diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ba07ed8 --- /dev/null +++ b/.gitignore @@ -0,0 +1,113 @@ +# Byte-compiled / optimized / DLL files +__pycache__/ +*.py[cod] +*$py.class + +# C extensions +*.so + +# Distribution / packaging +.Python +env/ +build/ +develop-eggs/ +dist/ +downloads/ +eggs/ +.eggs/ +lib/ +lib64/ +parts/ +sdist/ +var/ +wheels/ +*.egg-info/ +.installed.cfg +*.egg + +# PyInstaller +# Usually these files are written by a python script from a packager +# before PyInstaller builds the exe, so as to inject date/other infos into it. +*.manifest +*.spec + +# Installer logs +pip-log.txt +pip-delete-this-directory.txt + +# Unit test / coverage reports +htmlcov/ +.tox/ +.coverage +.coverage.* +.cache +nosetests.xml +coverage.xml +*.cover +.hypothesis/ +.kitchen +.kitchen.local.yml +kitchen.local.yml + +# Translations +*.mo +*.pot + +# Django stuff: +*.log +local_settings.py + +# Flask stuff: +instance/ +.webassets-cache + +# Scrapy stuff: +.scrapy + +# Sphinx documentation +docs/_build/ + +# PyBuilder +target/ + +# Jupyter Notebook +.ipynb_checkpoints + +# pyenv +.python-version + +# celery beat schedule file +celerybeat-schedule + +# SageMath parsed files +*.sage.py + +# dotenv +.env + +# virtualenv +.venv +venv/ +ENV/ + +# Spyder project settings +.spyderproject +.spyproject + +# Rope project settings +.ropeproject + +# mkdocs documentation +/site + +# mypy +.mypy_cache/ + +# Bundler +Gemfile.lock + +# copied `.md` files used for conversion to `.rst` using `m2r` +docs/*.md + +# Vim +*.sw? diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..b4dccd4 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,72 @@ +stages: + - test + - commitlint + - name: release + if: branch = master AND type != pull_request + +sudo: required +cache: bundler +language: ruby + +services: + - docker + +# Make sure the instances listed below match up with +# the `platforms` defined in `kitchen.yml` +env: + matrix: + - INSTANCE: default-debian-9-2019-2-py3 + - INSTANCE: default-ubuntu-1804-2019-2-py3 + - INSTANCE: default-centos-7-2019-2-py3 + - INSTANCE: default-fedora-29-2019-2-py3 + - INSTANCE: default-opensuse-leap-15-2019-2-py3 +# - INSTANCE: default-debian-9-2018-3-py2 +# - INSTANCE: default-ubuntu-1604-2018-3-py2 +# - INSTANCE: default-centos-7-2018-3-py2 +# - INSTANCE: default-fedora-29-2018-3-py2 +# # TODO: Use this when fixed instead of `opensuse-leap-42` +# # Ref: https://github.com/netmanagers/salt-image-builder/issues/2 +# # - INSTANCE: default-opensuse-leap-15-2018-3-py2 +# - INSTANCE: default-opensuse-leap-42-2018-3-py2 +# - INSTANCE: default-debian-8-2017-7-py2 +# - INSTANCE: default-ubuntu-1604-2017-7-py2 +# # TODO: Enable after improving the formula to work with other than `systemd` +# - INSTANCE: default-centos-6-2017-7-py2 +# - INSTANCE: default-fedora-28-2017-7-py2 +# - INSTANCE: default-opensuse-leap-42-2017-7-py2 + +script: + - bundle exec kitchen verify ${INSTANCE} + +jobs: + include: + # Define the commitlint stage + - stage: commitlint + language: node_js + node_js: lts/* + before_install: skip + script: + - npm install @commitlint/config-conventional -D + - npm install @commitlint/travis-cli -D + - commitlint-travis + # Define the release stage that runs semantic-release + - stage: release + language: node_js + node_js: lts/* + before_install: skip + script: + # Update `AUTHORS.md` + - export MAINTAINER_TOKEN=${GH_TOKEN} + - go get github.com/myii/maintainer + - maintainer contributor + + # Install all dependencies required for `semantic-release` + - npm install @semantic-release/changelog@3 -D + - npm install @semantic-release/exec@3 -D + - npm install @semantic-release/git@7 -D + deploy: + provider: script + skip_cleanup: true + script: + # Run `semantic-release` + - npx semantic-release@15 diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 6fcf8a0..0000000 --- a/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -# Test default configuration scheme (config.sls) -FROM martinhoefling/salt-minion:debian -MAINTAINER Martin Hoefling -# push formula -RUN apt-get update -yq -RUN apt-get install salt-minion -yq -ADD fail2ban /srv/salt/fail2ban -ADD pillar.example /srv/pillar/example.sls -RUN echo "file_client: local" > /etc/salt/minion.d/local.conf -RUN echo "base:" > /srv/pillar/top.sls -RUN echo " '*':" >> /srv/pillar/top.sls -RUN echo " - example" >> /srv/pillar/top.sls -RUN salt-call --local state.sls fail2ban.config -l debug | tee log.txt && grep "Failed: 0" log.txt diff --git a/FORMULA b/FORMULA new file mode 100644 index 0000000..eb941da --- /dev/null +++ b/FORMULA @@ -0,0 +1,9 @@ +name: fail2ban +os: Debian, Ubuntu, Raspbian, RedHat, Fedora, CentOS, Suse, openSUSE +os_family: Debian, RedHat, Suse +version: 1.0.0rc +release: 1 +minimum_version: 2016.11 +summary: Fail2ban formula +description: Formula to configure fail2ban +top_level_dir: fail2ban diff --git a/Gemfile b/Gemfile new file mode 100644 index 0000000..3b36de3 --- /dev/null +++ b/Gemfile @@ -0,0 +1,6 @@ +source "https://rubygems.org" + +gem 'kitchen-docker', '>= 2.9' +gem 'kitchen-salt', '>= 0.6.0' +gem 'kitchen-inspec', '>= 1.1' + diff --git a/commitlint.config.js b/commitlint.config.js new file mode 100644 index 0000000..2f9d1aa --- /dev/null +++ b/commitlint.config.js @@ -0,0 +1,3 @@ +module.exports = { + extends: ['@commitlint/config-conventional'], +}; diff --git a/docs/CONTRIBUTING.rst b/docs/CONTRIBUTING.rst new file mode 100644 index 0000000..b7da8f4 --- /dev/null +++ b/docs/CONTRIBUTING.rst @@ -0,0 +1,159 @@ +.. _contributing: + +How to contribute +================= + +This document will eventually outline all aspects of guidance to make your contributing experience a fruitful and enjoyable one. +What it already contains is information about *commit message formatting* and how that directly affects the numerous automated processes that are used for this repo. +It also covers how to contribute to this *formula's documentation*. + +.. contents:: **Table of Contents** + +Overview +-------- + +Submitting a pull request is more than just code! +To achieve a quality product, the *tests* and *documentation* need to be updated as well. +An excellent pull request will include these in the changes, wherever relevant. + +Commit message formatting +------------------------- + +Since every type of change requires making Git commits, +we will start by covering the importance of ensuring that all of your commit +messages are in the correct format. + +Automation of multiple processes +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +This formula uses `semantic-release `_ for automating numerous processes such as bumping the version number appropriately, creating new tags/releases and updating the changelog. +The entire process relies on the structure of commit messages to determine the version bump, which is then used for the rest of the automation. + +Full details are available in the upstream docs regarding the `Angular Commit Message Conventions `_. +The key factor is that the first line of the commit message must follow this format: + +.. code-block:: + + type(scope): subject + + +* E.g. ``docs(contributing): add commit message formatting instructions``. + +Besides the version bump, the changelog and release notes are formatted accordingly. +So based on the example above: + +.. + + .. raw:: html + +

Documentation

+ + * **contributing:** add commit message formatting instructions + + +* The ``type`` translates into a ``Documentation`` sub-heading. +* The ``(scope):`` will be shown in bold text without the brackets. +* The ``subject`` follows the ``scope`` as standard text. + +Linting commit messages in Travis CI +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +This formula uses `commitlint `_ for checking commit messages during CI testing. +This ensures that they are in accordance with the ``semantic-release`` settings. + +For more details about the default settings, refer back to the ``commitlint`` `reference rules `_. + +Relationship between commit type and version bump +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +This formula applies some customisations to the defaults, as outlined in the table below, +based upon the `type `_ of the commit: + +.. list-table:: + :name: commit-type-vs-version-bump + :header-rows: 1 + :stub-columns: 0 + :widths: 1,2,3,1,1 + + * - Type + - Heading + - Description + - Bump (default) + - Bump (custom) + * - ``build`` + - Build System + - Changes related to the build system + - – + - + * - ``chore`` + - – + - Changes to the build process or auxiliary tools and libraries such as + documentation generation + - – + - + * - ``ci`` + - Continuous Integration + - Changes to the continuous integration configuration + - – + - + * - ``docs`` + - Documentation + - Documentation only changes + - – + - 0.0.1 + * - ``feat`` + - Features + - A new feature + - 0.1.0 + - + * - ``fix`` + - Bug Fixes + - A bug fix + - 0.0.1 + - + * - ``perf`` + - Performance Improvements + - A code change that improves performance + - 0.0.1 + - + * - ``refactor`` + - Code Refactoring + - A code change that neither fixes a bug nor adds a feature + - – + - 0.0.1 + * - ``revert`` + - Reverts + - A commit used to revert a previous commit + - – + - 0.0.1 + * - ``style`` + - Styles + - Changes that do not affect the meaning of the code (white-space, + formatting, missing semi-colons, etc.) + - – + - 0.0.1 + * - ``test`` + - Tests + - Adding missing or correcting existing tests + - – + - 0.0.1 + +Use ``BREAKING CHANGE`` to trigger a ``major`` version change +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Adding ``BREAKING CHANGE`` to the footer of the extended description of the commit message will **always** trigger a ``major`` version change, no matter which type has been used. +This will be appended to the changelog and release notes as well. +To preserve good formatting of these notes, the following format is prescribed: + +* ``BREAKING CHANGE: .`` + +An example of that: + +.. code-block:: git + + ... + + BREAKING CHANGE: With the removal of all of the `.sls` files under + `template package`, this formula no longer supports the installation of + packages. + diff --git a/README.rst b/docs/README.rst similarity index 55% rename from README.rst rename to docs/README.rst index 0c56c7d..9cfde81 100644 --- a/README.rst +++ b/docs/README.rst @@ -1,51 +1,63 @@ -fail2ban -===================== +.. _readme: + +fail2ban-formula +================ + +|img_travis| |img_sr| + +.. |img_travis| image:: https://travis-ci.com/saltstack-formulas/fail2ban-formula.svg?branch=master + :alt: Travis CI Build Status + :scale: 100% + :target: https://travis-ci.com/saltstack-formulas/fail2ban-formula +.. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg + :alt: Semantic Release + :scale: 100% + :target: https://github.com/semantic-release/semantic-release ``fail2ban`` scans log files for malicious activity and executes actions based on what it finds. -.. note:: - See the full `Salt Formulas installation and usage instructions - `_. +.. contents:: **Table of Contents** -Available states -================ +General notes +------------- -.. contents:: - :local: +See the full `SaltStack Formulas installation and usage instructions +`_. -``fail2ban`` ------------- +If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section +`_. -Install the ``fail2ban`` package and enable the service. +If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``, +which contains the currently released version. This formula is versioned according to `Semantic Versioning `_. -``fail2ban.config`` -------------------- +See `Formula Versioning Section `_ for more details. -Creates a ``jail.local`` config file based on pillar data to override configuration in the default ``jail.conf`` file and enables creation of all configuration files based on content blocks in pillar. See ``pillar-pt.example`` for reference -and consult the fail2ban documentation. +Contributing to this repo +------------------------- -Configuration -============= +**Commit message formatting is significant!!** -Simple: -------- -First, ``fail2ban`` uses settings defined in ``/etc/fail2ban/jail.conf``. ``jail.conf`` is provided by the package, and should not be changed. +Please see :ref:`How to contribute ` for more details. -Next, it uses ``/etc/fail2ban/jail.local`` to override settings from ``jail.conf``. The ``fail2ban.config`` state populates the ``jail.local`` file using data from pillar. The ``jail.local`` file is only created if you use the ``fail2ban.config`` state. +Available states +---------------- -Advanced (via config blocks in pillar): ---------------------------------------- +.. contents:: + :local: + + +``fail2ban`` +^^^^^^^^^^^^ -The ``fail2ban.config`` state also populates the ``jail.local``, ``fail2ban.local`` and the ``.conf`` files in ``action.d`` and ``filter.d`` via content blocks in pillar. +Install the ``fail2ban`` package and enable the service. +``fail2ban.config`` +^^^^^^^^^^^^^^^^^^^ -Gotchas -======= -In the ``pillar.example``, note that the iptable action uses ``port=ssh`` (lowercase), not ``port=SSH`` (uppercase). +Creates a ``jail.local`` config file based on pillar data to override configuration in the default ``jail.conf`` file and enables creation of all configuration files based on content blocks in pillar. See ``pillar.example`` for reference +and consult the fail2ban documentation. -Next-generation, alternate approach -=================================== The following states provide an alternate approach to managing fail2ban. Tested in Ubuntu 14/16 and CentOS 6/7. @@ -53,17 +65,17 @@ The following states provide an alternate approach to managing fail2ban. Tested :local: ``fail2ban.ng`` ---------------- +^^^^^^^^^^^^^^^ Meta state for inclusion of all ng states. ``fail2ban.ng.install`` ------------------------ +^^^^^^^^^^^^^^^^^^^^^^^ Install the ``fail2ban`` package. ``fail2ban.ng.config`` ----------------------- +^^^^^^^^^^^^^^^^^^^^^^ Configure fail2ban creating a ``jail.local`` file based on pillar data that overrid ``jail.conf``. It also creates a ``file.local`` per action/filter. Either in jails, actions or filters is possible to setup a ``source_path`` options to upload your configuration directly (see ``pillar.example``). It is also possible to remove either actions or filters setting up ``enabled: False`` in it section (see ``pillar.example``). @@ -121,7 +133,7 @@ It is also possible to specify the source file for config, jails, actions and fi source_path: salt://path-to-filter-file ``fail2ban.ng.service`` ------------------------ +^^^^^^^^^^^^^^^^^^^^^^^ Manage fail2ban service. It is also possible to disable the service using the following pillar configuration: @@ -130,3 +142,35 @@ Manage fail2ban service. It is also possible to disable the service using the fo fail2ban: ng: enabled: False + + +Testing +------- + +Linux testing is done with ``kitchen-salt``. + +``kitchen converge`` +^^^^^^^^^^^^^^^^^^^^ + +Creates the docker instance and runs the ``template`` main state, ready for testing. + +``kitchen verify`` +^^^^^^^^^^^^^^^^^^ + +Runs the ``inspec`` tests on the actual instance. + +``kitchen destroy`` +^^^^^^^^^^^^^^^^^^^ + +Removes the docker instance. + +``kitchen test`` +^^^^^^^^^^^^^^^^ + +Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``. + +``kitchen login`` +^^^^^^^^^^^^^^^^^ + +Gives you SSH access to the instance for manual testing. + diff --git a/kitchen.yml b/kitchen.yml new file mode 100644 index 0000000..f51d65c --- /dev/null +++ b/kitchen.yml @@ -0,0 +1,112 @@ +# -*- coding: utf-8 -*- +# vim: ft=yaml +--- +# For help on this file's format, see https://kitchen.ci/ +driver: + name: docker + use_sudo: false + privileged: true + run_command: /lib/systemd/systemd + +# Make sure the platforms listed below match up with +# the `env.matrix` instances defined in `.travis.yml` +platforms: + ## SALT 2019.2 + - name: debian-9-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:debian-9 + - name: ubuntu-1804-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:ubuntu-18.04 + - name: centos-7-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:centos-7 + - name: fedora-29-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:fedora-29 + - name: opensuse-leap-15-2019-2-py3 + driver: + image: netmanagers/salt-2019.2-py3:opensuse-leap-15 + run_command: /usr/lib/systemd/systemd + + ## SALT 2018.3 + - name: debian-9-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:debian-9 + - name: ubuntu-1604-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:ubuntu-16.04 + - name: centos-7-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:centos-7 + - name: fedora-29-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:fedora-29 + # TODO: Use this when fixed instead of `opensuse-leap-42` + # Ref: https://github.com/netmanagers/salt-image-builder/issues/2 + # - name: opensuse-leap-15-2018-3-py2 + # driver: + # image: netmanagers/salt-2018.3-py2:opensuse-leap-15 + # run_command: /usr/lib/systemd/systemd + - name: opensuse-leap-42-2018-3-py2 + driver: + image: netmanagers/salt-2018.3-py2:opensuse-leap-42 + run_command: /usr/lib/systemd/systemd + + ## SALT 2017.7 + - name: debian-8-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:debian-8 + - name: ubuntu-1604-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:ubuntu-16.04 + # TODO: Modify the formula to work for non-`systemd` platforms + - name: centos-6-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:centos-6 + run_command: /sbin/init + - name: fedora-28-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:fedora-28 + - name: opensuse-leap-42-2017-7-py2 + driver: + image: netmanagers/salt-2017.7-py2:opensuse-leap-42 + run_command: /usr/lib/systemd/systemd + +provisioner: + name: salt_solo + log_level: info + salt_install: none + require_chef: false + formula: fail2ban + salt_copy_filter: + - .kitchen + - .git + state_top: + base: + '*': + - misc.fake_log_files + - fail2ban + pillars: + top.sls: + base: + '*': + - fail2ban + pillars_from_files: + fail2ban.sls: pillar.example + dependencies: + - name: misc + path: test/salt/states + +verifier: + # https://www.inspec.io/ + name: inspec + sudo: true + # cli, documentation, html, progress, json, json-min, json-rspec, junit + reporter: + - cli + inspec_tests: + - path: test/integration/default + +suites: + - name: default diff --git a/pre-commit_semantic-release.sh b/pre-commit_semantic-release.sh new file mode 100755 index 0000000..9d34d74 --- /dev/null +++ b/pre-commit_semantic-release.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +############################################################################### +# (A) Update `FORMULA` with `${nextRelease.version}` +############################################################################### +sed -i -e "s_^\(version:\).*_\1 ${1}_" FORMULA + + +############################################################################### +# (B) Use `m2r` to convert automatically produced `.md` docs to `.rst` +############################################################################### + +# Install `m2r` +sudo -H pip install m2r + +# Copy and then convert the `.md` docs +cp *.md docs/ +cd docs/ +m2r --overwrite *.md + +# Change excess `H1` headings to `H2` in converted `CHANGELOG.rst` +sed -i -e '/^=.*$/s/=/-/g' CHANGELOG.rst +sed -i -e '1,4s/-/=/g' CHANGELOG.rst + +# Use for debugging output, when required +# cat AUTHORS.rst +# cat CHANGELOG.rst + +# Return back to the main directory +cd .. diff --git a/release-rules.js b/release-rules.js new file mode 100644 index 0000000..c63c850 --- /dev/null +++ b/release-rules.js @@ -0,0 +1,18 @@ +// No release is triggered for the types commented out below. +// Commits using these types will be incorporated into the next release. +// +// NOTE: Any changes here must be reflected in `CONTRIBUTING.md`. +module.exports = [ + {breaking: true, release: 'major'}, + // {type: 'build', release: 'patch'}, + // {type: 'chore', release: 'patch'}, + // {type: 'ci', release: 'patch'}, + {type: 'docs', release: 'patch'}, + {type: 'feat', release: 'minor'}, + {type: 'fix', release: 'patch'}, + {type: 'perf', release: 'patch'}, + {type: 'refactor', release: 'patch'}, + {type: 'revert', release: 'patch'}, + {type: 'style', release: 'patch'}, + {type: 'test', release: 'patch'}, +]; diff --git a/release.config.js b/release.config.js new file mode 100644 index 0000000..afa0cb1 --- /dev/null +++ b/release.config.js @@ -0,0 +1,106 @@ +module.exports = { + branch: 'master', + plugins: [ + ['@semantic-release/commit-analyzer', { + preset: 'angular', + releaseRules: './release-rules.js', + }], + '@semantic-release/release-notes-generator', + ['@semantic-release/changelog', { + changelogFile: 'CHANGELOG.md', + changelogTitle: '# Changelog', + }], + ['@semantic-release/exec', { + prepareCmd: 'sh ./pre-commit_semantic-release.sh ${nextRelease.version}', + }], + ['@semantic-release/git', { + assets: ['*.md', 'docs/*.rst', 'FORMULA'], + }], + '@semantic-release/github', + ], + generateNotes: { + preset: 'angular', + writerOpts: { + // Required due to upstream bug preventing all types being displayed. + // Bug: https://github.com/conventional-changelog/conventional-changelog/issues/317 + // Fix: https://github.com/conventional-changelog/conventional-changelog/pull/410 + transform: (commit, context) => { + const issues = [] + + commit.notes.forEach(note => { + note.title = `BREAKING CHANGES` + }) + + // NOTE: Any changes here must be reflected in `CONTRIBUTING.md`. + if (commit.type === `feat`) { + commit.type = `Features` + } else if (commit.type === `fix`) { + commit.type = `Bug Fixes` + } else if (commit.type === `perf`) { + commit.type = `Performance Improvements` + } else if (commit.type === `revert`) { + commit.type = `Reverts` + } else if (commit.type === `docs`) { + commit.type = `Documentation` + } else if (commit.type === `style`) { + commit.type = `Styles` + } else if (commit.type === `refactor`) { + commit.type = `Code Refactoring` + } else if (commit.type === `test`) { + commit.type = `Tests` + } else if (commit.type === `build`) { + commit.type = `Build System` + // } else if (commit.type === `chore`) { + // commit.type = `Maintenance` + } else if (commit.type === `ci`) { + commit.type = `Continuous Integration` + } else { + return + } + + if (commit.scope === `*`) { + commit.scope = `` + } + + if (typeof commit.hash === `string`) { + commit.hash = commit.hash.substring(0, 7) + } + + if (typeof commit.subject === `string`) { + let url = context.repository + ? `${context.host}/${context.owner}/${context.repository}` + : context.repoUrl + if (url) { + url = `${url}/issues/` + // Issue URLs. + commit.subject = commit.subject.replace(/#([0-9]+)/g, (_, issue) => { + issues.push(issue) + return `[#${issue}](${url}${issue})` + }) + } + if (context.host) { + // User URLs. + commit.subject = commit.subject.replace(/\B@([a-z0-9](?:-?[a-z0-9/]){0,38})/g, (_, username) => { + if (username.includes('/')) { + return `@${username}` + } + + return `[@${username}](${context.host}/${username})` + }) + } + } + + // remove references that already appear in the subject + commit.references = commit.references.filter(reference => { + if (issues.indexOf(reference.issue) === -1) { + return true + } + + return false + }) + + return commit + }, + }, + }, +}; diff --git a/test/integration/default/controls/packages.rb b/test/integration/default/controls/packages.rb new file mode 100644 index 0000000..418a164 --- /dev/null +++ b/test/integration/default/controls/packages.rb @@ -0,0 +1,9 @@ + +control 'Fail2ban package' do + title 'should be installed' + + describe package('fail2ban') do + it { should be_installed } + end +end + diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml new file mode 100644 index 0000000..d0f637b --- /dev/null +++ b/test/integration/default/inspec.yml @@ -0,0 +1,6 @@ +name: fail2ban +title: Fail2ban Formula +maintainer: Saltstack formulas +license: Apache-2.0 +summary: Verify that the fail2ban formula is setup and configured correctly + diff --git a/test/salt/states/misc/fake_log_files.sls b/test/salt/states/misc/fake_log_files.sls new file mode 100644 index 0000000..e3ae647 --- /dev/null +++ b/test/salt/states/misc/fake_log_files.sls @@ -0,0 +1,8 @@ + +# This state is used to prepare environment for formula testing + +# create fake log files + +/var/log/auth.log: + file.touch +