From 355bb2a6ff17fc5bf6817dd2e29cb6edf6fcfb37 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 14:18:34 -0400 Subject: [PATCH 01/18] fix: Support docker build output for Docker Desktop v4.31 Signed-off-by: Andrew Bobulsky --- lib/kitchen/docker/helpers/image_helper.rb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/kitchen/docker/helpers/image_helper.rb b/lib/kitchen/docker/helpers/image_helper.rb index e54deba..ffa0167 100644 --- a/lib/kitchen/docker/helpers/image_helper.rb +++ b/lib/kitchen/docker/helpers/image_helper.rb @@ -35,6 +35,11 @@ def parse_image_id(output) img_id = line.split(/\s+/).last return img_id end + # Docker ~v4.31 support + if line =~ /naming to moby-dangling@(sha256:[[:xdigit:]]{64})(?: \d*\.\ds)? done/i + img_id = line[/naming to moby-dangling@(sha256:[[:xdigit:]]{64})(?: \d*\.\ds)? done/i, 1] + return img_id + end end raise ActionFailed, "Could not parse Docker build output for image ID" end From 9df17f1c73928a180d247d466ba4d44708d32350 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:36:23 -0400 Subject: [PATCH 02/18] chore: remove unused integration test files Signed-off-by: Andrew Bobulsky --- .../disabled/capabilities_drop_spec.rb | 24 ------------------- .../default/disabled/default_spec.rb | 24 ------------------- .../default/disabled/spec_helper.rb | 21 ---------------- 3 files changed, 69 deletions(-) delete mode 100644 test/integration/capabilities/disabled/capabilities_drop_spec.rb delete mode 100644 test/integration/default/disabled/default_spec.rb delete mode 100644 test/integration/default/disabled/spec_helper.rb diff --git a/test/integration/capabilities/disabled/capabilities_drop_spec.rb b/test/integration/capabilities/disabled/capabilities_drop_spec.rb deleted file mode 100644 index 6d3e7b7..0000000 --- a/test/integration/capabilities/disabled/capabilities_drop_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Disable now busser-serever is gone. -# require 'serverspec' -# set :backend, :exec - -# describe command('/sbin/ifconfig eth0 multicast') do -# its(:exit_status) { is_expected.to_not eq 0 } -# its(:stderr) { is_expected.to match /Operation not permitted/ } -# end diff --git a/test/integration/default/disabled/default_spec.rb b/test/integration/default/disabled/default_spec.rb deleted file mode 100644 index 3a18256..0000000 --- a/test/integration/default/disabled/default_spec.rb +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright 2016, Noah Kantrowitz -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Disable now busser-serever is gone. -# require 'serverspec' -# require 'spec_helper' - -# # Just make sure the image launched and is reachable. -# describe command('true') do -# its(:exit_status) { is_expected.to eq 0 } -# end diff --git a/test/integration/default/disabled/spec_helper.rb b/test/integration/default/disabled/spec_helper.rb deleted file mode 100644 index c1ce986..0000000 --- a/test/integration/default/disabled/spec_helper.rb +++ /dev/null @@ -1,21 +0,0 @@ -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# case RbConfig::CONFIG['host_os'] -# when /mswin|msys|mingw|cygwin|bccwin|wince|emc/ -# set :backend, :cmd -# set :os, :family => 'windows' -# else -# set :backend, :exec -# end From 0eee0131d1d5daa6e3c7655ddde9b28a4c751e24 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:37:27 -0400 Subject: [PATCH 03/18] feat: Ruby 3.4.0 compatibility Ruby is removing some gems from the standard library. Require them explicitly. Signed-off-by: Andrew Bobulsky --- Gemfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Gemfile b/Gemfile index 092f311..30a4def 100644 --- a/Gemfile +++ b/Gemfile @@ -6,6 +6,9 @@ group :development do # Integration testing gems. gem 'kitchen-inspec', '~> 2.0' gem 'train', '>= 2.1', '< 4.0' # validate 4.x when it's released + # Silence ruby 3.4.0 standard gem deprecation warnings + gem 'csv', '~> 3.3.0' + gem 'syslog', '~> 0.1.1' end group :test do From c2a06f7b9d4da7b0c6eff96942a584c0b46ecf54 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:38:51 -0400 Subject: [PATCH 04/18] feat: Use slightly-newer inspec in development Development group gems resolved an old version of inspec on my machine, and would throw an ugly warning. Bump the minimum inspec version to resolve that. Signed-off-by: Andrew Bobulsky --- Gemfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile b/Gemfile index 30a4def..7b45131 100644 --- a/Gemfile +++ b/Gemfile @@ -5,6 +5,7 @@ gemspec group :development do # Integration testing gems. gem 'kitchen-inspec', '~> 2.0' + gem 'inspec', '>= 4.26.2' gem 'train', '>= 2.1', '< 4.0' # validate 4.x when it's released # Silence ruby 3.4.0 standard gem deprecation warnings gem 'csv', '~> 3.3.0' From c807bee07bb8cff00c4589ef4cefc419f783c4af Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:39:38 -0400 Subject: [PATCH 05/18] feat: Test dockerfile build with Oracle Linux CentOS 7 is EOL. Stop testing it, and switch to a similar release. Signed-off-by: Andrew Bobulsky --- test/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/Dockerfile b/test/Dockerfile index 4ecf596..e1e3904 100644 --- a/test/Dockerfile +++ b/test/Dockerfile @@ -1,4 +1,4 @@ -FROM centos:7 +FROM oraclelinux:7 RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which curl htop RUN ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key From 66a894f4bde5d8c797ba53740d0b2cc573bbc76c Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:41:35 -0400 Subject: [PATCH 06/18] feat: Stop installing Chef in every test suite Chef is not supported on every OS that kitchen-docker supports, so it doesn't really make sense to install it here. Also Dokken is a thing. Signed-off-by: Andrew Bobulsky --- kitchen.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kitchen.yml b/kitchen.yml index 94bf41e..7e3fff1 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -4,7 +4,7 @@ --- driver: name: docker - provision_command: curl -L https://www.chef.io/chef/install.sh | bash + # provision_command: curl -L https://www.chef.io/chef/install.sh | bash transport: name: docker From 48430e9cd7d74387947b918cbfff7c4783a1adbf Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:47:34 -0400 Subject: [PATCH 07/18] chore: Switch all tests to inspec verifier The default busser verifier literally refuses to work, and the 1-test inspec is simple enough to work on everything. Signed-off-by: Andrew Bobulsky --- kitchen.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/kitchen.yml b/kitchen.yml index 7e3fff1..f612023 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -12,6 +12,11 @@ transport: provisioner: name: dummy +verifier: + name: inspec + inspec_tests: + - test/integration/inspec + platforms: - name: amazonlinux-2 - name: ubuntu-18.04 @@ -58,5 +63,4 @@ suites: - name: inspec driver: provision_command: true - verifier: - name: inspec + From b878f08b1dfcec712f0b2714c393c7b188a6541a Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:47:46 -0400 Subject: [PATCH 08/18] chore: Update gitignore Bundler shims and rubymine folder Signed-off-by: Andrew Bobulsky --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 9106b64..9b848d4 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,5 @@ tmp .kitchen.local.yml Dockerfile .DS_Store +bin/* +.idea/* From e27546907078b5f5f204dc76a0c871f0e4e01cdb Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:48:41 -0400 Subject: [PATCH 09/18] chore: Remove EOL operating systems from test suite CentOS 7, Ubuntu 18, Rocky 8, Debian 11 are all EOL. Signed-off-by: Andrew Bobulsky --- kitchen.yml | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/kitchen.yml b/kitchen.yml index f612023..d4cdb9d 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -19,21 +19,29 @@ verifier: platforms: - name: amazonlinux-2 - - name: ubuntu-18.04 + # - name: amazonlinux-2023 - name: ubuntu-20.04 + - name: ubuntu-22.04 + - name: ubuntu-24.04 - name: fedora-latest driver: provision_command: - yum install libxcrypt-compat -y - curl -L https://www.chef.io/chef/install.sh | bash - - name: centos-7 + - name: centos-stream-9 + driver: + image: dokken/centos-stream-9 - name: oraclelinux-7 - - name: rockylinux-8 - - name: debian-11 + - name: oraclelinux-8 + - name: oraclelinux-9 + - name: rockylinux-9 - name: debian-12 - - name: opensuse-15 + - name: opensuse-15.5 + driver: + image: opensuse/leap:15.5 + - name: opensuse-15.6 driver: - image: opensuse/leap:15 + image: opensuse/leap:15.6 - name: dockerfile driver: username: dockerfile @@ -47,7 +55,10 @@ suites: driver: build_context: false - name: capabilities - includes: [debian-11, ubuntu-18.04, ubuntu-20.04] + includes: + - ubuntu-20.04 + - ubuntu-22.04 + - ubuntu-24.04 driver: provision_command: - curl -L https://www.chef.io/chef/install.sh | bash From 3ee6ad520b2ad57344d60e7c80d4c0602acdf1e1 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 15:52:27 -0400 Subject: [PATCH 10/18] chore: Fix yaml formatting Signed-off-by: Andrew Bobulsky --- kitchen.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/kitchen.yml b/kitchen.yml index d4cdb9d..5798070 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -74,4 +74,3 @@ suites: - name: inspec driver: provision_command: true - From 2004b943c518429e84c5bbfb0d76a25870852bdc Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Tue, 2 Jul 2024 16:35:17 -0400 Subject: [PATCH 11/18] chore: More restrictive Inspec pin Signed-off-by: Andrew Bobulsky --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 7b45131..77f5a22 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ gemspec group :development do # Integration testing gems. gem 'kitchen-inspec', '~> 2.0' - gem 'inspec', '>= 4.26.2' + gem 'inspec', '>= 4.26.2', '< 6.0' gem 'train', '>= 2.1', '< 4.0' # validate 4.x when it's released # Silence ruby 3.4.0 standard gem deprecation warnings gem 'csv', '~> 3.3.0' From ccc3c941679af04ba1fdaf70183d4eb810022993 Mon Sep 17 00:00:00 2001 From: Corey Hemminger Date: Fri, 21 Jun 2024 12:09:16 -0500 Subject: [PATCH 12/18] fix: release please configs Signed-off-by: Corey Hemminger Signed-off-by: Andrew Bobulsky add codeowners Signed-off-by: Corey Hemminger test Signed-off-by: Corey Hemminger test Signed-off-by: Corey Hemminger test Signed-off-by: Corey Hemminger --- .github/CODEOWNERS | 1 + .github/workflows/{ci.yml => lint.yml} | 35 +++++++++++++------------- .github/workflows/publish.yaml | 5 +--- .markdownlint.yaml | 8 +++--- .release-please-manifest.json | 3 +++ kitchen.windows.yml | 2 +- lib/docker/version.rb | 24 +++++++++--------- lib/kitchen/transport/docker.rb | 4 +-- release-please-config.json | 12 +++++++++ 9 files changed, 53 insertions(+), 41 deletions(-) create mode 100644 .github/CODEOWNERS rename .github/workflows/{ci.yml => lint.yml} (75%) create mode 100644 .release-please-manifest.json create mode 100644 release-please-config.json diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..b7175b0 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +@test-kitchen/maintainers diff --git a/.github/workflows/ci.yml b/.github/workflows/lint.yml similarity index 75% rename from .github/workflows/ci.yml rename to .github/workflows/lint.yml index 4722f33..3d1fe49 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/lint.yml @@ -1,12 +1,12 @@ --- -name: Lint & Unit +name: 'Lint, Unit & Integration Tests' "on": pull_request: jobs: lint-unit: - uses: test-kitchen/.github/.github/workflows/lint-unit.yml@v0.1.2 + uses: test-kitchen/.github/.github/workflows/lint-unit.yml@main integration-windows: name: Windows ${{matrix.suite}} ${{matrix.os}} @@ -16,16 +16,17 @@ jobs: fail-fast: false matrix: suite: [default] - os: [ubuntu-20.04] + os: [ubuntu-24.04] + ruby: ["3.3"] steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 with: - ruby-version: "3.1" + ruby-version: ${{ matrix.ruby }} bundler-cache: true - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} + - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} -l debug integration-linux: name: Linux ${{matrix.suite}} ${{matrix.os}} @@ -41,28 +42,27 @@ jobs: - amd64 - inspec os: - - amazonlinux-2 - - ubuntu-1804 - - ubuntu-2004 + - amazonlinux-2023 + - ubuntu-2204 + - ubuntu-2404 - fedora-latest - - centos-7 - - oraclelinux-7 - - rockylinux-8 - - debian-11 + - almalinux-9 + - rockylinux-9 - debian-12 - opensuse-15 - dockerfile + ruby: ["3.3"] steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 with: - ruby-version: "3.1" + ruby-version: ${{ matrix.ruby }} bundler-cache: true - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} + - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} -l debug integration-capabilities: name: Linux ${{matrix.suite}} ${{matrix.os}} @@ -73,13 +73,14 @@ jobs: matrix: suite: - capabilities - os: [debian-11, ubuntu-1804, ubuntu-2004] + os: [debian-12, ubuntu-2204, ubuntu-2404] + ruby: ["3.3"] steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 with: - ruby-version: "3.1" + ruby-version: ${{ matrix.ruby }} bundler-cache: true - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} + - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} -l debug diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 37c5e5c..d47a1b2 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -9,12 +9,9 @@ jobs: release-please: runs-on: ubuntu-latest steps: - - uses: google-github-actions/release-please-action@v3 + - uses: googleapis/release-please-action@v4 id: release with: - release-type: ruby - package-name: kitchen-docker - version-file: lib/kitchen/driver/docker_version.rb token: ${{ secrets.PORTER_GITHUB_TOKEN }} - name: Checkout diff --git a/.markdownlint.yaml b/.markdownlint.yaml index 5df560a..9fd2375 100644 --- a/.markdownlint.yaml +++ b/.markdownlint.yaml @@ -1,8 +1,6 @@ +--- default: true +MD004: false +MD012: false MD013: false MD024: false -MD026: false -MD036: false -MD012: false -MD029: false -MD004: false diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..95a37e3 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "3.2.0" +} diff --git a/kitchen.windows.yml b/kitchen.windows.yml index ef520bd..187482e 100644 --- a/kitchen.windows.yml +++ b/kitchen.windows.yml @@ -18,7 +18,7 @@ provisioner: platforms: - name: windows driver_config: - image: mcr.microsoft.com/windows/servercore:1809 + image: mcr.microsoft.com/windows/servercore:ltsc2022 platform: windows suites: diff --git a/lib/docker/version.rb b/lib/docker/version.rb index 1b4cb1c..257add8 100644 --- a/lib/docker/version.rb +++ b/lib/docker/version.rb @@ -11,15 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -begin - require "docker" - - # Override API_VERSION constant in docker-api gem to use version 1.24 of the Docker API - # This override is for the docker-api gem to communicate to the Docker engine on Windows - module Docker - VERSION = "0.0.0".freeze - API_VERSION = "1.24".freeze - end -rescue LoadError => e - logger.debug("[Docker] docker-api gem not found for InSpec verifier. #{e}") -end +# begin +# require "docker" +# +# # Override API_VERSION constant in docker-api gem to use version 1.24 of the Docker API +# # This override is for the docker-api gem to communicate to the Docker engine on Windows +# module Docker +# VERSION = "0.0.0".freeze +# API_VERSION = "1.24".freeze +# end +# rescue LoadError => e +# logger.debug("[Docker] docker-api gem not found for InSpec verifier. #{e}") +# end diff --git a/lib/kitchen/transport/docker.rb b/lib/kitchen/transport/docker.rb index 10b6e25..0119eb5 100644 --- a/lib/kitchen/transport/docker.rb +++ b/lib/kitchen/transport/docker.rb @@ -18,7 +18,7 @@ require_relative "../docker/helpers/inspec_helper" -require_relative "../../docker/version" +# require_relative "../../docker/version" require_relative "../../train/docker" module Kitchen @@ -26,7 +26,7 @@ module Transport class Docker < Kitchen::Transport::Base class DockerFailed < TransportFailed; end - kitchen_transport_api_version 1 + # kitchen_transport_api_version 1 plugin_version Kitchen::VERSION default_config :binary, "docker" diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..2cad467 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,12 @@ +{ + "packages": { + ".": { + "package-name": "kitchen-docker", + "changelog-path": "CHANGELOG.md", + "release-type": "ruby", + "include-component-in-tag": false, + "version-file": "lib/kitchen/docker/docker_version.rb" + } + }, + "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json" +} From 8ea4e37a8bc8d88fcec3b2500ffafd2b7b128dbd Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Wed, 3 Jul 2024 14:11:01 -0400 Subject: [PATCH 13/18] chore: remove inspec suite Everything is already testing with Inspec Signed-off-by: Andrew Bobulsky --- kitchen.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/kitchen.yml b/kitchen.yml index 5798070..3ba6c53 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -71,6 +71,3 @@ suites: - name: amd64 driver: docker_platform: linux/amd64 - - name: inspec - driver: - provision_command: true From 5c6193007ff73aeabccf24c074193ba56f0aca05 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Wed, 3 Jul 2024 14:28:24 -0400 Subject: [PATCH 14/18] fix: re-require lib/docker/version.rb The verifier doesn't work without it. Not sure why it was removed, but I know base PR was ongoing. Signed-off-by: Andrew Bobulsky --- lib/docker/version.rb | 24 ++++++++++++------------ lib/kitchen/transport/docker.rb | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/lib/docker/version.rb b/lib/docker/version.rb index 257add8..1b4cb1c 100644 --- a/lib/docker/version.rb +++ b/lib/docker/version.rb @@ -11,15 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -# begin -# require "docker" -# -# # Override API_VERSION constant in docker-api gem to use version 1.24 of the Docker API -# # This override is for the docker-api gem to communicate to the Docker engine on Windows -# module Docker -# VERSION = "0.0.0".freeze -# API_VERSION = "1.24".freeze -# end -# rescue LoadError => e -# logger.debug("[Docker] docker-api gem not found for InSpec verifier. #{e}") -# end +begin + require "docker" + + # Override API_VERSION constant in docker-api gem to use version 1.24 of the Docker API + # This override is for the docker-api gem to communicate to the Docker engine on Windows + module Docker + VERSION = "0.0.0".freeze + API_VERSION = "1.24".freeze + end +rescue LoadError => e + logger.debug("[Docker] docker-api gem not found for InSpec verifier. #{e}") +end diff --git a/lib/kitchen/transport/docker.rb b/lib/kitchen/transport/docker.rb index 0119eb5..2cc40a3 100644 --- a/lib/kitchen/transport/docker.rb +++ b/lib/kitchen/transport/docker.rb @@ -18,7 +18,7 @@ require_relative "../docker/helpers/inspec_helper" -# require_relative "../../docker/version" +require_relative "../../docker/version" require_relative "../../train/docker" module Kitchen From 42ffa29c91a85e20e757951c0deeda6bd5e6af4b Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Wed, 3 Jul 2024 17:49:25 -0400 Subject: [PATCH 15/18] chore: Rework test suites to use kitchen.yml Add a step to the github action that uses an embedded ruby script to discover the list of suites directly from the kitchen config. Signed-off-by: Andrew Bobulsky --- .github/workflows/lint.yml | 98 +++++++++++++++++++------------------- 1 file changed, 50 insertions(+), 48 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 3d1fe49..3a70929 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -8,79 +8,81 @@ jobs: lint-unit: uses: test-kitchen/.github/.github/workflows/lint-unit.yml@main - integration-windows: - name: Windows ${{matrix.suite}} ${{matrix.os}} - runs-on: windows-latest + build-matrix: + name: Build test matrix from test-kitchen config + runs-on: ubuntu-latest needs: lint-unit - strategy: - fail-fast: false - matrix: - suite: [default] - os: [ubuntu-24.04] - ruby: ["3.3"] steps: - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 + - name: Set up Ruby + uses: ruby/setup-ruby@v1 with: - ruby-version: ${{ matrix.ruby }} + ruby-version: "3.3" bundler-cache: true - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} -l debug + - name: Discover Windows suites + id: windows + run: | + cat << "EORUBY" | bundle exec ruby >> "$GITHUB_OUTPUT" + require 'inspec' + require 'kitchen' - integration-linux: - name: Linux ${{matrix.suite}} ${{matrix.os}} - runs-on: ubuntu-latest - needs: lint-unit + windows_loader = Kitchen::Loader::YAML.new(project_config: './kitchen.windows.yml') + windows_suites = Kitchen::Config.new(loader: windows_loader).instances.map { |instance| instance.name } + + puts "suites=#{windows_suites.to_json}" + EORUBY + - name: Discover Linux suites + id: linux + run: | + cat << "EORUBY" | bundle exec ruby >> "$GITHUB_OUTPUT" + require 'inspec' + require 'kitchen' + + linux_loader = Kitchen::Loader::YAML.new(project_config: './kitchen.yml') + linux_suites = Kitchen::Config.new(loader: linux_loader).instances.map { |instance| instance.name } + + puts "suites=#{linux_suites.to_json}" + EORUBY + outputs: + windows-suites: ${{ steps.windows.outputs.suites }} + linux-suites: ${{ steps.linux.outputs.suites }} + + integration-windows: + name: Windows ${{matrix.suite}} + runs-on: windows-latest + needs: + - build-matrix strategy: fail-fast: false matrix: - suite: - - default - - no-build-context - - arm64 - - amd64 - - inspec - os: - - amazonlinux-2023 - - ubuntu-2204 - - ubuntu-2404 - - fedora-latest - - almalinux-9 - - rockylinux-9 - - debian-12 - - opensuse-15 - - dockerfile - ruby: ["3.3"] + suite: ${{ fromJson(needs.build-matrix.outputs.windows-suites) }} steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 with: - ruby-version: ${{ matrix.ruby }} + ruby-version: "3.3" bundler-cache: true - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} -l debug + - run: bundle exec kitchen test ${{ matrix.suite }} -l debug - integration-capabilities: - name: Linux ${{matrix.suite}} ${{matrix.os}} + integration-linux: + name: Linux ${{matrix.suite}} runs-on: ubuntu-latest - needs: lint-unit + needs: + - build-matrix strategy: fail-fast: false matrix: - suite: - - capabilities - os: [debian-12, ubuntu-2204, ubuntu-2404] - ruby: ["3.3"] + suite: ${{ fromJson(needs.build-matrix.outputs.linux-suites) }} steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 with: - ruby-version: ${{ matrix.ruby }} + ruby-version: "3.3" bundler-cache: true + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - run: bundle exec kitchen test ${{ matrix.suite }}-${{ matrix.os }} -l debug + - run: bundle exec kitchen test ${{ matrix.suite }} -l debug From a84fe35e256ae54959093ecbd452477a916bd314 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Wed, 3 Jul 2024 18:40:39 -0400 Subject: [PATCH 16/18] chore: test supported opensuse 15.5 and latest 15 Do this instead of testing 15.5 and 15.6 explicitly Signed-off-by: Andrew Bobulsky --- kitchen.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kitchen.yml b/kitchen.yml index 3ba6c53..3b90e24 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -39,9 +39,9 @@ platforms: - name: opensuse-15.5 driver: image: opensuse/leap:15.5 - - name: opensuse-15.6 + - name: opensuse-15-latest driver: - image: opensuse/leap:15.6 + image: opensuse/leap:15 - name: dockerfile driver: username: dockerfile From f8e3b26d42c05a98ea8e385adaed3effe749a468 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Wed, 31 Jul 2024 03:03:51 -0400 Subject: [PATCH 17/18] feat: Implement `kitchen login` for docker transport Signed-off-by: Andrew Bobulsky --- lib/kitchen/transport/docker.rb | 43 +++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/lib/kitchen/transport/docker.rb b/lib/kitchen/transport/docker.rb index 2cc40a3..edd4870 100644 --- a/lib/kitchen/transport/docker.rb +++ b/lib/kitchen/transport/docker.rb @@ -105,6 +105,49 @@ def container end @container end + + def login_command + config = container.instance_variable_get(:@config) + login_config = config.dup + login_config[:interactive] = true + login_config[:tty] = true + login_config[:detach] = false + login_config[:username] = nil + login_cmd = build_login_command(login_config) + LoginCommand.new(login_cmd[0], login_cmd[1..-1]) + end + + def build_login_command(config) + # This function duplicates a lot of CliHelper functionality, but I think I'd need to refactor + # things to override some aspects of Configurable in order to reuse that code. + docker = [config[:binary].dup] + docker << "-H #{config[:socket]}" if config[:socket] + docker << "--tls" if config[:tls] + docker << "--tlsverify" if config[:tls_verify] + docker << "--tlscacert=#{config[:tls_cacert]}" if config[:tls_cacert] + docker << "--tlscert=#{config[:tls_cert]}" if config[:tls_cert] + docker << "--tlskey=#{config[:tls_key]}" if config[:tls_key] + logger.debug("docker_command: #{docker.join(" ")}") + + cmd = ["exec"] + cmd << "-d" if config[:detach] + if config[:env_variables] + config[:env_variables].each do |var| + cmd << "-e #{var}" + end + end + cmd << "--privileged" if config[:privileged] + cmd << "-t" if config[:tty] + cmd << "-i" if config[:interactive] + cmd << "-u #{config[:username]}" if config[:username] + cmd << "-w #{config[:working_dir]}" if config[:working_dir] + cmd << "#{config[:container_id]}" + cmd << "/bin/bash" + cmd << "-login" + cmd << "-i" + logger.debug("build_exec_command: #{cmd.join(" ")}") + docker + cmd + end end end end From e961595c2684a1d4539c6cf87b7719842df170e5 Mon Sep 17 00:00:00 2001 From: Andrew Bobulsky Date: Wed, 31 Jul 2024 14:00:36 -0400 Subject: [PATCH 18/18] fix: Use newer syntax for ENV variables Current versions of Docker Desktop will output a LegacyKeyValueFormat warning when using 'ENV key value' syntax. We switch to the updated 'ENV key=value' syntax. Signed-off-by: Andrew Bobulsky --- lib/kitchen/docker/helpers/container_helper.rb | 12 ++++++------ .../docker/helpers/dockerfile_helper.rb | 18 +++++++++--------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lib/kitchen/docker/helpers/container_helper.rb b/lib/kitchen/docker/helpers/container_helper.rb index 0057932..d5309d7 100644 --- a/lib/kitchen/docker/helpers/container_helper.rb +++ b/lib/kitchen/docker/helpers/container_helper.rb @@ -153,18 +153,18 @@ def remove_container(state) def dockerfile_proxy_config env_variables = "" if config[:http_proxy] - env_variables << "ENV http_proxy #{config[:http_proxy]}\n" - env_variables << "ENV HTTP_PROXY #{config[:http_proxy]}\n" + env_variables << "ENV http_proxy=#{config[:http_proxy]}\n" + env_variables << "ENV HTTP_PROXY=#{config[:http_proxy]}\n" end if config[:https_proxy] - env_variables << "ENV https_proxy #{config[:https_proxy]}\n" - env_variables << "ENV HTTPS_PROXY #{config[:https_proxy]}\n" + env_variables << "ENV https_proxy=#{config[:https_proxy]}\n" + env_variables << "ENV HTTPS_PROXY=#{config[:https_proxy]}\n" end if config[:no_proxy] - env_variables << "ENV no_proxy #{config[:no_proxy]}\n" - env_variables << "ENV NO_PROXY #{config[:no_proxy]}\n" + env_variables << "ENV no_proxy=#{config[:no_proxy]}\n" + env_variables << "ENV NO_PROXY=#{config[:no_proxy]}\n" end env_variables diff --git a/lib/kitchen/docker/helpers/dockerfile_helper.rb b/lib/kitchen/docker/helpers/dockerfile_helper.rb index beabe9b..821ccec 100644 --- a/lib/kitchen/docker/helpers/dockerfile_helper.rb +++ b/lib/kitchen/docker/helpers/dockerfile_helper.rb @@ -68,8 +68,8 @@ def debian_platform && ln -sf /bin/true /sbin/initctl CODE packages = <<-CODE - ENV DEBIAN_FRONTEND noninteractive - ENV container docker + ENV DEBIAN_FRONTEND=noninteractive + ENV container=docker RUN apt-get update RUN apt-get install -y sudo openssh-server curl lsb-release CODE @@ -78,7 +78,7 @@ def debian_platform def fedora_platform <<-CODE - ENV container docker + ENV container=docker RUN dnf clean all RUN dnf install -y sudo openssh-server openssh-clients which curl RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -106,7 +106,7 @@ def gentoo_paludis_platform def opensuse_platform <<-CODE - ENV container docker + ENV container=docker RUN zypper install -y sudo openssh which curl gawk RUN /usr/sbin/sshd-gen-keys-start CODE @@ -114,7 +114,7 @@ def opensuse_platform def rhel_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which curl RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -124,7 +124,7 @@ def rhel_platform def centosstream_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -134,7 +134,7 @@ def centosstream_platform def almalinux_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -144,7 +144,7 @@ def almalinux_platform def rockylinux_platform <<-CODE - ENV container docker + ENV container=docker RUN yum clean all RUN yum install -y sudo openssh-server openssh-clients which RUN [ -f "/etc/ssh/ssh_host_rsa_key" ] || ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' @@ -154,7 +154,7 @@ def rockylinux_platform def photonos_platform <<-CODE - ENV container docker + ENV container=docker RUN tdnf clean all RUN tdnf install -y sudo openssh-server openssh-clients which curl RUN [ -f "/etc/ssh/ssh_host_ecdsa_key" ] || ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''