From 5e31c2cb8d73d90834f28f16107a344641a6e0ca Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Mon, 12 Sep 2022 16:51:42 -0500 Subject: [PATCH 1/6] Add rhel 8+ dnf support Signed-off-by: Corey Hemminger --- libraries/linux_updates.rb | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb index 33ac5bf..6f50de4 100644 --- a/libraries/linux_updates.rb +++ b/libraries/linux_updates.rb @@ -208,10 +208,17 @@ def packages end def updates - rhel_updates = <<~PRINT_JSON - #!/bin/sh - python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\", \\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' - PRINT_JSON + rhel_updates = if os.release.to_i > 7 + <<~PRINT_JSON + #!/usr/bin/sh + /usr/libexec/platform-python -c 'import dnf; base = dnf.Base(); base.read_all_repos(); base.fill_sack(); q = base.sack.query(); list = list(q.upgrades()); res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.reponame+"\\"}" for x in list]; print("{\\"available\\":["+",".join(res)+"]}")' + PRINT_JSON + else + <<~PRINT_JSON + #!/bin/sh + python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\", \\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' + PRINT_JSON + end cmd = @inspec.bash(rhel_updates) unless cmd.exit_status.zero? # essentially we want https://github.com/chef/inspec/issues/1205 From fcc4436a2300adf3e89c63344e54a202dcca8be0 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Mon, 12 Sep 2022 17:15:15 -0500 Subject: [PATCH 2/6] adding signoff Signed-off-by: Corey Hemminger hemminger@hotmail.com Signed-off-by: Corey Hemminger --- libraries/linux_updates.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb index 6f50de4..a2bf6c7 100644 --- a/libraries/linux_updates.rb +++ b/libraries/linux_updates.rb @@ -216,7 +216,7 @@ def updates else <<~PRINT_JSON #!/bin/sh - python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\", \\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' + python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' PRINT_JSON end cmd = @inspec.bash(rhel_updates) From d752f39cda09f1ec44e2e962bd98e44659680e68 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Mon, 12 Sep 2022 17:21:38 -0500 Subject: [PATCH 3/6] adding DCO Signed-off-by: Corey Hemminger --- libraries/linux_updates.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb index a2bf6c7..6f50de4 100644 --- a/libraries/linux_updates.rb +++ b/libraries/linux_updates.rb @@ -216,7 +216,7 @@ def updates else <<~PRINT_JSON #!/bin/sh - python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' + python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\", \\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' PRINT_JSON end cmd = @inspec.bash(rhel_updates) From c898b642ebeb9f9afc5b8da041889c9b8d14a024 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Mon, 12 Sep 2022 17:45:11 -0500 Subject: [PATCH 4/6] Signed-off-by: Hemminger, Corey Signed-off-by: Hemminger, Corey Signed-off-by: Corey Hemminger --- libraries/linux_updates.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb index 6f50de4..a2bf6c7 100644 --- a/libraries/linux_updates.rb +++ b/libraries/linux_updates.rb @@ -216,7 +216,7 @@ def updates else <<~PRINT_JSON #!/bin/sh - python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\", \\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' + python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"' PRINT_JSON end cmd = @inspec.bash(rhel_updates) From 74a387b3a2cb79f4cc33b2af5539c5c1212ba7f0 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Tue, 13 Sep 2022 12:56:35 -0500 Subject: [PATCH 5/6] add dokken and vagrant kitchen files as well as update OS's Signed-off-by: Corey Hemminger --- .gitignore | 1 + .kitchen.yml | 53 ------------------------ kitchen.dokken.yml | 82 ++++++++++++++++++++++++++++++++++++++ kitchen.vagrant.yml | 53 ++++++++++++++++++++++++ kitchen.yml | 60 ++++++++++++++++++++++++++++ libraries/linux_updates.rb | 2 +- 6 files changed, 197 insertions(+), 54 deletions(-) delete mode 100644 .kitchen.yml create mode 100755 kitchen.dokken.yml create mode 100755 kitchen.vagrant.yml create mode 100644 kitchen.yml diff --git a/.gitignore b/.gitignore index a73c2b7..0fa8926 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ Gemfile.lock inspec.lock +.kitchen diff --git a/.kitchen.yml b/.kitchen.yml deleted file mode 100644 index 85a1bd9..0000000 --- a/.kitchen.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -driver: - name: docker - use_sudo: false - -provisioner: - name: chef_zero - -verifier: - name: inspec - sudo: true - -platforms: -- name: ubuntu-12.04 - driver: - image: ubuntu:12.04 -- name: ubuntu-14.04 - driver: - image: ubuntu:14.04 -- name: ubuntu-16.04 - driver: - image: ubuntu:16.04 -- name: centos-6.6 - driver: - image: centos:6.6 -- name: centos-6.7 - driver: - image: centos:6.7 -- name: centos-6.8 - driver: - image: centos:6.8 -- name: centos-7 - driver: - image: centos:7 - privileged: true - run_command: /usr/sbin/init -- name: centos-7.2 - driver: - image: centos:7.2.1511 - privileged: true - run_command: /usr/sbin/init -- name: debian-7 - driver: - image: debian:7 -- name: debian-8 - driver: - image: debian:8 - -suites: - - name: default - verifier: - inspec_tests: - - path: . diff --git a/kitchen.dokken.yml b/kitchen.dokken.yml new file mode 100755 index 0000000..675098c --- /dev/null +++ b/kitchen.dokken.yml @@ -0,0 +1,82 @@ +--- +driver: + name: dokken + privileged: true # because Docker and SystemD/Upstart + +transport: + name: dokken + +provisioner: + name: chef_infra + deprecations_as_errors: true + chef_license: accept-no-persist + clean_dokken_sandbox: false + +verifier: + name: inspec + sudo: true + +platforms: + - name: almalinux-8 + driver: + image: dokken/almalinux-8 + pid_one_command: /usr/lib/systemd/systemd + + - name: almalinux-9 + driver: + image: dokken/almalinux-9 + pid_one_command: /usr/lib/systemd/systemd + + - name: amazonlinux-2 + driver: + image: dokken/amazonlinux-2 + pid_one_command: /usr/lib/systemd/systemd + + - name: amazonlinux-2022 + driver: + image: dokken/amazonlinux-2022 + pid_one_command: /usr/lib/systemd/systemd + + - name: centos-7 + driver: + image: dokken/centos-7 + pid_one_command: /usr/lib/systemd/systemd + + - name: centos-8 + driver: + image: dokken/centos-8 + pid_one_command: /usr/lib/systemd/systemd + + - name: debian-10 + driver: + image: dokken/debian-10 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: debian-11 + driver: + image: dokken/debian-10 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: ubuntu-20.04 + driver: + image: dokken/ubuntu-20.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: ubuntu-22.04 + driver: + image: dokken/ubuntu-22.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + +suites: + - name: default + verifier: + inspec_tests: + - path: . diff --git a/kitchen.vagrant.yml b/kitchen.vagrant.yml new file mode 100755 index 0000000..107d09e --- /dev/null +++ b/kitchen.vagrant.yml @@ -0,0 +1,53 @@ +--- +driver: + name: vagrant + box_auto_update: true + box_auto_prune: true + +provisioner: + name: chef_infra + retry_on_exit_code: + - 35 # 35 is the exit code signaling that the node is rebooting + product_name: chef + always_update_cookbooks: true + deprecations_as_errors: true + chef_license: accept-no-persist + +verifier: + name: inspec + +platforms: + - name: almalinux-8 + - name: almalinux-9 + - name: amazonlinux-2 + # - name: amazonlinux-2022 + - name: centos-7 + - name: centos-8 + - name: debian-10 + - name: debian-11 + - name: ubuntu-20.04 + - name: ubuntu-22.04 + - name: windows-10 + driver: + box: stromweld/windows-10 + - name: windows-11 + driver: + box: stromweld/windows-11 + - name: windows-2012r2 + driver: + box: stromweld/windows-2012r2 + - name: windows-2016 + driver: + box: stromweld/windows-2016 + - name: windows-2019 + driver: + box: stromweld/windows-2019 + - name: windows-2022 + driver: + box: stromweld/windows-2022 + +suites: + - name: default + verifier: + inspec_tests: + - path: . diff --git a/kitchen.yml b/kitchen.yml new file mode 100644 index 0000000..cea3b36 --- /dev/null +++ b/kitchen.yml @@ -0,0 +1,60 @@ +--- +driver: + name: docker + use_sudo: false + +provisioner: + name: chef_infra + +verifier: + name: inspec + sudo: true + +platforms: +- name: ubuntu-16.04 + driver: + image: ubuntu:16.04 +- name: ubuntu-18.04 + driver: + image: ubuntu:18.04 +- name: ubuntu-20.04 + driver: + image: ubuntu:20.04 +- name: ubuntu-22.04 + driver: + image: ubuntu:22.04 +- name: centos-6 + driver: + image: centos:6 +- name: centos-7 + driver: + image: centos:7 +- name: centos-8 + driver: + image: centos:8 +- name: almalinux-8 + driver: + image: almalinux:8 + privileged: true +- name: almalinux-9 + driver: + image: almalinux:9 + privileged: true +- name: debian-8 + driver: + image: debian:8 +- name: debian-9 + driver: + image: debian:9 +- name: debian-10 + driver: + image: debian:10 +- name: debian-11 + driver: + image: debian:11 + +suites: + - name: default + verifier: + inspec_tests: + - path: . diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb index a2bf6c7..4963b7e 100644 --- a/libraries/linux_updates.rb +++ b/libraries/linux_updates.rb @@ -208,7 +208,7 @@ def packages end def updates - rhel_updates = if os.release.to_i > 7 + rhel_updates = if @inspec.os.release.to_i > 7 <<~PRINT_JSON #!/usr/bin/sh /usr/libexec/platform-python -c 'import dnf; base = dnf.Base(); base.read_all_repos(); base.fill_sack(); q = base.sack.query(); list = list(q.upgrades()); res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.reponame+"\\"}" for x in list]; print("{\\"available\\":["+",".join(res)+"]}")' From c0a8271b001d6c3b6909455fe94501f485e3a5c9 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Tue, 27 Sep 2022 15:41:22 -0500 Subject: [PATCH 6/6] add substitutions for repo urls from /etc/dnf/vars files and environment variables if they exist Signed-off-by: Corey Hemminger --- kitchen.dokken.yml | 10 ++++++++++ kitchen.vagrant.yml | 21 +++------------------ kitchen.yml | 8 ++++++++ libraries/linux_updates.rb | 2 +- 4 files changed, 22 insertions(+), 19 deletions(-) diff --git a/kitchen.dokken.yml b/kitchen.dokken.yml index 675098c..6e30d55 100755 --- a/kitchen.dokken.yml +++ b/kitchen.dokken.yml @@ -47,6 +47,16 @@ platforms: image: dokken/centos-8 pid_one_command: /usr/lib/systemd/systemd + - name: rockylinux-8 + driver: + image: dokken/rockylinux-8 + pid_one_command: /usr/lib/systemd/systemd + + - name: rockylinux-9 + driver: + image: dokken/rockylinux-9 + pid_one_command: /usr/lib/systemd/systemd + - name: debian-10 driver: image: dokken/debian-10 diff --git a/kitchen.vagrant.yml b/kitchen.vagrant.yml index 107d09e..d8494fb 100755 --- a/kitchen.vagrant.yml +++ b/kitchen.vagrant.yml @@ -23,28 +23,13 @@ platforms: # - name: amazonlinux-2022 - name: centos-7 - name: centos-8 + - name: rockylinux-8 + - name: rockylinux-9 - name: debian-10 - name: debian-11 - name: ubuntu-20.04 - name: ubuntu-22.04 - - name: windows-10 - driver: - box: stromweld/windows-10 - - name: windows-11 - driver: - box: stromweld/windows-11 - - name: windows-2012r2 - driver: - box: stromweld/windows-2012r2 - - name: windows-2016 - driver: - box: stromweld/windows-2016 - - name: windows-2019 - driver: - box: stromweld/windows-2019 - - name: windows-2022 - driver: - box: stromweld/windows-2022 + suites: - name: default diff --git a/kitchen.yml b/kitchen.yml index cea3b36..90cd424 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -40,6 +40,14 @@ platforms: driver: image: almalinux:9 privileged: true +- name: rockylinux-8 + driver: + image: rockylinux:8 + privileged: true +- name: rockylinux-9 + driver: + image: rockylinux:9 + privileged: true - name: debian-8 driver: image: debian:8 diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb index 4963b7e..0966b32 100644 --- a/libraries/linux_updates.rb +++ b/libraries/linux_updates.rb @@ -211,7 +211,7 @@ def updates rhel_updates = if @inspec.os.release.to_i > 7 <<~PRINT_JSON #!/usr/bin/sh - /usr/libexec/platform-python -c 'import dnf; base = dnf.Base(); base.read_all_repos(); base.fill_sack(); q = base.sack.query(); list = list(q.upgrades()); res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.reponame+"\\"}" for x in list]; print("{\\"available\\":["+",".join(res)+"]}")' + /usr/libexec/platform-python -c 'import dnf; base = dnf.Base(); conf = base.conf; conf.substitutions.update_from_etc(conf.installroot); conf.substitutions._update_from_env(); base.read_all_repos(); base.fill_sack(); q = base.sack.query(); list = list(q.upgrades()); res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.reponame+"\\"}" for x in list]; print("{\\"available\\":["+",".join(res)+"]}")' PRINT_JSON else <<~PRINT_JSON