]> git.openstreetmap.org Git - chef.git/blob - .kitchen.yml
community: use a custom policyd-spf.conf
[chef.git] / .kitchen.yml
1 ---
2 driver:
3   name: dokken
4   chef_version: 18
5   volumes:
6     - /var/lib/docker
7   env:
8     - container=dokken
9   ipv6: true
10   ipv6_subnet: "fd95:8552:964c::/64"
11   dns:
12     - 8.8.8.8
13     - 8.8.4.4
14     - 1.1.1.1
15     - 1.0.0.1
16
17 transport:
18   name: dokken
19
20 provisioner:
21   name: dokken
22   chef_license: accept
23   data_bags_path: test/data_bags
24   slow_resource_report: true
25   clean_dokken_sandbox: true
26   attributes:
27     networking:
28       dnssec: "false" # Disable DNSSEC as occasionally unreliable in GitHub Actions
29
30 verifier:
31   name: inspec
32   root_path: /opt/verifier
33   sudo: false
34
35 platforms:
36   - name: ubuntu-20.04
37     driver:
38       image: ghcr.io/test-kitchen/dokken/ubuntu-20.04
39       privileged: true
40       pid_one_command: /bin/systemd
41       intermediate_instructions:
42         - RUN /usr/bin/apt-get update -y
43         - RUN /usr/bin/apt-get install -y eatmydata
44         - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload
45   - name: ubuntu-22.04
46     driver:
47       image: ghcr.io/test-kitchen/dokken/ubuntu-22.04
48       privileged: true
49       pid_one_command: /bin/systemd
50       intermediate_instructions:
51         - RUN /usr/bin/apt-get update -y
52         - RUN /usr/bin/apt-get install -y eatmydata
53         - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload
54   - name: debian-12
55     driver:
56       image: ghcr.io/test-kitchen/dokken/debian-12
57       privileged: true
58       pid_one_command: /bin/systemd
59       intermediate_instructions:
60         - RUN /usr/bin/apt-get update -y
61         - RUN /usr/bin/apt-get install -y eatmydata
62         - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload
63
64 suites:
65   - name: accounts
66     run_list:
67       - recipe[accounts::default]
68   - name: apache
69     run_list:
70       - recipe[apache::default]
71   - name: apt
72     run_list:
73       - recipe[apt::default]
74   - name: apt-repository
75     run_list:
76       - recipe[apt::repository]
77   - name: awscli
78     run_list:
79       - recipe[awscli::default]
80   - name: backup
81     run_list:
82       - recipe[backup::default]
83   - name: bind
84     run_list:
85       - recipe[bind::default]
86     attributes:
87       bind:
88         clients: none
89   - name: blog
90     run_list:
91       - recipe[blog::default]
92   - name: blogs
93     run_list:
94       - recipe[blogs::default]
95   - name: chef
96     run_list:
97       - recipe[chef::default]
98   - name: civicrm
99     run_list:
100       - recipe[civicrm::default]
101   - name: clamav
102     run_list:
103       - recipe[clamav::default]
104   - name: community
105     run_list:
106       - recipe[community::default]
107   - name: db-backup
108     run_list:
109       - recipe[db::backup]
110   - name: db-base
111     run_list:
112       - recipe[db::base]
113   - name: db-master
114     run_list:
115       - recipe[db::master]
116   - name: db-slave
117     run_list:
118       - recipe[db::slave]
119   - name: dev
120     run_list:
121       - recipe[dev::default]
122     attributes:
123       postgresql:
124         versions:
125           - 15
126   - name: devices
127     run_list:
128       - recipe[devices::default]
129   - name: dhcpd
130     run_list:
131       - recipe[dhcpd::default]
132     attributes:
133       dhcpd:
134         first_address: 172.18.100.1
135         last_address: 172.18.100.254
136       networking:
137         interfaces:
138           test:
139             interface: eth0
140             role: internal
141             inet:
142               address: 172.18.0.2
143               prefix: 16
144               gateway: 172.18.0.1
145         roles:
146           external:
147             zone: test
148   - name: dmca
149     run_list:
150       - recipe[dmca::default]
151   - name: dns
152     run_list:
153       - recipe[dns::default]
154   - name: docker
155     run_list:
156       - recipe[docker::default]
157   - name: elasticsearch
158     run_list:
159       - recipe[elasticsearch::default]
160   - name: exim
161     run_list:
162       - recipe[exim::default]
163   - name: fail2ban
164     run_list:
165       - recipe[fail2ban::default]
166   - name: foundation-board
167     run_list:
168       - recipe[foundation::board]
169   - name: foundation-dwg
170     run_list:
171       - recipe[foundation::dwg]
172   - name: foundation-mastodon
173     run_list:
174       - recipe[foundation::mastodon]
175   - name: foundation-mwg
176     run_list:
177       - recipe[foundation::mwg]
178   - name: foundation-owg
179     run_list:
180       - recipe[foundation::owg]
181   - name: foundation-welcome
182     run_list:
183       - recipe[foundation::welcome]
184   - name: foundation-wiki
185     run_list:
186       - recipe[foundation::wiki]
187   - name: ftp
188     run_list:
189       - recipe[ftp::default]
190   - name: geodns
191     run_list:
192       - recipe[geodns::default]
193     attributes:
194       networking:
195         interfaces:
196           test:
197             role: external
198             inet:
199               address: 172.18.0.2
200               prefix: 16
201   - name: geoipupdate
202     run_list:
203       - recipe[geoipupdate::default]
204   - name: git
205     run_list:
206       - recipe[git::default]
207   - name: git-server
208     run_list:
209       - recipe[git::server]
210   - name: git-web
211     run_list:
212       - recipe[git::web]
213   - name: gps-tile
214     run_list:
215       - recipe[gps-tile::default]
216   - name: hardware
217     run_list:
218       - recipe[hardware::default]
219   - name: hot
220     run_list:
221       - recipe[hot::default]
222   - name: ideditor
223     run_list:
224       - recipe[ideditor::default]
225   - name: imagery-tiler
226     run_list:
227       - recipe[imagery::tiler]
228   - name: irc
229     run_list:
230       - recipe[irc::default]
231   - name: kibana
232     run_list:
233       - recipe[kibana::default]
234   - name: letsencrypt
235     run_list:
236       - recipe[letsencrypt::default]
237   - name: logstash
238     run_list:
239       - recipe[logstash::default]
240   - name: logstash-forwarder
241     run_list:
242       - recipe[logstash::forwarder]
243     attributes:
244       logstash:
245         forwarder:
246           filebeat.inputs:
247             - type: filestream
248               id: apache
249               paths:
250                 - /var/log/apache2/access.log
251               fields:
252                 type: apache
253               fields_under_root: true
254   - name: mail
255     run_list:
256       - role[mail]
257   - name: mailman
258     run_list:
259       - recipe[mailman::default]
260   - name: matomo
261     run_list:
262       - recipe[matomo::default]
263   - name: memcached
264     run_list:
265       - recipe[memcached::default]
266   - name: mysql
267     run_list:
268       - recipe[mysql::default]
269   - name: networking
270     run_list:
271       - recipe[networking::default]
272   - name: nginx
273     run_list:
274       - recipe[nginx::default]
275   - name: nodejs
276     run_list:
277       - recipe[nodejs::default]
278   - name: nominatim
279     run_list:
280       - recipe[nominatim::default]
281   - name: ntp
282     run_list:
283       - recipe[ntp::default]
284   - name: openssh
285     run_list:
286       - recipe[openssh::default]
287   - name: osmosis
288     run_list:
289       - recipe[osmosis::default]
290   - name: osqa
291     run_list:
292       - recipe[osqa::default]
293   - name: otrs
294     run_list:
295       - recipe[otrs::default]
296   - name: overpass
297     run_list:
298       - recipe[overpass::default]
299   - name: passenger
300     run_list:
301       - recipe[passenger::default]
302   - name: php
303     run_list:
304       - recipe[php::default]
305   - name: php-apache
306     run_list:
307       - recipe[php::apache]
308   - name: php-fpm
309     run_list:
310       - recipe[php::fpm]
311   - name: planet
312     run_list:
313       - recipe[planet::default]
314   - name: planet-aws
315     run_list:
316       - recipe[planet::aws]
317   - name: planet-current
318     run_list:
319       - recipe[planet::current]
320   - name: planet-dump
321     run_list:
322       - recipe[planet::dump]
323   - name: planet-notes
324     run_list:
325       - recipe[planet::notes]
326     attributes:
327       web:
328         readonly_database_host: readonly
329   - name: planet-replication
330     run_list:
331       - recipe[planet::replication]
332     attributes:
333       web:
334         readonly_database_host: readonly
335   - name: postgresql
336     run_list:
337       - recipe[postgresql::default]
338     attributes:
339       postgresql:
340         versions:
341           - 15
342   - name: prometheus
343     run_list:
344       - recipe[prometheus::default]
345     attributes:
346       networking:
347         interfaces:
348           test:
349             interface: eth0
350             role: internal
351             inet:
352               address: 172.18.0.2
353               prefix: 16
354               gateway: 172.18.0.1
355   - name: prometheus-server
356     run_list:
357       - recipe[prometheus::server]
358   - name: python
359     run_list:
360       - recipe[python::default]
361   - name: rsyncd
362     run_list:
363       - recipe[rsyncd::default]
364   - name: serverinfo
365     run_list:
366       - recipe[serverinfo::default]
367   - name: snmpd
368     run_list:
369       - recipe[snmpd::default]
370   - name: spamassassin
371     run_list:
372       - recipe[spamassassin::default]
373   - name: ssl
374     run_list:
375       - recipe[ssl::default]
376   - name: stateofthemap-container
377     run_list:
378       - recipe[stateofthemap::container]
379   - name: stateofthemap-wordpress
380     run_list:
381       - recipe[stateofthemap::wordpress]
382   - name: subversion
383     run_list:
384       - recipe[subversion::default]
385   - name: supybot
386     run_list:
387       - recipe[supybot::default]
388   - name: switch2osm
389     run_list:
390       - recipe[switch2osm::default]
391   - name: sysctl
392     run_list:
393       - recipe[sysctl::default]
394   - name: sysfs
395     run_list:
396       - recipe[sysfs::default]
397   - name: taginfo
398     run_list:
399       - recipe[taginfo::default]
400     attributes:
401       taginfo:
402         sites:
403           - name: taginfo.example.com
404   - name: tile
405     run_list:
406       - recipe[tile::default]
407   - name: tilelog
408     run_list:
409       - recipe[tilelog::default]
410   - name: tools
411     run_list:
412       - recipe[tools::default]
413   - name: trac
414     run_list:
415       - recipe[trac::default]
416   - name: web-cgimap
417     run_list:
418       - recipe[web::cgimap]
419   - name: web-frontend
420     run_list:
421       - recipe[web::frontend]
422   - name: web-rails
423     run_list:
424       - recipe[web::rails]
425   - name: wiki
426     run_list:
427       - recipe[wiki::default]
428   - name: wordpress
429     run_list:
430       - recipe[wordpress::default]