Stein fixes

- Cookstyle fixes - Refactor Berksfile to use groups so we can exclude integration testing cookbooks - Update documentation - Cleanup line wraps - Enable sensitive resources for the template[/etc/designate/designate.conf], to resources improve security. - Update delivery configuration to exclude integration cookbooks - Fix ChefSpec output. - Add missing ChefSpec tests - Switch package installations to send packages as arrays instead of individual package resources. This generally speeds up chef runs. - Cleanup array syntax using %w() instead of [] Depends-On: https://review.opendev.org/701027 Depends-On: https://review.opendev.org/706101 Depends-On: https://review.opendev.org/706151 Depends-On: https://review.opendev.org/708059 Change-Id: I354db77f2d9486805713ac8688fcc552489c0a77
2020-03-18 16:51:36 -07:00 · 2020-03-18 16:51:36 -07:00 · 3b11524496
parent 9a5b6fe6d7
commit 3b11524496
19 changed files with 141 additions and 133 deletions
--- a/.delivery/project.toml
+++ b/.delivery/project.toml
@ -1 +1,9 @@
-remote_file = "https://raw.githubusercontent.com/chef-cookbooks/community_cookbook_tools/master/delivery/project.toml"
+[local_phases]
+unit = 'rspec spec/'
+lint = 'cookstyle --display-cop-names --extra-details'
+syntax = "berks install -e integration"
+provision = "echo skipping"
+deploy = "echo skipping"
+smoke = "echo skipping"
+functional = "echo skipping"
+cleanup = "echo skipping"
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -14,17 +14,3 @@ AllCops:
    - .cookbooks/**/*
    - berks-cookbooks/**/*
    - .bundle/**/*
-
-Encoding:
-  Exclude:
-    - metadata.rb
-    - Gemfile
-
-NumericLiterals:
-  Enabled: false
-
-LineLength:
-  Enabled: false
-
-WordArray:
-  MinSize: 3
--- a/24
+++ b/24
@ -2,20 +2,20 @@ source 'https://supermarket.chef.io'

 solver :ruby, :required

-%w(
-  client
-  -common
-  -identity
-  -image
-  -integration-test
-  -network
-  -ops-database
-  -ops-messaging
-).each do |cookbook|
+[
+  %w(client dep),
+  %w(-common dep),
+  %w(-identity dep),
+  %w(-image integration),
+  %w(-integration-test integration),
+  %w(-network dep),
+  %w(-ops-database integration),
+  %w(-ops-messaging integration),
+].each do |cookbook, group|
  if Dir.exist?("../cookbook-openstack#{cookbook}")
-    cookbook "openstack#{cookbook}", path: "../cookbook-openstack#{cookbook}"
+    cookbook "openstack#{cookbook}", path: "../cookbook-openstack#{cookbook}", group: group
  else
-    cookbook "openstack#{cookbook}", git: "https://opendev.org/openstack/cookbook-openstack#{cookbook}"
+    cookbook "openstack#{cookbook}", git: "https://opendev.org/openstack/cookbook-openstack#{cookbook}", group: group
  end
 end

--- a/README.rst
+++ b/README.rst
@ -20,9 +20,9 @@ https://docs.openstack.org/designate/latest/
 Requirements
 ============

- Chef 14 or higher
- ChefDK 3.2.30 for testing (also includes Berkshelf for cookbook
-  dependency resolution)
+- Chef 15 or higher
+- Chef Workstation 0.15.18 for testing (also includes Berkshelf for
+  cookbook dependency resolution)

 Platform
 ========
@ -37,9 +37,9 @@ Cookbooks
 The following cookbooks are dependencies:

 -  'openstackclient'
-  'openstack-common', '>= 18.0.0'
-  'openstack-identity', '>= 18.0.0'
-  'openstack-network', '>= 18.0.0'
+-  'openstack-common', '>= 19.0.0'
+-  'openstack-identity', '>= 19.0.0'
+-  'openstack-network', '>= 19.0.0'

 Attributes
 ==========
--- a/attributes/default.rb
+++ b/attributes/default.rb
@ -1,10 +1,11 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Attributes:: default
 #
-# Copyright 2017, x-ion GmbH
-# Copyright 2017, cloudbau GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2017, cloudbau GmbH
+# Copyright:: 2019-2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -51,9 +52,15 @@ default['openstack']['dns']['group'] = 'designate'
 case node['platform_family']
 when 'rhel'
  default['openstack']['dns']['platform'] = {
-    'designate_packages' => ['openstack-designate-api', 'openstack-designate-central',
-                             'openstack-designate-mdns', 'openstack-designate-producer',
-                             'openstack-designate-worker', 'openstack-designate-sink'],
+    'designate_packages' =>
+      %w(
+        openstack-designate-api
+        openstack-designate-central
+        openstack-designate-mdns
+        openstack-designate-producer
+        openstack-designate-worker
+        openstack-designate-sink
+      ),
    'designate_api_service' => 'designate-api',
    'designate_central_service' => 'designate-central',
    'designate_mdns_service' => 'designate-mdns',
@ -64,10 +71,18 @@ when 'rhel'
  }
 when 'debian'
  default['openstack']['dns']['platform'] = {
-    'designate_packages' => ['python3-designate', 'designate-api', 'designate-central', 'designate-mdns',
-                             'designate-producer', 'designate-worker', 'bind9utils',
-                             'designate-sink'],
-    'designate_dashboard_packages' => ['python3-designate-dashboard'],
+    'designate_packages' =>
+      %w(
+        python3-designate
+        designate-api
+        designate-central
+        designate-mdns
+        designate-producer
+        designate-worker
+        bind9utils
+        designate-sink
+      ),
+    'designate_dashboard_packages' => %w(python3-designate-dashboard),
    'designate_api_service' => 'designate-api',
    'designate_central_service' => 'designate-central',
    'designate_mdns_service' => 'designate-mdns',
--- a/attributes/designate_conf.rb
+++ b/attributes/designate_conf.rb
@ -1,9 +1,9 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Attributes:: default
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
--- a/metadata.rb
+++ b/metadata.rb
@ -1,30 +1,19 @@
 # encoding: UTF-8
-name 'openstack-dns'
-maintainer 'openstack-chef'
-maintainer_email 'openstack-discuss@lists.openstack.org'
-issues_url 'https://launchpad.net/openstack-chef'
-source_url 'https://opendev.org/openstack/cookbook-openstack-dns'
-license 'Apache-2.0'
-description 'Installs and configures the Designate Service'
-chef_version '>= 14.0'
-version '18.0.0'
-
-recipe 'api', 'Configure and start designate-api service'
-recipe 'central', 'Starts and enables the designate-central service'
-recipe 'common', 'Installs the designate packages and setup configuration for Designate.'
-recipe 'dashboard', 'Installs the designate dashboard packages.'
-recipe 'identity_registration', 'Registers the Designate API endpoint, designate service and user'
-recipe 'mdns', 'Starts and enables the designate-mdns service'
-recipe 'neutron_int', 'Configure the neutron external dns driver'
-recipe 'producer', 'Starts and enables the designate-producer service'
-recipe 'sink', 'Starts and enables the designate-sink service'
-recipe 'worker', 'Starts and enables the designate-worker service'
+name              'openstack-dns'
+maintainer        'openstack-chef'
+maintainer_email  'openstack-discuss@lists.openstack.org'
+issues_url        'https://launchpad.net/openstack-chef'
+source_url        'https://opendev.org/openstack/cookbook-openstack-dns'
+license           'Apache-2.0'
+description       'Installs and configures the Designate Service'
+chef_version      '>= 15.0'
+version           '19.0.0'

 %w(ubuntu redhat centos).each do |os|
  supports os
 end

 depends 'openstackclient'
-depends 'openstack-common', '>= 18.0.0'
-depends 'openstack-identity', '>= 18.0.0'
-depends 'openstack-network', '>= 18.0.0'
+depends 'openstack-common', '>= 19.0.0'
+depends 'openstack-identity', '>= 19.0.0'
+depends 'openstack-network', '>= 19.0.0'
--- a/recipes/api.rb
+++ b/recipes/api.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: api
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2019-2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -25,7 +26,6 @@ platform_options = node['openstack']['dns']['platform']
 service 'designate-api' do
  service_name platform_options['designate_api_service']
  supports status: true, restart: true
-
  action [:enable, :start]
  subscribes :restart, 'template[/etc/designate/designate.conf]'
 end
--- a/recipes/central.rb
+++ b/recipes/central.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: central
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2019-2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
--- a/recipes/common.rb
+++ b/recipes/common.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: common
 #
-# Copyright 2017, x-ion Gmbh
+# Copyright:: 2017, x-ion Gmbh
+# Copyright:: 2019-2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -30,18 +31,14 @@ end

 platform_options = node['openstack']['dns']['platform']

-platform_options['designate_packages'].each do |pkg|
-  package pkg do
-    options platform_options['package_overrides']
-    action :upgrade
-  end
+package platform_options['designate_packages'] do
+  options platform_options['package_overrides']
+  action :upgrade
 end

 db_type = node['openstack']['db']['dns']['service_type']
-node['openstack']['db']['python_packages'][db_type].each do |pkg|
-  package pkg do
-    action :upgrade
-  end
+package node['openstack']['db']['python_packages'][db_type] do
+  action :upgrade
 end

 if node['openstack']['mq']['service_type'] == 'rabbit'
@ -78,8 +75,7 @@ designate_conf_options = merge_config_options 'dns'
 directory '/etc/designate' do
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
-  mode 00750
-  action :create
+  mode '750'
 end

 template '/etc/designate/designate.conf' do
@ -87,7 +83,8 @@ template '/etc/designate/designate.conf' do
  cookbook 'openstack-common'
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
-  mode 00640
+  mode '640'
+  sensitive true
  variables(
    service_config: designate_conf_options
  )
@ -109,7 +106,7 @@ template pool_config['rndc_key'] do
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
  sensitive true
-  mode 00440
+  mode '440'
  variables(
    secret: rndc_secret
  )
@ -119,7 +116,7 @@ template '/etc/designate/pools.yaml' do
  source 'pools.yaml.erb'
  owner node['openstack']['dns']['user']
  group node['openstack']['dns']['group']
-  mode 00644
+  mode '644'
  variables(
    banner: node['openstack']['dns']['custom_template_banner'],
    bind_hosts: pool_config['bind_hosts'],
--- a/recipes/dashboard.rb
+++ b/recipes/dashboard.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: dashboard
 #
-# Copyright 2017, x-ion Gmbh
+# Copyright:: 2017, x-ion Gmbh
+# Copyright:: 2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -24,9 +25,7 @@ end

 platform_options = node['openstack']['dns']['platform']

-platform_options['designate_dashboard_packages'].each do |pkg|
-  package pkg do
-    options platform_options['package_overrides']
-    action :upgrade
-  end
+package platform_options['designate_dashboard_packages'] do
+  options platform_options['package_overrides']
+  action :upgrade
 end
--- a/recipes/identity_registration.rb
+++ b/recipes/identity_registration.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: identity_registration
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2019-2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -44,11 +45,11 @@ admin_domain = node['openstack']['identity']['admin_domain_name']
 region = node['openstack']['region']

 connection_params = {
-  openstack_auth_url:     auth_url,
-  openstack_username:     admin_user,
-  openstack_api_key:      admin_pass,
+  openstack_auth_url: auth_url,
+  openstack_username: admin_user,
+  openstack_api_key: admin_pass,
  openstack_project_name: admin_project,
-  openstack_domain_name:  admin_domain,
+  openstack_domain_name: admin_domain,
 }

 # Register DNS Service
--- a/recipes/mdns.rb
+++ b/recipes/mdns.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: mdns
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
--- a/recipes/neutron_int.rb
+++ b/recipes/neutron_int.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: neutron_int
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -40,6 +41,5 @@ node.default['openstack']['network']['conf'].tap do |conf|
 end

 node.default['openstack']['network']['conf_secrets'].tap do |conf_secrets|
-  conf_secrets['designate']['password'] =
-    get_password 'service', 'openstack-dns'
+  conf_secrets['designate']['password'] = get_password 'service', 'openstack-dns'
 end
--- a/recipes/producer.rb
+++ b/recipes/producer.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: producer
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
--- a/recipes/sink.rb
+++ b/recipes/sink.rb
@ -1,3 +1,23 @@
+# encoding: UTF-8
+#
+# Cookbook:: openstack-dns
+# Recipe:: producer
+#
+# Copyright:: 2020, Oregon State University
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 include_recipe 'openstack-dns::common'

 platform_options = node['openstack']['dns']['platform']
--- a/recipes/worker.rb
+++ b/recipes/worker.rb
@ -1,9 +1,10 @@
 # encoding: UTF-8
 #
-# Cookbook Name:: openstack-dns
+# Cookbook:: openstack-dns
 # Recipe:: worker
 #
-# Copyright 2017, x-ion GmbH
+# Copyright:: 2017, x-ion GmbH
+# Copyright:: 2020, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
--- a/spec/common-rhel_spec.rb
+++ b/spec/common-rhel_spec.rb
@ -17,13 +17,8 @@ describe 'openstack-dns::common' do
    it do
      expect(chef_run).to_not include_recipe('openstack-common::logging')
    end
-    it do
-      expect(chef_run).to upgrade_package('openstack-designate-api')
-      expect(chef_run).to upgrade_package('openstack-designate-central')
-      expect(chef_run).to upgrade_package('openstack-designate-mdns')
-      expect(chef_run).to upgrade_package('openstack-designate-producer')
-      expect(chef_run).to upgrade_package('openstack-designate-worker')
-      expect(chef_run).to upgrade_package('openstack-designate-sink')
+    it 'install designate packages' do
+      expect(chef_run).to upgrade_package %w(openstack-designate-api openstack-designate-central openstack-designate-mdns openstack-designate-producer openstack-designate-worker openstack-designate-sink)
    end
    it do
      expect(chef_run).to upgrade_package('MySQL-python')
@ -33,7 +28,7 @@ describe 'openstack-dns::common' do
        source: 'pools.yaml.erb',
        owner: 'designate',
        group: 'designate',
-        mode: 00644,
+        mode: '644',
        variables: {
          banner: "\n# This file was autogenerated by Chef\n# Do not edit, changes will be overwritten\n",
          bind_hosts: %w(127.0.0.1),
--- a/spec/common_spec.rb
+++ b/spec/common_spec.rb
@ -17,15 +17,8 @@ describe 'openstack-dns::common' do
    it do
      expect(chef_run).to_not include_recipe('openstack-common::logging')
    end
-    it do
-      expect(chef_run).to upgrade_package('python3-designate')
-      expect(chef_run).to upgrade_package('designate-api')
-      expect(chef_run).to upgrade_package('designate-central')
-      expect(chef_run).to upgrade_package('designate-mdns')
-      expect(chef_run).to upgrade_package('designate-producer')
-      expect(chef_run).to upgrade_package('designate-worker')
-      expect(chef_run).to upgrade_package('bind9utils')
-      expect(chef_run).to upgrade_package('designate-sink')
+    it 'install designate packages' do
+      expect(chef_run).to upgrade_package %w(python3-designate designate-api designate-central designate-mdns designate-producer designate-worker bind9utils designate-sink)
    end
    it do
      expect(chef_run).to upgrade_package('python3-mysqldb')
@ -34,7 +27,7 @@ describe 'openstack-dns::common' do
      expect(chef_run).to create_directory('/etc/designate').with(
        owner: 'designate',
        group: 'designate',
-        mode: 00750
+        mode: '750'
      )
    end
    describe 'designate.conf' do
@ -45,7 +38,8 @@ describe 'openstack-dns::common' do
          cookbook: 'openstack-common',
          owner: 'designate',
          group: 'designate',
-          mode: 00640
+          mode: '640',
+          sensitive: true
        )
      end
      it 'section: DEFAULT' do
@ -103,7 +97,7 @@ describe 'openstack-dns::common' do
        source: 'rndc.key.erb',
        owner: 'designate',
        group: 'designate',
-        mode: 00440,
+        mode: '440',
        sensitive: true,
        variables: {
          secret: 'rndc-key',
@ -116,7 +110,7 @@ describe 'openstack-dns::common' do
        source: 'pools.yaml.erb',
        owner: 'designate',
        group: 'designate',
-        mode: 00644,
+        mode: '644',
        variables: {
          banner: "\n# This file was autogenerated by Chef\n# Do not edit, changes will be overwritten\n",
          bind_hosts: %w(127.0.0.1),