Adding Goss Tests to hermes images (#6)

* First pass at adding tests * Adding tests * Adding working directory * Update path * Store test results * Send junit results to report * Make the reports directory * Update path for store results * Strip off the first couple non-xml lines * Adding tests for hermes:terraform * Store tests in home dir, and output to TAG subdir * Remember to make the reports dir * Change store reports dir * I don't care about versions of packages * Updated circle to tests all builds Added goss tests for all builds as well as updated docs * Store results and fixed run_tests * Debug output * Removed files sizes and added second run * Update GOSS_PATH env var Trying to cleanup the circle config * Adding second runs This should make viewing in circleci easier * Forcing a test failure Want to test to make sure no images get pushed * outputing to junit doesn't seem useful It doesn't store the result of the failed test... so why bother? * trying doc format * Fix failing tests * remove GOSS_OPTS * Adding back GOSS_OPT * Revert "Adding back GOSS_OPT" This reverts commit 0c0539b. * Adding echo for debug * remove comment lines * remove comments * Add failing tests * Revert "Add failing tests" This reverts commit 4bf252c. * removing store_test_results * moving GOSS_FILES_STRATEGY to circle config * Cleanup of Circle Config
asicsdigital · Dec 12, 2018 · e135591 · e135591
1 parent 01a64bd
commit e135591
Show file tree

Hide file tree

Showing 7 changed files with 184 additions and 2 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -13,18 +13,27 @@ build_latest: &build_latest
   name: "Docker build and push asicsdigital/hermes:latest"
   command: |
     docker build --tag $IMAGE_NAME:latest .
+    cd tests
+    export PATH=$PATH:~/bin
+    dgoss run -it  $IMAGE_NAME:latest
     docker push $IMAGE_NAME:latest
 
 build_core_stable: &build_core_stable
   name: "Docker build and push asicsdigital/hermes:stable"
   command: |
     docker build --tag $IMAGE_NAME:stable .
+    cd tests
+    export PATH=$PATH:~/bin
+    dgoss run -it  $IMAGE_NAME:stable
     docker push $IMAGE_NAME:stable
 
 build_core_tagged: &build_core_tagged
   name: "Docker build and push asicsdigital/hermes tagged releases"
   command: |
     docker build --tag $IMAGE_NAME:$CIRCLE_TAG .
+    cd tests
+    export PATH=$PATH:~/bin
+    dgoss run -it  $IMAGE_NAME:$CIRCLE_TAG
     docker tag $IMAGE_NAME:$CIRCLE_TAG $IMAGE_NAME:$(echo $CIRCLE_TAG | sed 's/v//')
     docker tag $IMAGE_NAME:$CIRCLE_TAG $IMAGE_NAME:$(echo $CIRCLE_TAG | cut -d\. -f 1,2 | sed 's/v//')
     docker tag $IMAGE_NAME:$CIRCLE_TAG $IMAGE_NAME:$(echo $CIRCLE_TAG | cut -d\. -f 1   | sed 's/v//')
@@ -38,6 +47,9 @@ build_terraform_image: &build_terraform_image
   command: |
     echo "Building image $IMAGE_NAME:$TAG"
     docker build --build-arg TF_VERSION=$TF_VERSION --tag $IMAGE_NAME:$TAG .
+    cd tests
+    export PATH=$PATH:~/bin
+    dgoss run -it $IMAGE_NAME:$TAG
     docker push $IMAGE_NAME:$TAG
 
 build_branches: &build_branches
@@ -49,6 +61,26 @@ build_branches: &build_branches
 project_env_vars: &project_env_vars
   environment:
     IMAGE_NAME: asicsdigital/hermes
+    GOSS_PATH:  /home/circleci/bin/goss
+    GOSS_FILES_STRATEGY: cp
+
+install_goss: &install_goss
+  name: Install goss
+  command: |
+    # rather than give internet scripts SU rights, we install to local user bin and add to path
+    mkdir ~/bin
+    export GOSS_DST=~/bin
+    export PATH=$PATH:~/bin
+    curl -fsSL https://goss.rocks/install | sh
+    goss -version
+
+run_tests: &run_tests
+  name: "Run goss Tests"
+  command: |
+    docker build . -t hermes:$TAG
+    cd tests
+    export PATH=$PATH:~/bin
+    dgoss run -it hermes:$TAG
 
 workflows:
   version: 2
@@ -92,9 +124,23 @@ jobs:
       - setup_remote_docker
       - run:
           <<: *docker_login
+      - run:
+          <<: *install_goss
       - run:
           working_directory: ~/project/1.X
           <<: *build_latest
+      - run:
+          working_directory: ~/project/1.X/terraform
+          environment:
+            TF_VERSION: 0.11.10
+            TAG: terraform-0.11.10
+          <<: *build_terraform_image
+      - run:
+          working_directory: ~/project/1.X/terraform
+          environment:
+            TF_VERSION: 0.11.9
+            TAG: terraform-0.11.9
+          <<: *build_terraform_image
       - run:
           working_directory: ~/project/1.X/terraform
           environment:
@@ -158,6 +204,9 @@ jobs:
       - setup_remote_docker
       - run:
           <<: *docker_login
+      - run:
+          <<: *install_goss
+
       - run:
           working_directory: ~/project/1.X
           environment:
@@ -171,6 +220,8 @@ jobs:
       - setup_remote_docker
       - run:
           <<: *docker_login
+      - run:
+          <<: *install_goss
       - run:
           working_directory: ~/project/1.X
           environment:
@@ -184,6 +235,18 @@ jobs:
       - setup_remote_docker
       - run:
           <<: *docker_login
+      - run:
+          <<: *install_goss
+      - run:
+          working_directory: ~/project/1.X
+          environment:
+            TAG: core
+          <<: *run_tests
+      - run:
+          working_directory: ~/project/1.X/terraform
+          environment:
+            TAG: terraform
+          <<: *run_tests
       - run:
           working_directory: ~/project/1.X
           environment:

diff --git a/1.X/Dockerfile b/1.X/Dockerfile
@@ -2,8 +2,8 @@ FROM asicsdigital/dudewheresmy AS dudewheresmy
 
 # Download and verify the integrity of the download first
 FROM sethvargo/hashicorp-installer:0.1.3 AS installer
-ARG CONSUL_VERSION='1.2.2'
-ARG VAULT_VERSION='0.10.4'
+ARG CONSUL_VERSION='1.4.0'
+ARG VAULT_VERSION='0.11.1'
 RUN /install-hashicorp-tool "vault" "$VAULT_VERSION"
 RUN /install-hashicorp-tool "consul" "$CONSUL_VERSION"
 
@@ -14,6 +14,8 @@ COPY --from=installer /software/vault /opt/hermes/bin/vault
 COPY --from=installer /software/consul /opt/hermes/bin/consul
 COPY scripts/* /opt/hermes/bin/
 RUN /opt/hermes/bin/install-hermes-deps
+RUN curl -fsSL https://goss.rocks/install | GOSS_VER=v0.3.6 GOSS_DST=/opt/hermes/bin sh
 WORKDIR /root
 ENV PATH="/opt/hermes/bin:${PATH}"
+ADD tests /tests
 ENTRYPOINT ["/bin/bash"]
diff --git a/1.X/terraform/tests/.gitignore b/1.X/terraform/tests/.gitignore
@@ -0,0 +1 @@
+reports
diff --git a/1.X/terraform/tests/goss.yaml b/1.X/terraform/tests/goss.yaml
@@ -0,0 +1,31 @@
+file:
+  /opt/hermes/bin/get-consul-htpasswd:
+    exists: true
+    mode: "0755"
+    size: 699
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/get-consul-http-auth:
+    exists: true
+    mode: "0755"
+    size: 647
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/terraform:
+    exists: true
+    mode: "0775"
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/tflint:
+    exists: true
+    mode: "0755"
+    owner: root
+    group: root
+    filetype: file
+    contains: []
diff --git a/1.X/tests/.gitignore b/1.X/tests/.gitignore
@@ -0,0 +1 @@
+reports
diff --git a/1.X/tests/goss.yaml b/1.X/tests/goss.yaml
@@ -0,0 +1,80 @@
+file:
+  /opt/hermes/bin/consul:
+    exists: true
+    mode: "0755"
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/dgoss:
+    exists: true
+    mode: "0755"
+    size: 3801
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/dudewheresmy:
+    exists: true
+    mode: "0755"
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/get-iam-auth:
+    exists: true
+    mode: "0755"
+    size: 977
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/goss:
+    exists: true
+    mode: "0755"
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/install-hermes-deps:
+    exists: true
+    mode: "0755"
+    size: 267
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/lease-revoke:
+    exists: true
+    mode: "0755"
+    size: 427
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/set-vault-token:
+    exists: true
+    mode: "0755"
+    size: 728
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+  /opt/hermes/bin/vault:
+    exists: true
+    mode: "0755"
+    owner: root
+    group: root
+    filetype: file
+    contains: []
+package:
+  bash:
+    installed: true
+  curl:
+    installed: true
+  git:
+    installed: true
+  jq:
+    installed: true
+  openssh:
+    installed: true
diff --git a/README.md b/README.md
@@ -16,3 +16,7 @@ We've bundled a number of helpers.
 * `VAULT_ADDR` - Address of the Vault server expressed as a URL and port, ex: `VAULT_ADDR="https://vault.example.com"``
 * `VAULT_PAYLOAD` - AppRole payload to auth to vault  `VAULT_PAYLOAD='{"role_id":"<ROLE_ID>","secret_id":"<SECRET_ID>"}'``
 * `VAULT_AWS_SECRET_ENGINE_ROLE` - Role name to pass to the AWS Secret Engine
+
+#### Adding Tests
+
+You can add tests by running `goss add <type> <thing>` and then adding that Yaml file to the tests directory, or updating the existing goss.yaml file if one exists. More informaiton about Goss tests can be found here: https://github.com/aelsabbahy/goss/blob/master/docs/manual.md#important-note-about-goss-file-format