Update (and run in Travis) acceptance tests, fix formatting in LDAP templates

.sync.yml

@@ -1,3 +1,6 @@
 ---
 .travis.yml:
-    secure: "Hw0ScFZ+tANSuxXvkQlHOtbnV+9O6FyIxY4e8ZuNiE+4E045olgGjqus+ffo0MoHOHzCPPbThF107yQIXXHCwIy3wzOVIjQ7KQ/yVeamCl4K9A4AFP1Pcr/zMTRdK16zrgxBH+6wDkjSxHGonT8AyUKBrT7AeET+pqxwVHvHCfo="
+  secure: "Hw0ScFZ+tANSuxXvkQlHOtbnV+9O6FyIxY4e8ZuNiE+4E045olgGjqus+ffo0MoHOHzCPPbThF107yQIXXHCwIy3wzOVIjQ7KQ/yVeamCl4K9A4AFP1Pcr/zMTRdK16zrgxBH+6wDkjSxHGonT8AyUKBrT7AeET+pqxwVHvHCfo="
+  docker_sets:
+    - set: docker/ubuntu-16.04
+    - set: docker/centos-7

.travis.yml

@@ -15,6 +15,18 @@ script:
 matrix:
   fast_finish: true
   include:
+  - rvm: 2.4.1
+    bundler_args: --without development
+    dist: trusty
+    env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/ubuntu-16.04 CHECK=beaker
+    services: docker
+    sudo: required
+  - rvm: 2.4.1
+    bundler_args: --without development
+    dist: trusty
+    env: PUPPET_INSTALL_TYPE=agent BEAKER_debug=true BEAKER_set=docker/centos-7 CHECK=beaker
+    services: docker
+    sudo: required
   - rvm: 2.1.9
     bundler_args: --without system_tests development
     env: PUPPET_VERSION="~> 4.0" CHECK=test

Gemfile

@@ -55,14 +55,15 @@ group :system_tests do
   end
   gem 'serverspec',                    :require => false
   gem 'beaker-puppet_install_helper',  :require => false
+  gem 'beaker-module_install_helper',  :require => false
 end
 
 
 
 if facterversion = ENV['FACTER_GEM_VERSION']
   gem 'facter', facterversion.to_s, :require => false, :groups => [:test]
 else
-gem 'facter', :require => false, :groups => [:test]
+  gem 'facter', :require => false, :groups => [:test]
 end
 
 ENV['PUPPET_VERSION'].nil? ? puppetversion = '~> 5.0' : puppetversion = ENV['PUPPET_VERSION'].to_s

spec/acceptance/class_spec.rb

@@ -1,22 +1,19 @@
 require 'spec_helper_acceptance'
 
 describe 'puppetboard class' do
-  context 'default parameters' do
-    hosts.each do |host|
-      if fact('osfamily') == 'RedHat'
-        if fact('architecture') == 'amd64'
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        else
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        end
-      end
-      on host, 'puppet module install puppetlabs/apache'
-      install_package host, 'python-virtualenv'
-      install_package host, 'git'
-    end
+  case fact('os.family')
+  when 'RedHat'
+    apache_conf_file = '/etc/httpd/conf.d/puppetboard.conf'
+  when 'Debian'
+    apache_conf_file = '/etc/apache2/conf.d/puppetboard.conf'
+  end
 
+  context 'default parameters' do
     it 'works with no errors' do
       pp = <<-EOS
+      if $facts['os']['family'] == 'RedHat' {
+        include epel
+      }
       class { '::puppetboard':
         manage_git        => true,
         manage_virtualenv => true,
@@ -36,35 +33,28 @@ class { '::puppetboard':
     # end
   end
 
-  context 'default parameters' do
-    hosts.each do |host|
-      if fact('osfamily') == 'RedHat'
-        if fact('architecture') == 'amd64'
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        else
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        end
-      end
-      on host, 'puppet module install puppetlabs/apache'
-      install_package host, 'python-virtualenv'
-      install_package host, 'git'
-    end
-
+  context 'configuring Apache / mod_wsgi' do
     it 'works with no errors' do
       pp = <<-EOS
       # Configure Apache on this server
       class { 'apache':
         default_vhost => false,
         purge_configs => true,
       }
-      class { 'apache::mod::wsgi': }
+      if $facts['os']['family'] == 'RedHat' {
+        include epel
+        class { 'apache::mod::wsgi': wsgi_socket_prefix => '/var/run/wsgi' }
+      } else {
+        class { 'apache::mod::wsgi': }
+      }
 
       # Configure Puppetboard
       class { 'puppetboard': }
 
       # Access Puppetboard through pboard.example.com
       class { 'puppetboard::apache::vhost':
         vhost_name => 'pboard.example.com',
+        port       => 80,
       }
       EOS
 
@@ -73,37 +63,32 @@ class { 'puppetboard::apache::vhost':
       apply_manifest(pp, catch_failures: true)
     end
 
+    # rubocop:disable RSpec/MultipleExpectations
     it 'answers to localhost' do
-      shell('/usr/bin/curl localhost:5000') do |r|
-        r.stdout.should =~ %r{niele Sluijters}
-        r.exit_code.should.zero?
+      shell('/usr/bin/curl localhost') do |r|
+        expect(r.stdout).to match(%r{Live from PuppetDB.})
+        expect(r.exit_code).to be_zero
       end
     end
+    # rubocop:enable RSpec/MultipleExpectations
   end
 
-  context 'default parameters' do
-    hosts.each do |host|
-      if fact('osfamily') == 'RedHat'
-        if fact('architecture') == 'amd64'
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        else
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        end
-      end
-      on host, 'puppet module install puppetlabs/apache'
-      install_package host, 'python-virtualenv'
-      install_package host, 'git'
-    end
-
+  context 'with SSL' do
     it 'works with no errors' do
       pp = <<-EOS
+      if $facts['os']['family'] == 'RedHat' {
+        include epel
+      }
+      # Configure Apache on this server
+      class { 'apache': }
+      class { 'apache::mod::wsgi': }
       class { 'puppetboard':
         manage_virtualenv => true,
         puppetdb_host => 'puppet.example.com',
         puppetdb_port => '8081',
-        puppetdb_key  => "/var/lib/puppet/ssl/private_keys/test.networkninjas.net.pem",
-        puppetdb_ssl_verify => 'True',
-        puppetdb_cert => "/var/lib/puppet/ssl/certs/test.networkninjas.net.pem",
+        puppetdb_key  => '/var/lib/puppet/ssl/private_keys/test.networkninjas.net.pem',
+        puppetdb_ssl_verify => true,
+        puppetdb_cert => '/var/lib/puppet/ssl/certs/test.networkninjas.net.pem',
       }
       EOS
 
@@ -118,29 +103,25 @@ class { 'puppetboard':
     end
   end
 
-  context 'default parameters' do
-    hosts.each do |host|
-      if fact('osfamily') == 'RedHat'
-        if fact('architecture') == 'amd64'
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        else
-          on host, 'wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm'
-        end
-      end
-      on host, 'puppet module install puppetlabs/apache'
-      install_package host, 'python-virtualenv'
-      install_package host, 'git'
-    end
-
+  context 'LDAP auth' do
     it 'works with no errors' do
       pp = <<-EOS
-      class { 'puppetboard':
+      if $facts['os']['family'] == 'RedHat' {
+        include epel
+      }
+      # Configure Apache on this server
+      class { 'apache': }
+      class { 'apache::mod::wsgi': }
+      class { 'apache::mod::authnz_ldap': }
+      -> class { 'puppetboard':
         manage_virtualenv => true,
         puppetdb_host => 'puppet.example.com',
         puppetdb_port => '8081',
         puppetdb_key  => "/var/lib/puppet/ssl/private_keys/test.networkninjas.net.pem",
-        puppetdb_ssl_verify => 'True',
+        puppetdb_ssl_verify => true,
         puppetdb_cert => "/var/lib/puppet/ssl/certs/test.networkninjas.net.pem",
+      }
+      class { 'puppetboard::apache::conf':
         enable_ldap_auth => true,
         ldap_bind_dn => 'cn=user,dc=puppet,dc=example,dc=com',
         ldap_bind_password => 'password',
@@ -153,7 +134,7 @@ class { 'puppetboard':
       apply_manifest(pp, catch_failures: true)
     end
 
-    describe file('/etc/httpd/conf.d/puppetboard-ldap.conf') do
+    describe file(apache_conf_file) do
       it { is_expected.to contain 'AuthBasicProvider ldap' }
       it { is_expected.to contain 'AuthLDAPBindDN "cn=user,dc=puppet,dc=example,dc=com"' }
       it { is_expected.to contain 'AuthLDAPURL "ldap://puppet.example.com"' }

spec/spec_helper_acceptance.rb

@@ -1,23 +1,16 @@
 require 'beaker-rspec'
 require 'beaker/puppet_install_helper'
+require 'beaker/module_install_helper'
 
 run_puppet_install_helper
+install_module
+install_module_dependencies
 
-RSpec.configure do |c|
-  # Project root
-  proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+# Install additional modules for soft deps
+install_module_from_forge('puppetlabs-apache', '>= 2.1.0 < 3.0.0')
+install_module_from_forge('stahnma-epel', '>= 1.2.2 < 2.0.0')
 
+RSpec.configure do |c|
   # Readable test descriptions
   c.formatter = :documentation
-
-  # Configure all nodes in nodeset
-  c.before :suite do
-    # Install module
-    puppet_module_install(source: proj_root, module_name: 'puppetboard')
-    hosts.each do |host|
-      on host, puppet('module', 'install', 'puppetlabs-stdlib'), acceptable_exit_codes: [0, 1]
-      on host, puppet('module', 'install', 'stankevich-python'), acceptable_exit_codes: [0, 1]
-      on host, puppet('module', 'install', 'puppetlabs-vcsrepo'), acceptable_exit_codes: [0, 1]
-    end
-  end
 end

templates/apache/conf.erb

@@ -12,27 +12,26 @@ WSGIScriptAlias <%= @wsgi_alias -%> <%= @docroot -%>/wsgi.py
       Require all granted
     </IfVersion>
 </Directory>
-## Puppet data <%= @ldap_bind_dn -%>
-<% if @enable_ldap_auth != false %> 
+<% if @enable_ldap_auth -%>
 <LocationMatch ^/puppetboard>
    AuthType Basic
    AuthName "Login to puppetboard"
    Order Allow,Deny
    Allow from All
 
    AuthBasicProvider ldap
-   <% if @ldap_bind_dn != false %> 
-   AuthLDAPBindDN <%= @ldap_bind_dn -%>
-   <% end %>
-   <% if @ldap_bind_password != false %> 
-   AuthLDAPBindPassword <%= @ldap_bind_password -%>
-   <% end %>
-   <% if @ldap_url != false %> 
-   AuthLDAPURL <%= @ldap_url -%>
-   <% end %>
-   <% if @ldap_bind_authoritative != false %> 
+   <%- if @ldap_bind_dn -%>
+   AuthLDAPBindDN "<%= @ldap_bind_dn -%>"
+   <%- end -%>
+   <%- if @ldap_bind_password -%>
+   AuthLDAPBindPassword "<%= @ldap_bind_password -%>"
+   <%- end -%>
+   <%- if @ldap_url != false -%>
+   AuthLDAPURL "<%= @ldap_url -%>"
+   <%- end -%>
+   <%- if @ldap_bind_authoritative -%>
    AuthLDAPBindAuthoritative <%= @ldap_bind_authoritative -%>
-   <% end %>
+   <%- end -%>
    Require valid-user
 </LocationMatch>
-<% end %>
+<% end -%>

templates/apache/ldap.erb

@@ -5,17 +5,17 @@
    Allow from All
 
    AuthBasicProvider ldap
-   <% if @ldap_bind_dn != false %>
-   AuthLDAPBindDN <%= @ldap_bind_dn -%>
-   <% end %>
-   <% if @ldap_bind_password != false %>
-   AuthLDAPBindPassword <%= @ldap_bind_password -%>
-   <% end %>
-   <% if @ldap_url != false %>
-   AuthLDAPURL <%= @ldap_url -%>
-   <% end %>
-   <% if @ldap_bind_authoritative != false %>
+   <%- if @ldap_bind_dn -%>
+   AuthLDAPBindDN "<%= @ldap_bind_dn -%>"
+   <%- end -%>
+   <%- if @ldap_bind_password -%>
+   AuthLDAPBindPassword "<%= @ldap_bind_password -%>"
+   <%- end -%>
+   <%- if @ldap_url -%> 
+   AuthLDAPURL "<%= @ldap_url -%>"
+   <%- end -%>
+   <%- if @ldap_bind_authoritative -%>
    AuthLDAPBindAuthoritative <%= @ldap_bind_authoritative -%>
-   <% end %>
+   <%- end -%>
    Require valid-user
 </LocationMatch>