', - 'log_mask_secrets' => True, + 'log_mask_secrets' => true, 'system_user' => 'stanley', 'ssh_key_file' => '/home/stanley/.ssh/id_rsa', diff --git a/test/recipes/default/_services.rb b/test/recipes/default/_services.rb index 30d217a..1ac7bbd 100644 --- a/test/recipes/default/_services.rb +++ b/test/recipes/default/_services.rb @@ -11,6 +11,7 @@ st2actionrunner st2api st2stream st2auth st2garbagecollector st2notifier st2resultstracker st2rulesengine st2sensorcontainer + st2timersengine st2workflowengine ).freeze ST2_SERVICES.each do |service_name| From 0f886e1483a21d141224bcf96e51790cdfbf148c Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Wed, 26 Sep 2018 10:33:07 -0700 Subject: [PATCH 09/12] Fix wrong logging config path for timersengine --- spec/recipes/config_spec.rb | 4 ++-- templates/default/st2.conf.erb | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/recipes/config_spec.rb b/spec/recipes/config_spec.rb index 4860447..59be1f4 100644 --- a/spec/recipes/config_spec.rb +++ b/spec/recipes/config_spec.rb @@ -44,10 +44,10 @@ logging = /etc/st2/logging.garbagecollector.conf [timersengine] -logging = /etc/st2timersengine/logging.st2timersengine.conf +logging = /etc/st2/logging.timersengine.conf [workflow_engine] -logging = /etc/st2actions/logging.workflowengine.conf +logging = /etc/st2/logging.workflowengine.conf [auth] host = 0.0.0.0 diff --git a/templates/default/st2.conf.erb b/templates/default/st2.conf.erb index 9a71896..f972367 100644 --- a/templates/default/st2.conf.erb +++ b/templates/default/st2.conf.erb @@ -37,10 +37,10 @@ logging = /etc/st2/logging.exporter.conf logging = /etc/st2/logging.garbagecollector.conf [timersengine] -logging = /etc/st2timersengine/logging.st2timersengine.conf +logging = /etc/st2/logging.timersengine.conf [workflow_engine] -logging = /etc/st2actions/logging.workflowengine.conf +logging = /etc/st2/logging.workflowengine.conf [auth] host = <%= @auth_host %> From 747826db6e4baa5bb71e1496ab757e26ff520f81 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Wed, 26 Sep 2018 16:23:50 -0700 Subject: [PATCH 10/12] test fixes --- recipes/_repository.rb | 16 ---------------- recipes/user.rb | 1 + spec/recipes/_repository_spec.rb | 24 ++---------------------- spec/recipes/default_spec.rb | 2 +- spec/recipes/user_spec.rb | 15 +++++++++++++++ spec/recipes/web_spec.rb | 2 +- 6 files changed, 20 insertions(+), 40 deletions(-) diff --git a/recipes/_repository.rb b/recipes/_repository.rb index 9bb4c64..b4dff0f 100644 --- a/recipes/_repository.rb +++ b/recipes/_repository.rb @@ -14,22 +14,6 @@ 'deb' end -# Read: -# http://blog.packagecloud.io/eng/2016/03/21/apt-hash-sum-mismatch/ -# https://packagecloud.io/computology/apt-backport -package 'apt' do - version '1.2.10' - action :nothing -end - -execute 'Ubuntu Precise and Trusty: APT hash sum mismatch workaround' do - command 'curl -s https://packagecloud.io/install/repositories/computology/apt-backport/script.deb.sh | bash' - only_if { node['platform'] == 'ubuntu' } - only_if { %w(trusty precise).include? node['lsb']['codename'] } - creates '/etc/apt/sources.list.d/computology_apt-backport.list' - notifies :install, 'package[apt]', :immediately -end - packagecloud_repo 'StackStorm/stable' do type type end diff --git a/recipes/user.rb b/recipes/user.rb index a435eb2..4f052e1 100644 --- a/recipes/user.rb +++ b/recipes/user.rb @@ -83,4 +83,5 @@ user conf['user'] nopasswd true only_if { conf['enable_sudo'] } + action :create end diff --git a/spec/recipes/_repository_spec.rb b/spec/recipes/_repository_spec.rb index 8416c14..adf9b72 100644 --- a/spec/recipes/_repository_spec.rb +++ b/spec/recipes/_repository_spec.rb @@ -22,47 +22,27 @@ allow_any_instance_of(Chef::Recipe).to receive(:include_recipe).with('apt') chef_run end - - it 'should not install pacakge "apt"' do - expect(chef_run).to_not install_package('apt').with(version: '1.2.10') - end end end end context 'Using ubuntu 14.04 with default node attributes' do - let(:execute) { chef_run_ubuntu_1404.execute('Ubuntu Precise and Trusty: APT hash sum mismatch workaround') } + let(:chef_run) { chef_run_ubuntu_1404 } it 'should create packagecloud_repo "StackStorm/stable"' do expect(chef_run_ubuntu_1404).to create_packagecloud_repo('StackStorm/stable').with( type: 'deb' ) end - - it 'should run a execute "Ubuntu Precise and Trusty: APT hash sum mismatch workaround"' do - expect(chef_run_ubuntu_1404).to run_execute('curl -s https://packagecloud.io/install/repositories/computology/apt-backport/script.deb.sh | bash') - end - - it 'sends the notification to the apt resource immediately' do - expect(execute).to notify('package[apt]').to(:install).immediately - end end context 'Using centos 7.0 with default node attributes' do - let(:execute) { chef_run_centos_7.execute('Ubuntu Precise and Trusty: APT hash sum mismatch workaround') } + let(:execute) { chef_run_centos_7 } it 'should create packagecloud_repo "StackStorm/stable"' do expect(chef_run_centos_7).to create_packagecloud_repo('StackStorm/stable').with( type: 'rpm' ) end - - it 'should not run a execute "Ubuntu Precise and Trusty: APT hash sum mismatch workaround"' do - expect(chef_run_centos_7).to_not run_execute('curl -s https://packagecloud.io/install/repositories/computology/apt-backport/script.deb.sh | bash') - end - - it 'sends the notification to the apt resource immediately (but does not get installed)' do - expect(execute).to notify('package[apt]').to(:install).immediately - end end end diff --git a/spec/recipes/default_spec.rb b/spec/recipes/default_spec.rb index 72a6329..3c353a0 100644 --- a/spec/recipes/default_spec.rb +++ b/spec/recipes/default_spec.rb @@ -20,7 +20,7 @@ chef_run end - it 'should install pacakge "st2"' do + it 'should install package "st2"' do expect(chef_run).to install_package('st2') end diff --git a/spec/recipes/user_spec.rb b/spec/recipes/user_spec.rb index 40f82a4..fab60f1 100644 --- a/spec/recipes/user_spec.rb +++ b/spec/recipes/user_spec.rb @@ -68,6 +68,21 @@ content: "# Generated by Chef. Don't edit!\nssh-rsa fake-key" ) end + + it 'should create sudo "stanley"' do + expect(chef_run).to create_sudo('stanley').with( + user: ['stanley'], + nopasswd: true + ) + end + end + + context "Using #{platform} #{version} with node['stackstorm']['user']['enable_sudo'] = false" do + it 'should not create sudo "stanley"' do + chef_run.node.normal['stackstorm']['user']['enable_sudo'] = false + chef_run.converge(described_recipe) + expect(chef_run).to_not create_sudo('stanley') + end end context "Using #{platform} #{version} with node['stackstorm']['user']['ssh_key'] not nil" do diff --git a/spec/recipes/web_spec.rb b/spec/recipes/web_spec.rb index dca0a43..5c2e02e 100644 --- a/spec/recipes/web_spec.rb +++ b/spec/recipes/web_spec.rb @@ -15,7 +15,7 @@ let(:chef_run) { ChefSpec::SoloRunner.new(platform: platform, version: version).converge(described_recipe) } context "Using #{platform} #{version} with default node attributes" do - it 'should install pacakge "st2web"' do + it 'should install package "st2web"' do expect(chef_run).to install_package('st2web') end From d802aa846c79f60b7cd2042f88e76154d2523ca7 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Thu, 27 Sep 2018 16:50:39 -0700 Subject: [PATCH 11/12] minor config cleanups --- attributes/config.rb | 6 ++--- recipes/user.rb | 14 ++++++------ spec/recipes/config_spec.rb | 12 +++++----- spec/recipes/user_spec.rb | 38 +++++++++++++++---------------- test/recipes/default/user_test.rb | 4 ++-- 5 files changed, 37 insertions(+), 37 deletions(-) diff --git a/attributes/config.rb b/attributes/config.rb index 9439314..3cdd4dd 100644 --- a/attributes/config.rb +++ b/attributes/config.rb @@ -5,12 +5,12 @@ # https://github.com/StackStorm/st2/blob/master/conf/st2.package.conf default['stackstorm']['config'] = { api_url: 'http://127.0.0.1:9101', - api_host: '0.0.0.0', + api_host: '127.0.0.1', api_port: 9101, api_mask_secrets: true, api_allow_origin: '*', - auth_host: '0.0.0.0', + auth_host: '127.0.0.1', auth_port: 9100, auth_use_ssl: false, auth_debug: false, @@ -26,7 +26,7 @@ log_mask_secrets: true, system_user: node['stackstorm']['user']['user'], - ssh_key_file: "#{node['stackstorm']['user']['home']}/.ssh/id_rsa", + ssh_key_file: "#{node['stackstorm']['user']['home']}/.ssh/stanley_rsa", rmq_host: '127.0.0.1', rmq_vhost: nil, diff --git a/recipes/user.rb b/recipes/user.rb index 4f052e1..368777e 100644 --- a/recipes/user.rb +++ b/recipes/user.rb @@ -33,17 +33,17 @@ if conf['ssh_key'].nil? # Ensure to generate ssh credentials if none is given. execute "generating ssh key-pair for #{conf['user']}" do - command "ssh-keygen -f #{conf['home']}/.ssh/id_rsa -b #{conf['ssh_key_bits']} -P ''" + command "ssh-keygen -f #{conf['home']}/.ssh/stanley_rsa -b #{conf['ssh_key_bits']} -P ''" user conf['user'] group conf['group'] - not_if { ::File.exist? "#{conf['home']}/.ssh/id_rsa" } + not_if { ::File.exist? "#{conf['home']}/.ssh/stanley_rsa" } only_if { conf['ssh_key'].nil? } action :run end else # Write supplied credentials - file "creating #{conf['home']}/.ssh/id_rsa key #{conf['user']}" do - path "#{conf['home']}/.ssh/id_rsa" + file "creating #{conf['home']}/.ssh/stanley_rsa key #{conf['user']}" do + path "#{conf['home']}/.ssh/stanley_rsa" mode 0640 user conf['user'] group conf['group'] @@ -51,8 +51,8 @@ action :create end - file "creating #{conf['home']}/.ssh/id_rsa public key for #{conf['user']}" do - path "#{conf['home']}/.ssh/id_rsa.pub" + file "creating #{conf['home']}/.ssh/stanley_rsa public key for #{conf['user']}" do + path "#{conf['home']}/.ssh/stanley_rsa.pub" user conf['user'] group conf['group'] content(conf['ssh_pub']) @@ -70,7 +70,7 @@ content lazy { # We make it lazy, because we want self ssh login. # For example. It's usefull if we deloy a chef node and the clone it :) - mypub = ::IO.read("#{conf['home']}/.ssh/id_rsa.pub") + mypub = ::IO.read("#{conf['home']}/.ssh/stanley_rsa.pub") pubkeys = conf['authorized_keys'].dup pubkeys.unshift(mypub) unless pubkeys.include?(mypub) "# Generated by Chef. Don't edit!\n" << pubkeys.join("\n") diff --git a/spec/recipes/config_spec.rb b/spec/recipes/config_spec.rb index 59be1f4..245022e 100644 --- a/spec/recipes/config_spec.rb +++ b/spec/recipes/config_spec.rb @@ -10,7 +10,7 @@ [api] # Host and port to bind the API server. -host = 0.0.0.0 +host = 127.0.0.1 port = 9101 logging = /etc/st2/logging.api.conf mask_secrets = True @@ -50,7 +50,7 @@ logging = /etc/st2/logging.workflowengine.conf [auth] -host = 0.0.0.0 +host = 127.0.0.1 port = 9100 use_ssl = False debug = False @@ -79,7 +79,7 @@ [system_user] user = stanley -ssh_key_file = /home/stanley/.ssh/id_rsa +ssh_key_file = /home/stanley/.ssh/stanley_rsa [messaging] url = amqp://guest:guest@127.0.0.1:5672/ @@ -158,12 +158,12 @@ # https://github.com/StackStorm/st2/blob/master/conf/st2.package.conf variables: { 'api_url' => 'http://127.0.0.1:9101', - 'api_host' => '0.0.0.0', + 'api_host' => '127.0.0.1', 'api_port' => 9101, 'api_mask_secrets' => true, 'api_allow_origin' => '*', - 'auth_host' => '0.0.0.0', + 'auth_host' => '127.0.0.1', 'auth_port' => 9100, 'auth_use_ssl' => false, 'auth_debug' => false, @@ -179,7 +179,7 @@ 'log_mask_secrets' => true, 'system_user' => 'stanley', - 'ssh_key_file' => '/home/stanley/.ssh/id_rsa', + 'ssh_key_file' => '/home/stanley/.ssh/stanley_rsa', 'rmq_host' => '127.0.0.1', 'rmq_vhost' => nil, diff --git a/spec/recipes/user_spec.rb b/spec/recipes/user_spec.rb index fab60f1..8ffd9f3 100644 --- a/spec/recipes/user_spec.rb +++ b/spec/recipes/user_spec.rb @@ -33,7 +33,7 @@ it 'should run execute "generating ssh key-pair for stanley"' do expect(chef_run).to run_execute('generating ssh key-pair for stanley').with( - command: "ssh-keygen -f /home/stanley/.ssh/id_rsa -b 2048 -P ''", + command: "ssh-keygen -f /home/stanley/.ssh/stanley_rsa -b 2048 -P ''", user: 'stanley', group: 'stanley' ) @@ -41,25 +41,25 @@ it 'should not run execute "generating ssh key-pair for stanley" if ssh key already exists' do allow(File).to receive(:exist?).and_call_original - allow(File).to receive(:exist?).with('/home/stanley/.ssh/id_rsa').and_return(true) + allow(File).to receive(:exist?).with('/home/stanley/.ssh/stanley_rsa').and_return(true) expect(chef_run).to_not run_execute('generating ssh key-pair for stanley').with( - command: "ssh-keygen -f /home/stanley/.ssh/id_rsa -b 2048 -P ''", + command: "ssh-keygen -f /home/stanley/.ssh/stanley_rsa -b 2048 -P ''", user: 'stanley', group: 'stanley' ) end - it 'should not create file "creating /home/stanley/.ssh/id_rsa key stanley"' do - expect(chef_run).to_not create_file('creating /home/stanley/.ssh/id_rsa key stanley') + it 'should not create file "creating /home/stanley/.ssh/stanley_rsa key stanley"' do + expect(chef_run).to_not create_file('creating /home/stanley/.ssh/stanley_rsa key stanley') end - it 'should not create file "creating /home/stanley/.ssh/id_rsa public key for stanley"' do - expect(chef_run).to_not create_file('creating /home/stanley/.ssh/id_rsa public key for stanley') + it 'should not create file "creating /home/stanley/.ssh/stanley_rsa public key for stanley"' do + expect(chef_run).to_not create_file('creating /home/stanley/.ssh/stanley_rsa public key for stanley') end it 'should create file "creating /home/stanley/.ssh/authorized_keys for stanley"' do allow(IO).to receive(:read).and_call_original - allow(IO).to receive(:read).with('/home/stanley/.ssh/id_rsa.pub').and_return('ssh-rsa fake-key') + allow(IO).to receive(:read).with('/home/stanley/.ssh/stanley_rsa.pub').and_return('ssh-rsa fake-key') expect(chef_run).to create_file('creating /home/stanley/.ssh/authorized_keys for stanley').with( path: '/home/stanley/.ssh/authorized_keys', owner: 'stanley', @@ -86,11 +86,11 @@ end context "Using #{platform} #{version} with node['stackstorm']['user']['ssh_key'] not nil" do - it 'should create file "creating /home/stanley/.ssh/id_rsa key stanley"' do + it 'should create file "creating /home/stanley/.ssh/stanley_rsa key stanley"' do chef_run.node.normal['stackstorm']['user']['ssh_key'] = 'fake ssh key' chef_run.converge(described_recipe) - expect(chef_run).to create_file('creating /home/stanley/.ssh/id_rsa key stanley').with( - path: '/home/stanley/.ssh/id_rsa', + expect(chef_run).to create_file('creating /home/stanley/.ssh/stanley_rsa key stanley').with( + path: '/home/stanley/.ssh/stanley_rsa', mode: 0640, user: 'stanley', group: 'stanley', @@ -98,20 +98,20 @@ ) end - it 'should not create file "creating /home/stanley/.ssh/id_rsa public key for stanley"' do + it 'should not create file "creating /home/stanley/.ssh/stanley_rsa public key for stanley"' do chef_run.node.normal['stackstorm']['user']['ssh_key'] = 'fake ssh key' chef_run.converge(described_recipe) - expect(chef_run).to_not create_file('creating /home/stanley/.ssh/id_rsa public key for stanley') + expect(chef_run).to_not create_file('creating /home/stanley/.ssh/stanley_rsa public key for stanley') end end context "Using #{platform} #{version} with node['stackstorm']['user']['ssh_key'] and ['stackstorm']['user']['ssh_pub'] not nil" do - it 'should create file "creating /home/stanley/.ssh/id_rsa key stanley"' do + it 'should create file "creating /home/stanley/.ssh/stanley_rsa key stanley"' do chef_run.node.normal['stackstorm']['user']['ssh_key'] = 'fake ssh key' chef_run.node.normal['stackstorm']['user']['ssh_pub'] = 'fake ssh public key' chef_run.converge(described_recipe) - expect(chef_run).to create_file('creating /home/stanley/.ssh/id_rsa key stanley').with( - path: '/home/stanley/.ssh/id_rsa', + expect(chef_run).to create_file('creating /home/stanley/.ssh/stanley_rsa key stanley').with( + path: '/home/stanley/.ssh/stanley_rsa', mode: 0640, user: 'stanley', group: 'stanley', @@ -119,12 +119,12 @@ ) end - it 'should create file "creating /home/stanley/.ssh/id_rsa public key for stanley"' do + it 'should create file "creating /home/stanley/.ssh/stanley_rsa public key for stanley"' do chef_run.node.normal['stackstorm']['user']['ssh_key'] = 'fake ssh key' chef_run.node.normal['stackstorm']['user']['ssh_pub'] = 'fake ssh public key' chef_run.converge(described_recipe) - expect(chef_run).to create_file('creating /home/stanley/.ssh/id_rsa public key for stanley').with( - path: '/home/stanley/.ssh/id_rsa.pub', + expect(chef_run).to create_file('creating /home/stanley/.ssh/stanley_rsa public key for stanley').with( + path: '/home/stanley/.ssh/stanley_rsa.pub', user: 'stanley', group: 'stanley', content: 'fake ssh public key' diff --git a/test/recipes/default/user_test.rb b/test/recipes/default/user_test.rb index 02cdd23..b668b74 100644 --- a/test/recipes/default/user_test.rb +++ b/test/recipes/default/user_test.rb @@ -31,7 +31,7 @@ it { should_not be_executable.by('group') } end -describe file('/home/stanley/.ssh/id_rsa') do +describe file('/home/stanley/.ssh/stanley_rsa') do it { should exist } its('owner') { should eq 'stanley' } its('group') { should eq 'stanley' } @@ -43,7 +43,7 @@ it { should_not be_executable.by('group') } end -describe file('/home/stanley/.ssh/id_rsa.pub') do +describe file('/home/stanley/.ssh/stanley_rsa.pub') do it { should exist } its('owner') { should eq 'stanley' } its('group') { should eq 'stanley' } From 101aca10e141c3ea8523a5b7e556282b822a6618 Mon Sep 17 00:00:00 2001 From: Lindsay Hill Date: Thu, 27 Sep 2018 16:59:09 -0700 Subject: [PATCH 12/12] updated changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b341d0e..b8c786d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,8 @@ ## 0.5.0 * Migrate from 'mongodb' to 'sc-mongodb' cookbook for Chef 13+ support + * Update test kitchen to CentOS 7.5 + * Cleanups and fixes for ST2 2.9 support, and broken Travis builds ## 0.4.0