test: update all for FreeBSD

saltstack-formulas · Mar 23, 2022 · cb29f9d · cb29f9d
1 parent 946e2d0
commit cb29f9d
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 19 deletions.
diff --git a/test/integration/dev_server/controls/vault_spec.rb b/test/integration/dev_server/controls/vault_spec.rb
@@ -1,8 +1,17 @@
 # frozen_string_literal: true
 
+config_json, service_cmd =
+  case system.platform[:family]
+  when 'bsd'
+    ['/usr/local/etc/vault/conf.d/config.json', 'service vault status']
+  else
+    ['/etc/vault/conf.d/config.json', 'journalctl -u vault']
+  end
+
 describe command('/usr/local/bin/vault -version') do
   its(:exit_status) { should eq 0 }
   its(:stderr) { should be_empty }
+  # https://rubular.com/r/vVeCVuHAmtTYt3
   its(:stdout) { should match(/^Vault v[0-9.]+ \('[0-9a-f]+'\)/) }
 end
 
@@ -15,27 +24,40 @@
   describe file('/etc/init/vault.conf') do
     it { should be_a_file }
   end
+
+  describe file('/usr/local/etc/rc.d/vault') do
+    it { should be_a_file }
+  end
 end
 
 describe service('vault') do
+  it { should be_installed }
   it { should be_enabled }
   it { should be_running }
 end
 
-describe file('/etc/vault/conf.d/config.json') do
+describe file(config_json) do
   it { should_not be_a_file }
 end
 
-describe.one do
-  describe command('journalctl -u vault') do
-    its(:exit_status) { should eq 0 }
-    its(:stderr) { should be_empty }
-    its(:stdout) { should match(/WARNING! dev mode is enabled!/) }
+control 'vault.service' do
+  title 'dev mode warning message should be displayed and logged'
+
+  only_if('Warning message is not displayed on FreeBSD') do
+    !%w[freebsd].include?(system.platform[:name])
   end
 
-  describe file('/var/log/vault.log') do
-    it { should be_a_file }
-    its(:content) { should match(/WARNING! dev mode is enabled!/) }
+  describe.one do
+    describe command(service_cmd) do
+      its(:exit_status) { should eq 0 }
+      its(:stderr) { should be_empty }
+      its(:stdout) { should match(/WARNING! dev mode is enabled!/) }
+    end
+
+    describe file('/var/log/vault.log') do
+      it { should be_a_file }
+      its(:content) { should match(/WARNING! dev mode is enabled!/) }
+    end
   end
 end
 

diff --git a/test/integration/prod_server/controls/vault_spec.rb b/test/integration/prod_server/controls/vault_spec.rb
@@ -1,25 +1,42 @@
 # frozen_string_literal: true
 
+config_json, service_cmd, path_to_etc_vault =
+  case system.platform[:family]
+  when 'bsd'
+    ['/usr/local/etc/vault/conf.d/config.json', 'service vault status',
+     '/usr/local/etc/vault']
+  else
+    ['/etc/vault/conf.d/config.json', 'journalctl -u vault', '/etc/vault']
+  end
+
 describe command('/usr/local/bin/vault -version') do
   its(:exit_status) { should eq 0 }
   its(:stderr) { should be_empty }
   # https://rubular.com/r/vVeCVuHAmtTYt3
   its(:stdout) { should match(/^Vault v[0-9.]+ \('[0-9a-f]+'\)/) }
 end
 
-describe command('getcap $(readlink -f /usr/local/bin/vault)') do
-  its(:exit_status) { should eq 0 }
-  its(:stderr) { should be_empty }
-  # https://rubular.com/r/JApIMY1oNqGRZ8
-  its(:stdout) { should match(%r{/vault\s?=? cap_ipc_lock[+=]ep$}) }
+control 'vault.package.install' do
+  title 'Linux capabilities should be set'
+
+  only_if('`getcap` not available on FreeBSD') do
+    !%w[freebsd].include?(system.platform[:name])
+  end
+
+  describe command('getcap $(readlink -f /usr/local/bin/vault)') do
+    its(:exit_status) { should eq 0 }
+    its(:stderr) { should be_empty }
+    # https://rubular.com/r/JApIMY1oNqGRZ8
+    its(:stdout) { should match(%r{/vault\s?=? cap_ipc_lock[+=]ep$}) }
+  end
 end
 
 describe user('vault') do
   it { should exist }
   its('group') { should eq 'vault' }
 end
 
-describe file('/etc/vault/conf.d/config.json') do
+describe file(config_json) do
   it { should be_a_file }
   its('owner') { should eq 'root' }
   its('group') { should eq 'vault' }
@@ -35,6 +52,10 @@
   describe file('/etc/init/vault.conf') do
     it { should be_a_file }
   end
+
+  describe file('/usr/local/etc/rc.d/vault') do
+    it { should be_a_file }
+  end
 end
 
 describe service('vault') do
@@ -44,10 +65,10 @@
 end
 
 describe.one do
-  describe command('journalctl -u vault') do
+  describe command(service_cmd) do
     its(:exit_status) { should eq 0 }
     its(:stderr) { should be_empty }
-    its(:stdout) { should match(/Vault server started/) }
+    its(:stdout) { should match(/Vault server started|vault is running as pid \d+/) }
   end
 
   describe file('/var/log/vault.log') do
@@ -70,10 +91,10 @@
   its('sealed') { should eq true }
 end
 
-describe file('/etc/vault/localhost.pem') do
+describe file("#{path_to_etc_vault}/localhost.pem") do
   it { should be_a_file }
 end
 
-describe file('/etc/vault/localhost-nopass.key') do
+describe file("#{path_to_etc_vault}/localhost-nopass.key") do
   it { should be_a_file }
 end