X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/2b2961718a325af20aa7de5df922907f39c350c4..332e5e0843799eb42132e229ecc64e05d507059f:/.kitchen.yml?ds=sidebyside diff --git a/.kitchen.yml b/.kitchen.yml index 89cbf3aba..88cfc7459 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -1,26 +1,66 @@ --- driver: name: dokken - chef_version: 14 + chef_image: ghcr.io/firefishy/chef-docker-image + chef_version: latest + volumes: + - /var/lib/docker + env: + - container=dokken + ipv6: true + ipv6_subnet: "fd95:8552:964c::/64" + dns: + - 8.8.8.8 + - 8.8.4.4 + - 1.1.1.1 + - 1.0.0.1 transport: name: dokken provisioner: name: dokken + chef_license: accept data_bags_path: test/data_bags + slow_resource_report: true + clean_dokken_sandbox: true + attributes: + networking: + dnssec: "false" # Disable DNSSEC as occasionally unreliable in GitHub Actions verifier: + name: inspec root_path: /opt/verifier + sudo: false platforms: - - name: ubuntu-18.04 + - name: ubuntu-20.04 driver: - image: dokken/ubuntu-18.04 + image: ghcr.io/test-kitchen/dokken/ubuntu-20.04 privileged: true pid_one_command: /bin/systemd intermediate_instructions: - RUN /usr/bin/apt-get update -y + - RUN /usr/bin/apt-get install -y eatmydata + - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload + - name: ubuntu-22.04 + driver: + image: ghcr.io/test-kitchen/dokken/ubuntu-22.04 + privileged: true + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -y + - RUN /usr/bin/apt-get install -y eatmydata + - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload + - name: debian-12 + driver: + image: ghcr.io/test-kitchen/dokken/debian-12 + privileged: true + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -y + - RUN /usr/bin/apt-get install -y eatmydata + - RUN echo /usr/lib/$(uname -m)-linux-gnu/libeatmydata.so >>/etc/ld.so.preload suites: - name: accounts @@ -32,19 +72,58 @@ suites: - name: apt run_list: - recipe[apt::default] + - name: apt-repository + run_list: + - recipe[apt::repository] + - name: awscli + run_list: + - recipe[awscli::default] + - name: backup + run_list: + - recipe[backup::default] - name: bind run_list: - recipe[bind::default] attributes: bind: clients: none + - name: blog + run_list: + - recipe[blog::default] - name: blogs run_list: - - recipe[accounts::default] - recipe[blogs::default] + - name: chef + run_list: + - recipe[chef::default] + - name: civicrm + run_list: + - recipe[civicrm::default] - name: clamav run_list: - recipe[clamav::default] + - name: community + run_list: + - recipe[community::default] + - name: db-backup + run_list: + - recipe[db::backup] + - name: db-base + run_list: + - recipe[db::base] + - name: db-master + run_list: + - recipe[db::master] + - name: db-slave + run_list: + - recipe[db::slave] + - name: dev + run_list: + - recipe[dev::default] + attributes: + postgresql: + versions: + - 15 - name: devices run_list: - recipe[devices::default] @@ -60,67 +139,299 @@ suites: test: interface: eth0 role: internal - address: 172.18.0.2 - prefix: 16 - gateway: 172.18.0.1 + inet: + address: 172.18.0.2 + prefix: 16 + gateway: 172.18.0.1 roles: external: zone: test - name: dmca run_list: - recipe[dmca::default] - attributes: - apache: - mpm: prefork - - name: donate + - name: dns run_list: - - recipe[accounts::default] - - role[donate] - attributes: - apache: - mpm: prefork + - recipe[dns::default] + - name: docker + run_list: + - recipe[docker::default] + - name: elasticsearch + run_list: + - recipe[elasticsearch::default] - name: exim run_list: - recipe[exim::default] - - name: forum + - name: fail2ban run_list: - - recipe[accounts::default] - - role[forum] + - recipe[fail2ban::default] + - name: foundation-birthday + run_list: + - recipe[foundation::birthday] + - name: foundation-board + run_list: + - recipe[foundation::board] + - name: foundation-dwg + run_list: + - recipe[foundation::dwg] + - name: foundation-mastodon + run_list: + - recipe[foundation::mastodon] + - name: foundation-mwg + run_list: + - recipe[foundation::mwg] + - name: foundation-owg + run_list: + - recipe[foundation::owg] + - name: foundation-welcome + run_list: + - recipe[foundation::welcome] + - name: foundation-wiki + run_list: + - recipe[foundation::wiki] + - name: ftp + run_list: + - recipe[ftp::default] + - name: geodns + run_list: + - recipe[geodns::default] + attributes: + networking: + interfaces: + test: + role: external + inet: + address: 172.18.0.2 + prefix: 16 + - name: geoipupdate + run_list: + - recipe[geoipupdate::default] + - name: git + run_list: + - recipe[git::default] + - name: git-server + run_list: + - recipe[git::server] + - name: git-web + run_list: + - recipe[git::web] + - name: gps-tile + run_list: + - recipe[gps-tile::default] + - name: hardware + run_list: + - recipe[hardware::default] + - name: hot + run_list: + - recipe[hot::default] + - name: ideditor + run_list: + - recipe[ideditor::default] + - name: imagery-tiler + run_list: + - recipe[imagery::tiler] + - name: irc + run_list: + - recipe[irc::default] + - name: kibana + run_list: + - recipe[kibana::default] - name: letsencrypt run_list: - - recipe[accounts::default] - - recipe[apt::default] - - role[letsencrypt] + - recipe[letsencrypt::default] + - name: logstash + run_list: + - recipe[logstash::default] + - name: logstash-forwarder + run_list: + - recipe[logstash::forwarder] attributes: - apt: - sources: - - openstreetmap - - name: munin + logstash: + forwarder: + filebeat.inputs: + - type: filestream + id: apache + paths: + - /var/log/apache2/access.log + fields: + type: apache + fields_under_root: true + - name: mail + run_list: + - role[mail] + - name: mailman + run_list: + - recipe[mailman::default] + - name: matomo run_list: - - recipe[munin::default] - - name: munin-server + - recipe[matomo::default] + - name: memcached run_list: - - recipe[munin::server] + - recipe[memcached::default] - name: mysql run_list: - recipe[mysql::default] - name: networking run_list: - recipe[networking::default] + - name: nginx + run_list: + - recipe[nginx::default] + - name: nodejs + run_list: + - recipe[nodejs::default] + - name: nominatim + run_list: + - recipe[nominatim::default] - name: ntp run_list: - recipe[ntp::default] + - name: openssh + run_list: + - recipe[openssh::default] + - name: osmosis + run_list: + - recipe[osmosis::default] + - name: osqa + run_list: + - recipe[osqa::default] - name: otrs run_list: - - recipe[accounts::default] - - recipe[chef::default] - - role[otrs] + - recipe[otrs::default] + - name: overpass + run_list: + - recipe[overpass::default] + - name: passenger + run_list: + - recipe[passenger::default] + - name: php + run_list: + - recipe[php::default] + - name: php-apache + run_list: + - recipe[php::apache] + - name: php-fpm + run_list: + - recipe[php::fpm] + - name: planet + run_list: + - recipe[planet::default] + - name: planet-aws + run_list: + - recipe[planet::aws] + - name: planet-current + run_list: + - recipe[planet::current] + - name: planet-dump + run_list: + - recipe[planet::dump] + - name: planet-notes + run_list: + - recipe[planet::notes] + attributes: + web: + readonly_database_host: readonly + - name: planet-replication + run_list: + - recipe[planet::replication] + attributes: + web: + readonly_database_host: readonly + - name: postgresql + run_list: + - recipe[postgresql::default] + attributes: + postgresql: + versions: + - 15 + - name: prometheus + run_list: + - recipe[prometheus::default] + attributes: + networking: + interfaces: + test: + interface: eth0 + role: internal + inet: + address: 172.18.0.2 + prefix: 16 + gateway: 172.18.0.1 + - name: prometheus-server + run_list: + - recipe[prometheus::server] - name: python run_list: - recipe[python::default] + - name: rsyncd + run_list: + - recipe[rsyncd::default] + - name: serverinfo + run_list: + - recipe[serverinfo::default] + - name: snmpd + run_list: + - recipe[snmpd::default] - name: spamassassin run_list: - recipe[spamassassin::default] + - name: ssl + run_list: + - recipe[ssl::default] + - name: stateofthemap-container + run_list: + - recipe[stateofthemap::container] + - name: stateofthemap-wordpress + run_list: + - recipe[stateofthemap::wordpress] + - name: subversion + run_list: + - recipe[subversion::default] + - name: supybot + run_list: + - recipe[supybot::default] + - name: switch2osm + run_list: + - recipe[switch2osm::default] + - name: sysctl + run_list: + - recipe[sysctl::default] + - name: sysfs + run_list: + - recipe[sysfs::default] + - name: taginfo + run_list: + - recipe[taginfo::default] + attributes: + taginfo: + sites: + - name: taginfo.example.com + - name: tile + run_list: + - recipe[tile::default] + - name: tilelog + run_list: + - recipe[tilelog::default] - name: tools run_list: - recipe[tools::default] + - name: trac + run_list: + - recipe[trac::default] + - name: vectortile + run_list: + - recipe[vectortile::default] + - name: web-cgimap + run_list: + - recipe[web::cgimap] + - name: web-frontend + run_list: + - recipe[web::frontend] + - name: web-rails + run_list: + - recipe[web::rails] + - name: wiki + run_list: + - recipe[wiki::default] + - name: wordpress + run_list: + - recipe[wordpress::default]