diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b6008bc..6f86a4e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,7 +28,7 @@ jobs: curl -L https://omnitruck.cinc.sh/install.sh | sudo bash -s -- -P cinc-workstation -d .cache -v ${{ env.cinc_workstation_version }} - name: cookstyle run: | - cinc exec rake cookstyle + cinc exec cookstyle --fail-level r kitchen-dokken: runs-on: ubuntu-latest @@ -93,7 +93,6 @@ jobs: - default-ubuntu-20-04 - default-debian-10 - default-debian-11 - - default-fedora-38 steps: - uses: actions/checkout@v4 - uses: actions/cache@v3 diff --git a/Gemfile b/Gemfile deleted file mode 100644 index 13d58ef..0000000 --- a/Gemfile +++ /dev/null @@ -1,7 +0,0 @@ -# frozen_string_literal: true - -source 'https://rubygems.org' - -group :tools do - gem 'github_changelog_generator', '~> 1.14' -end diff --git a/Rakefile b/Rakefile deleted file mode 100644 index 8919d54..0000000 --- a/Rakefile +++ /dev/null @@ -1,82 +0,0 @@ -# frozen_string_literal: true - -# rubocop:disable Style/SymbolArray - -require 'rspec/core/rake_task' -require 'base64' -require 'chef/cookbook/metadata' - -# General tasks - -# Rubocop before rspec so we don't lint vendored cookbooks -desc 'Run all tests except Kitchen (default task)' -task default: [:lint, :spec] - -# Lint the cookbook -desc 'Run all linters: rubocop and foodcritic' -task lint: [:cookstyle] - -# Run the whole shebang -desc 'Run all tests' -task test: [:lint, :kitchen, :spec] - -# RSpec -desc 'Run chefspec tests' -task :spec do - puts 'Running Chefspec tests' - RSpec::Core::RakeTask.new(:spec) -end - -desc 'Run cookstyle on cookbooks in this repository' -task :cookstyle do - sh 'cookstyle --fail-level r' -end - -# Automatically generate a changelog for this project. Only loaded if -# the necessary gem is installed. -begin - # read version from metadata - metadata = Chef::Cookbook::Metadata.new - metadata.instance_eval(File.read('metadata.rb')) - - # build changelog - require 'github_changelog_generator/task' - GitHubChangelogGenerator::RakeTask.new :changelog do |config| - config.future_release = "v#{metadata.version}" - config.user = 'dev-sec' - config.project = 'chef-os-hardening' - end -rescue LoadError - puts '>>>>> GitHub Changelog Generator not loaded, omitting tasks' -end - -desc 'Run kitchen integration tests' -task :kitchen do - SSH_KEY_FILE = '~/.ssh/ci_id_rsa' - SSH_KEY_ENV_VAR_NAME = 'CI_SSH_KEY' - concurrency = ENV['CONCURRENCY'] || 1 - instance = ENV['INSTANCE'] || '' - args = ENV['CI'] ? '--destroy=always' : '' - - if ENV['CI'] && ENV['KITCHEN_LOCAL_YAML'] == '.kitchen.do.yml' - puts 'Preparing CI environment for DigitalOcean...' - - ['DIGITALOCEAN_ACCESS_TOKEN', 'DIGITALOCEAN_SSH_KEY_IDS', SSH_KEY_ENV_VAR_NAME].each do |var| - unless ENV[var] # rubocop:disable Style/Next - puts "#{var} isn't defined. Skipping the task" - # We are not raising exit 1 as we want our CI tests in the forks to succeed. - # Our forks usually do not have the DO environment variables and are tested via dokken - exit - end - end - - ssh_file = File.expand_path(SSH_KEY_FILE) - dir = File.dirname(ssh_file) - Dir.mkdir(dir, 0o700) unless Dir.exist?(dir) - File.open(ssh_file, 'w') { |f| f.puts Base64.decode64(ENV[SSH_KEY_ENV_VAR_NAME]) } - File.chmod(0o600, ssh_file) - end - - sh('sh', '-c', "bundle exec kitchen test -c #{concurrency} #{args} #{instance}") -end -# rubocop:enable Style/SymbolArray