diff --git a/.github/workflows/branchcleanup.yml b/.github/workflows/branchcleanup.yml deleted file mode 100644 index f3f61ff..0000000 --- a/.github/workflows/branchcleanup.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -name: Branch Cleanup -# This workflow is triggered on all closed pull requests. -# However the script does not do anything if a merge was not performed. -"on": - pull_request: - types: [closed] - -env: - NO_BRANCH_DELETED_EXIT_CODE: 0 - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - -jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: jessfraz/branch-cleanup-action@master diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..58e0b08 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,89 @@ +--- +name: ci + +"on": + pull_request: + push: + branches: + - master + +jobs: + delivery: + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + - name: Run Chef Delivery + uses: actionshub/chef-delivery@master + env: + CHEF_LICENSE: accept-no-persist + + yamllint: + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + - name: Run yaml Lint + uses: actionshub/yamllint@master + + mdl: + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master + - name: Run Markdown Lint + uses: actionshub/markdownlint@master + + dokken: + needs: [mdl, yamllint, delivery] + runs-on: ubuntu-latest + strategy: + matrix: + os: + - 'amazonlinux-2' + - 'debian-9' + - 'debian-10' + - 'centos-7' + - 'centos-8' + - 'fedora-latest' + - 'ubuntu-1604' + - 'ubuntu-1804' + - 'ubuntu-2004' + - 'opensuse-leap-15' + suite: + - 'default' + - 'aliases' + - 'client' + - 'server' + - 'canonical' + - 'sasl-auth-none' + - 'sasl-auth-multiple' + - 'sasl-auth-one' + fail-fast: false + + steps: + - name: Check out code + uses: actions/checkout@master + - name: Install Chef + uses: actionshub/chef-install@master + - name: Dokken + uses: actionshub/kitchen-dokken@master + env: + CHEF_LICENSE: accept-no-persist + KITCHEN_LOCAL_YAML: kitchen.dokken.yml + with: + suite: ${{ matrix.suite }} + os: ${{ matrix.os }} + - name: Print debug output on failure + if: failure() + run: | + set -x + sudo journalctl -l --since today + KITCHEN_LOCAL_YAML=kitchen.dokken.yml /usr/bin/kitchen exec ${{ matrix.suite }}-${{ matrix.os }} -c "journalctl -l" + + final: + needs: [dokken] + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@master diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml deleted file mode 100644 index 4b5c467..0000000 --- a/.github/workflows/delivery.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: delivery - -on: [push, pull_request] - -jobs: - delivery: - - runs-on: ubuntu-latest - - steps: - - name: Check out code - uses: actions/checkout@master - - name: Run Chef Delivery - uses: actionshub/chef-delivery@master - env: - CHEF_LICENSE: accept-no-persist \ No newline at end of file diff --git a/.mdlrc b/.mdlrc new file mode 100644 index 0000000..9cc2c63 --- /dev/null +++ b/.mdlrc @@ -0,0 +1 @@ +rules "~MD013", "~MD024", "~MD025" diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 0ea448e..0000000 --- a/.travis.yml +++ /dev/null @@ -1,39 +0,0 @@ -addons: - apt: - sources: - - chef-current-xenial - packages: - - chef-workstation - -install: echo "skip bundle install" - -env: - - CHEF_LICENSE=accept - -branches: - only: - - master - -services: docker - -env: - matrix: - - INSTANCE=default-centos-6 - - INSTANCE=default-centos-7 - - INSTANCE=default-debian-9 - - INSTANCE=default-debian-10 - - INSTANCE=default-ubuntu-1604 - - INSTANCE=default-ubuntu-1804 - - INSTANCE=canonical-centos-6 - - INSTANCE=canonical-centos-7 - - INSTANCE=canonical-debian-9 - - INSTANCE=canonical-debian-10 - - INSTANCE=canonical-ubuntu-1604 - - INSTANCE=canonical-ubuntu-1804 - -before_script: - - sudo iptables -L DOCKER || ( echo "DOCKER iptables chain missing" ; sudo iptables -N DOCKER ) - - eval "$(chef shell-init bash)" - - chef --version - -script: KITCHEN_LOCAL_YAML=kitchen.dokken.yml kitchen verify ${INSTANCE} diff --git a/CHANGELOG.md b/CHANGELOG.md index cab3593..c51c1fa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,37 @@ This file is used to list changes made in each version of the postfix cookbook. +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## Unreleased + +### Changed + +- Sous Chefs Adoption +- Update to use Sous Chefs GH workflow +- Update README to sous-chefs +- Update metadata.rb to Sous Chefs +- Update test-kitchen to Sous Chefs + +### Added + +- Standardise files with files in sous-chefs/repo-management +- Add Ubuntu 20.04 testing + +### Fixed + +- Cookstyle fixes +- ChefSpec fixes +- Yamllint fixes +- MDL fixes +- Fix OpenSUSE installation issues + +### Removed + +- Remove EL 6 testing +- Remove Amazon Linux 1 testing + ## 5.3.1 (2018-07-24) - Fixed sbin issue with Chef13 diff --git a/README.md b/README.md index b01c173..0be8eb1 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,19 @@ # postfix Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/postfix.svg?branch=master)](https://travis-ci.org/chef-cookbooks/postfix) [![Cookbook Version](https://img.shields.io/cookbook/v/postfix.svg)](https://supermarket.chef.io/cookbooks/postfix) +[![Cookbook Version](https://img.shields.io/cookbook/v/postfix.svg)](https://supermarket.chef.io/cookbooks/postfix) +[![CI State](https://github.com/sous-chefs/postfix/workflows/ci/badge.svg)](https://github.com/sous-chefs/postfix/actions?query=workflow%3Aci) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) Installs and configures postfix for client or outbound relayhost, or to do SASL authentication. On RHEL-family systems, sendmail will be replaced with postfix. +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + ## Requirements ### Platforms @@ -443,25 +451,27 @@ override_attributes( ) ``` -## Maintainers +## Contributors -This cookbook is maintained by Chef's Community Cookbook Engineering team. Our goal is to improve cookbook quality and to aid the community in contributing to cookbooks. To learn more about our team, process, and design goals see our [team documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/COOKBOOK_TEAM.MD). To learn more about contributing to cookbooks like this see our [contributing documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD), or if you have general questions about this cookbook come chat with us in #cookbok-engineering on the [Chef Community Slack](http://community-slack.chef.io/) +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) -## License +### Backers +Thank you to all our backers! -**Copyright:** 2009-2017, Chef Software, Inc. +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) -``` -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at +### Sponsors - http://www.apache.org/licenses/LICENSE-2.0 +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/attributes/default.rb b/attributes/default.rb index 592b09e..d6f7eb8 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -105,6 +105,9 @@ when 'rhel' default['postfix']['cafile'] = '/etc/pki/tls/cert.pem' when 'amazon' default['postfix']['cafile'] = '/etc/pki/tls/cert.pem' +when 'suse' + default['postfix']['main']['setgid_group'] = 'maildrop' + default['postfix']['main']['daemon_directory'] = '/usr/lib/postfix/bin' else default['postfix']['cafile'] = "#{node['postfix']['conf_dir']}/cacert.pem" end diff --git a/kitchen.dokken.yml b/kitchen.dokken.yml index 33149ea..1d3b9e2 100644 --- a/kitchen.dokken.yml +++ b/kitchen.dokken.yml @@ -1,79 +1,73 @@ +--- driver: name: dokken - privileged: true # because Docker and SystemD/Upstart + privileged: true # because Docker and SystemD chef_version: <%= ENV['CHEF_VERSION'] || 'current' %> - chef_license: accept-no-persist + env: [CHEF_LICENSE=accept] transport: name: dokken provisioner: name: dokken - deprecations_as_errors: true - -verifier: - name: inspec platforms: -- name: amazonlinux - driver: - image: dokken/amazonlinux - pid_one_command: /sbin/init + - name: amazonlinux-2 + driver: + image: dokken/amazonlinux-2 + pid_one_command: /usr/lib/systemd/systemd -- name: amazonlinux-2 - driver: - image: dokken/amazonlinux-2 - pid_one_command: /usr/lib/systemd/systemd + - name: debian-9 + driver: + image: dokken/debian-9 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -- name: debian-9 - driver: - image: dokken/debian-9 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update + - name: debian-10 + driver: + image: dokken/debian-10 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -- name: debian-10 - driver: - image: dokken/debian-10 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update + - name: centos-7 + driver: + image: dokken/centos-7 + pid_one_command: /usr/lib/systemd/systemd -- name: centos-6 - driver: - image: dokken/centos-6 - pid_one_command: /sbin/init + - name: centos-8 + driver: + image: dokken/centos-8 + pid_one_command: /usr/lib/systemd/systemd -- name: centos-7 - driver: - image: dokken/centos-7 - pid_one_command: /usr/lib/systemd/systemd + - name: fedora-latest + driver: + image: dokken/fedora-latest + pid_one_command: /usr/lib/systemd/systemd -- name: centos-8 - driver: - image: dokken/centos-8 - pid_one_command: /usr/lib/systemd/systemd + - name: ubuntu-16.04 + driver: + image: dokken/ubuntu-16.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -- name: fedora-latest - driver: - image: dokken/fedora-latest - pid_one_command: /usr/lib/systemd/systemd + - name: ubuntu-18.04 + driver: + image: dokken/ubuntu-18.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -- name: ubuntu-16.04 - driver: - image: dokken/ubuntu-16.04 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update + - name: ubuntu-20.04 + driver: + image: dokken/ubuntu-20.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update -- name: ubuntu-18.04 - driver: - image: dokken/ubuntu-18.04 - pid_one_command: /bin/systemd - intermediate_instructions: - - RUN /usr/bin/apt-get update - -- name: opensuse-leap-15 - driver: - image: dokken/opensuse-leap-15 - pid_one_command: /bin/systemd + - name: opensuse-leap-15 + driver: + image: dokken/opensuse-leap-15 + pid_one_command: /bin/systemd diff --git a/kitchen.yml b/kitchen.yml index 61542e9..9e70fff 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -1,92 +1,88 @@ +--- driver: name: vagrant provisioner: name: chef_zero + product_name: chef + enforce_idempotency: true + multiple_converge: 2 deprecations_as_errors: true - chef_license: accept-no-persist verifier: name: inspec platforms: - - name: amazonlinux - driver_config: - box: mvbcoding/awslinux - name: amazonlinux-2 - - name: centos-6 - name: centos-7 - name: centos-8 - name: debian-9 - run_list: apt::default - name: debian-10 - run_list: apt::default - name: fedora-latest - name: opensuse-leap-15 - name: ubuntu-16.04 - run_list: apt::default - name: ubuntu-18.04 - run_list: apt::default + - name: ubuntu-20.04 suites: -- name: default - run_list: - - recipe[postfix] + - name: default + run_list: + - recipe[postfix] -- name: aliases - run_list: - - recipe[postfix::aliases] + - name: aliases + run_list: + - recipe[postfix::aliases] -- name: client - run_list: - - recipe[postfix::client] + - name: client + run_list: + - recipe[postfix::client] -- name: server - run_list: - - recipe[postfix::server] + - name: server + run_list: + - recipe[postfix::server] -- name: canonical - run_list: - - recipe[postfix] - attributes: - postfix: - recipient_canonical_map_entries: - john: john@doe.com + - name: canonical + run_list: + - recipe[postfix] + attributes: + postfix: + recipient_canonical_map_entries: + john: john@doe.com -- name: sasl_auth_none - run_list: - - recipe[postfix::sasl_auth] - attributes: - postfix: - main: - relayhost: "localhost" - smtp_sasl_auth_enable: "yes" + - name: sasl_auth_none + run_list: + - recipe[postfix::sasl_auth] + attributes: + postfix: + main: + relayhost: "localhost" + smtp_sasl_auth_enable: "yes" -- name: sasl_auth_multiple - run_list: - - recipe[postfix::sasl_auth] - attributes: - postfix: - main: - relayhost: "localhost" - smtp_sasl_auth_enable: "yes" - sasl: - relayhost1: - username: "kitchenuser" - password: "not-a-real-thing" - relayhost2: - username: "anotherkitchenuser" - password: "yet-not-a-real-thing" + - name: sasl_auth_multiple + run_list: + - recipe[postfix::sasl_auth] + attributes: + postfix: + main: + relayhost: "localhost" + smtp_sasl_auth_enable: "yes" + sasl: + relayhost1: + username: "kitchenuser" + password: "not-a-real-thing" + relayhost2: + username: "anotherkitchenuser" + password: "yet-not-a-real-thing" -- name: sasl_auth_one - run_list: - - recipe[postfix::sasl_auth] - attributes: - postfix: - main: - relayhost: "localhost" - smtp_sasl_auth_enable: "yes" - sasl: - relayhost: - username: "kitchenuser" - password: "not-a-real-thing" + - name: sasl_auth_one + run_list: + - recipe[postfix::sasl_auth] + attributes: + postfix: + main: + relayhost: "localhost" + smtp_sasl_auth_enable: "yes" + sasl: + relayhost: + username: "kitchenuser" + password: "not-a-real-thing" diff --git a/metadata.rb b/metadata.rb index 2295ffe..ab7cda5 100644 --- a/metadata.rb +++ b/metadata.rb @@ -1,14 +1,20 @@ -name 'postfix' -maintainer 'Chef Software, Inc.' -maintainer_email 'cookbooks@chef.io' -license 'Apache-2.0' -description 'Installs and configures postfix for client or outbound relayhost, or to do SASL auth' -version '5.3.1' +name 'postfix' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Installs and configures postfix for client or outbound relayhost, or to do SASL auth' +version '5.3.1' +source_url 'https://github.com/sous-chefs/postfix' +issues_url 'https://github.com/sous-chefs/postfix/issues' +chef_version '>= 12.15' -%w(ubuntu debian redhat centos amazon oracle scientific smartos fedora freebsd).each do |os| - supports os -end - -source_url 'https://github.com/chef-cookbooks/postfix' -issues_url 'https://github.com/chef-cookbooks/postfix/issues' -chef_version '>= 12.15' +supports 'amazon' +supports 'centos' +supports 'debian' +supports 'fedora' +supports 'freebsd' +supports 'oracle' +supports 'redhat' +supports 'scientific' +supports 'smartos' +supports 'ubuntu' diff --git a/recipes/_common.rb b/recipes/_common.rb index 6b0bf94..88d6eee 100644 --- a/recipes/_common.rb +++ b/recipes/_common.rb @@ -42,6 +42,8 @@ when 'rhel', 'fedora', 'amazon' notifies :start, 'service[postfix]' not_if '/usr/bin/test /etc/alternatives/mta -ef /usr/sbin/sendmail.postfix' end +when 'suse' + file '/var/adm/postfix.configured' when 'omnios' manifest_path = ::File.join(Chef::Config[:file_cache_path], 'manifest-postfix.xml') @@ -133,7 +135,7 @@ unless node['postfix']['sender_canonical_map_entries'].empty? notifies :reload, 'service[postfix]' end - node.normal['postfix']['main']['sender_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/sender_canonical" unless node['postfix']['main'].key?('sender_canonical_maps') + node.default['postfix']['main']['sender_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/sender_canonical" unless node['postfix']['main'].key?('sender_canonical_maps') end execute 'update-postfix-smtp_generic' do @@ -150,7 +152,7 @@ unless node['postfix']['smtp_generic_map_entries'].empty? notifies :reload, 'service[postfix]' end - node.normal['postfix']['main']['smtp_generic_maps'] = "hash:#{node['postfix']['conf_dir']}/smtp_generic" unless node['postfix']['main'].key?('smtp_generic_maps') + node.default['postfix']['main']['smtp_generic_maps'] = "hash:#{node['postfix']['conf_dir']}/smtp_generic" unless node['postfix']['main'].key?('smtp_generic_maps') end execute 'update-postfix-recipient_canonical' do @@ -167,7 +169,7 @@ unless node['postfix']['recipient_canonical_map_entries'].empty? notifies :reload, 'service[postfix]' end - node.normal['postfix']['main']['recipient_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/recipient_canonical" unless node['postfix']['main'].key?('recipient_canonical_maps') + node.default['postfix']['main']['recipient_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/recipient_canonical" unless node['postfix']['main'].key?('recipient_canonical_maps') end %w( main master ).each do |cfg| diff --git a/recipes/client.rb b/recipes/client.rb index d58fa20..b5009a6 100644 --- a/recipes/client.rb +++ b/recipes/client.rb @@ -39,6 +39,6 @@ else relayhost = results.map { |n| n['ipaddress'] }.first end -node.normal['postfix']['main']['relayhost'] = "[#{relayhost}]#{relayhost_port}" +node.default['postfix']['main']['relayhost'] = "[#{relayhost}]#{relayhost_port}" include_recipe 'postfix' diff --git a/recipes/sasl_auth.rb b/recipes/sasl_auth.rb index 21ffa0b..bd9c18f 100644 --- a/recipes/sasl_auth.rb +++ b/recipes/sasl_auth.rb @@ -28,11 +28,7 @@ case node['platform_family'] when 'debian' sasl_pkgs = %w(libsasl2-2 libsasl2-modules ca-certificates) when 'rhel' - sasl_pkgs = if node['platform_version'].to_i < 6 - %w(cyrus-sasl cyrus-sasl-plain openssl) - else - %w(cyrus-sasl cyrus-sasl-plain ca-certificates) - end + sasl_pkgs = %w(cyrus-sasl cyrus-sasl-plain ca-certificates) when 'amazon' sasl_pkgs = %w(cyrus-sasl cyrus-sasl-plain ca-certificates) when 'fedora' diff --git a/spec/default_spec.rb b/spec/default_spec.rb index 887b3a9..b6f6d50 100644 --- a/spec/default_spec.rb +++ b/spec/default_spec.rb @@ -5,9 +5,9 @@ describe 'postfix::default' do stub_command('/usr/bin/test /etc/alternatives/mta -ef /usr/sbin/sendmail.postfix').and_return(true) end - context 'on Centos 6' do + context 'on Centos 8' do cached(:chef_run) do - ChefSpec::SoloRunner.new(platform: 'centos', version: 6.9).converge(described_recipe) + ChefSpec::SoloRunner.new(platform: 'centos', version: '8').converge(described_recipe) end it '[COOK-4423] renders file main.cf with /etc/pki/tls/cert.pem' do