diff --git a/.rubocop.yml b/.rubocop.yml index 1299b5a4..40dac5e9 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -2,6 +2,9 @@ require: - rubocop-performance +Gemspec/DateAssignment: + Enabled: true + Layout/BeginEndAlignment: Enabled: true @@ -15,6 +18,9 @@ Layout/LineLength: Layout/SpaceAroundMethodCallOperator: Enabled: true +Layout/SpaceBeforeBrackets: + Enabled: false + Lint/AmbiguousAssignment: Enabled: true @@ -24,6 +30,9 @@ Lint/BinaryOperatorWithIdenticalOperands: Lint/ConstantDefinitionInBlock: Enabled: true +Lint/DeprecatedConstants: + Enabled: true + Lint/DeprecatedOpenSSLConstant: Enabled: true @@ -63,6 +72,9 @@ Lint/HashCompareByIdentity: Lint/IdentityComparison: Enabled: true +Lint/LambdaWithoutLiteralBlock: + Enabled: true + Lint/MissingSuper: Enabled: true @@ -72,20 +84,32 @@ Lint/MixedRegexpCaptureTypes: Lint/NoReturnInBeginEndBlocks: Enabled: true +Lint/NumberedParameterAssignment: + Enabled: true + +Lint/OrAssignmentToConstant: + Enabled: true + Lint/OutOfRangeRegexpRef: Enabled: true Lint/RaiseException: Enabled: true +Lint/RedundantDirGlobSort: + Enabled: true + Lint/RedundantSafeNavigation: Enabled: true Lint/SelfAssignment: Enabled: true -Layout/SpaceBeforeBrackets: - Enabled: false +Lint/SymbolConversion: + Enabled: true + +Lint/TripleQuotes: + Enabled: true Lint/StructNewOverride: Enabled: true @@ -140,12 +164,21 @@ Performance/CollectionLiteralInLoop: Performance/ConstantRegexp: Enabled: true +Performance/MapCompact: + Enabled: true + Performance/MethodObjectAsBlock: Enabled: true +Performance/RedundantEqualityComparisonBlock: + Enabled: true + Performance/RedundantSortBlock: Enabled: true +Performance/RedundantSplitRegexpArgument: + Enabled: true + Performance/RedundantStringChars: Enabled: true @@ -194,6 +227,9 @@ Style/DocumentDynamicEvalDefinition: Style/Documentation: Enabled: false +Style/EndlessMethod: + Enabled: true + Style/ExplicitBlockArgument: Enabled: true @@ -206,6 +242,9 @@ Style/GlobalStdStream: Style/HashAsLastArrayItem: Enabled: true +Style/HashConversion: + Enabled: false + Style/HashEachMethods: Enabled: true @@ -221,6 +260,9 @@ Style/HashTransformKeys: Style/HashTransformValues: Enabled: false +Style/IfWithBooleanLiteralBranches: + Enabled: true + Style/KeywordParametersOrder: Enabled: true @@ -263,6 +305,9 @@ Style/SlicingWithRange: Style/SoleNestedConditional: Enabled: true +Style/StringChars: + Enabled: true + Style/StringConcatenation: Enabled: true diff --git a/Gemfile.lock b/Gemfile.lock index ef2ebf51..d7f210a4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,7 +3,7 @@ GEM specs: addressable (2.7.0) public_suffix (>= 2.0.2, < 5.0) - ast (2.4.1) + ast (2.4.2) bcrypt_pbkdf (1.1.0) berkshelf (6.3.4) buff-config (~> 2.0) @@ -21,7 +21,7 @@ GEM ridley (~> 5.0) solve (~> 4.0) thor (~> 0.19, < 0.19.2) - brakeman (4.10.1) + brakeman (5.0.1) buff-config (2.0.0) buff-extensions (~> 2.0) varia_model (~> 0.6) @@ -73,6 +73,8 @@ GEM fuzzyurl mixlib-config (~> 2.0) mixlib-shellout (~> 2.0) + chef-utils (17.0.242) + concurrent-ruby chef-zero (5.3.2) ffi-yajl (~> 2.2) hashie (>= 2.0, < 4.0) @@ -86,7 +88,7 @@ GEM childprocess (4.0.0) cleanroom (1.0.0) colorize (0.8.1) - concurrent-ruby (1.1.7) + concurrent-ruby (1.1.8) coveralls (0.8.19) json (>= 1.8, < 3) simplecov (~> 0.12.0) @@ -98,16 +100,16 @@ GEM ed25519 (1.2.4) erubi (1.10.0) erubis (2.7.0) - faraday (0.17.3) + faraday (0.17.4) multipart-post (>= 1.2, < 3) - fasterer (0.8.3) + fasterer (0.9.0) colorize (~> 0.7) ruby_parser (>= 3.14.1) fauxhai (4.1.0) net-ssh - ffi (1.14.2) - ffi-yajl (2.3.4) - libyajl2 (~> 1.2) + ffi (1.15.0) + ffi-yajl (2.4.0) + libyajl2 (>= 1.2) foodcritic (16.3.0) erubis ffi-yajl (~> 2.0) @@ -129,9 +131,9 @@ GEM json (2.5.1) kitchen-docker (2.10.0) test-kitchen (>= 1.0.0) - kitchen-vagrant (1.7.2) + kitchen-vagrant (1.8.0) test-kitchen (>= 1.4, < 3) - libyajl2 (1.2.0) + libyajl2 (2.1.0) license-acceptance (2.1.13) pastel (~> 0.7) tomlrb (>= 1.2, < 3.0) @@ -141,7 +143,7 @@ GEM logging (2.3.0) little-plugger (~> 1.1) multi_json (~> 1.14) - mini_portile2 (2.5.0) + mini_portile2 (2.5.1) minitar (0.9) mixlib-archive (0.4.20) mixlib-log @@ -149,7 +151,7 @@ GEM mixlib-cli (1.7.0) mixlib-config (2.2.18) tomlrb - mixlib-install (3.12.5) + mixlib-install (3.12.11) mixlib-shellout mixlib-versioning thor @@ -170,12 +172,12 @@ GEM net-ssh (>= 2.6.5) net-ssh-gateway (>= 1.2.0) net-telnet (0.1.1) - nio4r (2.5.4) - nokogiri (1.11.0) + nio4r (2.5.7) + nokogiri (1.11.3) mini_portile2 (~> 2.5.0) racc (~> 1.4) nori (2.6.0) - octokit (4.20.0) + octokit (4.21.0) faraday (>= 0.9) sawyer (~> 0.8.0, >= 0.5.3) ohai (8.26.1) @@ -194,7 +196,7 @@ GEM childprocess (>= 0.6.3, < 5) iniparse (~> 1.4) parallel (1.20.1) - parser (3.0.0.0) + parser (3.0.1.1) ast (~> 2.4.1) pastel (0.8.0) tty-color (~> 0.5) @@ -206,9 +208,9 @@ GEM rack (2.2.3) rainbow (3.0.0) rake (13.0.3) - regexp_parser (2.0.3) + regexp_parser (2.1.1) retryable (2.0.4) - rexml (3.2.4) + rexml (3.2.5) ridley (5.1.1) addressable buff-config (~> 2.0) @@ -239,31 +241,31 @@ GEM rspec-its (1.3.0) rspec-core (>= 3.0.0) rspec-expectations (>= 3.0.0) - rspec-mocks (3.10.1) + rspec-mocks (3.10.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.10.0) - rspec-support (3.10.1) + rspec-support (3.10.2) rspec_junit_formatter (0.2.3) builder (< 4) rspec-core (>= 2, < 4, != 2.12.0) - rubocop (1.7.0) + rubocop (1.13.0) parallel (~> 1.10) - parser (>= 2.7.1.5) + parser (>= 3.0.0.0) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.8, < 3.0) rexml rubocop-ast (>= 1.2.0, < 2.0) ruby-progressbar (~> 1.7) - unicode-display_width (>= 1.4.0, < 2.0) - rubocop-ast (1.4.0) - parser (>= 2.7.1.5) - rubocop-performance (1.9.2) - rubocop (>= 0.90.0, < 2.0) + unicode-display_width (>= 1.4.0, < 3.0) + rubocop-ast (1.5.0) + parser (>= 3.0.1.1) + rubocop-performance (1.11.1) + rubocop (>= 1.7.0, < 2.0) rubocop-ast (>= 0.4.0) ruby-progressbar (1.11.0) - ruby_parser (3.15.0) + ruby_parser (3.15.1) sexp_processor (~> 4.9) - rubyntlm (0.6.2) + rubyntlm (0.6.3) rubyzip (2.3.0) rufus-lru (1.1.0) sawyer (0.8.2) @@ -275,7 +277,7 @@ GEM rspec (~> 3.0) rspec-its specinfra (~> 2.72) - sexp_processor (4.15.1) + sexp_processor (4.15.2) sfl (2.3) simplecov (0.12.0) docile (~> 1.1.0) @@ -285,14 +287,14 @@ GEM solve (4.0.4) molinillo (~> 0.6) semverse (>= 1.1, < 4.0) - specinfra (2.82.22) + specinfra (2.82.25) net-scp net-ssh (>= 2.7) net-telnet (= 0.1.1) sfl - strings (0.2.0) + strings (0.2.1) strings-ansi (~> 0.2) - unicode-display_width (~> 1.5) + unicode-display_width (>= 1.5, < 3.0) unicode_utils (~> 1.4) strings-ansi (0.2.0) sync (0.5.0) @@ -300,8 +302,9 @@ GEM systemu (2.6.5) term-ansicolor (1.7.1) tins (~> 1.0) - test-kitchen (2.9.0) + test-kitchen (2.11.2) bcrypt_pbkdf (~> 1.0) + chef-utils (>= 16.4.35) ed25519 (~> 1.2) license-acceptance (>= 1.0.11, < 3.0) mixlib-install (~> 3.6) @@ -316,7 +319,7 @@ GEM thor (0.19.1) timers (4.0.4) hitimes - tins (1.26.0) + tins (1.28.0) sync tomlrb (2.0.1) treetop (1.6.11) @@ -327,7 +330,7 @@ GEM tty-cursor (~> 0.7) tty-color (0.6.0) tty-cursor (0.7.1) - tty-prompt (0.23.0) + tty-prompt (0.23.1) pastel (~> 0.8) tty-reader (~> 0.8) tty-reader (0.9.0) @@ -335,13 +338,13 @@ GEM tty-screen (~> 0.8) wisper (~> 2.0) tty-screen (0.8.1) - unicode-display_width (1.7.0) + unicode-display_width (2.0.0) unicode_utils (1.4.0) uuidtools (2.1.5) varia_model (0.6.0) buff-extensions (~> 2.0) hashie (>= 2.0.2, < 4.0.0) - winrm (2.3.5) + winrm (2.3.6) builder (>= 2.1.2) erubi (~> 1.8) gssapi (~> 1.2) @@ -349,7 +352,7 @@ GEM httpclient (~> 2.2, >= 2.2.0.2) logging (>= 1.6.1, < 3.0) nori (~> 2.0) - rubyntlm (~> 0.6.0, >= 0.6.1) + rubyntlm (~> 0.6.0, >= 0.6.3) winrm-elevated (1.2.3) erubi (~> 1.8) winrm (~> 2.0) diff --git a/attributes/default.rb b/attributes/default.rb index f6673c2a..f19cd167 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -128,6 +128,7 @@ default['defaults']['webserver']['limit_request_body'] = '1048576' default['defaults']['webserver']['proxy_timeout'] = '60' default['defaults']['webserver']['use_apache2_ppa'] = (node['platform'] == 'ubuntu') +default['defaults']['webserver']['enable_status'] = true ## nginx diff --git a/docs/source/attributes.rst b/docs/source/attributes.rst index f75d3d3e..236e5d3f 100644 --- a/docs/source/attributes.rst +++ b/docs/source/attributes.rst @@ -734,6 +734,11 @@ apache - **Default**: ``60`` +- |app['webserver']['enable_status']|_ + + - **Default**: ``true`` + - Enable or disable apache2 ``mod_status``. + nginx ^^^^^ @@ -900,6 +905,8 @@ shoryuken .. _app['webserver']['log_level']: https://httpd.apache.org/docs/2.4/mod/core.html#loglevel .. |app['webserver']['proxy_timeout']| replace:: ``app['webserver']['proxy_timeout']`` .. _app['webserver']['proxy_timeout']: https://httpd.apache.org/docs/current/mod/mod_proxy.html#proxytimeout +.. |app['webserver']['enable_status']| replace:: ``app['webserver']['enable_status']`` +.. _app['webserver']['enable_status']: https://httpd.apache.org/docs/current/mod/mod_status.html .. _nginx: https://supermarket.chef.io/cookbooks/nginx .. _the corresponding docs: https://github.com/chef-cookbooks/nginx#attributes .. |app['webserver']['client_body_timeout']| replace:: ``app['webserver']['client_body_timeout']`` diff --git a/libraries/archive.rb b/libraries/archive.rb index 046d7c26..b4af2951 100644 --- a/libraries/archive.rb +++ b/libraries/archive.rb @@ -2,7 +2,7 @@ module OpsworksRuby class Archive - MIME_MAGIC_TABLES ||= [ + MIME_MAGIC_TABLES = [ ['application/gzip', [[0, "\037\213".b]]], ['application/x-7z-compressed', [[0, "7z\274\257'\034".b]]], ['application/x-bzip', [[0, 'BZh'.b]]], @@ -12,7 +12,7 @@ class Archive ['application/zip', [[0, "PK\003\004".b]]] ].freeze - TYPES ||= { + TYPES = { 'application/x-bzip-compressed-tar' => [ %w[tar.bz tar.bz2 tb2 tbz tbz2], %w[application/x-bzip], 'Tar archive (bzip-compressed)' ], @@ -27,7 +27,7 @@ class Archive ] }.freeze - COMMANDS ||= { + COMMANDS = { 'application/gzip' => 'gunzip -c %s > %s', 'application/x-7z-compressed' => '7z x -t7z %s -o%s', 'application/x-bzip' => 'bzip2 -ckd %s > %s', diff --git a/libraries/drivers_appserver_passenger.rb b/libraries/drivers_appserver_passenger.rb index 3f95fbe7..57b8b93b 100644 --- a/libraries/drivers_appserver_passenger.rb +++ b/libraries/drivers_appserver_passenger.rb @@ -20,7 +20,9 @@ def add_appserver_config; end def webserver_config_params o = out - Hash[WEBSERVER_CONFIG_PARAMS.map { |k| [k, o[k]] }].reject { |_k, v| v.nil? } # rubocop:disable Style/CollectionCompact + # rubocop:disable Style/CollectionCompact + Hash[WEBSERVER_CONFIG_PARAMS.map { |k| [k, o[k]] }].reject { |_k, v| v.nil? } + # rubocop:enable Style/CollectionCompact end end end diff --git a/libraries/drivers_webserver_apache2.rb b/libraries/drivers_webserver_apache2.rb index de8b81c0..c95d3ed6 100644 --- a/libraries/drivers_webserver_apache2.rb +++ b/libraries/drivers_webserver_apache2.rb @@ -2,14 +2,17 @@ module Drivers module Webserver - class Apache2 < Drivers::Webserver::Base + class Apache2 < Drivers::Webserver::Base # rubocop:disable Metrics/ClassLength + ENABLE_MODULES = %w[expires headers lbmethod_byrequests proxy proxy_balancer proxy_http rewrite ssl].freeze + DISABLE_MODULES = %w[status].freeze + adapter :apache2 allowed_engines :apache2 packages debian: 'apache2', rhel: %w[httpd24 mod24_ssl] output filter: %i[ dhparams keepalive_timeout limit_request_body log_dir log_level proxy_timeout ssl_for_legacy_browsers extra_config extra_config_ssl port ssl_port force_ssl - appserver_port + appserver_port enable_status ] notifies :deploy, action: :reload, resource: { debian: 'service[apache2]', rhel: 'service[httpd]' }, timer: :delayed @@ -36,7 +39,7 @@ def settings def setup handle_packages - enable_modules(%w[expires headers lbmethod_byrequests proxy proxy_balancer proxy_http rewrite ssl]) + enable_and_disable_modules install_mod_passenger if passenger? add_sites_available_enabled define_service(:start) @@ -91,10 +94,20 @@ def add_sites_available_enabled context.execute 'echo "IncludeOptional sites-enabled/*.conf" >> /etc/httpd/conf/httpd.conf' end - def enable_modules(modules = []) + def enable_and_disable_modules return unless node['platform_family'] == 'debian' - modules.each { |mod| enable_module(mod) } + ENABLE_MODULES.each { |mod| enable_module(mod) } + DISABLE_MODULES.each { |mod| disable_module(mod) } + end + + def disable_module(mod) + return if mod == 'status' && settings[:enable_status] + + notifying_execute "Disable Apache2 module #{mod}" do + command "a2dismod #{mod}" + only_if "a2query -m #{mod}" + end end def enable_module(mod) diff --git a/spec/unit/recipes/setup_spec.rb b/spec/unit/recipes/setup_spec.rb index 1d9e8b6c..97823d12 100644 --- a/spec/unit/recipes/setup_spec.rb +++ b/spec/unit/recipes/setup_spec.rb @@ -6,8 +6,6 @@ require 'spec_helper' -ALL_APACHE2_MODULES = %w[expires headers lbmethod_byrequests proxy proxy_balancer proxy_http rewrite ssl].freeze - describe 'opsworks_ruby::setup' do let(:chef_runner) do ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '14.04') do |solo_node| @@ -517,15 +515,19 @@ end context 'Mysql + S3 + apache2 + resque' do - let(:modules_already_enabled) { false } - + let(:modules_to_enable_are_enabled) { false } + let(:modules_to_disable_are_enabled) { true } before do stub_search(:aws_opsworks_app, '*:*') .and_return([aws_opsworks_app(app_source: { type: 's3', url: 'http://example.com' })]) stub_search(:aws_opsworks_rds_db_instance, '*:*').and_return([aws_opsworks_rds_db_instance(engine: 'mysql')]) - ALL_APACHE2_MODULES.each do |mod| + Drivers::Webserver::Apache2::ENABLE_MODULES.each do |mod| stub_command("a2enmod #{mod}").and_return(true) - stub_command("a2query -m #{mod}").and_return(modules_already_enabled) + stub_command("a2query -m #{mod}").and_return(modules_to_enable_are_enabled) + end + Drivers::Webserver::Apache2::DISABLE_MODULES.each do |mod| + stub_command("a2dismod #{mod}").and_return(true) + stub_command("a2query -m #{mod}").and_return(modules_to_disable_are_enabled) end end @@ -550,6 +552,17 @@ end context 'debian' do + let(:chef_runner) do + ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '14.04') do |solo_node| + deploy = node['deploy'] + deploy['dummy_project']['webserver']['adapter'] = 'apache2' + deploy['dummy_project']['webserver']['enable_status'] = false + deploy['dummy_project']['worker']['adapter'] = 'resque' + deploy['dummy_project']['source'] = {} + solo_node.set['deploy'] = deploy + end + end + it 'installs required packages' do expect(chef_run).to install_package('apache2') expect(chef_run).to install_package('bzip2') @@ -569,21 +582,53 @@ expect(chef_run).to start_service('apache2') end - ALL_APACHE2_MODULES.each do |mod| + Drivers::Webserver::Apache2::ENABLE_MODULES.each do |mod| it "enables Apache2 module #{mod}" do expect(chef_run).to run_execute("a2enmod #{mod}") end end - context 'when the modules are already enabled' do - let(:modules_already_enabled) { true } + Drivers::Webserver::Apache2::DISABLE_MODULES.each do |mod| + it "disables Apache2 module #{mod}" do + expect(chef_run).to run_execute("a2dismod #{mod}") + end + end - ALL_APACHE2_MODULES.each do |mod| + context 'when the modules to enable are already enabled' do + let(:modules_to_enable_are_enabled) { true } + + Drivers::Webserver::Apache2::ENABLE_MODULES.each do |mod| it "does not enable Apache2 module #{mod} again unnecessarily" do expect(chef_run).not_to run_execute("a2enmod #{mod}") end end end + + context 'when the modules to disable are already disabled' do + let(:modules_to_disable_are_enabled) { false } + + Drivers::Webserver::Apache2::ENABLE_MODULES.each do |mod| + it "does not disable Apache2 module #{mod} again unnecessarily" do + expect(chef_run).not_to run_execute("a2dismod #{mod}") + end + end + end + + context 'when enable_status is set to true' do + let(:chef_runner) do + ChefSpec::SoloRunner.new(platform: 'ubuntu', version: '14.04') do |solo_node| + app_name = aws_opsworks_app['shortname'] + solo_node.set['deploy'][app_name]['webserver'] = { + 'adapter' => 'apache2', + 'enable_status' => true + } + end + end + + it 'does not disable Apache2 module status' do + expect(chef_run).not_to run_execute('a2dismod status') + end + end end context 'rhel' do diff --git a/test/integration/maximum_override/serverspec/maximum_override_spec.rb b/test/integration/maximum_override/serverspec/maximum_override_spec.rb index e109e2d2..25f2c5cc 100644 --- a/test/integration/maximum_override/serverspec/maximum_override_spec.rb +++ b/test/integration/maximum_override/serverspec/maximum_override_spec.rb @@ -207,12 +207,12 @@ describe 'opsworks_ruby::deploy' do context 'source' do - describe file('/srv/www/other_project/releases/8d756de13b19e9874f3ce7bf22c414b3eb7e8e9c') do + describe file('/srv/www/other_project/releases/ed827fe7ecde8925285e2d2b937224d063b1c13c') do it { should be_directory } end describe file('/srv/www/other_project/current') do - it { should be_linked_to '/srv/www/other_project/releases/8d756de13b19e9874f3ce7bf22c414b3eb7e8e9c' } + it { should be_linked_to '/srv/www/other_project/releases/ed827fe7ecde8925285e2d2b937224d063b1c13c' } end describe file('/tmp/ssh-git-wrapper.sh') do