diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1142e2d --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.bundle +.cookbooks/ +Berksfile.lock diff --git a/Berksfile b/Berksfile new file mode 100644 index 0000000..d3770f0 --- /dev/null +++ b/Berksfile @@ -0,0 +1,4 @@ +metadata + +cookbook "openstack-common", + git: "git@github.com:att-cloud/cookbook-openstack-common.git" diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..9985671 --- /dev/null +++ b/Gemfile @@ -0,0 +1,7 @@ +source "https://rubygems.org" + +gem "chef", "~> 10.18.2" +gem "berkshelf", "~> 1.4.0" +gem "chefspec", "~> 1.0.0" +gem "foodcritic", "~> 2.1.0" +gem "webmock", "~> 1.11.0" diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 0000000..3fe30a2 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,170 @@ +GEM + remote: https://rubygems.org/ + specs: + activesupport (3.2.13) + i18n (= 0.6.1) + multi_json (~> 1.0) + addressable (2.3.4) + berkshelf (1.4.2) + activesupport (>= 3.2.0) + addressable + celluloid (>= 0.13.0) + chozo (>= 0.6.1) + faraday (>= 0.8.5) + hashie (>= 2.0.2) + json (>= 1.5.0) + minitar + mixlib-config (~> 1.1) + mixlib-shellout (~> 1.1) + multi_json (~> 1.5) + retryable + ridley (~> 0.9.0) + solve (>= 0.4.2) + thor (~> 0.18.0) + yajl-ruby + builder (3.2.0) + bunny (0.7.9) + celluloid (0.13.0) + timers (>= 1.0.0) + chef (10.18.2) + bunny (>= 0.6.0, < 0.8.0) + erubis + highline (>= 1.6.9) + json (>= 1.4.4, <= 1.6.1) + mixlib-authentication (>= 1.3.0) + mixlib-cli (>= 1.1.0) + mixlib-config (>= 1.1.2) + mixlib-log (>= 1.3.0) + mixlib-shellout + moneta (< 0.7.0) + net-ssh (~> 2.2.2) + net-ssh-multi (~> 1.1.0) + ohai (>= 0.6.0) + rest-client (>= 1.0.4, < 1.7.0) + treetop (~> 1.4.9) + uuidtools + yajl-ruby (~> 1.1) + chefspec (1.0.0) + chef (>= 10.0) + erubis + fauxhai (~> 0.1) + minitest-chef-handler (>= 0.6.0) + rspec (~> 2.0) + chozo (0.6.1) + activesupport (>= 3.2.0) + hashie (>= 2.0.2) + multi_json (>= 1.3.0) + ci_reporter (1.8.4) + builder (>= 2.1.2) + crack (0.3.2) + diff-lcs (1.2.4) + erubis (2.7.0) + faraday (0.8.7) + multipart-post (~> 1.1) + fauxhai (0.1.1) + chef + httparty + net-ssh + foodcritic (2.1.0) + erubis + gherkin (~> 2.11.7) + nokogiri (~> 1.5.4) + rak (~> 1.4) + treetop (~> 1.4.10) + yajl-ruby (~> 1.1.0) + gherkin (2.11.8) + multi_json (~> 1.3) + hashie (2.0.4) + highline (1.6.18) + httparty (0.11.0) + multi_json (~> 1.0) + multi_xml (>= 0.5.2) + i18n (0.6.1) + ipaddress (0.8.0) + json (1.6.1) + mime-types (1.23) + minitar (0.5.4) + minitest (4.7.4) + minitest-chef-handler (1.0.1) + chef + ci_reporter + minitest (~> 4.7.3) + mixlib-authentication (1.3.0) + mixlib-log + mixlib-cli (1.3.0) + mixlib-config (1.1.2) + mixlib-log (1.6.0) + mixlib-shellout (1.1.0) + moneta (0.6.0) + multi_json (1.7.3) + multi_xml (0.5.3) + multipart-post (1.2.0) + net-http-persistent (2.8) + net-ssh (2.2.2) + net-ssh-gateway (1.1.0) + net-ssh (>= 1.99.1) + net-ssh-multi (1.1) + net-ssh (>= 2.1.4) + net-ssh-gateway (>= 0.99.0) + nokogiri (1.5.9) + ohai (6.16.0) + ipaddress + mixlib-cli + mixlib-config + mixlib-log + mixlib-shellout + systemu + yajl-ruby + polyglot (0.3.3) + rak (1.4) + rest-client (1.6.7) + mime-types (>= 1.16) + retryable (1.3.2) + ridley (0.9.1) + activesupport (>= 3.2.0) + addressable + celluloid (~> 0.13.0) + chozo (>= 0.6.0) + erubis + faraday (>= 0.8.4) + json (>= 1.5.0) + mixlib-authentication (>= 1.3.0) + mixlib-config (>= 1.1.0) + mixlib-log (>= 1.3.0) + mixlib-shellout (>= 1.1.0) + multi_json (>= 1.0.4) + net-http-persistent (>= 2.8) + net-ssh + retryable + solve (>= 0.4.1) + rspec (2.13.0) + rspec-core (~> 2.13.0) + rspec-expectations (~> 2.13.0) + rspec-mocks (~> 2.13.0) + rspec-core (2.13.1) + rspec-expectations (2.13.0) + diff-lcs (>= 1.1.3, < 2.0) + rspec-mocks (2.13.1) + solve (0.4.4) + json + systemu (2.5.2) + thor (0.18.1) + timers (1.1.0) + treetop (1.4.12) + polyglot + polyglot (>= 0.3.1) + uuidtools (2.1.4) + webmock (1.11.0) + addressable (>= 2.2.7) + crack (>= 0.3.2) + yajl-ruby (1.1.0) + +PLATFORMS + ruby + +DEPENDENCIES + berkshelf (~> 1.4.0) + chef (~> 10.18.2) + chefspec (~> 1.0.0) + foodcritic (~> 2.1.0) + webmock (~> 1.11.0) diff --git a/README.md b/README.md index 8a403e6..005a0d5 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,8 @@ http://keystone.openstack.org/ Requirements ============ -Chef 0.10.0 or higher required (for Chef environment use) +* Chef 0.10.0 or higher required (for Chef environment use) +* [Network Addr](https://gist.github.com/jtimberman/1040543) Ohai plugin. Cookbooks --------- diff --git a/recipes/server.rb b/recipes/server.rb index 9166c7f..3903a9e 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -107,11 +107,7 @@ sql_connection = db_uri("identity", db_user, db_pass) bootstrap_token = secret "secrets", "keystone_bootstrap_token" -bind_interface = node["keystone"]["bind_interface"] -interface_node = node["network"]["interfaces"][bind_interface]["addresses"] -ip_address = interface_node.select do |address, data| - data['family'] == "inet" -end[0][0] +ip_address = node["network"]["ipaddress_#{node["keystone"]["bind_interface"]}"] # If the search role is set, we search for memcache # servers via a Chef search. If not, we look at the diff --git a/run_tests.bash b/run_tests.bash new file mode 100755 index 0000000..141e8ee --- /dev/null +++ b/run_tests.bash @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +# A script to run tests locally before committing. + +set -e + +COOKBOOK=$(awk '/^name/ {print $NF}' metadata.rb |tr -d \"\') +if [ -z $COOKBOOK ]; then + echo "Cookbook name not defined in metadata.rb" + exit 1 +fi + +BUNDLE_PATH=${BUNDLE_PATH:-.bundle} +BERKSHELF_PATH=${BERKSHELF_PATH:-.cookbooks} + +bundle install --path=${BUNDLE_PATH} +bundle exec berks install --path=${BERKSHELF_PATH} +bundle exec foodcritic -f any -t ~FC003 -t ~FC023 ${BERKSHELF_PATH}/${COOKBOOK} +bundle exec rspec ${BERKSHELF_PATH}/${COOKBOOK} diff --git a/spec/db_spec.rb b/spec/db_spec.rb new file mode 100644 index 0000000..be07a00 --- /dev/null +++ b/spec/db_spec.rb @@ -0,0 +1,24 @@ +require "spec_helper" + +describe "horizon::db" do + it "installs mysql packages" do + @chef_run = converge + + expect(@chef_run).to include_recipe "mysql::client" + expect(@chef_run).to include_recipe "mysql::ruby" + end + + it "creates database and user" do + ::Chef::Recipe.any_instance.should_receive(:db_create_with_user). + with "identity", "keystone", "test-pass" + + converge + end + + def converge + ::Chef::Recipe.any_instance.stub(:db_password).with("keystone"). + and_return "test-pass" + + ::ChefSpec::ChefRunner.new(::UBUNTU_OPTS).converge "keystone::db" + end +end diff --git a/spec/default_spec.rb b/spec/default_spec.rb new file mode 100644 index 0000000..d0769de --- /dev/null +++ b/spec/default_spec.rb @@ -0,0 +1,4 @@ +require "spec_helper" + +describe "keystone::default" do +end diff --git a/spec/server-redhat_spec.rb b/spec/server-redhat_spec.rb new file mode 100644 index 0000000..2318a5d --- /dev/null +++ b/spec/server-redhat_spec.rb @@ -0,0 +1,27 @@ +require "spec_helper" + +describe "keystone::server" do + describe "redhat" do + before do + keystone_stubs + @chef_run = ::ChefSpec::ChefRunner.new ::REDHAT_OPTS + @chef_run.converge "keystone::server" + end + + it "installs mysql python packages" do + expect(@chef_run).to install_package "MySQL-python" + end + + it "installs memcache python packages" do + expect(@chef_run).to install_package "python-memcached" + end + + it "installs keystone packages" do + expect(@chef_run).to upgrade_package "openstack-keystone" + end + + it "starts keystone on boot" do + expect(@chef_run).to set_service_to_start_on_boot "openstack-keystone" + end + end +end diff --git a/spec/server_spec.rb b/spec/server_spec.rb new file mode 100644 index 0000000..7c32dfd --- /dev/null +++ b/spec/server_spec.rb @@ -0,0 +1,136 @@ +require "spec_helper" + +describe "keystone::server" do + describe "ubuntu" do + before do + keystone_stubs + @chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS + @node = @chef_run.node + @node.set["keystone"]["syslog"]["use"] = true + @node.set["network"]["ipaddress_lo"] = "10.10.10.10" + @chef_run.converge "keystone::server" + end + + it "runs logging recipe if node attributes say to" do + expect(@chef_run).to include_recipe "openstack-common::logging" + end + + it "installs mysql python packages" do + expect(@chef_run).to install_package "python-mysqldb" + end + + it "installs memcache python packages" do + expect(@chef_run).to install_package "python-memcache" + end + + it "installs keystone packages" do + expect(@chef_run).to upgrade_package "keystone" + end + + it "starts keystone on boot" do + expect(@chef_run).to set_service_to_start_on_boot "keystone" + end + + it "sleep on keystone service enable" do + expect(@chef_run.service("keystone")). + to notify "execute[Keystone: sleep]", :run + end + + describe "/etc/keystone" do + before do + @dir = @chef_run.directory "/etc/keystone" + end + + it "has proper owner" do + expect(@dir).to be_owned_by "keystone", "keystone" + end + + it "has proper modes" do + expect(sprintf("%o", @dir.mode)).to eq "700" + end + end + + #TODO: ChefSpec needs to handle guards better. + # should only be created when pki is enabled + describe "/etc/keystone/ssl" do + before do + @dir = @chef_run.directory "/etc/keystone/ssl" + end + + it "has proper owner" do + expect(@dir).to be_owned_by "keystone", "keystone" + end + + it "has proper modes" do + expect(sprintf("%o", @dir.mode)).to eq "700" + end + end + + it "deletes keystone.db" do + expect(@chef_run).to delete_file "/var/lib/keystone/keystone.db" + end + + #TODO: ChefSpec needs to handle guards better. + # should only be performed when pki is enabled + it "runs pki setup" do + cmd = "keystone-manage pki_setup" + expect(@chef_run).to execute_command(cmd).with( + :user => "keystone" + ) + end + + it "doesn't run pki setup when signing dir exists" do + pending "TODO: how to test this" + end + + describe "keystone.conf" do + before do + @file = @chef_run.template "/etc/keystone/keystone.conf" + end + + it "has proper owner" do + expect(@file).to be_owned_by "keystone", "keystone" + end + + it "has proper modes" do + expect(sprintf("%o", @file.mode)).to eq "644" + end + + it "template contents" do + pending "TODO: implement" + end + + it "notifies nova-api-ec2 restart" do + expect(@file).to notify "service[keystone]", :restart + end + end + + #TODO: ChefSpec needs to handle guards better. + describe "default_catalog.templates" do + before do + @file = @chef_run.template "/etc/keystone/default_catalog.templates" + end + + it "has proper owner" do + expect(@file).to be_owned_by "keystone", "keystone" + end + + it "has proper modes" do + expect(sprintf("%o", @file.mode)).to eq "644" + end + + it "template contents" do + pending "TODO: implement" + end + + it "notifies nova-api-ec2 restart" do + expect(@file).to notify "service[keystone]", :restart + end + end + + it "runs db migrations" do + cmd = "keystone-manage db_sync" + expect(@chef_run).to execute_command cmd + end + end +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..3482619 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,18 @@ +require "chefspec" +require "webmock/rspec" + +::LOG_LEVEL = :fatal +::REDHAT_OPTS = { + :platform => "redhat", + :log_level => ::LOG_LEVEL +} +::UBUNTU_OPTS = { + :platform => "ubuntu", + :version => "12.04", + :log_level => ::LOG_LEVEL +} + +def keystone_stubs + ::Chef::Recipe.any_instance.stub(:db_password).and_return String.new + ::Chef::Recipe.any_instance.stub(:secret).and_return String.new +end