diff --git a/.rubocop.yml b/.rubocop.yml index f005b25..6e13130 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,506 +1,506 @@ require: rubocop-rspec AllCops: TargetRubyVersion: 1.9 Include: - ./**/*.rb Exclude: - vendor/**/* - .vendor/**/* - pkg/**/* - spec/fixtures/**/* Lint/ConditionPosition: Enabled: true Lint/ElseLayout: Enabled: true Lint/UnreachableCode: Enabled: true Lint/UselessComparison: Enabled: true Lint/EnsureReturn: Enabled: true Lint/HandleExceptions: Enabled: true Lint/LiteralInCondition: Enabled: true Lint/ShadowingOuterLocalVariable: Enabled: true Lint/LiteralInInterpolation: Enabled: true Style/HashSyntax: Enabled: false Style/RedundantReturn: Enabled: true Lint/AmbiguousOperator: Enabled: true Lint/AssignmentInCondition: Enabled: true Style/SpaceBeforeComment: Enabled: true Style/AndOr: Enabled: true Style/RedundantSelf: Enabled: true # Method length is not necessarily an indicator of code quality Metrics/MethodLength: Enabled: false # Module length is not necessarily an indicator of code quality Metrics/ModuleLength: Enabled: false Style/WhileUntilModifier: Enabled: true Lint/AmbiguousRegexpLiteral: Enabled: true Lint/Eval: Enabled: true Lint/BlockAlignment: Enabled: true Lint/DefEndAlignment: Enabled: true Lint/EndAlignment: Enabled: true Lint/DeprecatedClassMethods: Enabled: true Lint/Loop: Enabled: true Lint/ParenthesesAsGroupedExpression: Enabled: true Lint/RescueException: Enabled: true Lint/StringConversionInInterpolation: Enabled: true Lint/UnusedBlockArgument: Enabled: true Lint/UnusedMethodArgument: Enabled: true Lint/UselessAccessModifier: Enabled: true Lint/UselessAssignment: Enabled: true Lint/Void: Enabled: true Style/AccessModifierIndentation: Enabled: true Style/AccessorMethodName: Enabled: true Style/Alias: Enabled: true Style/AlignArray: Enabled: true Style/AlignHash: Enabled: true Style/AlignParameters: Enabled: true Metrics/BlockNesting: Enabled: true Style/AsciiComments: Enabled: true Style/Attr: Enabled: true Style/BracesAroundHashParameters: Enabled: true Style/CaseEquality: Enabled: true Style/CaseIndentation: Enabled: true Style/CharacterLiteral: Enabled: true Style/ClassAndModuleCamelCase: Enabled: true Style/ClassAndModuleChildren: Enabled: false Style/ClassCheck: Enabled: true # Class length is not necessarily an indicator of code quality Metrics/ClassLength: Enabled: false Style/ClassMethods: Enabled: true Style/ClassVars: Enabled: true Style/WhenThen: Enabled: true Style/WordArray: Enabled: true Style/UnneededPercentQ: Enabled: true Style/Tab: Enabled: true Style/SpaceBeforeSemicolon: Enabled: true Style/TrailingBlankLines: Enabled: true Style/SpaceInsideBlockBraces: Enabled: true Style/SpaceInsideBrackets: Enabled: true Style/SpaceInsideHashLiteralBraces: Enabled: true Style/SpaceInsideParens: Enabled: true Style/LeadingCommentSpace: Enabled: true Style/SpaceBeforeFirstArg: Enabled: true Style/SpaceAfterColon: Enabled: true Style/SpaceAfterComma: Enabled: true Style/SpaceAfterMethodName: Enabled: true Style/SpaceAfterNot: Enabled: true Style/SpaceAfterSemicolon: Enabled: true Style/SpaceAroundEqualsInParameterDefault: Enabled: true Style/SpaceAroundOperators: Enabled: true Style/SpaceBeforeBlockBraces: Enabled: true Style/SpaceBeforeComma: Enabled: true Style/CollectionMethods: Enabled: true Style/CommentIndentation: Enabled: true Style/ColonMethodCall: Enabled: true Style/CommentAnnotation: Enabled: true # 'Complexity' is very relative Metrics/CyclomaticComplexity: Enabled: false Style/ConstantName: Enabled: true Style/Documentation: Enabled: false Style/DefWithParentheses: Enabled: true Style/PreferredHashMethods: Enabled: true Style/DotPosition: EnforcedStyle: trailing Style/DoubleNegation: Enabled: true Style/EachWithObject: Enabled: true Style/EmptyLineBetweenDefs: Enabled: true Style/IndentArray: Enabled: true Style/IndentHash: Enabled: true Style/IndentationConsistency: Enabled: true Style/IndentationWidth: Enabled: true Style/EmptyLines: Enabled: true Style/EmptyLinesAroundAccessModifier: Enabled: true Style/EmptyLiteral: Enabled: true # Configuration parameters: AllowURI, URISchemes. Metrics/LineLength: Enabled: false -Style/MethodCallParentheses: +Style/MethodCallWithoutArgsParentheses: Enabled: true Style/MethodDefParentheses: Enabled: true Style/LineEndConcatenation: Enabled: true Style/TrailingWhitespace: Enabled: true Style/StringLiterals: Enabled: true Style/TrailingCommaInArguments: Enabled: true Style/TrailingCommaInLiteral: Enabled: true Style/GlobalVars: Enabled: true Style/GuardClause: Enabled: true Style/IfUnlessModifier: Enabled: true Style/MultilineIfThen: Enabled: true Style/NegatedIf: Enabled: true Style/NegatedWhile: Enabled: true Style/Next: Enabled: true Style/SingleLineBlockParams: Enabled: true Style/SingleLineMethods: Enabled: true Style/SpecialGlobalVars: Enabled: true Style/TrivialAccessors: Enabled: true Style/UnlessElse: Enabled: true Style/VariableInterpolation: Enabled: true Style/VariableName: Enabled: true Style/WhileUntilDo: Enabled: true Style/EvenOdd: Enabled: true Style/FileName: Enabled: true Style/For: Enabled: true Style/Lambda: Enabled: true Style/MethodName: Enabled: true Style/MultilineTernaryOperator: Enabled: true Style/NestedTernaryOperator: Enabled: true Style/NilComparison: Enabled: true Style/FormatString: Enabled: true Style/MultilineBlockChain: Enabled: true Style/Semicolon: Enabled: true Style/SignalException: Enabled: true Style/NonNilCheck: Enabled: true Style/Not: Enabled: true Style/NumericLiterals: Enabled: true Style/OneLineConditional: Enabled: true Style/OpMethod: Enabled: true Style/ParenthesesAroundCondition: Enabled: true Style/PercentLiteralDelimiters: Enabled: true Style/PerlBackrefs: Enabled: true Style/PredicateName: Enabled: true Style/RedundantException: Enabled: true Style/SelfAssignment: Enabled: true Style/Proc: Enabled: true Style/RaiseArgs: Enabled: true Style/RedundantBegin: Enabled: true Style/RescueModifier: Enabled: true # based on https://github.com/voxpupuli/modulesync_config/issues/168 Style/RegexpLiteral: EnforcedStyle: percent_r Enabled: true Lint/UnderscorePrefixedVariableName: Enabled: true Metrics/ParameterLists: Enabled: false Lint/RequireParentheses: Enabled: true Style/SpaceBeforeFirstArg: Enabled: true Style/ModuleFunction: Enabled: true Lint/Debugger: Enabled: true Style/IfWithSemicolon: Enabled: true Style/Encoding: Enabled: true Style/BlockDelimiters: Enabled: true Style/MultilineBlockLayout: Enabled: true # 'Complexity' is very relative Metrics/AbcSize: Enabled: False # 'Complexity' is very relative Metrics/PerceivedComplexity: Enabled: False Lint/UselessAssignment: Enabled: true Style/ClosingParenthesisIndentation: Enabled: false # RSpec # We don't use rspec in this way RSpec/DescribeClass: Enabled: False # Example length is not necessarily an indicator of code quality RSpec/ExampleLength: Enabled: False diff --git a/spec/classes/sudo_spec.rb b/spec/classes/sudo_spec.rb index 25e3d44..02cd0af 100644 --- a/spec/classes/sudo_spec.rb +++ b/spec/classes/sudo_spec.rb @@ -1,227 +1,227 @@ require 'spec_helper' describe 'sudo' do let :default_params do { :enable => true, :package_ensure => 'present', :purge => true, :config_file_replace => true } end [{}, { :package_ensure => 'present', :purge => false, :config_file_replace => false }, { :package_ensure => 'latest', :purge => true, :config_file_replace => false }].each do |param_set| describe "when #{param_set == {} ? 'using default' : 'specifying'} class parameters" do let :param_hash do default_params.merge(param_set) end let :params do param_set end %w(Debian Redhat).each do |osfamily| let :facts do { :operatingsystem => osfamily, :operatingsystemrelease => '7.0', :operatingsystemmajrelease => '7', :osfamily => osfamily, :puppetversion => '3.7.0' } end describe "on supported osfamily: #{osfamily}" do it { is_expected.to contain_class('sudo::params') } it do is_expected.to contain_file('/etc/sudoers').with( 'ensure' => 'present', 'owner' => 'root', 'group' => 'root', 'mode' => '0440', 'replace' => param_hash[:config_file_replace] ) end it do - is_expected.to contain_file('/etc/sudoers.d/').with( + is_expected.to contain_file('/etc/sudoers.d').with( 'ensure' => 'directory', 'owner' => 'root', 'group' => 'root', 'mode' => '0550', 'recurse' => param_hash[:purge], 'purge' => param_hash[:purge] ) end it do is_expected.to contain_class('sudo::package').with( 'package' => 'sudo', 'package_ensure' => param_hash[:package_ensure] ) end end end describe 'on RedHat 5.4' do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '5.4', :operatingsystemmajrelease => '5', :puppetversion => '3.7.0' } end it do if params == {} is_expected.to contain_class('sudo::package').with( 'package' => 'sudo', 'package_ensure' => 'latest' ) else is_expected.to contain_class('sudo::package').with( 'package' => 'sudo', 'package_ensure' => param_hash[:package_ensure] ) end end end describe 'on supported osfamily: AIX' do let :facts do { :osfamily => 'AIX', :puppetversion => '3.7.0' } end it { is_expected.to contain_class('sudo::params') } it do is_expected.to contain_file('/etc/sudoers').with( 'ensure' => 'present', 'owner' => 'root', 'group' => 'system', 'mode' => '0440', 'replace' => param_hash[:config_file_replace] ) end it do - is_expected.to contain_file('/etc/sudoers.d/').with( + is_expected.to contain_file('/etc/sudoers.d').with( 'ensure' => 'directory', 'owner' => 'root', 'group' => 'system', 'mode' => '0550', 'recurse' => param_hash[:purge], 'purge' => param_hash[:purge] ) end it do is_expected.to contain_class('sudo::package').with( 'package' => 'sudo', 'package_ensure' => param_hash[:package_ensure], 'package_source' => 'http://www.sudo.ws/sudo/dist/packages/AIX/5.3/sudo-1.8.9-6.aix53.lam.rpm' ) end end describe 'on supported osfamily: Solaris 10' do let :facts do { :operatingsystem => 'Solaris', :osfamily => 'Solaris', :kernelrelease => '5.10', :puppetversion => '3.7.0', :hardwareisa => 'i386' } end it { is_expected.to contain_class('sudo::params') } it do is_expected.to contain_file('/etc/sudoers').with( 'ensure' => 'present', 'owner' => 'root', 'group' => 'root', 'mode' => '0440', 'replace' => param_hash[:config_file_replace] ) end it do - is_expected.to contain_file('/etc/sudoers.d/').with( + is_expected.to contain_file('/etc/sudoers.d').with( 'ensure' => 'directory', 'owner' => 'root', 'group' => 'root', 'mode' => '0550', 'recurse' => param_hash[:purge], 'purge' => param_hash[:purge] ) end it do is_expected.to contain_class('sudo::package').with( 'package' => 'TCMsudo', 'package_ensure' => param_hash[:package_ensure], 'package_source' => 'http://www.sudo.ws/sudo/dist/packages/Solaris/10/TCMsudo-1.8.9p5-i386.pkg.gz', 'package_admin_file' => '/var/sadm/install/admin/puppet' ) end end describe 'on supported osfamily: Solaris 11' do let :facts do { :operatingsystem => 'Solaris', :osfamily => 'Solaris', :kernelrelease => '5.11', :puppetversion => '3.7.0' } end it { is_expected.to contain_class('sudo::params') } it do is_expected.to contain_file('/etc/sudoers').with( 'ensure' => 'present', 'owner' => 'root', 'group' => 'root', 'mode' => '0440', 'replace' => param_hash[:config_file_replace] ) end it do - is_expected.to contain_file('/etc/sudoers.d/').with( + is_expected.to contain_file('/etc/sudoers.d').with( 'ensure' => 'directory', 'owner' => 'root', 'group' => 'root', 'mode' => '0550', 'recurse' => param_hash[:purge], 'purge' => param_hash[:purge] ) end it do is_expected.to contain_class('sudo::package').with( 'package' => 'pkg://solaris/security/sudo', 'package_ensure' => param_hash[:package_ensure] ) end end end end end diff --git a/spec/defines/sudo_spec.rb b/spec/defines/sudo_spec.rb index e52313b..8b12a0f 100644 --- a/spec/defines/sudo_spec.rb +++ b/spec/defines/sudo_spec.rb @@ -1,168 +1,182 @@ require 'spec_helper' describe 'sudo::conf', :type => :define do let(:title) { 'admins' } let(:filename) { '10_admins' } let(:file_path) { '/etc/sudoers.d/10_admins' } let :facts do { - :lsbdistcodename => 'wheezy', - :operatingsystemmajrelease => '7', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :puppetversion => '3.7.0' + lsbdistcodename: 'wheezy', + operatingsystemmajrelease: '7', + operatingsystem: 'Debian', + osfamily: 'Debian', + puppetversion: '3.7.0' } end let :params do { - :priority => 10, - :content => '%admins ALL=(ALL) NOPASSWD: ALL', - :sudo_config_dir => '/etc/sudoers.d/' + priority: 10, + content: '%admins ALL=(ALL) NOPASSWD: ALL', + sudo_config_dir: '/etc/sudoers.d' } end describe 'when creating a sudo entry' do it do - is_expected.to contain_sudo__conf('admins').with(:priority => params[:priority], - :content => params[:content]) + is_expected.to contain_sudo__conf('admins').with( + priority: params[:priority], + content: params[:content] + ) end it do - is_expected.to contain_file(filename).with('ensure' => 'present', - 'content' => "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", - 'owner' => 'root', - 'group' => 'root', - 'path' => file_path, - 'mode' => '0440') + is_expected.to contain_file(filename).with( + ensure: 'present', + content: "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", + owner: 'root', + group: 'root', + path: file_path, + mode: '0440' + ) end it do - is_expected.to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}#{params[:priority]}_#{title}").with('command' => "visudo -c -f '#{params[:sudo_config_dir]}#{params[:priority]}_#{title}' || ( rm -f '#{params[:sudo_config_dir]}#{params[:priority]}_#{title}' && exit 1)", - 'refreshonly' => 'true') + is_expected.to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}/#{params[:priority]}_#{title}").with( + command: "visudo -c -f '#{params[:sudo_config_dir]}/#{params[:priority]}_#{title}' || ( rm -f '#{params[:sudo_config_dir]}/#{params[:priority]}_#{title}' && exit 1)", + refreshonly: 'true' + ) end - it { is_expected.to contain_file(filename).that_notifies("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}#{params[:priority]}_#{title}]") } - - it { is_expected.not_to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}#{params[:priority]}_#{title}").that_requires("File[#{filename}]") } - it { is_expected.not_to contain_file(filename).that_requires("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}#{params[:priority]}_#{title}]") } + it { is_expected.to contain_file(filename).that_notifies("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}/#{params[:priority]}_#{title}]") } + it { is_expected.not_to contain_file(filename).that_requires("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}/#{params[:priority]}_#{title}]") } end describe 'when creating a sudo entry with single number priority' do let(:filename) { '05_admins' } let(:file_path) { '/etc/sudoers.d/05_admins' } let :params do { - :priority => 5, - :content => '%admins ALL=(ALL) NOPASSWD: ALL', - :sudo_config_dir => '/etc/sudoers.d/' + priority: 5, + content: '%admins ALL=(ALL) NOPASSWD: ALL', + sudo_config_dir: '/etc/sudoers.d' } end it do - is_expected.to contain_sudo__conf('admins').with(:priority => params[:priority], - :content => params[:content]) + is_expected.to contain_sudo__conf('admins').with( + priority: params[:priority], + content: params[:content] + ) end it do - is_expected.to contain_file(filename).with('ensure' => 'present', - 'content' => "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", - 'owner' => 'root', - 'group' => 'root', - 'path' => file_path, - 'mode' => '0440') + is_expected.to contain_file(filename).with( + ensure: 'present', + content: "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", + owner: 'root', + group: 'root', + path: file_path, + mode: '0440' + ) end it do - is_expected.to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}").with('command' => "visudo -c -f '#{params[:sudo_config_dir]}0#{params[:priority]}_#{title}' || ( rm -f '#{params[:sudo_config_dir]}0#{params[:priority]}_#{title}' && exit 1)", - 'refreshonly' => 'true') + is_expected.to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}").with( + command: "visudo -c -f '#{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}' || ( rm -f '#{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}' && exit 1)", + refreshonly: 'true' + ) end - it { is_expected.to contain_file(filename).that_notifies("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}]") } - - it { is_expected.not_to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}").that_requires("File[#{filename}]") } - it { is_expected.not_to contain_file(filename).that_requires("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}]") } + it { is_expected.to contain_file(filename).that_notifies("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}]") } + it { is_expected.not_to contain_file(filename).that_requires("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}]") } end describe 'when creating a sudo entry with whitespace in name' do let(:title) { 'admins hq' } let(:filename) { '05_admins hq' } let(:file_path) { '/etc/sudoers.d/05_admins_hq' } let :params do { - :priority => 5, - :content => '%admins_hq ALL=(ALL) NOPASSWD: ALL', - :sudo_config_dir => '/etc/sudoers.d/' + priority: 5, + content: '%admins_hq ALL=(ALL) NOPASSWD: ALL', + sudo_config_dir: '/etc/sudoers.d' } end it do is_expected.to contain_sudo__conf('admins hq').with(:priority => params[:priority], :content => params[:content]) end it do - is_expected.to contain_file(filename).with('ensure' => 'present', - 'content' => "# This file is managed by Puppet; changes may be overwritten\n%admins_hq ALL=(ALL) NOPASSWD: ALL\n", - 'owner' => 'root', - 'group' => 'root', - 'path' => file_path, - 'mode' => '0440') + is_expected.to contain_file(filename).with( + ensure: 'present', + content: "# This file is managed by Puppet; changes may be overwritten\n%admins_hq ALL=(ALL) NOPASSWD: ALL\n", + owner: 'root', + group: 'root', + path: file_path, + mode: '0440' + ) end it do - is_expected.to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}").with('command' => "visudo -c -f '#{file_path}' || ( rm -f '#{file_path}' && exit 1)", - 'refreshonly' => 'true') + is_expected.to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}").with( + command: "visudo -c -f '#{file_path}' || ( rm -f '#{file_path}' && exit 1)", + refreshonly: 'true' + ) end - it { is_expected.to contain_file(filename).that_notifies("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}]") } - - it { is_expected.not_to contain_exec("sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}").that_requires("File[#{filename}]") } - it { is_expected.not_to contain_file(filename).that_requires("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}0#{params[:priority]}_#{title}]") } + it { is_expected.to contain_file(filename).that_notifies("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}]") } + it { is_expected.not_to contain_file(filename).that_requires("Exec[sudo-syntax-check for file #{params[:sudo_config_dir]}/0#{params[:priority]}_#{title}]") } end describe 'when removing an sudo entry' do let :params do { - :ensure => 'absent', - :priority => 10, - :content => '%admins ALL=(ALL) NOPASSWD: ALL', - :sudo_config_dir => '/etc/sudoers.d/' + ensure: 'absent', + priority: 10, + content: '%admins ALL=(ALL) NOPASSWD: ALL', + sudo_config_dir: '/etc/sudoers.d' } end it do - is_expected.to contain_file(filename).with('ensure' => 'absent', - 'content' => "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", - 'owner' => 'root', - 'group' => 'root', - 'path' => file_path, - 'mode' => '0440') + is_expected.to contain_file(filename).with( + ensure: 'absent', + content: "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", + owner: 'root', + group: 'root', + path: file_path, + mode: '0440' + ) end end describe 'when removing an sudo entry with single number priority' do let :params do { - :ensure => 'absent', - :priority => 5, - :content => '%admins ALL=(ALL) NOPASSWD: ALL', - :sudo_config_dir => '/etc/sudoers.d/' + ensure: 'absent', + priority: 5, + content: '%admins ALL=(ALL) NOPASSWD: ALL', + sudo_config_dir: '/etc/sudoers.d' } end let(:filename) { '05_admins' } let(:file_path) { '/etc/sudoers.d/05_admins' } it do - is_expected.to contain_file(filename).with('ensure' => 'absent', - 'content' => "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", - 'owner' => 'root', - 'group' => 'root', - 'path' => file_path, - 'mode' => '0440') + is_expected.to contain_file(filename).with( + ensure: 'absent', + content: "# This file is managed by Puppet; changes may be overwritten\n%admins ALL=(ALL) NOPASSWD: ALL\n", + owner: 'root', + group: 'root', + path: file_path, + mode: '0440' + ) end end end