Merge pull request #39 from tas50/master

Switch to chef_nginx and update testing

Author: chris-rock

.gitignore

@@ -1,9 +1,49 @@
-README.pdf
-README.html
-shared_test_repo/
-test/integration
-.kitchen
+*.rbc
+.config
 coverage
+InstalledFiles
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+_Store
+*~
+*#
+.#*
+\#*#
+.*.sw[a-z]
+*.un~
+*.tmp
+*.bk
+*.bkup
 
+# ruby/bundler files
+.ruby-version
+.ruby-gemset
+.rvmrc
 Gemfile.lock
+.bundle
+*.gem
+
+# YARD artifacts
+.yardoc
+_yardoc
+doc/
+.idea
+
+# chef stuff
 Berksfile.lock
+.kitchen
+.kitchen.local.yml
+vendor/
+.coverage/
+.zero-knife.rb
+Policyfile.lock.json
+
+# vagrant stuff
+.vagrant/
+.vagrant.d/
+.kitchen/

.kitchen.vagrant.yml

@@ -1,10 +1,8 @@
----
 driver:
   name: vagrant
-  require_chef_omnibus: 12.5
 
 provisioner:
-  name: chef_solo
+  name: chef_zero
   test_repo_uri: https://github.com/dev-sec/tests-nginx-hardening.git
 
 verifier:
@@ -13,25 +11,10 @@ verifier:
 
 platforms:
 - name: ubuntu-12.04
-  driver_config:
-    box: ubuntu/precise64
-    box_url: https://atlas.hashicorp.com/ubuntu/boxes/precise64/versions/20150730.1.0/providers/virtualbox.box
 - name: ubuntu-14.04
-  driver_config:
-    box: ubuntu/trusty64
-    box_url: https://atlas.hashicorp.com/ubuntu/boxes/trusty64/versions/20150609.0.10/providers/virtualbox.box
-- name: centos-6.4
-  driver_config:
-    box: opscode-centos-6.4
-    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
-- name: centos-6.5
-  driver_config:
-    box: opscode-centos-6.5
-    box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box
-- name: centos-7.1
-  driver_config:
-    box: opscode-centos-7.1
-    box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-7.1_chef-provisionerless.box
+- name: ubuntu-16.04
+- name: centos-6.8
+- name: centos-7.2
 - name: oracle-6.4
   driver_config:
     box: oracle-6.4
@@ -40,25 +23,15 @@ platforms:
   driver_config:
     box: oracle-6.5
     box_url: https://storage.us2.oraclecloud.com/v1/istoilis-istoilis/vagrant/oel65-64.box
-- name: debian-6
-  driver_config:
-    box: debian-6
-    box_url: https://s3.eu-central-1.amazonaws.com/ffuenf-vagrantboxes/debian/debian-6.0.10-amd64_virtualbox.box
-- name: debian-7
-  driver_config:
-    box: debian/wheezy64
-    box_url: https://atlas.hashicorp.com/debian/boxes/wheezy64/versions/7.8.5/providers/virtualbox.box
-- name: debian-8
-  driver_config:
-    box: debian/jessie64
-    box_url: https://atlas.hashicorp.com/debian/boxes/jessie64/versions/8.1.0/providers/virtualbox.box
+- name: debian-7.11
+- name: debian-8.5
 
 suites:
 - name: default
   run_list:
   - recipe[apt]
   - recipe[nginx-hardening::upgrades]
-  - recipe[nginx]
+  - recipe[chef_nginx]
   - recipe[nginx-hardening]
   verifier:
     inspec_tests:

.kitchen.yml

@@ -1,7 +1,6 @@
----
 driver:
   name: dokken
-  chef_version: 12.5.1
+  chef_version: latest
   privileged: true # because Docker and SystemD/Upstart
 
 transport:
@@ -15,66 +14,87 @@ verifier:
   sudo: true
 
 platforms:
-- name: ubuntu-12.04
-  driver:
-    image: ubuntu:12.04
-- name: ubuntu-14.04
+- name: debian-7
   driver:
-    image: ubuntu:14.04
-- name: ubuntu-16.04
+    image: debian:7
+    pid_one_command: /sbin/init
+    intermediate_instructions:
+      - RUN /usr/bin/apt-get update
+      - RUN /usr/bin/apt-get install lsb-release procps -y
+
+- name: debian-8
   driver:
-    image: ubuntu:16.04
+    image: debian:8
     pid_one_command: /bin/systemd
-- name: centos-6.6
-  driver:
-    image: centos:6.6
     intermediate_instructions:
-      - RUN yum install -y which
-- name: centos-6.7
+      - RUN /usr/bin/apt-get update
+      - RUN /usr/bin/apt-get install lsb-release -y
+
+- name: centos-6
   driver:
-    image: centos:6.7
+    image: centos:6
+    platform: rhel
+    pid_one_command: /sbin/init
     intermediate_instructions:
-      - RUN yum install -y initscripts which
+      - RUN yum -y install which initscripts
+
 - name: centos-7
   driver:
     image: centos:7
-    intermediate_instructions:
-      - RUN yum install -y which
+    platform: rhel
     pid_one_command: /usr/lib/systemd/systemd
-- name: oracle-6.6
+    intermediate_instructions:
+      - RUN yum -y install lsof which systemd-sysv initscripts
+
+- name: fedora-latest
   driver:
-    image: oraclelinux:6.6
+    image: fedora:latest
+    pid_one_command: /usr/lib/systemd/systemd
     intermediate_instructions:
-      - RUN yum install -y which
-- name: oracle-6.7
+      - RUN dnf -y install yum which systemd-sysv initscripts
+
+- name: ubuntu-12.04
   driver:
-    image: oraclelinux:6.7
+    image: ubuntu-upstart:12.04
+    pid_one_command: /sbin/init
     intermediate_instructions:
-      - RUN yum install -y which
-- name: oracle-7.1
+      - RUN /usr/bin/apt-get update
+
+- name: ubuntu-14.04
   driver:
-    image: oraclelinux:7.1
+    image: ubuntu-upstart:14.04
+    pid_one_command: /sbin/init
     intermediate_instructions:
-      - RUN yum install -y which
-    pid_one_command: /usr/lib/systemd/systemd
-- name: debian-7
+      - RUN /usr/bin/apt-get update
+
+- name: ubuntu-16.04
   driver:
-    image: debian:7
+    image: ubuntu:16.04
+    pid_one_command: /bin/systemd
     intermediate_instructions:
-      - RUN /usr/bin/apt-get update && /usr/bin/apt-get install -y lsb-release procps
-- name: debian-8
+      - RUN /usr/bin/apt-get update
+
+- name: opensuse-13.2
   driver:
-    image: debian:8
+    image: opensuse:13.2
+    pid_one_command: /bin/systemd
     intermediate_instructions:
-      - RUN /usr/bin/apt-get update && /usr/bin/apt-get install -y lsb-release procps
+      - RUN zypper --non-interactive install aaa_base perl-Getopt-Long-Descriptive which
+
+- name: opensuse-42.1
+  driver:
+    image: opensuse:42.1
     pid_one_command: /bin/systemd
+    intermediate_instructions:
+      - RUN zypper --non-interactive install aaa_base perl-Getopt-Long-Descriptive which
+
 
 suites:
 - name: default
   run_list:
     - recipe[apt]
     - recipe[nginx-hardening::upgrades]
-    - recipe[nginx]
+    - recipe[chef_nginx]
     - recipe[nginx-hardening]
   verifier:
     inspec_tests:

.rubocop.yml

@@ -1,36 +1,45 @@
----
 sudo: required
-language: ruby
-cache: bundler
 dist: trusty
 
-services:
-- docker
+# install the pre-release chef-dk.  Use chef-stable-trusty to install the stable release
+addons:
+  apt:
+    sources:
+      - chef-current-trusty
+    packages:
+      - chefdk
 
-before_install:
-- gem --version
-- bundle version
+# Don't `bundle install` which takes about 1.5 mins
+install: echo "skip bundle install"
+
+branches:
+  only:
+    - master
+
+services: docker
+
+env:
+  matrix:
+  - INSTANCE=default-ubuntu-1204
+  - INSTANCE=default-ubuntu-1404
+  - INSTANCE=default-ubuntu-1604
+  - INSTANCE=default-centos-6
+  - INSTANCE=default-centos-7
+
+before_script:
+  - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER )
+  - eval "$(/opt/chefdk/bin/chef shell-init bash)"
+  - /opt/chefdk/embedded/bin/chef gem install coveralls # needed for chefspecs
+
+script: KITCHEN_LOCAL_YAML=.kitchen.docker.yml /opt/chefdk/embedded/bin/kitchen verify ${INSTANCE}
 
 matrix:
   include:
-  # verify lint and unit
-  - rvm: 2.3.1
-    gemfile: Gemfile
-    bundler_args: "--without integration guard tools"
-  # integration tests
-  - rvm: 2.3.1
-    bundler_args: "--without guard tools"
-    script: bundle exec rake test:integration OS='centos'
-    gemfile: Gemfile
-  - rvm: 2.3.1
-    bundler_args: "--without guard tools"
-    script: bundle exec rake test:integration OS='oracle'
-    gemfile: Gemfile
-  - rvm: 2.3.1
-    bundler_args: "--without guard tools"
-    script: bundle exec rake test:integration OS='ubuntu'
-    gemfile: Gemfile
-  - rvm: 2.3.1
-    bundler_args: "--without guard tools"
-    script: bundle exec rake test:integration OS='debian'
-    gemfile: Gemfile
+    - before_script:
+      - eval "$(/opt/chefdk/bin/chef shell-init bash)"
+      - /opt/chefdk/embedded/bin/chef --version
+      - /opt/chefdk/embedded/bin/cookstyle --version
+      - /opt/chefdk/embedded/bin/foodcritic --version
+    - script:
+      - /opt/chefdk/bin/chef exec rake
+      env: UNIT_AND_LINT=1

.travis.yml

@@ -1,8 +1,7 @@
 # encoding: utf-8
 
-source 'https://supermarket.getchef.com'
+source 'https://supermarket.chef.io'
 
 metadata
 
-cookbook 'chef_nginx', '~> 3.1'
-cookbook 'chef-solo-search', git: 'https://github.com/edelight/chef-solo-search'
+cookbook 'apt'