diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 88d2391..ba26739 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -29,6 +29,8 @@ jobs: - "centos-stream-9" - "debian-12" - "fedora-latest" + - "oraclelinux-8" + - "oraclelinux-9" - "rockylinux-8" - "rockylinux-9" - "ubuntu-2204" diff --git a/Berksfile b/Berksfile index 559dd3b..4c37302 100644 --- a/Berksfile +++ b/Berksfile @@ -1,7 +1,9 @@ +# frozen_string_literal: true + source 'https://supermarket.chef.io' metadata group :integration do - cookbook 'confluence_test', path: 'test/fixtures/cookbooks/confluence_test' + cookbook 'test', path: 'test/cookbooks/test' end diff --git a/LIMITATIONS.md b/LIMITATIONS.md new file mode 100644 index 0000000..7caa46e --- /dev/null +++ b/LIMITATIONS.md @@ -0,0 +1,64 @@ +# Limitations + +## Distribution Method + +Atlassian Confluence is distributed as a vendor binary — not through OS package managers (apt, yum, dnf, zypper). This cookbook downloads the standalone tarball directly from Atlassian's download site. + +- **Standalone tarball** (`atlassian-confluence-.tar.gz`): Platform-independent Java application archive +- **Binary installer** (`atlassian-confluence--x64.bin`): 64-bit Linux only + +This cookbook uses the **standalone tarball** method. + +## Package Availability + +### APT (Debian/Ubuntu) + +No official Atlassian apt repository exists. Confluence is not available via apt. + +### DNF/YUM (RHEL family) + +No official Atlassian yum/dnf repository exists. Confluence is not available via yum or dnf. + +### Zypper (SUSE) + +No official Atlassian zypper repository exists. Confluence is not available via zypper. + +## Architecture Limitations + +- The standalone tarball is a Java application and is architecture-independent +- The binary installer is available for **x86_64 (64-bit) only** +- arm64 (aarch64) is supported via the standalone tarball since it is pure Java + +## Operating System Support + +Atlassian officially supports "Linux (most distributions)" without specifying particular distributions. The cookbook supports: + +- AlmaLinux 8, 9 +- Amazon Linux 2023 +- CentOS Stream 9 +- Debian 12 +- Fedora (latest) +- Oracle Linux 8, 9 +- Red Hat Enterprise Linux 8, 9 +- Rocky Linux 8, 9 +- Ubuntu 22.04, 24.04 + +### Unsupported + +- Alpine Linux 3.5 and earlier (known Atlassian incompatibility) +- Windows Nano +- macOS / OSX (evaluation only per Atlassian) + +## Java Requirements + +- Confluence requires **Java 21** (Oracle JDK or Eclipse Temurin) +- The standalone tarball does **not** bundle a JRE — Java must be installed separately +- The binary installer bundles Temurin Java 21 + +This cookbook does **not** manage Java installation. Use a separate cookbook such as [java](https://github.com/sous-chefs/java). + +## Known Issues + +- Confluence will not work with MariaDB (use MySQL 8.4 instead) +- Confluence will not work with Percona Server +- This cookbook does not manage database or reverse proxy configuration diff --git a/documentation/confluence_config.md b/documentation/confluence_config.md index 86ee3a7..4f44170 100644 --- a/documentation/confluence_config.md +++ b/documentation/confluence_config.md @@ -7,6 +7,7 @@ Configures Confluence JVM settings, Tomcat connector, and home directory. | Action | Description | |-----------|----------------------------------------------------------| | `:create` | Creates/updates Confluence configuration files (default) | +| `:delete` | Removes all managed configuration files | ## Properties @@ -87,6 +88,14 @@ confluence_config 'confluence' do end ``` +### Delete Configuration + +```ruby +confluence_config 'confluence' do + action :delete +end +``` + ## Files Managed This resource manages the following files: diff --git a/documentation/confluence_install.md b/documentation/confluence_install.md index 4ae0c06..04c4c56 100644 --- a/documentation/confluence_install.md +++ b/documentation/confluence_install.md @@ -4,10 +4,10 @@ Downloads and installs Atlassian Confluence standalone tarball. ## Actions -| Action | Description | -|------------|-----------------------------------------------| -| `:install` | Downloads and installs Confluence (default) | -| `:remove` | Removes the Confluence installation directory | +| Action | Description | +|------------|----------------------------------------------------------| +| `:install` | Downloads and installs Confluence (default) | +| `:remove` | Removes the Confluence installation and home directories | ## Properties diff --git a/documentation/confluence_service.md b/documentation/confluence_service.md index 82d7d1f..a425ed9 100644 --- a/documentation/confluence_service.md +++ b/documentation/confluence_service.md @@ -12,6 +12,7 @@ Creates and manages the Confluence systemd service. | `:restart` | Restarts the Confluence service | | `:enable` | Enables the service to start on boot | | `:disable` | Disables the service from starting on boot | +| `:delete` | Stops, disables, and removes the systemd unit | ## Properties @@ -73,6 +74,14 @@ confluence_service 'confluence' do end ``` +### Delete Service + +```ruby +confluence_service 'confluence' do + action :delete +end +``` + ## Files Managed This resource manages the following files: diff --git a/kitchen.global.yml b/kitchen.global.yml index 1740e46..0bab8e1 100644 --- a/kitchen.global.yml +++ b/kitchen.global.yml @@ -19,14 +19,11 @@ platforms: - name: almalinux-9 - name: amazonlinux-2023 - name: centos-stream-9 - - name: debian-11 - name: debian-12 - name: fedora-latest - - name: opensuse-leap-15 - name: oraclelinux-8 - name: oraclelinux-9 - name: rockylinux-8 - name: rockylinux-9 - - name: ubuntu-20.04 - name: ubuntu-22.04 - name: ubuntu-24.04 diff --git a/kitchen.yml b/kitchen.yml index 375690f..85a174a 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -11,7 +11,7 @@ platforms: - name: ubuntu-24.04 provisioner: - name: chef_zero + name: chef_infra product_name: chef product_version: <%= ENV['CHEF_VERSION'] || 'latest' %> install_strategy: once @@ -19,8 +19,14 @@ provisioner: suites: - name: default run_list: - - recipe[confluence_test::default] + - recipe[test::default] + verifier: + inspec_tests: + - path: test/integration/default - name: standalone run_list: - - recipe[confluence_test::standalone] + - recipe[test::standalone] + verifier: + inspec_tests: + - path: test/integration/standalone diff --git a/libraries/helpers.rb b/libraries/helpers.rb index 36de492..0deb2cb 100644 --- a/libraries/helpers.rb +++ b/libraries/helpers.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # # Cookbook:: confluence # Library:: helpers diff --git a/metadata.rb b/metadata.rb index b8b94c4..c3f8fdc 100644 --- a/metadata.rb +++ b/metadata.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + name 'confluence' maintainer 'Sous Chefs' maintainer_email 'help@sous-chefs.org' diff --git a/resources/_partial/_common_properties.rb b/resources/_partial/_common_properties.rb index e2185c1..8654e41 100644 --- a/resources/_partial/_common_properties.rb +++ b/resources/_partial/_common_properties.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # # Cookbook:: confluence # Resource:: Partial:: _common_properties diff --git a/resources/config.rb b/resources/config.rb index a836830..2867045 100644 --- a/resources/config.rb +++ b/resources/config.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # # Cookbook:: confluence # Resource:: config @@ -123,6 +125,20 @@ end end +action :delete do + file ::File.join(new_resource.install_path, 'confluence/WEB-INF/classes/confluence-init.properties') do + action :delete + end + + file ::File.join(new_resource.install_path, 'bin/setenv.sh') do + action :delete + end + + file ::File.join(new_resource.install_path, 'conf/server.xml') do + action :delete + end +end + action_class do include Confluence::Cookbook::Helpers end diff --git a/resources/install.rb b/resources/install.rb index 9e270fb..21fba3c 100644 --- a/resources/install.rb +++ b/resources/install.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # # Cookbook:: confluence # Resource:: install @@ -122,6 +124,11 @@ recursive true action :delete end + + directory new_resource.home_path do + recursive true + action :delete + end end action_class do diff --git a/resources/service.rb b/resources/service.rb index f27b9a0..f0b2d3d 100644 --- a/resources/service.rb +++ b/resources/service.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + # # Cookbook:: confluence # Resource:: service @@ -81,6 +83,12 @@ end end +action :delete do + systemd_unit "#{new_resource.service_name}.service" do + action [:stop, :disable, :delete] + end +end + action_class do include Confluence::Cookbook::Helpers end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index b3918bb..a6b0154 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,7 +1,11 @@ +# frozen_string_literal: true + require 'chefspec' require 'chefspec/berkshelf' RSpec.configure do |config| + config.color = true + config.formatter = :documentation config.file_cache_path = '/var/cache/chef' config.log_level = :error config.platform = 'ubuntu' diff --git a/spec/unit/libraries/helpers_spec.rb b/spec/unit/libraries/helpers_spec.rb index 5c080f6..dc11b12 100644 --- a/spec/unit/libraries/helpers_spec.rb +++ b/spec/unit/libraries/helpers_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' require_relative '../../../libraries/helpers' diff --git a/spec/unit/resources/confluence_config_spec.rb b/spec/unit/resources/confluence_config_spec.rb index b4577f5..35bd0db 100644 --- a/spec/unit/resources/confluence_config_spec.rb +++ b/spec/unit/resources/confluence_config_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'confluence_config' do @@ -118,4 +120,24 @@ ) end end + + context 'with :delete action' do + recipe do + confluence_config 'confluence' do + action :delete + end + end + + it 'deletes confluence-init.properties' do + expect(chef_run).to delete_file('/opt/atlassian/confluence/confluence/WEB-INF/classes/confluence-init.properties') + end + + it 'deletes setenv.sh' do + expect(chef_run).to delete_file('/opt/atlassian/confluence/bin/setenv.sh') + end + + it 'deletes server.xml' do + expect(chef_run).to delete_file('/opt/atlassian/confluence/conf/server.xml') + end + end end diff --git a/spec/unit/resources/confluence_install_spec.rb b/spec/unit/resources/confluence_install_spec.rb index 50a7226..0ba6b62 100644 --- a/spec/unit/resources/confluence_install_spec.rb +++ b/spec/unit/resources/confluence_install_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'confluence_install' do @@ -132,4 +134,25 @@ ) end end + + context 'with :remove action' do + recipe do + confluence_install 'confluence' do + version '10.2.2' + action :remove + end + end + + it 'deletes the install directory' do + expect(chef_run).to delete_directory('/opt/atlassian/confluence').with( + recursive: true + ) + end + + it 'deletes the home directory' do + expect(chef_run).to delete_directory('/var/atlassian/application-data/confluence').with( + recursive: true + ) + end + end end diff --git a/spec/unit/resources/confluence_service_spec.rb b/spec/unit/resources/confluence_service_spec.rb index 839416b..685d9aa 100644 --- a/spec/unit/resources/confluence_service_spec.rb +++ b/spec/unit/resources/confluence_service_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'spec_helper' describe 'confluence_service' do @@ -105,4 +107,24 @@ expect(chef_run).to enable_systemd_unit('confluence.service') end end + + context 'with :delete action' do + recipe do + confluence_service 'confluence' do + action :delete + end + end + + it 'stops the systemd service' do + expect(chef_run).to stop_systemd_unit('confluence.service') + end + + it 'disables the systemd service' do + expect(chef_run).to disable_systemd_unit('confluence.service') + end + + it 'deletes the systemd service unit' do + expect(chef_run).to delete_systemd_unit('confluence.service') + end + end end diff --git a/templates/confluence.init.erb b/templates/confluence.init.erb deleted file mode 100644 index 00b47cf..0000000 --- a/templates/confluence.init.erb +++ /dev/null @@ -1,78 +0,0 @@ -# JIRA startup script - adapted from: http://confluence.atlassian.com/display/JIRA/Starting+JIRA+Automatically+on+Linux -# Dynamically generated by Chef on <%= node["fqdn"] %> -# Local modifications will be overwritten by Chef. -#chkconfig: 2345 80 05 -#description: Atlassian Confluence - -### BEGIN INIT INFO -# Provides: Confluence -# Required-Start: $local_fs $remote_fs $network $syslog $named -# Required-Stop: $local_fs $remote_fs $network $syslog $named -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# X-Interactive: true -# Short-Description: Start/stop Atlassian Confluence standalone server -### END INIT INFO - -# Source function library. -<% case node['platform_family'] -%> -<% when 'rhel' -%> -. /etc/rc.d/init.d/functions -<% else -%> -. /lib/lsb/init-functions -<% end -%> - -# Define some variables -# Name of app ( JIRA, Confluence, etc ) -APP=confluence -# Name of the user to run as -USER=<%= node['confluence']['user'] %> -# Location of application's base directory -BASE=<%= node['confluence']['install_path'] %> - -start() { - echo "Starting $APP" - su -l $USER -c $BASE/bin/start-confluence.sh - return $? -} - -stop() { - echo "Stopping $APP" - su -l $USER -c $BASE/bin/stop-confluence.sh - return $? -} - -case "$1" in - # Start command - start) - start - RETVAL=$? - ;; - # Stop command - stop) - stop - RETVAL=$? - ;; - # Restart command - restart) - stop - start - RETVAL=$? - ;; - # Status command - status) - <% case node['platform_family'] -%> - <% when 'rhel' -%> - status -p $BASE/work/catalina.pid $APP - <% else -%> - status_of_proc -p $BASE/work/catalina.pid $JAVA_HOME/bin/java $APP - <% end -%> - RETVAL=$? - ;; - *) - echo "Usage: $APP {start|restart|stop|status}" - RETVAL=2 - ;; -esac - -exit $RETVAL diff --git a/templates/crowd.properties.erb b/templates/crowd.properties.erb deleted file mode 100644 index c124863..0000000 --- a/templates/crowd.properties.erb +++ /dev/null @@ -1,13 +0,0 @@ - - -application.name <%= @app_name %> -application.password <%= @app_password %> -application.login.url <%= File.join(@crowd_base_url, 'console') %> - -crowd.server.url <%= File.join(@crowd_base_url, 'services') %> -crowd.base.url <%= @crowd_base_url %> - -session.isauthenticated session.isauthenticated -session.tokenkey session.tokenkey -session.validationinterval 2 -session.lastvalidation session.lastvalidation diff --git a/templates/response.varfile.erb b/templates/response.varfile.erb deleted file mode 100644 index ce1829d..0000000 --- a/templates/response.varfile.erb +++ /dev/null @@ -1,15 +0,0 @@ -# -# Dynamically generated by Chef on <%= node["fqdn"] %> -# Local modifications will be overwritten by Chef. -# -rmiPort$Long=8000 -app.install.service$Boolean=false -existingInstallationDir=<%= node['confluence']['install_path'] %> -sys.confirmedUpdateInstallationString=<%= @update ? "true" : "false" %> -backupConfluence$Boolean=<%= @backup_when_update ? "true" : "false" %> -sys.languageId=en -sys.installationDir=<%= node['confluence']['install_path'] %> -app.confHome=<%= node['confluence']['home_path'] %> -executeLauncherAction$Boolean=true -httpPort$Long=<%= node['confluence']['tomcat']['port'] %> -portChoice=default diff --git a/templates/web_app.conf.erb b/templates/web_app.conf.erb deleted file mode 100644 index b79dc75..0000000 --- a/templates/web_app.conf.erb +++ /dev/null @@ -1,85 +0,0 @@ -# -# Dynamically generated by Chef on <%= node["fqdn"] %> -# Local modifications will be overwritten by Chef. -# -> - <% unless confluence_virtual_host_name.nil? || confluence_virtual_host_name.empty? -%> - ServerName <%= confluence_virtual_host_name %> - <% end -%> - <% unless confluence_virtual_host_alias.empty? -%> - <% Array(confluence_virtual_host_alias).each do |virtual_host_alias| -%> - ServerAlias <%= virtual_host_alias %> - <% end -%> - <% end -%> - DocumentRoot <%= node['confluence']['install_path'] %> - - CustomLog <%= node['confluence']['apache2']['access_log'].empty? ? node['apache']['log_dir']+"/confluence-access.log" : node['confluence']['apache2']['access_log'] %> combined - ErrorLog <%= node['confluence']['apache2']['error_log'].empty? ? node['apache']['log_dir']+"/confluence-error.log" : node['confluence']['apache2']['error_log'] %> - LogLevel warn - - RewriteEngine On - RewriteCond %{HTTPS} off - RewriteCond %{REQUEST_URI} !^/server-status - RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} - - -> - <% unless confluence_virtual_host_name.nil? || confluence_virtual_host_name.empty? -%> - ServerName <%= confluence_virtual_host_name %> - <% end -%> - <% unless confluence_virtual_host_alias.empty? -%> - <% Array(confluence_virtual_host_alias).each do |virtual_host_alias| -%> - ServerAlias <%= virtual_host_alias %> - <% end -%> - <% end -%> - DocumentRoot <%= node['confluence']['install_path'] %> - - CustomLog <%= node['confluence']['apache2']['ssl']['access_log'].empty? ? node['apache']['log_dir']+"/confluence-ssl-access.log" : node['confluence']['apache2']['ssl']['access_log'] %> combined - ErrorLog <%= node['confluence']['apache2']['ssl']['error_log'].empty? ? node['apache']['log_dir']+"/confluence-ssl-error.log" : node['confluence']['apache2']['ssl']['error_log'] %> - LogLevel warn - - - <% if node['apache']['version'].to_f < 2.4 -%> - Order Deny,Allow - Allow from all - <% else -%> - Require all granted - <% end -%> - - - <% if node['confluence']['version'].to_f >= 6.0 -%> - ProxyPass /synchrony http://localhost:8091/synchrony - - - <% if node['apache']['version'].to_f < 2.4 -%> - Order Deny,Allow - Allow from all - <% else -%> - Require all granted - <% end -%> - RewriteEngine on - RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC] - RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC] - RewriteRule .* ws://%{HTTP_HOST}:8091%{REQUEST_URI} [P] - - <% end -%> - - ProxyPass / http://localhost:<%= node['confluence']['tomcat']['port'] %>/ connectiontimeout=5 timeout=300 - ProxyPassReverse / http://localhost:<%= node['confluence']['tomcat']['port'] %>/ - - - <% if node['apache']['version'].to_f < 2.4 -%> - Order Deny,Allow - Allow from all - <% else -%> - Require all granted - <% end -%> - - - SSLEngine on - SSLCertificateFile <%= node['confluence']['apache2']['ssl']['certificate_file'] %> - SSLCertificateKeyFile <%= node['confluence']['apache2']['ssl']['key_file'] %> - <% unless node['confluence']['apache2']['ssl']['chain_file'].empty? -%> - SSLCertificateChainFile <%= node['confluence']['apache2']['ssl']['chain_file'] %> - <% end -%> - diff --git a/test/cookbooks/test/metadata.rb b/test/cookbooks/test/metadata.rb new file mode 100644 index 0000000..bf72ad3 --- /dev/null +++ b/test/cookbooks/test/metadata.rb @@ -0,0 +1,6 @@ +# frozen_string_literal: true + +name 'test' +version '0.0.1' + +depends 'confluence' diff --git a/test/fixtures/cookbooks/confluence_test/recipes/default.rb b/test/cookbooks/test/recipes/default.rb similarity index 94% rename from test/fixtures/cookbooks/confluence_test/recipes/default.rb rename to test/cookbooks/test/recipes/default.rb index ebdb389..667f188 100644 --- a/test/fixtures/cookbooks/confluence_test/recipes/default.rb +++ b/test/cookbooks/test/recipes/default.rb @@ -1,5 +1,7 @@ +# frozen_string_literal: true + # -# Cookbook:: confluence_test +# Cookbook:: test # Recipe:: default # # Basic test recipe demonstrating confluence custom resources diff --git a/test/fixtures/cookbooks/confluence_test/recipes/standalone.rb b/test/cookbooks/test/recipes/standalone.rb similarity index 93% rename from test/fixtures/cookbooks/confluence_test/recipes/standalone.rb rename to test/cookbooks/test/recipes/standalone.rb index 1841b7b..e3f2081 100644 --- a/test/fixtures/cookbooks/confluence_test/recipes/standalone.rb +++ b/test/cookbooks/test/recipes/standalone.rb @@ -1,5 +1,7 @@ +# frozen_string_literal: true + # -# Cookbook:: confluence_test +# Cookbook:: test # Recipe:: standalone # # Test recipe demonstrating standalone Confluence installation with reverse proxy config diff --git a/test/fixtures/cookbooks/confluence_test/README.md b/test/fixtures/cookbooks/confluence_test/README.md deleted file mode 100644 index a103858..0000000 --- a/test/fixtures/cookbooks/confluence_test/README.md +++ /dev/null @@ -1 +0,0 @@ -# This is a test cookbook diff --git a/test/fixtures/cookbooks/confluence_test/metadata.rb b/test/fixtures/cookbooks/confluence_test/metadata.rb deleted file mode 100644 index e209d25..0000000 --- a/test/fixtures/cookbooks/confluence_test/metadata.rb +++ /dev/null @@ -1,4 +0,0 @@ -name 'confluence_test' -version '0.0.1' - -depends 'confluence' diff --git a/test/integration/default/controls/default_spec.rb b/test/integration/default/controls/default_spec.rb new file mode 100644 index 0000000..27b0294 --- /dev/null +++ b/test/integration/default/controls/default_spec.rb @@ -0,0 +1,97 @@ +# frozen_string_literal: true + +title 'Default Suite Tests' + +control 'confluence-install-01' do + impact 1.0 + title 'Confluence user and group exist' + desc 'The confluence system user and group should exist' + + describe user('confluence') do + it { should exist } + its('group') { should eq 'confluence' } + end + + describe group('confluence') do + it { should exist } + end +end + +control 'confluence-install-02' do + impact 1.0 + title 'Confluence directories exist' + desc 'The Confluence install and home directories should exist with correct permissions' + + describe directory('/opt/atlassian/confluence') do + it { should exist } + its('owner') { should eq 'root' } + its('group') { should eq 'root' } + end + + describe directory('/var/atlassian/application-data/confluence') do + it { should exist } + its('mode') { should cmp '0750' } + its('owner') { should eq 'confluence' } + its('group') { should eq 'confluence' } + end + + %w(logs temp work).each do |dir| + describe directory("/opt/atlassian/confluence/#{dir}") do + it { should exist } + its('mode') { should cmp '0750' } + its('owner') { should eq 'confluence' } + its('group') { should eq 'confluence' } + end + end +end + +control 'confluence-config-01' do + impact 1.0 + title 'Confluence configuration files exist' + desc 'Configuration files should exist with correct permissions' + + describe file('/opt/atlassian/confluence/confluence/WEB-INF/classes/confluence-init.properties') do + it { should exist } + its('mode') { should cmp '0640' } + its('owner') { should eq 'root' } + its('group') { should eq 'confluence' } + its('content') { should match(%r{confluence\.home=/var/atlassian/application-data/confluence}) } + end + + describe file('/opt/atlassian/confluence/bin/setenv.sh') do + it { should exist } + its('mode') { should cmp '0750' } + its('owner') { should eq 'root' } + its('group') { should eq 'confluence' } + its('content') { should match(/-Xms512m/) } + its('content') { should match(/-Xmx2g/) } + end + + describe file('/opt/atlassian/confluence/conf/server.xml') do + it { should exist } + its('mode') { should cmp '0640' } + its('owner') { should eq 'root' } + its('group') { should eq 'confluence' } + its('content') { should match(/port="8090"/) } + end +end + +control 'confluence-service-01' do + impact 1.0 + title 'Confluence systemd service exists' + desc 'The Confluence systemd service unit should be installed and enabled' + + describe systemd_service('confluence') do + it { should be_installed } + it { should be_enabled } + end + + describe file('/etc/systemd/system/confluence.service') do + it { should exist } + its('content') { should match(/Type=forking/) } + its('content') { should match(%r{ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh}) } + its('content') { should match(%r{ExecStop=/opt/atlassian/confluence/bin/stop-confluence.sh}) } + its('content') { should match(/User=confluence/) } + its('content') { should match(/Group=confluence/) } + end +end diff --git a/test/integration/default/inspec.yml b/test/integration/default/inspec.yml new file mode 100644 index 0000000..385dfb0 --- /dev/null +++ b/test/integration/default/inspec.yml @@ -0,0 +1,12 @@ +--- +name: default +title: Default Suite Tests +maintainer: Sous Chefs +license: Apache-2.0 +summary: Integration tests for the default Confluence installation +version: 1.0.0 +supports: + - platform-family: debian + - platform-family: rhel + - platform-family: fedora + - platform-family: amazon diff --git a/test/integration/helpers/serverspec/spec_helper.rb b/test/integration/helpers/serverspec/spec_helper.rb deleted file mode 100644 index 2c5ee38..0000000 --- a/test/integration/helpers/serverspec/spec_helper.rb +++ /dev/null @@ -1,47 +0,0 @@ -require 'serverspec' -require 'infrataster/rspec' - -set :backend, :exec - -Infrataster::Server.define(:confluence_web, '127.0.0.1') - -shared_examples_for 'confluence behind the apache proxy' do - describe 'Tomcat' do - describe port(8090) do - it { should be_listening } - end - end - - describe 'Apache2' do - describe port(80) do - it { should be_listening } - end - - describe port(443) do - it { should be_listening } - end - end - - describe server(:confluence_web) do - describe http('http://127.0.0.1/setup/setupstart.action') do - it 'redirects 80 port to 443' do - expect(response.status).to eq(302) - expect(response.headers['location']).to eq('https://127.0.0.1/setup/setupstart.action') - end - end - - describe http('https://127.0.0.1/setup/setupstart.action', ssl: { verify: false }) do - it 'returns setup wizard' do - expect(response.status).to eq(200) - expect(response.body).to include('Set up Confluence') - end - end - - describe http('http://127.0.0.1:8090/setup/setupstart.action') do - it 'returns setup wizard' do - expect(response.status).to eq(200) - expect(response.body).to include('Set up Confluence') - end - end - end -end diff --git a/test/integration/installer-mysql/serverspec/installer-mysql_spec.rb b/test/integration/installer-mysql/serverspec/installer-mysql_spec.rb deleted file mode 100644 index 03b6874..0000000 --- a/test/integration/installer-mysql/serverspec/installer-mysql_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'spec_helper' - -describe 'MySQL' do - describe port(3306) do - it { should be_listening } - end -end - -describe 'Confluence' do - it_behaves_like 'confluence behind the apache proxy' -end diff --git a/test/integration/installer-postgresql/serverspec/installer-postgresql_spec.rb b/test/integration/installer-postgresql/serverspec/installer-postgresql_spec.rb deleted file mode 100644 index a801bb2..0000000 --- a/test/integration/installer-postgresql/serverspec/installer-postgresql_spec.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'spec_helper' - -describe 'Postgresql' do - describe port(5432) do - it { should be_listening } - end -end - -describe 'Confluence' do - it_behaves_like 'confluence behind the apache proxy' -end diff --git a/test/integration/standalone-mysql/serverspec/standalone-mysql_spec.rb b/test/integration/standalone-mysql/serverspec/standalone-mysql_spec.rb deleted file mode 100644 index 3c5782e..0000000 --- a/test/integration/standalone-mysql/serverspec/standalone-mysql_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper' - -describe 'Java' do - describe command('java -version 2>&1') do - its(:exit_status) { should eq 0 } - end -end - -describe 'MySQL' do - describe port(3306) do - it { should be_listening } - end -end - -describe 'Confluence' do - it_behaves_like 'confluence behind the apache proxy' -end diff --git a/test/integration/standalone-postgresql/serverspec/standalone-postgresql_spec.rb b/test/integration/standalone-postgresql/serverspec/standalone-postgresql_spec.rb deleted file mode 100644 index ce80c0f..0000000 --- a/test/integration/standalone-postgresql/serverspec/standalone-postgresql_spec.rb +++ /dev/null @@ -1,17 +0,0 @@ -require 'spec_helper' - -describe 'Java' do - describe command('java -version 2>&1') do - its(:exit_status) { should eq 0 } - end -end - -describe 'Postgresql' do - describe port(5432) do - it { should be_listening } - end -end - -describe 'Confluence' do - it_behaves_like 'confluence behind the apache proxy' -end diff --git a/test/integration/standalone/controls/standalone_spec.rb b/test/integration/standalone/controls/standalone_spec.rb new file mode 100644 index 0000000..281ac41 --- /dev/null +++ b/test/integration/standalone/controls/standalone_spec.rb @@ -0,0 +1,73 @@ +# frozen_string_literal: true + +title 'Standalone Suite Tests' + +control 'confluence-standalone-install-01' do + impact 1.0 + title 'Confluence user and group exist' + desc 'The confluence system user and group should exist' + + describe user('confluence') do + it { should exist } + its('group') { should eq 'confluence' } + end + + describe group('confluence') do + it { should exist } + end +end + +control 'confluence-standalone-install-02' do + impact 1.0 + title 'Confluence directories exist with default paths' + desc 'The Confluence install and home directories should exist' + + describe directory('/opt/atlassian/confluence') do + it { should exist } + end + + describe directory('/var/atlassian/application-data/confluence') do + it { should exist } + its('mode') { should cmp '0750' } + its('owner') { should eq 'confluence' } + its('group') { should eq 'confluence' } + end +end + +control 'confluence-standalone-config-01' do + impact 1.0 + title 'Confluence reverse proxy configuration' + desc 'Configuration files should reflect reverse proxy settings' + + describe file('/opt/atlassian/confluence/bin/setenv.sh') do + it { should exist } + its('content') { should match(/-Xms1g/) } + its('content') { should match(/-Xmx4g/) } + end + + describe file('/opt/atlassian/confluence/conf/server.xml') do + it { should exist } + its('content') { should match(/port="8090"/) } + its('content') { should match(/proxyName="confluence.example.com"/) } + its('content') { should match(/proxyPort="443"/) } + its('content') { should match(/scheme="https"/) } + its('content') { should match(/secure="true"/) } + end +end + +control 'confluence-standalone-service-01' do + impact 1.0 + title 'Confluence systemd service exists' + desc 'The Confluence systemd service unit should be installed and enabled' + + describe systemd_service('confluence') do + it { should be_installed } + it { should be_enabled } + end + + describe file('/etc/systemd/system/confluence.service') do + it { should exist } + its('content') { should match(/Type=forking/) } + its('content') { should match(%r{ExecStart=/opt/atlassian/confluence/bin/start-confluence.sh}) } + end +end diff --git a/test/integration/standalone/inspec.yml b/test/integration/standalone/inspec.yml new file mode 100644 index 0000000..e497ad6 --- /dev/null +++ b/test/integration/standalone/inspec.yml @@ -0,0 +1,12 @@ +--- +name: standalone +title: Standalone Suite Tests +maintainer: Sous Chefs +license: Apache-2.0 +summary: Integration tests for standalone Confluence installation with reverse proxy config +version: 1.0.0 +supports: + - platform-family: debian + - platform-family: rhel + - platform-family: fedora + - platform-family: amazon