diff --git a/metadata.json b/metadata.json index ccfe797..20e3147 100644 --- a/metadata.json +++ b/metadata.json @@ -1,70 +1,90 @@ { "name": "saz-sudo", "version": "6.0.0", "author": "saz", "license": "Apache-2.0", "summary": "Manage sudo configuration via Puppet", "source": "https://github.com/saz/puppet-sudo", "project_page": "https://github.com/saz/puppet-sudo", "issues_url": "https://github.com/saz/puppet-sudo/issues", "tags": ["sudo"], "operatingsystem_support": [ { - "operatingsystem": "RedHat" + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "7" + ] }, { - "operatingsystem": "CentOS" + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "7" + ] }, { - "operatingsystem": "OracleLinux" + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "7" + ] }, { - "operatingsystem": "Scientific" + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "7" + ] }, { - "operatingsystem": "Debian" + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "9", + "10" + ] }, { - "operatingsystem": "Ubuntu" + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "18.04", + "20.04" + ] }, { "operatingsystem": "SmartOS" }, { "operatingsystem": "OmniOS" }, { "operatingsystem": "FreeBSD" }, { "operatingsystem": "OpenBSD" }, { "operatingsystem": "AIX" }, { "operatingsystem": "Darwin" }, { "operatingsystem": "Gentoo" }, { "operatingsystem": "Archlinux" }, { "operatingsystem": "Amazon" }, { "operatingsystem": "Suse" } ], "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">=2.6.0 < 7.0.0" } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 6.1.0 < 8.0.0" } ] } diff --git a/spec/acceptance/sudo_conf_spec.rb b/spec/acceptance/sudo_conf_spec.rb index 7c80645..86898dd 100644 --- a/spec/acceptance/sudo_conf_spec.rb +++ b/spec/acceptance/sudo_conf_spec.rb @@ -1,95 +1,109 @@ require 'spec_helper_acceptance' describe 'sudo::conf class' do context 'with default parameters' do # Using puppet_apply as a helper it 'works with no errors' do pp = <<-PP group { 'janedoe': ensure => present; } -> user { 'janedoe' : gid => 'janedoe', home => '/home/janedoe', shell => '/bin/bash', managehome => true, membership => minimum, } -> user { 'nosudoguy' : home => '/home/nosudoguy', shell => '/bin/bash', managehome => true, membership => minimum, } -> class {'sudo': purge => false, config_file_replace => false, } -> sudo::conf { 'janedoe_nopasswd': content => "janedoe ALL=(ALL) NOPASSWD: ALL\n" } PP # Run it twice and test for idempotency apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_failures: true) end describe command("su - janedoe -c 'sudo echo Hello World'") do its(:stdout) { is_expected.to match %r{Hello World} } its(:exit_status) { is_expected.to eq 0 } end describe command("su - nosudoguy -c 'sudo echo Hello World'") do - its(:stderr) { is_expected.to match %r{no tty present and no askpass program specified} } + its(:stderr) { is_expected.to match %r{no tty present and no askpass program specified|a terminal is required to read the password} } its(:exit_status) { is_expected.to eq 1 } end end - context 'with ignore and suffix specified' do + context 'with ignore and suffix specified managed file' do describe command('touch /etc/sudoers.d/file-from-rpm') do its(:exit_status) { is_expected.to eq 0 } end it 'create a puppet managed file' do pp = <<-PP class {'sudo': - suffix => '_puppet', - ignore => '[*!_puppet]', + suffix => '_puppet', + purge_ignore => '[*!_puppet]', } sudo::conf { 'janedoe_nopasswd': content => "janedoe ALL=(ALL) NOPASSWD: ALL\n" } PP # Run it twice and test for idempotency apply_manifest(pp, catch_failures: true) expect(apply_manifest(pp, catch_failures: true).exit_code).to be_zero - describe file('/etc/sudoers.d/janedoe_nopasswd_puppet') do - it { is_expected.to exist } - end - describe file('/etc/sudoers.d/sudoers.d/file-from-rpm') do - it { is_expected.to exist } - end + end + + describe file('/etc/sudoers.d/10_janedoe_nopasswd_puppet') do + it { is_expected.to be_file } + it { is_expected.to contain 'janedoe ALL=(ALL) NOPASSWD: ALL' } + end + + describe file('/etc/sudoers.d/file-from-rpm') do + it { is_expected.to exist } + end + end + + context 'with ignore and suffix specified without managed file' do + describe command('touch /etc/sudoers.d/file-from-rpm') do + its(:exit_status) { is_expected.to eq 0 } + end + + it 'without a puppet managed file' do pp = <<-PP class {'sudo': - suffix => '_puppet', - ignore => '[*!_puppet]', + suffix => '_puppet', + purge_ignore => '[*!_puppet]', } PP # Run it twice and test for idempotency apply_manifest(pp, catch_failures: true) expect(apply_manifest(pp, catch_failures: true).exit_code).to be_zero - describe file('/etc/sudoers.d/janedoe_nopasswd_puppet') do - it { is_expected.not_to exist } - end - describe file('/etc/sudoers.d/sudoers.d/file-from-rpm') do - it { is_expected.to exist } - end + end + + describe file('/etc/sudoers.d/10_janedoe_nopasswd_puppet') do + it { is_expected.not_to exist } + end + + describe file('/etc/sudoers.d/file-from-rpm') do + it { is_expected.to exist } end end end