Merge pull request #45 from retr0h/chefspec

Chefspec

.gitignore

@@ -0,0 +1,3 @@
+.bundle
+.cookbooks/
+Berksfile.lock

Berksfile

@@ -0,0 +1,4 @@
+metadata
+
+cookbook "openstack-common",
+  git: "git@github.com:att-cloud/cookbook-openstack-common.git"

Gemfile

@@ -0,0 +1,7 @@
+source "https://rubygems.org"
+
+gem "chef", "~> 10.18.2"
+gem "berkshelf",  "~> 1.4.0"
+gem "chefspec", "~> 1.0.0"
+gem "foodcritic", "~> 2.1.0"
+gem "webmock", "~> 1.11.0"

Gemfile.lock

@@ -0,0 +1,170 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (3.2.13)
+      i18n (= 0.6.1)
+      multi_json (~> 1.0)
+    addressable (2.3.4)
+    berkshelf (1.4.2)
+      activesupport (>= 3.2.0)
+      addressable
+      celluloid (>= 0.13.0)
+      chozo (>= 0.6.1)
+      faraday (>= 0.8.5)
+      hashie (>= 2.0.2)
+      json (>= 1.5.0)
+      minitar
+      mixlib-config (~> 1.1)
+      mixlib-shellout (~> 1.1)
+      multi_json (~> 1.5)
+      retryable
+      ridley (~> 0.9.0)
+      solve (>= 0.4.2)
+      thor (~> 0.18.0)
+      yajl-ruby
+    builder (3.2.0)
+    bunny (0.7.9)
+    celluloid (0.13.0)
+      timers (>= 1.0.0)
+    chef (10.18.2)
+      bunny (>= 0.6.0, < 0.8.0)
+      erubis
+      highline (>= 1.6.9)
+      json (>= 1.4.4, <= 1.6.1)
+      mixlib-authentication (>= 1.3.0)
+      mixlib-cli (>= 1.1.0)
+      mixlib-config (>= 1.1.2)
+      mixlib-log (>= 1.3.0)
+      mixlib-shellout
+      moneta (< 0.7.0)
+      net-ssh (~> 2.2.2)
+      net-ssh-multi (~> 1.1.0)
+      ohai (>= 0.6.0)
+      rest-client (>= 1.0.4, < 1.7.0)
+      treetop (~> 1.4.9)
+      uuidtools
+      yajl-ruby (~> 1.1)
+    chefspec (1.0.0)
+      chef (>= 10.0)
+      erubis
+      fauxhai (~> 0.1)
+      minitest-chef-handler (>= 0.6.0)
+      rspec (~> 2.0)
+    chozo (0.6.1)
+      activesupport (>= 3.2.0)
+      hashie (>= 2.0.2)
+      multi_json (>= 1.3.0)
+    ci_reporter (1.8.4)
+      builder (>= 2.1.2)
+    crack (0.3.2)
+    diff-lcs (1.2.4)
+    erubis (2.7.0)
+    faraday (0.8.7)
+      multipart-post (~> 1.1)
+    fauxhai (0.1.1)
+      chef
+      httparty
+      net-ssh
+    foodcritic (2.1.0)
+      erubis
+      gherkin (~> 2.11.7)
+      nokogiri (~> 1.5.4)
+      rak (~> 1.4)
+      treetop (~> 1.4.10)
+      yajl-ruby (~> 1.1.0)
+    gherkin (2.11.8)
+      multi_json (~> 1.3)
+    hashie (2.0.4)
+    highline (1.6.18)
+    httparty (0.11.0)
+      multi_json (~> 1.0)
+      multi_xml (>= 0.5.2)
+    i18n (0.6.1)
+    ipaddress (0.8.0)
+    json (1.6.1)
+    mime-types (1.23)
+    minitar (0.5.4)
+    minitest (4.7.4)
+    minitest-chef-handler (1.0.1)
+      chef
+      ci_reporter
+      minitest (~> 4.7.3)
+    mixlib-authentication (1.3.0)
+      mixlib-log
+    mixlib-cli (1.3.0)
+    mixlib-config (1.1.2)
+    mixlib-log (1.6.0)
+    mixlib-shellout (1.1.0)
+    moneta (0.6.0)
+    multi_json (1.7.3)
+    multi_xml (0.5.3)
+    multipart-post (1.2.0)
+    net-http-persistent (2.8)
+    net-ssh (2.2.2)
+    net-ssh-gateway (1.1.0)
+      net-ssh (>= 1.99.1)
+    net-ssh-multi (1.1)
+      net-ssh (>= 2.1.4)
+      net-ssh-gateway (>= 0.99.0)
+    nokogiri (1.5.9)
+    ohai (6.16.0)
+      ipaddress
+      mixlib-cli
+      mixlib-config
+      mixlib-log
+      mixlib-shellout
+      systemu
+      yajl-ruby
+    polyglot (0.3.3)
+    rak (1.4)
+    rest-client (1.6.7)
+      mime-types (>= 1.16)
+    retryable (1.3.2)
+    ridley (0.9.1)
+      activesupport (>= 3.2.0)
+      addressable
+      celluloid (~> 0.13.0)
+      chozo (>= 0.6.0)
+      erubis
+      faraday (>= 0.8.4)
+      json (>= 1.5.0)
+      mixlib-authentication (>= 1.3.0)
+      mixlib-config (>= 1.1.0)
+      mixlib-log (>= 1.3.0)
+      mixlib-shellout (>= 1.1.0)
+      multi_json (>= 1.0.4)
+      net-http-persistent (>= 2.8)
+      net-ssh
+      retryable
+      solve (>= 0.4.1)
+    rspec (2.13.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
+    rspec-core (2.13.1)
+    rspec-expectations (2.13.0)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.13.1)
+    solve (0.4.4)
+      json
+    systemu (2.5.2)
+    thor (0.18.1)
+    timers (1.1.0)
+    treetop (1.4.12)
+      polyglot
+      polyglot (>= 0.3.1)
+    uuidtools (2.1.4)
+    webmock (1.11.0)
+      addressable (>= 2.2.7)
+      crack (>= 0.3.2)
+    yajl-ruby (1.1.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  berkshelf (~> 1.4.0)
+  chef (~> 10.18.2)
+  chefspec (~> 1.0.0)
+  foodcritic (~> 2.1.0)
+  webmock (~> 1.11.0)

README.md

@@ -8,13 +8,8 @@ http://keystone.openstack.org/
 Requirements
 ============
 
-Chef 0.10.0 or higher required (for Chef environment use)
-
-Platform
---------
-
-* Ubuntu-12.04
-* Fedora-17
+* Chef 0.10.0 or higher required (for Chef environment use)
+* [Network Addr](https://gist.github.com/jtimberman/1040543) Ohai plugin.
 
 Cookbooks
 ---------
@@ -26,6 +21,31 @@ The following cookbooks are dependencies:
 * openssl
 * openstack-common
 
+Usage
+=====
+
+db
+--
+
+Configures database for use with keystone
+
+```json
+"run_list": [
+    "recipe[keystone::db]"
+]
+```
+
+server
+------
+
+Installs and Configures Keystone Service
+
+```json
+"run_list": [
+    "recipe[keystone::server]"
+]
+```
+
 Resources/Providers
 ===================
 
@@ -216,19 +236,6 @@ Create EC2 credentials for a given user in the specified tenant
       tenant_name "openstack"
     end
 
-Recipes
-=======
-
-server
-------
-
-Installs and Configures Keystone Service
-
-db
---
-
-Configures database for use with keystone
-
 Attributes
 ==========
 
@@ -251,6 +258,15 @@ Attributes
 * `keystone["roles"]` - Array of roles to create in the keystone server
 * `keystone["users"]` - Array of users to create in the keystone server
 
+Testing
+=====
+
+This cookbook is using [ChefSpec](https://github.com/acrmp/chefspec) for
+testing. Run the following before commiting. It will run your tests,
+and check for lint errors.
+
+    $ ./run_tests.bash
+
 License and Author
 ==================
 
@@ -262,9 +278,12 @@ Author:: William Kelly (<william.kelly@rackspace.com>)
 Author:: Darren Birkett (<darren.birkett@rackspace.co.uk>)
 Author:: Evan Callicoat (<evan.callicoat@rackspace.com>)
 Author:: Matt Ray (<matt@opscode.com>)
+Author:: Jay Pipes (<jaypipes@att.com>)
+Author:: John Dewey (<jdewey@att.com>)
 
 Copyright 2012, Rackspace US, Inc.
 Copyright 2012, Opscode, Inc.
+Copyright 2012-2013, AT&T Services, Inc.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.

attributes/default.rb

@@ -1,3 +1,22 @@
+#
+# Cookbook Name:: keystone
+# Recipe:: default
+#
+# Copyright 2012-2013, AT&T Services, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 # Set to some text value if you want templated config files
 # to contain a custom banner at the top of the written file
 default["keystone"]["custom_template_banner"] = "

providers/credentials.rb

@@ -3,7 +3,7 @@
 # Provider:: credentials
 #
 # Copyright 2012, Rackspace US, Inc.
-# Copyright 2012, AT&T, Inc.
+# Copyright 2012-2013, AT&T Services, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

providers/register.rb

@@ -3,7 +3,7 @@
 # Provider:: register
 #
 # Copyright 2012, Rackspace US, Inc.
-# Copyright 2012, AT&T, Inc.
+# Copyright 2012-2013, AT&T Services, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

recipes/db.rb

@@ -2,7 +2,7 @@
 # Cookbook Name:: keystone
 # Recipe:: db
 #
-# Copyright 2012, AT&T
+# Copyright 2012-2013, AT&T Services, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

recipes/default.rb

@@ -0,0 +1,18 @@
+#
+# Cookbook Name:: keystone
+# Recipe:: default
+#
+# Copyright 2012-2013, AT&T Services, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#

recipes/server.rb

@@ -107,11 +107,7 @@ sql_connection = db_uri("identity", db_user, db_pass)
 
 bootstrap_token = secret "secrets", "keystone_bootstrap_token"
 
-bind_interface = node["keystone"]["bind_interface"]
-interface_node = node["network"]["interfaces"][bind_interface]["addresses"]
-ip_address = interface_node.select do |address, data|
-  data['family'] == "inet"
-end[0][0]
+ip_address = node["network"]["ipaddress_#{node["keystone"]["bind_interface"]}"]
 
 # If the search role is set, we search for memcache
 # servers via a Chef search. If not, we look at the

run_tests.bash

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+# A script to run tests locally before committing.
+
+set -e
+
+COOKBOOK=$(awk '/^name/ {print $NF}' metadata.rb |tr -d \"\')
+if [ -z $COOKBOOK ]; then
+    echo "Cookbook name not defined in metadata.rb"
+    exit 1
+fi
+
+BUNDLE_PATH=${BUNDLE_PATH:-.bundle}
+BERKSHELF_PATH=${BERKSHELF_PATH:-.cookbooks}
+
+bundle install --path=${BUNDLE_PATH}
+bundle exec berks install --path=${BERKSHELF_PATH}
+bundle exec foodcritic -f any -t ~FC003 -t ~FC023 ${BERKSHELF_PATH}/${COOKBOOK}
+bundle exec rspec ${BERKSHELF_PATH}/${COOKBOOK}

spec/db_spec.rb

@@ -0,0 +1,24 @@
+require "spec_helper"
+
+describe "keystone::db" do
+  it "installs mysql packages" do
+    @chef_run = converge
+
+    expect(@chef_run).to include_recipe "mysql::client"
+    expect(@chef_run).to include_recipe "mysql::ruby"
+  end
+
+  it "creates database and user" do
+    ::Chef::Recipe.any_instance.should_receive(:db_create_with_user).
+      with "identity", "keystone", "test-pass"
+
+    converge
+  end
+
+  def converge
+    ::Chef::Recipe.any_instance.stub(:db_password).with("keystone").
+      and_return "test-pass"
+
+    ::ChefSpec::ChefRunner.new(::UBUNTU_OPTS).converge "keystone::db"
+  end
+end

spec/default_spec.rb

@@ -0,0 +1,4 @@
+require "spec_helper"
+
+describe "keystone::default" do
+end

spec/server-redhat_spec.rb

@@ -0,0 +1,27 @@
+require "spec_helper"
+
+describe "keystone::server" do
+  describe "redhat" do
+    before do
+      keystone_stubs
+      @chef_run = ::ChefSpec::ChefRunner.new ::REDHAT_OPTS
+      @chef_run.converge "keystone::server"
+    end
+
+    it "installs mysql python packages" do
+      expect(@chef_run).to install_package "MySQL-python"
+    end
+
+    it "installs memcache python packages" do
+      expect(@chef_run).to install_package "python-memcached"
+    end
+
+    it "installs keystone packages" do
+      expect(@chef_run).to upgrade_package "openstack-keystone"
+    end
+
+    it "starts keystone on boot" do
+      expect(@chef_run).to set_service_to_start_on_boot "openstack-keystone"
+    end
+  end
+end

spec/server_spec.rb

@@ -0,0 +1,136 @@
+require "spec_helper"
+
+describe "keystone::server" do
+  describe "ubuntu" do
+    before do
+      keystone_stubs
+      @chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS
+      @node = @chef_run.node
+      @node.set["keystone"]["syslog"]["use"] = true
+      @node.set["network"]["ipaddress_lo"] = "10.10.10.10"
+      @chef_run.converge "keystone::server"
+    end
+
+    it "runs logging recipe if node attributes say to" do
+      expect(@chef_run).to include_recipe "openstack-common::logging"
+    end
+
+    it "installs mysql python packages" do
+      expect(@chef_run).to install_package "python-mysqldb"
+    end
+
+    it "installs memcache python packages" do
+      expect(@chef_run).to install_package "python-memcache"
+    end
+
+    it "installs keystone packages" do
+      expect(@chef_run).to upgrade_package "keystone"
+    end
+
+    it "starts keystone on boot" do
+      expect(@chef_run).to set_service_to_start_on_boot "keystone"
+    end
+
+    it "sleep on keystone service enable" do
+      expect(@chef_run.service("keystone")).
+        to notify "execute[Keystone: sleep]", :run
+    end
+
+    describe "/etc/keystone" do
+      before do
+        @dir = @chef_run.directory "/etc/keystone"
+      end
+
+      it "has proper owner" do
+        expect(@dir).to be_owned_by "keystone", "keystone"
+      end
+
+      it "has proper modes" do
+        expect(sprintf("%o", @dir.mode)).to eq "700"
+      end
+    end
+
+    #TODO: ChefSpec needs to handle guards better.
+    #      should only be created when pki is enabled
+    describe "/etc/keystone/ssl" do
+      before do
+        @dir = @chef_run.directory "/etc/keystone/ssl"
+      end
+
+      it "has proper owner" do
+        expect(@dir).to be_owned_by "keystone", "keystone"
+      end
+
+      it "has proper modes" do
+        expect(sprintf("%o", @dir.mode)).to eq "700"
+      end
+    end
+
+    it "deletes keystone.db" do
+      expect(@chef_run).to delete_file "/var/lib/keystone/keystone.db"
+    end
+
+    #TODO: ChefSpec needs to handle guards better.
+    #      should only be performed when pki is enabled
+    it "runs pki setup" do
+      cmd = "keystone-manage pki_setup"
+      expect(@chef_run).to execute_command(cmd).with(
+        :user => "keystone"
+      )
+    end
+
+    it "doesn't run pki setup when signing dir exists" do
+      pending "TODO: how to test this"
+    end
+
+    describe "keystone.conf" do
+      before do
+        @file = @chef_run.template "/etc/keystone/keystone.conf"
+      end
+
+      it "has proper owner" do
+        expect(@file).to be_owned_by "keystone", "keystone"
+      end
+
+      it "has proper modes" do
+        expect(sprintf("%o", @file.mode)).to eq "644"
+      end
+
+      it "template contents" do
+        pending "TODO: implement"
+      end
+
+      it "notifies nova-api-ec2 restart" do
+        expect(@file).to notify "service[keystone]", :restart
+      end
+    end
+
+    #TODO: ChefSpec needs to handle guards better.
+    describe "default_catalog.templates" do
+      before do
+        @file = @chef_run.template "/etc/keystone/default_catalog.templates"
+      end
+
+      it "has proper owner" do
+        expect(@file).to be_owned_by "keystone", "keystone"
+      end
+
+      it "has proper modes" do
+        expect(sprintf("%o", @file.mode)).to eq "644"
+      end
+
+      it "template contents" do
+        pending "TODO: implement"
+      end
+
+      it "notifies nova-api-ec2 restart" do
+        expect(@file).to notify "service[keystone]", :restart
+      end
+    end
+
+    it "runs db migrations" do
+      cmd = "keystone-manage db_sync"
+      expect(@chef_run).to execute_command cmd
+    end
+  end
+end

spec/spec_helper.rb

@@ -0,0 +1,18 @@
+require "chefspec"
+require "webmock/rspec"
+
+::LOG_LEVEL = :fatal
+::REDHAT_OPTS = {
+    :platform  => "redhat",
+    :log_level => ::LOG_LEVEL
+}
+::UBUNTU_OPTS = {
+    :platform  => "ubuntu",
+    :version   => "12.04",
+    :log_level => ::LOG_LEVEL
+}
+
+def keystone_stubs
+  ::Chef::Recipe.any_instance.stub(:db_password).and_return String.new
+  ::Chef::Recipe.any_instance.stub(:secret).and_return String.new
+end