feat(ci): add tests

test/integration/default/README.md

@@ -0,0 +1,50 @@
+# InSpec Profile: `default`
+
+This shows the implementation of the `default` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
+
+## Verify a profile
+
+InSpec ships with built-in features to verify a profile structure.
+
+```bash
+$ inspec check default
+Summary
+-------
+Location: default
+Profile: profile
+Controls: 4
+Timestamp: 2019-06-24T23:09:01+00:00
+Valid: true
+
+Errors
+------
+
+Warnings
+--------
+```
+
+## Execute a profile
+
+To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
+
+```bash
+$ inspec exec default
+..
+
+Finished in 0.0025 seconds (files took 0.12449 seconds to load)
+8 examples, 0 failures
+```
+
+## Execute a specific control from a profile
+
+To run one control from the profile use `inspec exec /path/to/profile --controls name`.
+
+```bash
+$ inspec exec default --controls package
+.
+
+Finished in 0.0025 seconds (files took 0.12449 seconds to load)
+1 examples, 0 failures
+```
+
+See an [example control here](https://github.com/inspec/inspec/blob/master/examples/profile/controls/example.rb).

test/integration/default/controls/_mapdata.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+control 'TEMPLATE._mapdata' do
+  title '`map.jinja` should match the reference file'
+
+  ### Method
+  # The steps below for each file appear convoluted but they are both required
+  # and similar in nature:
+  # 1. The earliest method was to simply compare the files textually but this often
+  #    led to false positives due to inconsistencies (e.g. spacing, ordering)
+  # 2. The next method was to load the files back into YAML structures and then
+  #    compare but InSpec provided block diffs this way, unusable by end users
+  # 3. The final step was to dump the YAML structures back into a string to use
+  #    for the comparison; this both worked and provided human-friendly diffs
+
+  ### Comparison file for the specific platform
+  ### Static, adjusted as part of code contributions, as map data is changed
+  # Strip the `platform[:finger]` version number down to the "OS major release"
+  platform_finger = system.platform[:finger].split('.').first.to_s
+  # Use that to set the path to the file (relative to the InSpec suite directory)
+  mapdata_file_path = "_mapdata/#{platform_finger}.yaml"
+  # Load the mapdata from profile, into a YAML structure
+  # https://docs.chef.io/inspec/profiles/#profile-files
+  mapdata_file_yaml = YAML.load(inspec.profile.file(mapdata_file_path))
+  # Dump the YAML back into a string for comparison
+  mapdata_file_dump = YAML.dump(mapdata_file_yaml)
+
+  ### Output file produced by running the `_mapdata` state
+  ### Dynamic, generated during Kitchen's `converge` phase
+  # Derive the location of the dumped mapdata (differs for Windows)
+  output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
+  # Use that to set the path to the file (absolute path, i.e. within the container)
+  output_file_path = "#{output_dir}/salt_mapdata_dump.yaml"
+  # Load the output into a YAML structure using InSpec's `yaml` resource
+  # https://github.com/inspec/inspec/blob/49b7d10/lib/inspec/resources/yaml.rb#L29
+  output_file_yaml = yaml(output_file_path).params
+  # Dump the YAML back into a string for comparison
+  output_file_dump = YAML.dump(output_file_yaml)
+
+  describe 'File content' do
+    it 'should match profile map data exactly' do
+      expect(output_file_dump).to eq(mapdata_file_dump)
+    end
+  end
+end

test/integration/default/controls/config.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+control 'TEMPLATE.config.file' do
+  title 'Verify the configuration file'
+
+  describe file('/etc/template-formula.conf') do
+    it { should be_file }
+    it { should be_owned_by 'root' }
+    it { should be_grouped_into 'root' }
+    its('mode') { should cmp '0644' }
+    its('content') do
+      should include(
+        'This is another example file from SaltStack template-formula.'
+      )
+    end
+    its('content') { should include '"added_in_pillar": "pillar_value"' }
+    its('content') { should include '"added_in_defaults": "defaults_value"' }
+    its('content') { should include '"added_in_lookup": "lookup_value"' }
+    its('content') { should include '"config": "/etc/template-formula.conf"' }
+    its('content') { should include '"lookup": {"added_in_lookup": "lookup_value",' }
+    its('content') { should include '"pkg": {"name": "' }
+    its('content') { should include '"service": {"name": "' }
+    its('content') do
+      # rubocop:disable Lint/RedundantCopDisableDirective
+      # rubocop:disable Layout/LineLength
+      should include(
+        '"tofs": {"files_switch": ["any/path/can/be/used/here", "id", '\
+        '"roles", "osfinger", "os", "os_family"], "source_files": '\
+        '{"TEMPLATE-config-file-file-managed": ["example.tmpl.jinja"], '\
+        '"TEMPLATE-subcomponent-config-file-file-managed": '\
+        '["subcomponent-example.tmpl.jinja"]}'
+      )
+      # rubocop:enable Layout/LineLength
+      # rubocop:enable Lint/RedundantCopDisableDirective
+    end
+    its('content') { should include '"arch": "amd64"' }
+    its('content') { should include '"winner": "pillar"}' }
+    its('content') { should include 'winner of the merge: pillar' }
+  end
+end

test/integration/default/controls/packages.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# Prepare platform "finger"
+platform_finger = system.platform[:finger].split('.').first.to_s
+
+control 'TEMPLATE.package.install' do
+  title 'The required package should be installed'
+
+  # Overide by `platform_finger`
+  package_name =
+    case platform_finger
+    when 'centos-6', 'amazonlinux-1'
+      'cronie'
+    else
+      'bash'
+    end
+
+  describe package(package_name) do
+    it { should be_installed }
+  end
+end

test/integration/default/controls/services.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+# Prepare platform "finger"
+platform_finger = system.platform[:finger].split('.').first.to_s
+
+control 'TEMPLATE.service.running' do
+  title 'The service should be installed, enabled and running'
+
+  # Overide by `platform_finger`
+  service_name =
+    case platform_finger
+    when 'centos-6', 'amazonlinux-1'
+      'crond'
+    else
+      'systemd-journald'
+    end
+
+  describe service(service_name) do
+    it { should be_installed }
+    it { should be_enabled }
+    it { should be_running }
+  end
+end

test/integration/default/controls/subcomponent_config.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+control 'TEMPLATE.subcomponent.config.file' do
+  title 'Verify the subcomponent configuration file'
+
+  describe file('/etc/TEMPLATE-subcomponent-formula.conf') do
+    it { should be_file }
+    it { should be_owned_by 'root' }
+    it { should be_grouped_into 'root' }
+    its('mode') { should cmp '0644' }
+    its('content') do
+      should include(
+        '# File managed by Salt at '\
+        '<salt://TEMPLATE/subcomponent/config/files/default/'\
+        'subcomponent-example.tmpl.jinja>.'
+      )
+    end
+    its('content') do
+      should include(
+        'This is another subcomponent example file from SaltStack '\
+        'template-formula.'
+      )
+    end
+  end
+end

test/integration/default/files/_mapdata/amazonlinux-1.yaml

@@ -0,0 +1,44 @@
+# yamllint disable rule:indentation rule:line-length
+# Amazon Linux AMI-2018
+---
+values:
+  added_in_defaults: defaults_value
+  added_in_lookup: lookup_value
+  added_in_pillar: pillar_value
+  arch: amd64
+  config: /etc/template-formula.conf
+  lookup:
+    added_in_lookup: lookup_value
+    master: template-master
+    winner: lookup
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C@TEMPLATE:lookup
+    - C@TEMPLATE
+    - Y:G@id
+  master: template-master
+  pkg:
+    name: cronie
+  rootgroup: root
+  service:
+    name: crond
+  subcomponent:
+    config: /etc/TEMPLATE-subcomponent-formula.conf
+  tofs:
+    files_switch:
+    - any/path/can/be/used/here
+    - id
+    - roles
+    - osfinger
+    - os
+    - os_family
+    source_files:
+      TEMPLATE-config-file-file-managed:
+      - example.tmpl.jinja
+      TEMPLATE-subcomponent-config-file-file-managed:
+      - subcomponent-example.tmpl.jinja
+  winner: pillar

test/integration/default/files/_mapdata/amazonlinux-2.yaml

@@ -0,0 +1,44 @@
+# yamllint disable rule:indentation rule:line-length
+# Amazon Linux-2
+---
+values:
+  added_in_defaults: defaults_value
+  added_in_lookup: lookup_value
+  added_in_pillar: pillar_value
+  arch: amd64
+  config: /etc/template-formula.conf
+  lookup:
+    added_in_lookup: lookup_value
+    master: template-master
+    winner: lookup
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C@TEMPLATE:lookup
+    - C@TEMPLATE
+    - Y:G@id
+  master: template-master
+  pkg:
+    name: bash
+  rootgroup: root
+  service:
+    name: systemd-journald
+  subcomponent:
+    config: /etc/TEMPLATE-subcomponent-formula.conf
+  tofs:
+    files_switch:
+    - any/path/can/be/used/here
+    - id
+    - roles
+    - osfinger
+    - os
+    - os_family
+    source_files:
+      TEMPLATE-config-file-file-managed:
+      - example.tmpl.jinja
+      TEMPLATE-subcomponent-config-file-file-managed:
+      - subcomponent-example.tmpl.jinja
+  winner: pillar

test/integration/default/files/_mapdata/arch-base-latest.yaml

@@ -0,0 +1,44 @@
+# yamllint disable rule:indentation rule:line-length
+# Arch
+---
+values:
+  added_in_defaults: defaults_value
+  added_in_lookup: lookup_value
+  added_in_pillar: pillar_value
+  arch: amd64
+  config: /etc/template-formula.conf
+  lookup:
+    added_in_lookup: lookup_value
+    master: template-master
+    winner: lookup
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C@TEMPLATE:lookup
+    - C@TEMPLATE
+    - Y:G@id
+  master: template-master
+  pkg:
+    name: bash
+  rootgroup: root
+  service:
+    name: systemd-journald
+  subcomponent:
+    config: /etc/TEMPLATE-subcomponent-formula.conf
+  tofs:
+    files_switch:
+    - any/path/can/be/used/here
+    - id
+    - roles
+    - osfinger
+    - os
+    - os_family
+    source_files:
+      TEMPLATE-config-file-file-managed:
+      - example.tmpl.jinja
+      TEMPLATE-subcomponent-config-file-file-managed:
+      - subcomponent-example.tmpl.jinja
+  winner: pillar

test/integration/default/files/_mapdata/centos-6.yaml

@@ -0,0 +1,44 @@
+# yamllint disable rule:indentation rule:line-length
+# CentOS-6
+---
+values:
+  added_in_defaults: defaults_value
+  added_in_lookup: lookup_value
+  added_in_pillar: pillar_value
+  arch: amd64
+  config: /etc/template-formula.conf
+  lookup:
+    added_in_lookup: lookup_value
+    master: template-master
+    winner: lookup
+  map_jinja:
+    sources:
+    - Y:G@osarch
+    - Y:G@os_family
+    - Y:G@os
+    - Y:G@osfinger
+    - C@TEMPLATE:lookup
+    - C@TEMPLATE
+    - Y:G@id
+  master: template-master
+  pkg:
+    name: cronie
+  rootgroup: root
+  service:
+    name: crond
+  subcomponent:
+    config: /etc/TEMPLATE-subcomponent-formula.conf
+  tofs:
+    files_switch:
+    - any/path/can/be/used/here
+    - id
+    - roles
+    - osfinger
+    - os
+    - os_family
+    source_files:
+      TEMPLATE-config-file-file-managed:
+      - example.tmpl.jinja
+      TEMPLATE-subcomponent-config-file-file-managed:
+      - subcomponent-example.tmpl.jinja
+  winner: pillar