Merge pull request #57 from Stromweld/patch-1

rndmh3ro · web-flow · commit 211776ab145e · 2022-09-28T16:40:50.000+02:00
Add rhel 8+ dnf support
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 Gemfile.lock
 inspec.lock
+.kitchen
diff --git a/.kitchen.yml b/.kitchen.yml
diff --git a/kitchen.dokken.yml b/kitchen.dokken.yml
@@ -0,0 +1,92 @@
+---
+driver:
+  name: dokken
+  privileged: true # because Docker and SystemD/Upstart
+
+transport:
+  name: dokken
+
+provisioner:
+  name: chef_infra
+  deprecations_as_errors: true
+  chef_license: accept-no-persist
+  clean_dokken_sandbox: false
+
+verifier:
+  name: inspec
+  sudo: true
+
+platforms:
+  - name: almalinux-8
+    driver:
+      image: dokken/almalinux-8
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: almalinux-9
+    driver:
+      image: dokken/almalinux-9
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: amazonlinux-2
+    driver:
+      image: dokken/amazonlinux-2
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: amazonlinux-2022
+    driver:
+      image: dokken/amazonlinux-2022
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: centos-7
+    driver:
+      image: dokken/centos-7
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: centos-8
+    driver:
+      image: dokken/centos-8
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: rockylinux-8
+    driver:
+      image: dokken/rockylinux-8
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: rockylinux-9
+    driver:
+      image: dokken/rockylinux-9
+      pid_one_command: /usr/lib/systemd/systemd
+
+  - name: debian-10
+    driver:
+      image: dokken/debian-10
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+  - name: debian-11
+    driver:
+      image: dokken/debian-10
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+  - name: ubuntu-20.04
+    driver:
+      image: dokken/ubuntu-20.04
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+  - name: ubuntu-22.04
+    driver:
+      image: dokken/ubuntu-22.04
+      pid_one_command: /bin/systemd
+      intermediate_instructions:
+        - RUN /usr/bin/apt-get update
+
+suites:
+  - name: default
+    verifier:
+      inspec_tests:
+        - path: .
diff --git a/kitchen.vagrant.yml b/kitchen.vagrant.yml
@@ -0,0 +1,38 @@
+---
+driver:
+  name: vagrant
+  box_auto_update: true
+  box_auto_prune: true
+
+provisioner:
+  name: chef_infra
+  retry_on_exit_code:
+    - 35 # 35 is the exit code signaling that the node is rebooting
+  product_name: chef
+  always_update_cookbooks: true
+  deprecations_as_errors: true
+  chef_license: accept-no-persist
+
+verifier:
+  name: inspec
+
+platforms:
+  - name: almalinux-8
+  - name: almalinux-9
+  - name: amazonlinux-2
+  # - name: amazonlinux-2022
+  - name: centos-7
+  - name: centos-8
+  - name: rockylinux-8
+  - name: rockylinux-9
+  - name: debian-10
+  - name: debian-11
+  - name: ubuntu-20.04
+  - name: ubuntu-22.04
+
+
+suites:
+  - name: default
+    verifier:
+      inspec_tests:
+        - path: .
diff --git a/kitchen.yml b/kitchen.yml
@@ -0,0 +1,68 @@
+---
+driver:
+  name: docker
+  use_sudo: false
+
+provisioner:
+  name: chef_infra
+
+verifier:
+  name: inspec
+  sudo: true
+
+platforms:
+- name: ubuntu-16.04
+  driver:
+    image: ubuntu:16.04
+- name: ubuntu-18.04
+  driver:
+    image: ubuntu:18.04
+- name: ubuntu-20.04
+  driver:
+    image: ubuntu:20.04
+- name: ubuntu-22.04
+  driver:
+    image: ubuntu:22.04
+- name: centos-6
+  driver:
+    image: centos:6
+- name: centos-7
+  driver:
+    image: centos:7
+- name: centos-8
+  driver:
+    image: centos:8
+- name: almalinux-8
+  driver:
+    image: almalinux:8
+    privileged: true
+- name: almalinux-9
+  driver:
+    image: almalinux:9
+    privileged: true
+- name: rockylinux-8
+  driver:
+    image: rockylinux:8
+    privileged: true
+- name: rockylinux-9
+  driver:
+    image: rockylinux:9
+    privileged: true
+- name: debian-8
+  driver:
+    image: debian:8
+- name: debian-9
+  driver:
+    image: debian:9
+- name: debian-10
+  driver:
+    image: debian:10
+- name: debian-11
+  driver:
+    image: debian:11
+
+suites:
+  - name: default
+    verifier:
+      inspec_tests:
+        - path: .
diff --git a/libraries/linux_updates.rb b/libraries/linux_updates.rb
@@ -208,10 +208,17 @@ def packages
   end
 
   def updates
-    rhel_updates = <<~PRINT_JSON
-      #!/bin/sh
-      python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\", \\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"'
-    PRINT_JSON
+    rhel_updates = if @inspec.os.release.to_i > 7
+                     <<~PRINT_JSON
+                       #!/usr/bin/sh
+                       /usr/libexec/platform-python -c 'import dnf; base = dnf.Base(); conf = base.conf; conf.substitutions.update_from_etc(conf.installroot); conf.substitutions._update_from_env(); base.read_all_repos(); base.fill_sack(); q = base.sack.query(); list = list(q.upgrades()); res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.reponame+"\\"}" for x in list]; print("{\\"available\\":["+",".join(res)+"]}")'
+                     PRINT_JSON
+                   else
+                     <<~PRINT_JSON
+                       #!/bin/sh
+                       python -c 'import sys; sys.path.insert(0, "/usr/share/yum-cli"); import cli; ybc = cli.YumBaseCli(); ybc.setCacheDir("/tmp"); list = ybc.returnPkgLists(["updates"]);res = ["{\\"name\\":\\""+x.name+"\\",\\"version\\":\\""+x.version+"-"+x.release+"\\",\\"arch\\":\\""+x.arch+"\\",\\"repository\\":\\""+x.repo.id+"\\"}" for x in list.updates]; print "{\\"available\\":["+",".join(res)+"]}"'
+                     PRINT_JSON
+                   end
     cmd = @inspec.bash(rhel_updates)
     unless cmd.exit_status.zero?
       # essentially we want https://github.com/chef/inspec/issues/1205

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`	`1`	`Gemfile.lock`
`2`	`2`	`inspec.lock`
	`3`	`+.kitchen`