puppet/ssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #7 from ghoneycutt/spec_tests

Browse Source 
Add spec tests
This commit is contained in:
Garrett Honeycutt 2013-07-01 14:13:23 -07:00
commit 41d51e4636
6 changed files with 290 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.fixtures.yml Normal file
View File

@ -0,0 +1,12 @@
fixtures:
repositories:
"stdlib":
repo: "git://github.com/puppetlabs/puppetlabs-stdlib.git"
ref: "3.2.0"
"common":
repo: "git://github.com/ghoneycutt/puppet-module-common.git"
ref: "v1.0.0"
"firewall":
repo: "git://github.com/puppetlabs/puppetlabs-firewall.git"
symlinks:
"ssh": "#{source_dir}"

13
.travis.yml Normal file
View File

@ -0,0 +1,13 @@
language: ruby
before_script: "gem install --no-ri --no-rdoc bundler"
after_script:
script: 'SPEC_OPTS="--format documentation" bundle exec rake spec'
notifications:
email: false
rvm:
- 1.9.3
- 1.8.7
env:
- PUPPET_VERSION=2.7.13
- PUPPET_VERSION=3.2.1
gemfile: Gemfile

6
Gemfile Normal file
View File

@ -0,0 +1,6 @@
source :rubygems
puppetversion = ENV.key?('PUPPET_VERSION') ? "= #{ENV['PUPPET_VERSION']}" : ['>= 2.7']
gem 'puppet', puppetversion
gem 'puppetlabs_spec_helper', '>= 0.1.0'
gem 'puppet-lint', '>= 0.3.2'

6
Modulefile
View File

@ -1,5 +1,5 @@
name 'ghoneycutt-ssh'
version '2.0.0'
version '2.0.1'
source 'git://github.com/ghoneycutt/puppet-module-ssh.git'
author 'ghoneycutt'
license 'Apache License, Version 2.0'
@ -7,6 +7,6 @@ summary 'Manages SSH'
description 'Manage SSH'
project_page 'https://github.com/ghoneycutt/puppet-module-ssh'
dependency 'puppetlabs/stdlib', '=> 3.2.x'
dependency 'puppetlabs/stdlib', '3.2.x'
dependency 'ghoneycutt/common', '1.0.0'
dependency 'puppetlabs/firewall', '>= 0.2.1'
dependency 'puppetlabs/firewall'

250
spec/classes/init_spec.rb Normal file
View File

@ -0,0 +1,250 @@
require 'spec_helper'
describe 'ssh' do
context 'with default params' do
let :facts do
{
:fqdn => 'monkey.example.com',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
it { should include_class('ssh')}
it { should_not include_class('common')}
it {
should contain_package('ssh_packages').with({
'ensure' => 'installed',
'name' => ['openssh-server','openssh-server','openssh-clients'],
})
}
it {
should contain_file('ssh_config').with({
'ensure' => 'file',
'path' => '/etc/ssh/ssh_config',
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
'require' => 'Package[ssh_packages]',
})
}
it {
should contain_file('ssh_config').with_content(/^# This file is being maintained by Puppet.\n# DO NOT EDIT\n\n# \$OpenBSD: ssh_config,v 1.21 2005\/12\/06 22:38:27 reyk Exp \$/)
}
it {
should contain_file('sshd_config').with({
'ensure' => 'file',
'path' => '/etc/ssh/sshd_config',
'owner' => 'root',
'group' => 'root',
'mode' => '0600',
'require' => 'Package[ssh_packages]',
})
}
it {
should contain_file('sshd_config').with_content(/^PermitRootLogin no$/)
}
it {
should contain_service('sshd_service').with({
'ensure' => 'running',
'name' => 'sshd',
'enable' => 'true',
'hasrestart' => 'true',
'hasstatus' => 'true',
'subscribe' => 'File[sshd_config]',
})
}
it {
should contain_resources('sshkey').with({
'purge' => 'true',
})
}
end
context 'with manage_root_ssh_config set to \'true\'' do
let :facts do
{
:fqdn => 'monkey.example.com',
:osfamily => 'RedHat',
:root_home => '/root',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
let :params do
{ :manage_root_ssh_config => 'true' }
end
it { should include_class('ssh')}
it { should include_class('common')}
it {
should contain_package('ssh_packages').with({
'ensure' => 'installed',
'name' => ['openssh-server','openssh-server','openssh-clients'],
})
}
it {
should contain_file('ssh_config').with({
'ensure' => 'file',
'path' => '/etc/ssh/ssh_config',
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
'require' => 'Package[ssh_packages]',
})
}
it {
should contain_file('ssh_config').with_content(/^# This file is being maintained by Puppet.\n# DO NOT EDIT\n\n# \$OpenBSD: ssh_config,v 1.21 2005\/12\/06 22:38:27 reyk Exp \$/)
}
it {
should contain_file('sshd_config').with({
'ensure' => 'file',
'path' => '/etc/ssh/sshd_config',
'owner' => 'root',
'group' => 'root',
'mode' => '0600',
'require' => 'Package[ssh_packages]',
})
}
it {
should contain_file('sshd_config').with_content(/^PermitRootLogin no$/)
}
it {
should contain_service('sshd_service').with({
'ensure' => 'running',
'name' => 'sshd',
'enable' => 'true',
'hasrestart' => 'true',
'hasstatus' => 'true',
'subscribe' => 'File[sshd_config]',
})
}
it {
should contain_resources('sshkey').with({
'purge' => 'true',
})
}
it {
should contain_file('root_ssh_dir').with({
'ensure' => 'directory',
'path' => '/root/.ssh',
'owner' => 'root',
'group' => 'root',
'mode' => '0700',
'require' => 'Common::Mkdir_p[/root/.ssh]',
})
}
end
context 'with manage_root_ssh_config set to invalid value' do
let :facts do
{
:fqdn => 'monkey.example.com',
:osfamily => 'RedHat',
:root_home => '/root',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
let :params do
{ :manage_root_ssh_config => 'invalid' }
end
it 'should fail' do
expect {
should include_class('ssh')
}.to raise_error(Puppet::Error,/manage_root_ssh_config is <invalid> and must be \'true\' or \'false\'./)
end
end
context 'with manage_firewall set to true' do
let :facts do
{
:fqdn => 'monkey.example.com',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
let :params do
{ :manage_firewall => true }
end
it { should include_class('ssh')}
it { should_not include_class('common')}
it {
should contain_package('ssh_packages').with({
'ensure' => 'installed',
'name' => ['openssh-server','openssh-server','openssh-clients'],
})
}
it {
should contain_file('ssh_config').with({
'ensure' => 'file',
'path' => '/etc/ssh/ssh_config',
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
'require' => 'Package[ssh_packages]',
})
}
it {
should contain_file('ssh_config').with_content(/^# This file is being maintained by Puppet.\n# DO NOT EDIT\n\n# \$OpenBSD: ssh_config,v 1.21 2005\/12\/06 22:38:27 reyk Exp \$/)
}
it {
should contain_file('sshd_config').with({
'ensure' => 'file',
'path' => '/etc/ssh/sshd_config',
'owner' => 'root',
'group' => 'root',
'mode' => '0600',
'require' => 'Package[ssh_packages]',
})
}
it {
should contain_file('sshd_config').with_content(/^PermitRootLogin no$/)
}
it {
should contain_service('sshd_service').with({
'ensure' => 'running',
'name' => 'sshd',
'enable' => 'true',
'hasrestart' => 'true',
'hasstatus' => 'true',
'subscribe' => 'File[sshd_config]',
})
}
it {
should contain_resources('sshkey').with({
'purge' => 'true',
})
}
it {
should contain_firewall('22 open port 22 for SSH').with({
'action' => 'accept',
'dport' => '22',
'proto' => 'tcp',
})
}
end
end

12
templates/ssh_config.erb
View File

@ -1,7 +1,7 @@
# This file is being maintained by Puppet.
# DO NOT EDIT
# $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
# $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
@ -45,12 +45,12 @@
# TunnelDevice any:any
# PermitLocalCommand no
Host *
GSSAPIAuthentication yes
GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted yes
ForwardX11Trusted yes
# Send locale-related environment variables
SendEnv LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL
SendEnv LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL